Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Bugfix/classic sudo #266
Conversation
mvo5
added some commits
Dec 18, 2015
pedronis
reviewed
Dec 18, 2015
| + return fmt.Errorf("failed to add %s to the sudo users: %s", sudoUser, err) | ||
| + } | ||
| + } | ||
| + |
pedronis
Dec 18, 2015
Contributor
maybe I'm not understanding but shouldn't we copy the whole sudo group from outside to inside? it feels a bit strange to copy exactly the user that created the classic env
mvo5
Dec 21, 2015
Collaborator
Yes we should. I fixed that now, the lack of getgrnam() put me off a bit when I did the initial implementation. But you are correct, we should consider all users.
niemeyer
Jan 5, 2016
Contributor
Not sure about what's the vanilla state of an installed system these days, but FWIW my main local user has local access because I'm in the admin group, rather than sudo. Both are in sudoers by default, IIRC. Again, not a very reliable data point, but makes me wonder about what the plain image in 16.04 is likely to have.
mvo5
Jan 5, 2016
Collaborator
@niemeyer On older installs there is indeed the "admin" group instead of the (newer) "sudo" group. This is not be a problem for us because we control how the snappy image is created. Currently this is the default user permission: http://bazaar.launchpad.net/~ubuntu-core-dev/livecd-rootfs/trunk/view/head:/live-build/ubuntu-core/hooks/01-setup_user.chroot (adm, sudo). If people add users manually we will honor the groups of those users too this way on install of classic.
mvo5
added some commits
Dec 21, 2015
|
This is a bug fix, so can you please report the bugs in launchpad with steps to reproduce them? |
|
@elopio thanks! https://bugs.launchpad.net/snappy/+bug/1530827 has steps to reproduce it now |
|
retest this please |
|
Fwiw, the travis failure is a panic in "go vet" from go tip - I tried to reproduce this here but with the version of go vet from 5. Jan I do not get the error. Travis is using the go vet version 19. Dec for some reason. |
niemeyer
reviewed
Jan 5, 2016
| + | ||
| + p := unsafe.Pointer(result.gr_mem) | ||
| + for { | ||
| + if (*(**C.char)(p)) == nil { |
niemeyer
Jan 5, 2016
Contributor
The conditional can go into the for statement above instead. I'd also check that p itself isn't nil, just for extra safety. Shouldn't happen, but good practice before dereferencing a pointer from an external API.
niemeyer
reviewed
Jan 5, 2016
| + cmd := exec.Command("getent", "group", name) | ||
| + output, err := cmd.Output() | ||
| + if err != nil { | ||
| + return grp, fmt.Errorf("getenv failed for %s: %s", name, err) |
niemeyer
reviewed
Jan 5, 2016
| + c.Assert(err, IsNil) | ||
| + groups, err := Getgrnam("adm") | ||
| + c.Assert(err, IsNil) | ||
| + c.Assert(expected, DeepEquals, groups) |
niemeyer
Jan 5, 2016
Contributor
FWIW, the order of arguments is reversed here: Assert(obtained, DeepEquals, expected)
niemeyer
reviewed
Jan 5, 2016
| + * | ||
| + */ | ||
| + | ||
| +package group |
niemeyer
Jan 5, 2016
Contributor
Feels slightly too fine grained to have a package just for this. Do we have some sort of "osutil" package? Should we have one?
|
A few comments, but overall LGTM. |
mvo5
added some commits
Jan 6, 2016
|
Thanks for the excellent feedback! I addressed the comments. Please let me know if there is anything else I can do. |
|
Thanks Michael! LGTM |
|
|
mvo5 commentedDec 18, 2015
This branch fixes two issues: