Changeset View
Changeset View
Standalone View
Standalone View
head/security/lxqt-sudo/files/patch-sudo.cpp
--- sudo.cpp.orig 2018-05-21 19:10:17 UTC | --- sudo.cpp.orig 2019-01-25 23:40:04 UTC | ||||
+++ sudo.cpp | +++ sudo.cpp | ||||
@@ -36,7 +36,13 @@ | @@ -38,7 +38,13 @@ | ||||
#include <QSocketNotifier> | |||||
#include <QDebug> | |||||
#include <QThread> | #include <QThread> | ||||
#include <QProcessEnvironment> | |||||
#include <QTimer> | |||||
+#if defined(__linux__) | +#if defined(__linux__) | ||||
#include <pty.h> | #include <pty.h> | ||||
+#elif defined(__FreeBSD__) | +#elif defined(__FreeBSD__) | ||||
+#include <libutil.h> | +#include <libutil.h> | ||||
+#include <errno.h> | +#include <errno.h> | ||||
+#include <termios.h> | +#include <termios.h> | ||||
+#endif | +#endif | ||||
#include <unistd.h> | #include <unistd.h> | ||||
#include <memory> | #include <memory> | ||||
#include <csignal> | #include <csignal> | ||||
@@ -52,6 +58,9 @@ namespace | @@ -56,6 +62,9 @@ namespace | ||||
const QString su_prog{QStringLiteral(LXQTSUDO_SU)}; | const QString su_prog{QStringLiteral(LXQTSUDO_SU)}; | ||||
const QString sudo_prog{QStringLiteral(LXQTSUDO_SUDO)}; | const QString sudo_prog{QStringLiteral(LXQTSUDO_SUDO)}; | ||||
+#ifdef __FreeBSD__ | +#ifdef __FreeBSD__ | ||||
+ const QString pwd_prompt_end_c_locale{QStringLiteral(":")}; | + const QString pwd_prompt_end_c_locale{QStringLiteral(":")}; | ||||
+#endif | +#endif | ||||
const QString pwd_prompt_end{QStringLiteral(": ")}; | const QString pwd_prompt_end{QStringLiteral(": ")}; | ||||
const QChar nl{QLatin1Char('\n')}; | const QChar nl{QLatin1Char('\n')}; | ||||
@@ -179,6 +188,10 @@ void Sudo::child() | @@ -240,27 +249,39 @@ QString Sudo::backendName (backend_t backEnd) | ||||
if (BACK_SU == mBackend) | void Sudo::child() | ||||
{ | { | ||||
program = su_prog.toStdString(); | int params_cnt = 3 //1. su/sudo & "shell command" & last nullptr | ||||
+#ifdef __FreeBSD__ | +#ifndef __FreeBSD__ | ||||
+ (BACK_SU == mBackend ? 1 : 3); //-c for su | -E /bin/sh -c for sudo | |||||
+#else | |||||
+ + (BACK_SU == mBackend ? 3 : 3); | |||||
+#endif | |||||
std::unique_ptr<char const *[]> params{new char const *[params_cnt]}; | |||||
const char ** param_arg = params.get() + 1; | |||||
std::string program = backendName().toLocal8Bit().data(); | |||||
+ if (BACK_SU == mBackend) | |||||
+ { | |||||
+ *(param_arg++) = "-m"; | + *(param_arg++) = "-m"; | ||||
+ *(param_arg++) = "root"; | + *(param_arg++) = "root"; | ||||
+#endif | + *(param_arg++) = "-c"; | ||||
*(param_arg++) = "-c"; //run command | + } | ||||
if (BACK_SUDO == mBackend) | |||||
{ | |||||
+ | |||||
*(param_arg++) = "-E"; //preserve environment | |||||
*(param_arg++) = "/bin/sh"; | |||||
+ *(param_arg++) = "-c"; //run command | |||||
} | |||||
- *(param_arg++) = "-c"; //run command | |||||
params[0] = program.c_str(); | |||||
- | |||||
// Note: we force the su/sudo to communicate with us in the simplest | |||||
// locale and then set the locale back for the command | |||||
- char const * const env_lc_all = getenv("LC_ALL"); | |||||
+ | |||||
std::string command; | |||||
+#ifndef __FreeBSD__ | |||||
+ char const * const env_lc_all = getenv("LC_ALL"); | |||||
if (env_lc_all == nullptr) | |||||
{ | |||||
- command = "unset LC_ALL; "; | |||||
+ command = "unset LC_ALL;"; | |||||
} else | } else | ||||
{ | { | ||||
@@ -200,7 +213,6 @@ void Sudo::child() | // Note: we need to check if someone is not trying to inject commands | ||||
@@ -276,6 +297,9 @@ void Sudo::child() | |||||
} | |||||
command += "exec "; | |||||
command += squashedArgs().toLocal8Bit().data(); | |||||
+#else | |||||
+ command = squashedArgs().toLocal8Bit().data(); | |||||
+#endif | |||||
*(param_arg++) = command.c_str(); | |||||
*param_arg = nullptr; | |||||
@@ -283,12 +307,11 @@ void Sudo::child() | |||||
setenv("LC_ALL", "C", 1); | |||||
env_workarounds(); | |||||
- | |||||
setsid(); //session leader | setsid(); //session leader | ||||
execvp(params[0], const_cast<char **>(params.get())); | execvp(params[0], const_cast<char **>(params.get())); | ||||
- | - | ||||
//exec never returns in case of success | //exec never returns in case of success | ||||
QTextStream{stderr, QIODevice::WriteOnly} << tr("%1: Failed to exec '%2': %3\n").arg(app_master).arg(params[0]).arg(strerror(errno)); | QTextStream{stderr, QIODevice::WriteOnly} << tr("%1: Failed to exec '%2': %3\n").arg(app_master).arg(params[0]).arg(strerror(errno)); | ||||
+ | |||||
exit(1); | exit(1); | ||||
@@ -277,8 +289,13 @@ int Sudo::parent() | } | ||||
lxqtApp->quit(); | |||||
@@ -354,7 +377,11 @@ int Sudo::parent() | |||||
} | |||||
} else | } else | ||||
{ | { | ||||
- if (line.endsWith(pwd_prompt_end)) | |||||
+#ifdef __FreeBSD__ | +#ifdef __FreeBSD__ | ||||
+ if( line.endsWith(pwd_prompt_end_c_locale) || line.endsWith(pwd_prompt_end)) | + if( line.endsWith(pwd_prompt_end_c_locale) || line.endsWith(pwd_prompt_end)) | ||||
+#else | +#else | ||||
+ if(line.endsWith(pwd_prompt_end)) | if (line.endsWith(pwd_prompt_end)) | ||||
+#endif | +#endif | ||||
{ | { | ||||
+ | |||||
//if now echo is turned off, su/sudo requests password | //if now echo is turned off, su/sudo requests password | ||||
struct termios tios; | struct termios tios; | ||||
//loop to be sure we don't miss the flag (we can afford such small delay in "normal" output processing) |