rename and fix currentUserCanSudoWithoutPassword

This commit is contained in:
az 2023-02-15 18:54:18 +01:00
parent b5d64095f4
commit 1cfe32bd08
3 changed files with 7 additions and 8 deletions

View file

@ -9,7 +9,7 @@ import org.domaindrivenarchitecture.provs.framework.ubuntu.keys.KeyPair
import org.domaindrivenarchitecture.provs.framework.ubuntu.keys.SshKeyPair
import org.domaindrivenarchitecture.provs.framework.ubuntu.keys.base.gpgFingerprint
import org.domaindrivenarchitecture.provs.framework.ubuntu.keys.provisionKeys
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.currentUserCanSudo
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.currentUserCanSudoWithoutPassword
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.whoami
internal fun provisionDesktopCommand(prov: Prov, cmd: DesktopCliCommand) {
@ -65,7 +65,7 @@ internal fun Prov.provisionDesktop(
}
fun Prov.validatePrecondition() {
if (!currentUserCanSudo()) {
if (!currentUserCanSudoWithoutPassword()) {
throw Exception("Current user ${whoami()} cannot execute sudo without entering a password! This is necessary to execute provisionDesktop")
}
}

View file

@ -6,7 +6,7 @@ import org.domaindrivenarchitecture.provs.framework.core.Secret
import org.domaindrivenarchitecture.provs.framework.core.local
import org.domaindrivenarchitecture.provs.framework.core.remote
import org.domaindrivenarchitecture.provs.framework.ubuntu.secret.secretSources.PromptSecretSource
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.currentUserCanSudo
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.currentUserCanSudoWithoutPassword
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.makeUserSudoerWithNoSudoPasswordRequired
import org.domaindrivenarchitecture.provs.framework.ubuntu.user.base.whoami
import kotlin.system.exitProcess
@ -49,8 +49,7 @@ fun createProvInstance(
private fun createLocalProvInstance(): Prov {
val prov = local()
prov.cmd("sudo -K") // revoke any temporary sudo privileges
if (!prov.currentUserCanSudo()) {
if (!prov.currentUserCanSudoWithoutPassword()) {
val password = PromptSecretSource("Please enter password to configure sudo without password in the future." +
"\nWarning: This will permanently allow your user to use sudo privileges without a password.").secret()
prov.makeUserSudoerWithNoSudoPasswordRequired(password)
@ -76,7 +75,7 @@ private fun createRemoteProvInstance(
remote(host, remoteUser, password)
}
if (!prov.currentUserCanSudo()) {
if (!prov.currentUserCanSudoWithoutPassword()) {
if (remoteHostSetSudoWithoutPasswordRequired) {
require(
password != null,

View file

@ -131,8 +131,8 @@ fun Prov.userIsInGroupSudo(userName: String): Boolean {
* Checks if current user can execute sudo commands.
*/
@Suppress("unused")
fun Prov.currentUserCanSudo(): Boolean {
return chk("timeout 1 sudo -S id")
fun Prov.currentUserCanSudoWithoutPassword(): Boolean {
return chk("timeout 1 sudo -kS id")
}
/**