Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tomb fails if sudo is not installed #498

Open
JonasVautherin opened this issue Dec 8, 2023 · 5 comments
Open

Tomb fails if sudo is not installed #498

JonasVautherin opened this issue Dec 8, 2023 · 5 comments
Assignees
@jaromil
Labels
enhancement An issue to improve current behavior
Milestone
3.0

Comments

@JonasVautherin
Copy link

JonasVautherin commented Dec 8, 2023
edited

Tomb is supposed to support alternatives to sudo (e.g. doas), but the script fails if sudo is not installed. I have seen it fail in two places:

  1. in _ensure_dependencies():
for req in cryptsetup pinentry sudo gpg mkfs.ext4 e2fsck; do

Maybe sudo should not be in that list? Also I am not completely sure if that list should exist: I tried to run it from an alpine container, and other dependencies were missing (including losetup, e2fsprogs). To me it feels like the system package manager should take care of the dependencies. Or at least maybe _ensure_dependencies() could check the value of --sudo?

  1. Still in _ensure_dependencies, this fails for me if I don't have sudo installed (even if I specify --sudo doas):
	[[ "$SUDO" == "sudo" ]] && {
	    command -v sudo 1>/dev/null 2>/dev/null ||
		_failure "No privilege escalation tool found, not even sudo"
	}

Same as above, maybe it could be solved by checking --sudo?

Other than that, it works for me with --sudo doas 👍. I would be happy to make a patch, test it and open a PR, but I'd like to have your opinion first. Can it just use option_is_set --sudo in _ensure_dependencies()?
@amalgame21
Copy link

Hi!
Do you encounter the problem that I have in #470 while using --sudo doas?

@JonasVautherin
Copy link
Author

JonasVautherin commented Dec 15, 2023
edited

Do you encounter the problem that I have in #470 while using --sudo doas?

I do, yes, but I thought it would be the next problem to solve 🙈. I am using OpenDoas on Alpine.

Do you have the problem I have above?

@amalgame21
Copy link

Yes, I have the same problem as you mentioned above, but I installed doas-sudo-shim to get around it, which is just a shim for the sudo command that utilizes doas.
Seems you are also using OpenDoas from Duncaen, same as mine.

@JonasVautherin
Copy link
Author

but I installed doas-sudo-shim to get around it

Right, sounds like a valid workaround. In my case I really would like to fix the tomb script, because ideally I would like to make and maintain a package for Alpine.

@jaromil
Copy link
Member

jaromil commented Jan 29, 2024

Hi @JonasVautherin ! thanks for this and the other report. You are welcome to file a PR with the fix you propose here, also remove sudo from the list of requirements.

The req check is there to issue an error before processing in case vital system components are missing, else tomb would proceed processing and perhaps hang in the mid of it (mapper without mount etc.) with third party error messages. We cannot rely on packaging for requirements, many of us use tomb as a simple drop-in script.

@jaromil jaromil mentioned this issue Jan 29, 2024
Open
@jaromil jaromil self-assigned this May 11, 2024
@jaromil jaromil added the enhancement An issue to improve current behavior label May 11, 2024
@jaromil jaromil added this to the 3.0 milestone May 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jaromil jaromil

Labels
enhancement An issue to improve current behavior
Projects
None yet
Milestone
3.0
Development

No branches or pull requests
3 participants
@jaromil @JonasVautherin @amalgame21