Checking server user permissions to use sudo #1442
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Сommand to use home directory name if whoami returns error or is missing for prepare_host.sh.
Сommand to use home directory name if whoami returns error or is missing for check_user_in_sudo.sh. Checking server user permissions to use sudo using a package manager or using uname. Сhecking and redefining the system language. Checking requirements for sudo users or root in script.
Changed description of the “Server User Not In Sudo” case. Corrected the name and description of the "ServerPacketManagerError" case. Packet to Package. Adding a "SudoPackageIsNotPreinstalled" case. Adding a "ServerUserNotAllowedInSudoers" case. Adding a "ServerUserPasswordRequired" case.
Corrected the name of the "ServerPacketManagerError" error to "ServerPackageManagerError". Adding a "SudoPackageIsNotPreinstalled" error. Adding a "ServerUserNotAllowedInSudoers" error. Adding a "ServerUserPasswordRequired" error.
Return to the name "ServerPacketManagerError".
Added new errors' handling to serverController.cpp. Permission checks are also performed for the root user.
Updating translations for two existing server errors.
…ezia-client into sudo_permissions
lunardunno
changed the title
Checking for "not allowed" in stdOut
Removed check for "not allowed" in stdOut
Removed nested launch via sudo
Returned nested launch via sudo
Both checks with sudo always run.
Removing the sudo timestamp is done every time.
Checking the accessibility of the user's home directory
This was
linked to
issues
Mar 3, 2025
vanyasem
reviewed
Mar 3, 2025
This was
unlinked from
issues
Mar 7, 2025
change the order of detection of inconsistencies: 1. sudo not preinstalled. (if user != root) 2. user not in sudo or wheel group. (if user != root) 3. user's directory is not accessible. (for all) 4. user not allowed in sudoers. (for all) 5. user password required. (for all)
Fix for servers where sh is used as default shell.
Сommand to use home directory name if whoami returns error or is missing for prepare_host.sh.
Сommand to use home directory name if whoami returns error or is missing for check_user_in_sudo.sh. Checking server user permissions to use sudo using a package manager or using uname. Сhecking and redefining the system language. Checking requirements for sudo users or root in script.
Changed description of the “Server User Not In Sudo” case. Corrected the name and description of the "ServerPacketManagerError" case. Packet to Package. Adding a "SudoPackageIsNotPreinstalled" case. Adding a "ServerUserNotAllowedInSudoers" case. Adding a "ServerUserPasswordRequired" case.
Corrected the name of the "ServerPacketManagerError" error to "ServerPackageManagerError". Adding a "SudoPackageIsNotPreinstalled" error. Adding a "ServerUserNotAllowedInSudoers" error. Adding a "ServerUserPasswordRequired" error.
Return to the name "ServerPacketManagerError".
Updating translations for two existing server errors.
Added new errors' handling to serverController.cpp. Permission checks are also performed for the root user.
Checking for "not allowed" in stdOut
Removed check for "not allowed" in stdOut
Removed nested launch via sudo
Returned nested launch via sudo
Both checks with sudo always run.
Removing the sudo timestamp is done every time.
Checking the accessibility of the user's home directory
change the order of detection of inconsistencies: 1. sudo not preinstalled. (if user != root) 2. user not in sudo or wheel group. (if user != root) 3. user's directory is not accessible. (for all) 4. user not allowed in sudoers. (for all) 5. user password required. (for all)
…ezia-client into sudo_permissions
Undoing unintended changes.
Undoing unintended change.
The user is not allowed to use sudo on this server.
Capital letters in the error description.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding support for the wheel group to work with the sudo package.
Checking and redefining the system locale to C if the system locale differs from en_US.UTF-8|C.UTF-8|C, for correct operation of the script with the server controller.
Checking that the sudo package is pre-installed if the user is not the root.
Checking the presence of the user or the required group in the sudoers file.
Checking permission to run the package manager via sudo.
Checking for no password prompt.
Implementation of using the user's home directory name to define the CUR_USER variable when whoami is missing.
Correction of descriptions and translations of errors: ServerUserNotInSudo and ServerPacketManagerError.
Checking the availability of the server user's home directory. Lack of such access leads to the incorrect information that the package manager is busy and Error 206 (ServerPacketManagerError). Or leads to the incorrect information that the server port already allocated (Error 201)