revert: "util: T2467: add autosudo as an option to command"

Implementing a wrapper which will - based on the command - add a sudo prefix
to the execution string seemed to be a nice idea but unfortunately it did not
only not get momentum but also the codebase somethis added an implicit "sudo"
call a second time.

This resulted in a call: "sudo sudo systemctl"

The entire functionality was removed again and if an op-mode script requires
root priviledges it must be explicitly called with them - no black magic.

4 files changed, 19 insertions, 37 deletions

diff --git a/op-mode-definitions/conntrack-sync.xml.in b/op-mode-definitions/conntrack-sync.xml.in
index d1d3bf744..41a71b04a 100644
--- a/op-mode-definitions/conntrack-sync.xml.in
+++ b/op-mode-definitions/conntrack-sync.xml.in
@@ -11,13 +11,13 @@
             <properties>
               <help>Reset external cache and request resync with other systems</help>
             </properties>
-            <command>${vyos_op_scripts_dir}/conntrack_sync.py --reset-cache-external</command>
+            <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --reset-cache-external</command>
           </leafNode>
           <leafNode name="internal-cache">
             <properties>
               <help>Reset internal cache and request resync with other systems</help>
             </properties>
-            <command>${vyos_op_scripts_dir}/conntrack_sync.py --reset-cache-internal</command>
+            <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --reset-cache-internal</command>
           </leafNode>
         </children>
       </node>
@@ -29,7 +29,7 @@
         <properties>
           <help>Restart connection tracking synchronization service</help>
         </properties>
-        <command>${vyos_op_scripts_dir}/conntrack_sync.py --restart</command>
+        <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --restart</command>
       </leafNode>
     </children>
   </node>
@@ -49,19 +49,19 @@
                 <properties>
                   <help>Show external connection tracking cache entries</help>
                 </properties>
-                <command>${vyos_op_scripts_dir}/conntrack_sync.py --show-external; ${vyos_op_scripts_dir}/conntrack_sync.py --show-external-expect</command>
+                <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --show-external; ${vyos_op_scripts_dir}/conntrack_sync.py --show-external-expect</command>
                 <children>
                   <leafNode name="main">
                     <properties>
                       <help>Show external main connection tracking cache entries</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/conntrack_sync.py --show-external</command>
+                    <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --show-external</command>
                   </leafNode>
                   <leafNode name="expect">
                     <properties>
                       <help>Show external expect connection tracking cache entries</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/conntrack_sync.py --show-external-expect</command>
+                    <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --show-external-expect</command>
                   </leafNode>
                 </children>
               </node>
@@ -69,19 +69,19 @@
                 <properties>
                   <help>Show internal connection tracking cache entries</help>
                 </properties>
-                <command>${vyos_op_scripts_dir}/conntrack_sync.py --show-internal; ${vyos_op_scripts_dir}/conntrack_sync.py --show-internal-expect</command>
+                <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --show-internal; ${vyos_op_scripts_dir}/conntrack_sync.py --show-internal-expect</command>
                 <children>
                   <leafNode name="main">
                     <properties>
                       <help>Show internal main connection tracking cache entries</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/conntrack_sync.py --show-internal</command>
+                    <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --show-internal</command>
                   </leafNode>
                   <leafNode name="expect">
                     <properties>
                       <help>Show internal expect connection tracking cache entries</help>
                     </properties>
-                    <command>${vyos_op_scripts_dir}/conntrack_sync.py --show-internal-expect</command>
+                    <command>sudo ${vyos_op_scripts_dir}/conntrack_sync.py --show-internal-expect</command>
                   </leafNode>
                 </children>
               </node>
diff --git a/op-mode-definitions/flow-accounting-op.xml.in b/op-mode-definitions/flow-accounting-op.xml.in
index b847338f9..7aaae5974 100644
--- a/op-mode-definitions/flow-accounting-op.xml.in
+++ b/op-mode-definitions/flow-accounting-op.xml.in
@@ -57,7 +57,7 @@
         <properties>
           <help>Restart (net)flow accounting process</help>
         </properties>
-        <command>${vyos_op_scripts_dir}/flow_accounting_op.py --action restart</command>
+        <command>sudo ${vyos_op_scripts_dir}/flow_accounting_op.py --action restart</command>
       </leafNode>
     </children>
   </node>
diff --git a/op-mode-definitions/generate-ssh-server-key.xml.in b/op-mode-definitions/generate-ssh-server-key.xml.in
index 86bb1b1bd..ecea3e5d1 100644
--- a/op-mode-definitions/generate-ssh-server-key.xml.in
+++ b/op-mode-definitions/generate-ssh-server-key.xml.in
@@ -14,7 +14,7 @@
             <properties>
               <help>Re-generate SSH host keys and restart SSH server</help>
             </properties>
-            <command>${vyos_op_scripts_dir}/generate_ssh_server_key.py</command>
+            <command>sudo ${vyos_op_scripts_dir}/generate_ssh_server_key.py</command>
           </node>
           <tagNode name="client-key">
             <properties>
diff --git a/python/vyos/util.py b/python/vyos/util.py
index 2a3f6a228..b77c62cd5 100644
--- a/python/vyos/util.py
+++ b/python/vyos/util.py
@@ -1,4 +1,4 @@
-# Copyright 2020 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2020-2021 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -22,25 +22,13 @@ import sys
 # where it is used so it is as local as possible to the execution
 #
 
-
-def _need_sudo(command):
-    return os.path.basename(command.split()[0]) in ('systemctl', )
-
-
-def _add_sudo(command):
-    if _need_sudo(command):
-        return 'sudo ' + command
-    return command
-
-
 from subprocess import Popen
 from subprocess import PIPE
 from subprocess import STDOUT
 from subprocess import DEVNULL
 
-
 def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
-          stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True):
+          stdout=PIPE, stderr=PIPE, decode='utf-8'):
     """
     popen is a wrapper helper aound subprocess.Popen
     with it default setting it will return a tuple (out, err)
@@ -79,9 +67,6 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
     if not debug.enabled(flag):
         flag = 'command'
 
-    if autosudo:
-        command = _add_sudo(command)
-
     cmd_msg = f"cmd '{command}'"
     debug.message(cmd_msg, flag)
 
@@ -98,11 +83,8 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
         stdin = PIPE
         input = input.encode() if type(input) is str else input
 
-    p = Popen(
-        command,
-        stdin=stdin, stdout=stdout, stderr=stderr,
-        env=env, shell=use_shell,
-    )
+    p = Popen(command, stdin=stdin, stdout=stdout, stderr=stderr,
+              env=env, shell=use_shell)
 
     pipe = p.communicate(input, timeout)
 
@@ -135,7 +117,7 @@ def popen(command, flag='', shell=None, input=None, timeout=None, env=None,
 
 
 def run(command, flag='', shell=None, input=None, timeout=None, env=None,
-        stdout=DEVNULL, stderr=PIPE, decode='utf-8', autosudo=True):
+        stdout=DEVNULL, stderr=PIPE, decode='utf-8'):
     """
     A wrapper around popen, which discard the stdout and
     will return the error code of a command
@@ -151,8 +133,8 @@ def run(command, flag='', shell=None, input=None, timeout=None, env=None,
 
 
 def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
-        stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True,
-        raising=None, message='', expect=[0]):
+        stdout=PIPE, stderr=PIPE, decode='utf-8', raising=None, message='',
+        expect=[0]):
     """
     A wrapper around popen, which returns the stdout and
     will raise the error code of a command
@@ -183,7 +165,7 @@ def cmd(command, flag='', shell=None, input=None, timeout=None, env=None,
 
 
 def call(command, flag='', shell=None, input=None, timeout=None, env=None,
-         stdout=PIPE, stderr=PIPE, decode='utf-8', autosudo=True):
+         stdout=PIPE, stderr=PIPE, decode='utf-8'):
     """
     A wrapper around popen, which print the stdout and
     will return the error code of a command