Detect goofy `sudo -n` output under OSX · recaptime.dev/phorge@b3394c5

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork

Detect goofy `sudo -n` output under OSX

Summary: See rP2fedb6f941d8. We might need a more general version of this since we do some `sudo` stuff elsewhere, but at least on my machine `sudo -n` exits with code 0 when the target user exists but needs a password.

Test Plan:
- Tried to run daemons as root, with no automatic sudo to root. Got a bad result before (phd believed it had executed the daemons) and a good result afterward (phd recognized that sudo failed).
- Tried to run daemons from root, as a non-root user. Got a good result in both cases.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: fabe, epriestley

Differential Revision: https://secure.phabricator.com/D11041

epriestley 11 years ago b3394c53 f35a38b0

+17 -2

1 changed file

expand all

src

applications

daemon

management

PhabricatorDaemonManagementWorkflow.php

+17 -2

src/applications/daemon/management/PhabricatorDaemonManagementWorkflow.php

··· 221 221 $command, 222 222 $daemon_script_dir, 223 223 $this->runDaemonsAsUser); 224 - } catch (CommandException $e) { 224 + } catch (Exception $e) { 225 225 // Retry without sudo 226 226 $console->writeOut(pht( 227 227 "sudo command failed. Starting daemon as current user\n")); ··· 237 237 $daemon_script_dir, 238 238 $run_as_user = null) { 239 239 240 + $is_sudo = false; 240 241 if ($run_as_user) { 241 242 // If anything else besides sudo should be 242 243 // supported then insert it here (runuser, su, ...) ··· 244 245 'sudo -En -u %s -- %C', 245 246 $run_as_user, 246 247 $command); 248 + $is_sudo = true; 247 249 } 248 250 $future = new ExecFuture('exec %C', $command); 249 251 // Play games to keep 'ps' looking reasonable. 250 252 $future->setCWD($daemon_script_dir); 251 - $future->resolvex(); 253 + list($stdout, $stderr) = $future->resolvex(); 254 + 255 + if ($is_sudo) { 256 + // On OSX, `sudo -n` exits 0 when the user does not have permission to 257 + // switch accounts without a password. This is not consistent with 258 + // sudo on Linux, and seems buggy/broken. Check for this by string 259 + // matching the output. 260 + if (preg_match('/sudo: a password is required/', $stderr)) { 261 + throw new Exception( 262 + pht( 263 + 'sudo exited with a zero exit code, but emitted output '. 264 + 'consistent with failure under OSX.')); 265 + } 266 + } 252 267 } 253 268 254 269 public static function ignoreSignal($signo) {

Configure Feed

Configure Feed