You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The description of --login and --shell in the manual may need some clarification on what command (if any) is passed to the shell, it currently only says “If a command is specified, it is passed to the shell for execution via the shell's -c option”:
If a command is specified, it is passed to the shell’s -c option as the concatenation of the command and all its arguments separated by spaces, after escaping each character (including spaces) through a slash, except for the alphanumerics, underscores, hyphens and dollar signs.
if (!isalnum((unsigned char)*src) &&*src!='_'&&*src!='-'&&*src!='$')
*dst++='\\';
*dst++=*src;
}
*dst++=' ';
}
It could perhaps be explicitly noted that, at least in the case of bash, the resulting shell command is always a simple command: “A simple shell command such as echo a b c consists of the command itself followed by arguments, separated by spaces. More complex shell commands are composed of simple commands arranged […]”. This touches on three different meanings for ‘command’ (shell command, simple command, command), which may have (also) been the source of confusion for a closely related issue: #78, “-s option command string manipulation”. Using the example from that issue, in sudo -s "whoami; whoami", the whoami; whoami is passed as the command in a simple command, not as a shell command consisting of a list of two simple commands.
The text was updated successfully, but these errors were encountered:
The concatenation of command and arguments and escaping of special
characters was not documented.
Text adapted from GitHub issue #121 from Kris Rinzwind
The description of
--login
and--shell
in the manual may need some clarification on what command (if any) is passed to the shell, it currently only says “If a command is specified, it is passed to the shell for execution via the shell's-c
option”:sudo/docs/sudo.man.in
Lines 442 to 454 in 7baee70
sudo/docs/sudo.man.in
Lines 621 to 629 in 7baee70
Specifically, the escaping rules applied could use some clarification. I personally got a bit confused about this:
Not being equivalent to this:
Or to this:
But rather to this:
Possible clarification:
This is based on:
sudo/src/parse_args.c
Lines 634 to 642 in 7baee70
It could perhaps be explicitly noted that, at least in the case of bash, the resulting shell command is always a simple command: “A simple shell command such as
echo a b c
consists of the command itself followed by arguments, separated by spaces. More complex shell commands are composed of simple commands arranged […]”. This touches on three different meanings for ‘command’ (shell command, simple command, command), which may have (also) been the source of confusion for a closely related issue: #78, “-s option command string manipulation”. Using the example from that issue, insudo -s "whoami; whoami"
, thewhoami; whoami
is passed as the command in a simple command, not as a shell command consisting of a list of two simple commands.The text was updated successfully, but these errors were encountered: