[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#36957] [PATCH] machine: Allow non-root users to deploy.
From: |
Jakob L. Kreuze |
Subject: |
[bug#36957] [PATCH] machine: Allow non-root users to deploy. |
Date: |
Wed, 07 Aug 2019 16:20:37 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
Hi Ricardo and Chris,
Ricardo Wurmus <address@hidden> writes:
> Hi Jakob,
>
> I haven’t yet looked over the patches, but when I saw that it mentions
> “sudo” I wondered: is it feasible to support “su” with interactive (or
> cached) password input as well?
I believe so. This would require two additions:
- Code to interact with the 'su' prompt.
- Some way for 'managed-host-environment-type' to obtain root's
password, which I imagine would be either a prompt or a field in the
configuration record.
On the latter addition, I've experimented a bit with both possibilities
(albeit for a password-authenticated sudo). Prompting the user for a
password feels like a bad idea because then deployments wouldn't really
be automated, and we would have to do some sort of thread
synchronization when parallel deployments are implemented so we don't
mess up the TTY. I could get behind a 'password' field for
'managed-host-environment-type' (and then if users want a prompt they
can just call out to 'getpass'), but again, we'd need code to interact
with the 'su' prompt.
Christopher Lemmer Webber <address@hidden> writes:
> Maybe a more important question: if this turns out to be desirable, is
> there a path forward to add it later? If that's true, I'd suggest we
> move forward with merging the patch and worry about how to add the
> option at a future time.
Yeah. A 'password' field with '(default #f)' shouldn't be too invasive.
Aside from that, it would just involve adding the 'su' interaction code
to the two procedures that spawn REPLs.
Regards,
Jakob
signature.asc
Description: PGP signature
[bug#36957] [PATCH] machine: Allow non-root users to deploy., Christopher Lemmer Webber, 2019/08/07
- [bug#36957] [PATCH v2] machine: Allow non-root users to deploy., Jakob L. Kreuze, 2019/08/07
- [bug#36957] [PATCH v2] machine: Allow non-root users to deploy., Ricardo Wurmus, 2019/08/08
- [bug#36957] [PATCH v2] machine: Allow non-root users to deploy., Jakob L. Kreuze, 2019/08/08
- [bug#36957] [PATCH v2] machine: Allow non-root users to deploy., Christopher Lemmer Webber, 2019/08/14
- [bug#36957] [PATCH 0/5] Consolidated patches for guix deploy, Jakob L. Kreuze, 2019/08/15
- [bug#36957] [PATCH 1/5] machine: Allow non-root users to deploy., Jakob L. Kreuze, 2019/08/15
- [bug#36957] [PATCH 2/5] machine: Implement 'roll-back-machine'., Jakob L. Kreuze, 2019/08/15