Skip to content

Run sudo -v in a loop to prevent repeated password entries

Administrator requested to merge feature/sudo into master

Many of pmbootstrap's actions require root rights. When after requesting sudo access pmbootstrap takes longer than the sudo timeout interval to finish execution, the password will have to be entered again on the next sudo action (#1677 (closed)).

With this change entering the password more than once for a single pmbootstrap run is prevented by calling sudo -v in a loop to continously extend the timeout. The loop runs as a daemon timer which automatically gets canceled when pmbootstrap exits.

This follows the approach described here with small deviations:

  • kill_as_root wasn't yet renamed because that'll affect quite a few places and I wanted to first get feedback on the actual logic.
  • Instead of killing the previous sudo -v process in sudo_loop, I'm killing the process in the finally block of the main method. This way it's guaranteed to be gone when pmbootstrap finishes. (In my testing killing pmbootstrap with CTRL-C kills all spawned subprocesses so the loop is gone in this case as well). Switched to a daemon Timer. See comments below.
  • I freestyled the "meaningful message that explains why we need to use sudo". Happy to hear improvement suggestions.

I would appreciate thorough feedback on this change. The diff is quite small but any oversight could keep the shell in root mode indefinitely which seems like a security concern to the user.

Edited by Administrator

Merge request reports

Loading