Compare commits
1 Commits
06b152504d
...
396c3d5170
| Author | SHA1 | Date | |
|---|---|---|---|
| 396c3d5170 |
14
debian/changelog
vendored
14
debian/changelog
vendored
@ -1,16 +1,8 @@
|
|||||||
lxqt-sudo (1.4.0-0ubuntu1) noble; urgency=medium
|
lxqt-sudo (1.3.0-0ubuntu1~ppa1) jammy; urgency=medium
|
||||||
|
|
||||||
* New upstream release.
|
* Backport to Jammy.
|
||||||
* Bump build dependencies.
|
|
||||||
* Update copyright years.
|
|
||||||
|
|
||||||
-- Simon Quigley <tsimonq2@ubuntu.com> Sun, 12 Nov 2023 19:13:47 -0600
|
-- Simon Quigley <tsimonq2@ubuntu.com> Fri, 11 Aug 2023 13:03:21 -0500
|
||||||
|
|
||||||
lxqt-sudo (1.3.0-0ubuntu1.1) mantic; urgency=medium
|
|
||||||
|
|
||||||
* Add a -E option, exposing all environment variables (LP: #2039093).
|
|
||||||
|
|
||||||
-- Simon Quigley <tsimonq2@ubuntu.com> Wed, 11 Oct 2023 12:02:21 -0500
|
|
||||||
|
|
||||||
lxqt-sudo (1.3.0-0ubuntu1) mantic; urgency=medium
|
lxqt-sudo (1.3.0-0ubuntu1) mantic; urgency=medium
|
||||||
|
|
||||||
|
|||||||
2
debian/control
vendored
2
debian/control
vendored
@ -10,7 +10,7 @@ Section: x11
|
|||||||
Priority: optional
|
Priority: optional
|
||||||
Build-Depends: debhelper-compat (= 13),
|
Build-Depends: debhelper-compat (= 13),
|
||||||
libkf5windowsystem-dev,
|
libkf5windowsystem-dev,
|
||||||
liblxqt1-dev (>= 1.4.0),
|
liblxqt1-dev (>= 1.3.0),
|
||||||
libqt5svg5-dev,
|
libqt5svg5-dev,
|
||||||
libqt5x11extras5-dev,
|
libqt5x11extras5-dev,
|
||||||
libx11-dev
|
libx11-dev
|
||||||
|
|||||||
2
debian/copyright
vendored
2
debian/copyright
vendored
@ -3,7 +3,7 @@ Upstream-Name: lxqt-sudo
|
|||||||
Source: https://github.com/lxqt/lxqt-sudo
|
Source: https://github.com/lxqt/lxqt-sudo
|
||||||
|
|
||||||
Files: *
|
Files: *
|
||||||
Copyright: 2015-2023 LXQt team
|
Copyright: 2015-2022 LXQt team
|
||||||
2015-2018 Palo Kisa <palo.kisa@gmail.com>
|
2015-2018 Palo Kisa <palo.kisa@gmail.com>
|
||||||
License: LGPL-2.1+
|
License: LGPL-2.1+
|
||||||
|
|
||||||
|
|||||||
80
debian/patches/bypass-envvar-allowlist.patch
vendored
80
debian/patches/bypass-envvar-allowlist.patch
vendored
@ -1,80 +0,0 @@
|
|||||||
Description: Add a -E option, exposing all environment variables
|
|
||||||
Some system tools (such as ubuntu-release-upgrader) read XDG* (etc.), so allow the user to opt-in to preserving those.
|
|
||||||
Author: Simon Quigley <tsimonq2@lubuntu.me>
|
|
||||||
Origin: upstream
|
|
||||||
Forwarded: https://github.com/lxqt/lxqt-sudo/pull/204
|
|
||||||
Last-Update: 2023-10-11
|
|
||||||
---
|
|
||||||
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
|
|
||||||
--- a/sudo.cpp
|
|
||||||
+++ b/sudo.cpp
|
|
||||||
@@ -83,6 +83,7 @@ namespace
|
|
||||||
" -s|--su Use %3(1) as backend.\n"
|
|
||||||
" -d|--sudo Use %2(8) as backend.\n"
|
|
||||||
" -a|--doas Use %4(1) as backend.\n"
|
|
||||||
+ " -E|--keep-env Preserve all existing environment variables.\n"
|
|
||||||
" command Command to run.\n"
|
|
||||||
" arguments Optional arguments for command.\n\n").arg(app_master).arg(sudo_prog).arg(su_prog).arg(doas_prog);
|
|
||||||
if (!err.isEmpty())
|
|
||||||
@@ -113,8 +114,13 @@ namespace
|
|
||||||
};
|
|
||||||
assert_helper h;
|
|
||||||
|
|
||||||
- inline std::string env_workarounds()
|
|
||||||
+ inline std::string env_workarounds(bool preserveEnv)
|
|
||||||
{
|
|
||||||
+ if (preserveEnv) {
|
|
||||||
+ std::cerr << LXQTSUDO << ": Preserving all environment variables.\n";
|
|
||||||
+ return "";
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
std::cerr << LXQTSUDO << ": Stripping child environment except for: ";
|
|
||||||
std::ostringstream left_env_params;
|
|
||||||
std::copy(ALLOWED_VARS, ALLOWED_END - 1, std::ostream_iterator<const char *>{left_env_params, ","});
|
|
||||||
@@ -195,6 +201,10 @@ int Sudo::main()
|
|
||||||
{
|
|
||||||
mBackend = BACK_DOAS;
|
|
||||||
mArgs.removeAt(0);
|
|
||||||
+ } else if (QStringLiteral("-E") == arg1 || QStringLiteral("--keep-env") == arg1)
|
|
||||||
+ {
|
|
||||||
+ mPreserveEnv = true;
|
|
||||||
+ mArgs.removeAt(0);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
//any other arguments we simply forward to su/sudo
|
|
||||||
@@ -286,11 +296,11 @@ void Sudo::child()
|
|
||||||
switch (mBackend)
|
|
||||||
{
|
|
||||||
case BACK_SUDO:
|
|
||||||
- preserve_env_param = "--preserve-env=";
|
|
||||||
-
|
|
||||||
- preserve_env_param += env_workarounds();
|
|
||||||
-
|
|
||||||
- *(param_arg++) = preserve_env_param.c_str(); //preserve environment
|
|
||||||
+ if(!mPreserveEnv) {
|
|
||||||
+ preserve_env_param = "--preserve-env=";
|
|
||||||
+ preserve_env_param += env_workarounds(mPreserveEnv);
|
|
||||||
+ *(param_arg++) = preserve_env_param.c_str(); //preserve environment
|
|
||||||
+ }
|
|
||||||
*(param_arg++) = "/bin/sh";
|
|
||||||
break;
|
|
||||||
case BACK_DOAS:
|
|
||||||
@@ -298,7 +308,7 @@ void Sudo::child()
|
|
||||||
[[fallthrough]];
|
|
||||||
case BACK_SU:
|
|
||||||
case BACK_NONE:
|
|
||||||
- env_workarounds();
|
|
||||||
+ env_workarounds(mPreserveEnv);
|
|
||||||
break;
|
|
||||||
|
|
||||||
}
|
|
||||||
--- a/sudo.h
|
|
||||||
+++ b/sudo.h
|
|
||||||
@@ -81,6 +81,7 @@ private:
|
|
||||||
int mChildPid;
|
|
||||||
int mPwdFd;
|
|
||||||
int mRet;
|
|
||||||
+ bool mPreserveEnv = false;
|
|
||||||
};
|
|
||||||
|
|
||||||
#endif //SUDO_H
|
|
||||||
1
debian/patches/series
vendored
1
debian/patches/series
vendored
@ -1 +0,0 @@
|
|||||||
bypass-envvar-allowlist.patch
|
|
||||||
Loading…
x
Reference in New Issue
Block a user