-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: support to other privilege elevation programs. #92
base: master
Are you sure you want to change the base?
fix: support to other privilege elevation programs. #92
Conversation
Forgot to mention that it will Fix #59, but it still uses |
I also tested on NixOs Unstable with doas installed. Works fine for me. edit: Ok i also tried to clean, which still doesnt work with doas and this pr. Cleaning calls self_elevate which still uses sudo. |
I'll look into the clean command and fix it |
Seems like the self elevate function is only using @Makesesama If you could test it I would be very grateful. |
Seems to work now |
Thank you! |
You might also be interested in adding run0 support. Related post: https://mastodon.social/@pid_eins/112353324518585654 |
systemd is currently at version 255.4 in NixOS unstable so I'll refrain to add it until it is actually released, but I'll look into it when it is available |
An alternative is to allow for some way for the user to specify what privilege escalator to use. This would be easier if This would allow for forcing |
Now that systemd v256 is out and currently being reviewed for eventual merging into nixpkgs, will this be updated to add support for run0 |
I'll update everything with the suggestions, thank you! |
I guess I could add Now I'm not sure where in that list it should be included, considering that it will be installed in every systemd based system, I think it should be low in the list, maybe above Also, it should probably check for a environment variable to determine what to do for convenience, just like |
Any ideas on how that would look like in the command line? I added a way to specify a custom privilege elevation binary to use, but I cannot think of a way to add the extra command line arguments. Maybe another flag would work, but that seems messy to me. A config file would be optimal, both for the |
b9bc8e1
to
a663db2
Compare
a663db2
to
b651383
Compare
This pr adds support for both
doas
andpkexec
, while keeping support forsudo
.For this to work, I decided that the cleanest way to implement this was by adding a extra parameter to the Command struct that specifies if the command should be ran as root or not. When the root parameter is set, it checks for the existence of
doas
,sudo
, andpkexec
, in that order, and uses it to run the command by prefixing the command invocation arguments with the respective program when it is constructed.The specified order was chosen because I believe that if someone has
doas
installed in their system, it's more likely that they use it as their main privilege escalation program. ´pkexec´ was added more as a fallback in case someone doesn't havedoas
orsudo
.This was tested in my NixOS Unstable system with both
sudo
anddoas
, but I haven't testedpkexec
personally.