Compare commits
31 Commits
ubuntu/kin
...
ubuntu/plu
Author | SHA1 | Date |
---|---|---|
Simon Quigley | f7a1bf9ad9 | 2 months ago |
Simon Quigley | 52c1d9a920 | 2 months ago |
Simon Quigley | 03cbed1a58 | 2 months ago |
Simon Quigley | 146074a151 | 2 months ago |
Aaron Rainbolt | 4205318af5 | 5 months ago |
Aaron Rainbolt | 45476314b6 | 7 months ago |
Aaron Rainbolt | 6a15c4a9ef | 7 months ago |
Aaron Rainbolt | 6810234f8f | 7 months ago |
Aaron Rainbolt | 66ccff86ad | 7 months ago |
Aaron Rainbolt | 73d3ada062 | 7 months ago |
Aaron Rainbolt | f0eb459607 | 7 months ago |
Aaron Rainbolt | 6f34f5cdc2 | 1 year ago |
Simon Quigley | 06b152504d | 1 year ago |
Simon Quigley | 88a7bd0ea1 | 1 year ago |
Simon Quigley | c58cc73098 | 1 year ago |
Simon Quigley | 5cff75e023 | 1 year ago |
Simon Quigley | 46d06f9171 | 1 year ago |
Simon Quigley | d81b1c7857 | 1 year ago |
Simon Quigley | b9fa753636 | 1 year ago |
Simon Quigley | 57bbb02b3c | 1 year ago |
Simon Quigley | 40fe6cb0c8 | 1 year ago |
Aaron Rainbolt | 96907a596d | 2 years ago |
Aaron Rainbolt | 16f77640b3 | 2 years ago |
Aaron Rainbolt | 225f120d7e | 2 years ago |
Aaron Rainbolt | 11a2e40441 | 2 years ago |
Aaron Rainbolt | 3f6e60c63f | 2 years ago |
Simon Quigley | 7e03c7755d | 2 years ago |
Simon Quigley | 81d4be6dda | 2 years ago |
Simon Quigley | ef154be157 | 2 years ago |
Simon Quigley | a211ad2c95 | 2 years ago |
Simon Quigley | cd3c316c1c | 2 years ago |
@ -1,6 +1,8 @@
|
|||||||
|
usr/bin/lxdoas
|
||||||
usr/bin/lxqt-sudo
|
usr/bin/lxqt-sudo
|
||||||
usr/bin/lxsu
|
usr/bin/lxsu
|
||||||
usr/bin/lxsudo
|
usr/bin/lxsudo
|
||||||
|
usr/share/man/man1/lxdoas.1
|
||||||
usr/share/man/man1/lxqt-sudo.1
|
usr/share/man/man1/lxqt-sudo.1
|
||||||
usr/share/man/man1/lxsu.1
|
usr/share/man/man1/lxsu.1
|
||||||
usr/share/man/man1/lxsudo.1
|
usr/share/man/man1/lxsudo.1
|
||||||
|
@ -0,0 +1,82 @@
|
|||||||
|
Description: Add a -E option, exposing all environment variables
|
||||||
|
Some system tools (such as ubuntu-release-upgrader) read XDG* (etc.), so allow the user to opt-in to preserving those.
|
||||||
|
Author: Simon Quigley <tsimonq2@lubuntu.me>
|
||||||
|
Origin: upstream
|
||||||
|
Forwarded: https://github.com/lxqt/lxqt-sudo/pull/204
|
||||||
|
Last-Update: 2023-10-11
|
||||||
|
---
|
||||||
|
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
|
||||||
|
--- a/sudo.cpp
|
||||||
|
+++ b/sudo.cpp
|
||||||
|
@@ -84,6 +84,7 @@ namespace
|
||||||
|
" -s|--su Use %3(1) as backend.\n"
|
||||||
|
" -d|--sudo Use %2(8) as backend.\n"
|
||||||
|
" -a|--doas Use %4(1) as backend.\n"
|
||||||
|
+ " -E|--keep-env Preserve all existing environment variables.\n"
|
||||||
|
" command Command to run.\n"
|
||||||
|
" arguments Optional arguments for command.\n\n").arg(app_master).arg(sudo_prog).arg(su_prog).arg(doas_prog);
|
||||||
|
if (!err.isEmpty())
|
||||||
|
@@ -114,8 +115,13 @@ namespace
|
||||||
|
};
|
||||||
|
assert_helper h;
|
||||||
|
|
||||||
|
- inline std::string env_workarounds()
|
||||||
|
+ inline std::string env_workarounds(bool preserveEnv)
|
||||||
|
{
|
||||||
|
+ if (preserveEnv) {
|
||||||
|
+ std::cerr << LXQTSUDO << ": Preserving all environment variables.\n";
|
||||||
|
+ return "";
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
std::cerr << LXQTSUDO << ": Stripping child environment except for: ";
|
||||||
|
std::ostringstream left_env_params;
|
||||||
|
std::copy(ALLOWED_VARS, ALLOWED_END - 1, std::ostream_iterator<const char *>{left_env_params, ","});
|
||||||
|
@@ -196,6 +202,10 @@ int Sudo::main()
|
||||||
|
{
|
||||||
|
mBackend = BACK_DOAS;
|
||||||
|
mArgs.removeAt(0);
|
||||||
|
+ } else if (QStringLiteral("-E") == arg1 || QStringLiteral("--keep-env") == arg1)
|
||||||
|
+ {
|
||||||
|
+ mPreserveEnv = true;
|
||||||
|
+ mArgs.removeAt(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
//any other arguments we simply forward to su/sudo
|
||||||
|
@@ -287,11 +297,13 @@ void Sudo::child()
|
||||||
|
switch (mBackend)
|
||||||
|
{
|
||||||
|
case BACK_SUDO:
|
||||||
|
- preserve_env_param = "--preserve-env=";
|
||||||
|
-
|
||||||
|
- preserve_env_param += env_workarounds();
|
||||||
|
-
|
||||||
|
- *(param_arg++) = preserve_env_param.c_str(); //preserve environment
|
||||||
|
+ if(!mPreserveEnv) {
|
||||||
|
+ preserve_env_param = "--preserve-env=";
|
||||||
|
+ preserve_env_param += env_workarounds(mPreserveEnv);
|
||||||
|
+ } else {
|
||||||
|
+ preserve_env_param = "--preserve-env";
|
||||||
|
+ }
|
||||||
|
+ *(param_arg++) = preserve_env_param.c_str();
|
||||||
|
*(param_arg++) = "/bin/sh";
|
||||||
|
break;
|
||||||
|
case BACK_DOAS:
|
||||||
|
@@ -299,7 +311,7 @@ void Sudo::child()
|
||||||
|
[[fallthrough]];
|
||||||
|
case BACK_SU:
|
||||||
|
case BACK_NONE:
|
||||||
|
- env_workarounds();
|
||||||
|
+ env_workarounds(mPreserveEnv);
|
||||||
|
break;
|
||||||
|
|
||||||
|
}
|
||||||
|
--- a/sudo.h
|
||||||
|
+++ b/sudo.h
|
||||||
|
@@ -81,6 +81,7 @@ private:
|
||||||
|
int mChildPid;
|
||||||
|
int mPwdFd;
|
||||||
|
int mRet;
|
||||||
|
+ bool mPreserveEnv = false;
|
||||||
|
};
|
||||||
|
|
||||||
|
#endif //SUDO_H
|
@ -0,0 +1 @@
|
|||||||
|
bypass-envvar-allowlist.patch
|
@ -1,3 +1,5 @@
|
|||||||
version=4
|
version=4
|
||||||
opts="pgpsigurlmangle=s/$/.asc/" \
|
opts="searchmode=plain, \
|
||||||
https://github.com/lxqt/lxqt-sudo/releases .*/lxqt-sudo-([\d\.]+).tar.xz
|
pgpsigurlmangle=s/$/.asc/, \
|
||||||
|
uversionmangle=s/(\d+\.\d+\.\d+).*/$1/" \
|
||||||
|
https://api.github.com/repos/lxqt/@PACKAGE@/releases https:\/\/github.com\/lxqt\/@PACKAGE@\/releases\/download\/@ANY_VERSION@\/@PACKAGE@-@ANY_VERSION@.tar.xz
|
||||||
|
Loading…
Reference in new issue