From 2535611d6c3cbf951408c50ab35953efaf32f686 Mon Sep 17 00:00:00 2001 From: Eli Schwartz Date: Mon, 5 Apr 2021 17:26:07 -0400 Subject: makepkg: add PACMAN_AUTH configurable setting for sudo elevation If specified, this will be used no matter what. If not, then we check if sudo exists and use that, or else fall back on su. Implements FS#32621 Signed-off-by: Eli Schwartz Signed-off-by: Allan McRae --- doc/makepkg.conf.5.asciidoc | 8 ++++++++ etc/makepkg.conf.in | 7 +++++++ scripts/libmakepkg/executable/sudo.sh.in | 2 +- scripts/makepkg.sh.in | 13 ++++++++++--- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/doc/makepkg.conf.5.asciidoc b/doc/makepkg.conf.5.asciidoc index 2c7a54db..76c27f6a 100644 --- a/doc/makepkg.conf.5.asciidoc +++ b/doc/makepkg.conf.5.asciidoc @@ -278,6 +278,14 @@ Options `.tar.lzo`, `.tar.lrz`, `.tar.lz4`, `.tar.lz` and `.tar.Z`, or simply `.tar` to disable compression entirely. +**PACMAN_AUTH=()**:: + Specify a command prefix for running pacman as root. If unset, makepkg will + check for the presence of sudo(8) and su(1) in turn, and try the first one + it finds. + + + If present, `%c` will be replaced with the shell-quoted form of the command + to run. Otherwise, the command to run is appended to the auth command. + See Also diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in index 43a69df6..fff5b8eb 100644 --- a/etc/makepkg.conf.in +++ b/etc/makepkg.conf.in @@ -147,3 +147,10 @@ COMPRESSLZ=(lzip -c -f) # PKGEXT='@PKGEXT@' SRCEXT='@SRCEXT@' + +######################################################################### +# OTHER +######################################################################### +# +#-- Command used to run pacman as root, instead of trying sudo and su +PACMAN_AUTH=() diff --git a/scripts/libmakepkg/executable/sudo.sh.in b/scripts/libmakepkg/executable/sudo.sh.in index ea494beb..1e139238 100644 --- a/scripts/libmakepkg/executable/sudo.sh.in +++ b/scripts/libmakepkg/executable/sudo.sh.in @@ -29,7 +29,7 @@ executable_functions+=('executable_sudo') executable_sudo() { if (( DEP_BIN || RMDEPS || INSTALL )); then - if ! type -p sudo >/dev/null; then + if (( ${#PACMAN_AUTH[@]} == 0 )) && ! type -p sudo >/dev/null; then warning "$(gettext "Cannot find the %s binary. Will use %s to acquire root privileges.")" "sudo" "su" fi fi diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index f4a2de7d..92cb6398 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -225,15 +225,22 @@ missing_source_file() { } run_pacman() { - local cmd + local cmd cmdescape if [[ $1 = -@(T|Q)*([[:alpha:]]) ]]; then cmd=("$PACMAN_PATH" "$@") else cmd=("$PACMAN_PATH" "${PACMAN_OPTS[@]}" "$@") - if type -p sudo >/dev/null; then + cmdescape="$(printf '%q ' "${cmd[@]}")" + if (( ${#PACMAN_AUTH[@]} )); then + if in_array '%c' "${PACMAN_AUTH[@]}"; then + cmd=("${PACMAN_AUTH[@]/\%c/$cmdescape}") + else + cmd=("${PACMAN_AUTH[@]}" "${cmd[@]}") + fi + elif type -p sudo >/dev/null; then cmd=(sudo "${cmd[@]}") else - cmd=(su root -c "$(printf '%q ' "${cmd[@]}")") + cmd=(su root -c "$cmdescape") fi local lockfile="$(pacman-conf DBPath)/db.lck" while [[ -f $lockfile ]]; do -- cgit v1.2.3-54-g00ecf