|
1 | | -use crate::prelude::*; |
2 | | -use std::process::{Command, Stdio}; |
| 1 | +use crate::{local_logger::suspend_progress_bar, prelude::*}; |
| 2 | +use std::{ |
| 3 | + io::IsTerminal, |
| 4 | + process::{Command, Stdio}, |
| 5 | +}; |
3 | 6 |
|
4 | | -/// Run a command with sudo if available |
5 | | -pub fn run_with_sudo(command_args: &[&str]) -> Result<()> { |
6 | | - let use_sudo = Command::new("sudo") |
7 | | - // `sudo true` will fail if sudo does not exist or the current user does not have sudo privileges |
8 | | - .arg("true") |
9 | | - .stdout(Stdio::null()) |
10 | | - .status() |
11 | | - .is_ok_and(|status| status.success()); |
12 | | - let mut command_args: Vec<&str> = command_args.into(); |
13 | | - if use_sudo { |
14 | | - command_args.insert(0, "sudo"); |
| 7 | +/// Validate sudo access, prompting the user for their password if necessary |
| 8 | +fn validate_sudo_access() -> Result<()> { |
| 9 | + let needs_password = IsTerminal::is_terminal(&std::io::stdout()) |
| 10 | + && Command::new("sudo") |
| 11 | + .arg("--non-interactive") // Fail if password is required |
| 12 | + .arg("true") |
| 13 | + .stdout(Stdio::null()) |
| 14 | + .stderr(Stdio::null()) |
| 15 | + .status() |
| 16 | + .map(|status| !status.success()) |
| 17 | + .unwrap_or(true); |
| 18 | + |
| 19 | + if needs_password { |
| 20 | + suspend_progress_bar(|| { |
| 21 | + info!( |
| 22 | + "Sudo privileges are required to continue. Please enter your password if prompted." |
| 23 | + ); |
| 24 | + |
| 25 | + // Validate and cache sudo credentials |
| 26 | + let auth_status = Command::new("sudo") |
| 27 | + .arg("--validate") // Validate and extend the timeout |
| 28 | + .stdin(Stdio::inherit()) |
| 29 | + .stdout(Stdio::inherit()) |
| 30 | + .stderr(Stdio::inherit()) |
| 31 | + .status() |
| 32 | + .map_err(|_| anyhow!("Failed to authenticate with sudo"))?; |
| 33 | + |
| 34 | + if !auth_status.success() { |
| 35 | + bail!("Failed to authenticate with sudo"); |
| 36 | + } |
| 37 | + Ok(()) |
| 38 | + })?; |
15 | 39 | } |
| 40 | + Ok(()) |
| 41 | +} |
| 42 | + |
| 43 | +/// Creates the base sudo command after validating sudo access |
| 44 | +pub fn sudo_command() -> Result<Command> { |
| 45 | + validate_sudo_access()?; |
| 46 | + let mut cmd = Command::new("sudo"); |
| 47 | + // Password prompt should not appear here since it has already been validated |
| 48 | + cmd.arg("--non-interactive"); |
| 49 | + Ok(cmd) |
| 50 | +} |
16 | 51 |
|
17 | | - debug!("Running command: {}", command_args.join(" ")); |
18 | | - let output = Command::new(command_args[0]) |
19 | | - .args(&command_args[1..]) |
| 52 | +/// Run a command with sudo after validating sudo access |
| 53 | +pub fn run_with_sudo(command_args: &[&str]) -> Result<()> { |
| 54 | + let command_str = command_args.join(" "); |
| 55 | + debug!("Running command with sudo: {command_str}"); |
| 56 | + let output = sudo_command()? |
| 57 | + .args(command_args) |
20 | 58 | .stdout(Stdio::piped()) |
21 | 59 | .output() |
22 | | - .map_err(|_| anyhow!("Failed to execute command: {}", command_args.join(" ")))?; |
| 60 | + .map_err(|_| anyhow!("Failed to execute command with sudo: {command_str}"))?; |
23 | 61 |
|
24 | 62 | if !output.status.success() { |
25 | 63 | info!("stdout: {}", String::from_utf8_lossy(&output.stdout)); |
26 | 64 | error!("stderr: {}", String::from_utf8_lossy(&output.stderr)); |
27 | | - bail!("Failed to execute command: {}", command_args.join(" ")); |
| 65 | + bail!("Failed to execute command with sudo: {command_str}"); |
28 | 66 | } |
29 | 67 |
|
30 | 68 | Ok(()) |
|
0 commit comments