admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

Merge pull request #14629 from Kentzo/sudo-user

Browse Source 
sudo: explicitly specify the root user where necessary
This commit is contained in:
Mike McQuaid 2023-04-29 11:17:21 +01:00 committed by GitHub
commit cd683aefa8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 203 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
Library/Homebrew/cask/artifact/abstract_uninstall.rb
View File

@ -105,30 +105,47 @@ module Cask
all_services.each do |service| all_services.each do |service|
ohai "Removing launchctl service #{service}" ohai "Removing launchctl service #{service}"
booleans.each do |with_sudo| booleans.each do |sudo|
plist_status = command.run( plist_status = command.run(
"/bin/launchctl", "/bin/launchctl",
args: ["list", service], args: ["list", service],
sudo: with_sudo, print_stderr: false sudo: sudo,
sudo_as_root: sudo,
print_stderr: false,
).stdout ).stdout
if plist_status.start_with?("{") if plist_status.start_with?("{")
command.run!("/bin/launchctl", args: ["remove", service], sudo: with_sudo) command.run!(
"/bin/launchctl",
args: ["remove", service],
sudo: sudo,
sudo_as_root: sudo,
)
sleep 1 sleep 1
end end
paths = [ paths = [
+"/Library/LaunchAgents/#{service}.plist", +"/Library/LaunchAgents/#{service}.plist",
+"/Library/LaunchDaemons/#{service}.plist", +"/Library/LaunchDaemons/#{service}.plist",
] ]
paths.each { |elt| elt.prepend(Dir.home).freeze } unless with_sudo paths.each { |elt| elt.prepend(Dir.home).freeze } unless sudo
paths = paths.map { |elt| Pathname(elt) }.select(&:exist?) paths = paths.map { |elt| Pathname(elt) }.select(&:exist?)
paths.each do |path| paths.each do |path|
command.run!("/bin/rm", args: ["-f", "--", path], sudo: with_sudo) command.run!("/bin/rm", args: ["-f", "--", path], sudo: sudo, sudo_as_root: sudo)
end end
# undocumented and untested: pass a path to uninstall :launchctl # undocumented and untested: pass a path to uninstall :launchctl
next unless Pathname(service).exist? next unless Pathname(service).exist?
command.run!("/bin/launchctl", args: ["unload", "-w", "--", service], sudo: with_sudo) command.run!(
command.run!("/bin/rm", args: ["-f", "--", service], sudo: with_sudo) "/bin/launchctl",
args: ["unload", "-w", "--", service],
sudo: sudo,
sudo_as_root: sudo,
)
command.run!(
"/bin/rm",
args: ["-f", "--", service],
sudo: sudo,
sudo_as_root: sudo,
)
sleep 1 sleep 1
end end
end end
@ -301,14 +318,35 @@ module Cask
def uninstall_kext(*kexts, command: nil, **_) def uninstall_kext(*kexts, command: nil, **_)
kexts.each do |kext| kexts.each do |kext|
ohai "Unloading kernel extension #{kext}" ohai "Unloading kernel extension #{kext}"
is_loaded = system_command!("/usr/sbin/kextstat", args: ["-l", "-b", kext], sudo: true).stdout is_loaded = system_command!(
"/usr/sbin/kextstat",
args: ["-l", "-b", kext],
sudo: true,
sudo_as_root: true,
).stdout
if is_loaded.length > 1 if is_loaded.length > 1
system_command!("/sbin/kextunload", args: ["-b", kext], sudo: true) system_command!(
"/sbin/kextunload",
args: ["-b", kext],
sudo: true,
sudo_as_root: true,
)
sleep 1 sleep 1
end end
system_command!("/usr/sbin/kextfind", args: ["-b", kext], sudo: true).stdout.chomp.lines.each do |kext_path| found_kexts = system_command!(
"/usr/sbin/kextfind",
args: ["-b", kext],
sudo: true,
sudo_as_root: true,
).stdout.chomp.lines
found_kexts.each do |kext_path|
ohai "Removing kernel extension #{kext_path}" ohai "Removing kernel extension #{kext_path}"
system_command!("/bin/rm", args: ["-rf", kext_path], sudo: true) system_command!(
"/bin/rm",
args: ["-rf", kext_path],
sudo: true,
sudo_as_root: true,
)
end end
end end
end end

7
Library/Homebrew/cask/artifact/keyboard_layout.rb
View File

@ -22,7 +22,12 @@ module Cask
private private
def delete_keyboard_layout_cache(command: nil, **_) def delete_keyboard_layout_cache(command: nil, **_)
command.run!("/bin/rm", args: ["-f", "--", "/System/Library/Caches/com.apple.IntlDataCache.le*"], sudo: true) command.run!(
"/bin/rm",
args: ["-f", "--", "/System/Library/Caches/com.apple.IntlDataCache.le*"],
sudo: true,
sudo_as_root: true,
)
end end
end end
end end

9
Library/Homebrew/cask/artifact/pkg.rb
View File

@ -62,7 +62,14 @@ module Cask
"USER" => User.current, "USER" => User.current,
"USERNAME" => User.current, "USERNAME" => User.current,
} }
command.run!("/usr/sbin/installer", sudo: true, args: args, print_stdout: true, env: env) command.run!(
"/usr/sbin/installer",
sudo: true,
sudo_as_root: true,
args: args,
print_stdout: true,
env: env,
)
end end
end end

28
Library/Homebrew/cask/pkg.rb
View File

@ -30,9 +30,10 @@ module Cask
odebug "Deleting pkg files" odebug "Deleting pkg files"
@command.run!( @command.run!(
"/usr/bin/xargs", "/usr/bin/xargs",
args: ["-0", "--", "/bin/rm", "--"], args: ["-0", "--", "/bin/rm", "--"],
input: pkgutil_bom_files.join("\0"), input: pkgutil_bom_files.join("\0"),
sudo: true, sudo: true,
sudo_as_root: true,
) )
end end
@ -40,9 +41,10 @@ module Cask
odebug "Deleting pkg symlinks and special files" odebug "Deleting pkg symlinks and special files"
@command.run!( @command.run!(
"/usr/bin/xargs", "/usr/bin/xargs",
args: ["-0", "--", "/bin/rm", "--"], args: ["-0", "--", "/bin/rm", "--"],
input: pkgutil_bom_specials.join("\0"), input: pkgutil_bom_specials.join("\0"),
sudo: true, sudo: true,
sudo_as_root: true,
) )
end end
@ -59,7 +61,12 @@ module Cask
sig { void } sig { void }
def forget def forget
odebug "Unregistering pkg receipt (aka forgetting)" odebug "Unregistering pkg receipt (aka forgetting)"
@command.run!("/usr/sbin/pkgutil", args: ["--forget", package_id], sudo: true) @command.run!(
"/usr/sbin/pkgutil",
args: ["--forget", package_id],
sudo: true,
sudo_as_root: true,
)
end end
sig { returns(T::Array[Pathname]) } sig { returns(T::Array[Pathname]) }
@ -112,9 +119,10 @@ module Cask
def rmdir(path) def rmdir(path)
@command.run!( @command.run!(
"/usr/bin/xargs", "/usr/bin/xargs",
args: ["-0", "--", RMDIR_SH.to_s], args: ["-0", "--", RMDIR_SH.to_s],
input: Array(path).join("\0"), input: Array(path).join("\0"),
sudo: true, sudo: true,
sudo_as_root: true,
) )
end end

3
Library/Homebrew/sorbet/rbi/parlour.rbi
View File

@ -107,6 +107,9 @@ class SystemCommand
sig { returns(T::Boolean) } sig { returns(T::Boolean) }
def sudo?; end def sudo?; end
sig { returns(T::Boolean) }
def sudo_as_root?; end
sig { returns(T::Boolean) } sig { returns(T::Boolean) }
def print_stdout?; end def print_stdout?; end

12
Library/Homebrew/system_command.rb
View File

@ -65,6 +65,7 @@ class SystemCommand
executable: T.any(String, Pathname), executable: T.any(String, Pathname),
args: T::Array[T.any(String, Integer, Float, URI::Generic)], args: T::Array[T.any(String, Integer, Float, URI::Generic)],
sudo: T::Boolean, sudo: T::Boolean,
sudo_as_root: T::Boolean,
env: T::Hash[String, String], env: T::Hash[String, String],
input: T.any(String, T::Array[String]), input: T.any(String, T::Array[String]),
must_succeed: T::Boolean, must_succeed: T::Boolean,
@ -81,6 +82,7 @@ class SystemCommand
executable, executable,
args: [], args: [],
sudo: false, sudo: false,
sudo_as_root: false,
env: {}, env: {},
input: [], input: [],
must_succeed: false, must_succeed: false,
@ -95,7 +97,11 @@ class SystemCommand
require "extend/ENV" require "extend/ENV"
@executable = executable @executable = executable
@args = args @args = args
raise ArgumentError, "sudo_as_root cannot be set if sudo is false" if !sudo && sudo_as_root
@sudo = sudo @sudo = sudo
@sudo_as_root = sudo_as_root
env.each_key do |name| env.each_key do |name|
next if /^[\w&&\D]\w*$/.match?(name) next if /^[\w&&\D]\w*$/.match?(name)
@ -122,7 +128,7 @@ class SystemCommand
attr_reader :executable, :args, :input, :chdir, :env attr_reader :executable, :args, :input, :chdir, :env
attr_predicate :sudo?, :print_stdout?, :print_stderr?, :must_succeed? attr_predicate :sudo?, :sudo_as_root?, :print_stdout?, :print_stderr?, :must_succeed?
sig { returns(T::Boolean) } sig { returns(T::Boolean) }
def debug? def debug?
@ -153,8 +159,10 @@ class SystemCommand
sig { returns(T::Array[String]) } sig { returns(T::Array[String]) }
def sudo_prefix def sudo_prefix
user_flags = []
user_flags += ["-u", "root"] if sudo_as_root?
askpass_flags = ENV.key?("SUDO_ASKPASS") ? ["-A"] : [] askpass_flags = ENV.key?("SUDO_ASKPASS") ? ["-A"] : []
["/usr/bin/sudo", *askpass_flags, "-E", *env_args, "--"] ["/usr/bin/sudo", *user_flags, *askpass_flags, "-E", *env_args, "--"]
end end
sig { returns(T::Array[String]) } sig { returns(T::Array[String]) }

2
Library/Homebrew/test/cask/artifact/pkg_spec.rb
View File

@ -16,6 +16,7 @@ describe Cask::Artifact::Pkg, :cask do
"/usr/sbin/installer", "/usr/sbin/installer",
args: ["-pkg", cask.staged_path.join("MyFancyPkg", "Fancy.pkg"), "-target", "/"], args: ["-pkg", cask.staged_path.join("MyFancyPkg", "Fancy.pkg"), "-target", "/"],
sudo: true, sudo: true,
sudo_as_root: true,
print_stdout: true, print_stdout: true,
env: { env: {
"LOGNAME" => ENV.fetch("USER"), "LOGNAME" => ENV.fetch("USER"),
@ -65,6 +66,7 @@ describe Cask::Artifact::Pkg, :cask do
cask.staged_path.join("/tmp/choices.xml") cask.staged_path.join("/tmp/choices.xml")
], ],
sudo: true, sudo: true,
sudo_as_root: true,
print_stdout: true, print_stdout: true,
env: { env: {
"LOGNAME" => ENV.fetch("USER"), "LOGNAME" => ENV.fetch("USER"),

77
Library/Homebrew/test/cask/artifact/shared_examples/uninstall_zap.rb
View File

@ -31,14 +31,26 @@ shared_examples "#uninstall_phase or #zap_phase" do
it "works when job is owned by user" do it "works when job is owned by user" do
allow(fake_system_command).to receive(:run) allow(fake_system_command).to receive(:run)
.with("/bin/launchctl", args: ["list", "my.fancy.package.service"], print_stderr: false, sudo: false) .with(
"/bin/launchctl",
args: ["list", "my.fancy.package.service"],
print_stderr: false,
sudo: false,
sudo_as_root: false,
)
.and_return(instance_double(SystemCommand::Result, stdout: service_info)) .and_return(instance_double(SystemCommand::Result, stdout: service_info))
allow(fake_system_command).to receive(:run) allow(fake_system_command).to receive(:run)
.with("/bin/launchctl", args: ["list", "my.fancy.package.service"], print_stderr: false, sudo: true) .with(
"/bin/launchctl",
args: ["list", "my.fancy.package.service"],
print_stderr: false,
sudo: true,
sudo_as_root: true,
)
.and_return(instance_double(SystemCommand::Result, stdout: unknown_response)) .and_return(instance_double(SystemCommand::Result, stdout: unknown_response))
expect(fake_system_command).to receive(:run!) expect(fake_system_command).to receive(:run!)
.with("/bin/launchctl", args: ["remove", "my.fancy.package.service"], sudo: false) .with("/bin/launchctl", args: ["remove", "my.fancy.package.service"], sudo: false, sudo_as_root: false)
.and_return(instance_double(SystemCommand::Result)) .and_return(instance_double(SystemCommand::Result))
subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command) subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command)
@ -46,14 +58,26 @@ shared_examples "#uninstall_phase or #zap_phase" do
it "works when job is owned by system" do it "works when job is owned by system" do
allow(fake_system_command).to receive(:run) allow(fake_system_command).to receive(:run)
.with("/bin/launchctl", args: ["list", "my.fancy.package.service"], print_stderr: false, sudo: false) .with(
"/bin/launchctl",
args: ["list", "my.fancy.package.service"],
print_stderr: false,
sudo: false,
sudo_as_root: false,
)
.and_return(instance_double(SystemCommand::Result, stdout: unknown_response)) .and_return(instance_double(SystemCommand::Result, stdout: unknown_response))
allow(fake_system_command).to receive(:run) allow(fake_system_command).to receive(:run)
.with("/bin/launchctl", args: ["list", "my.fancy.package.service"], print_stderr: false, sudo: true) .with(
"/bin/launchctl",
args: ["list", "my.fancy.package.service"],
print_stderr: false,
sudo: true,
sudo_as_root: true,
)
.and_return(instance_double(SystemCommand::Result, stdout: service_info)) .and_return(instance_double(SystemCommand::Result, stdout: service_info))
expect(fake_system_command).to receive(:run!) expect(fake_system_command).to receive(:run!)
.with("/bin/launchctl", args: ["remove", "my.fancy.package.service"], sudo: true) .with("/bin/launchctl", args: ["remove", "my.fancy.package.service"], sudo: true, sudo_as_root: true)
.and_return(instance_double(SystemCommand::Result)) .and_return(instance_double(SystemCommand::Result))
subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command) subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command)
@ -94,14 +118,26 @@ shared_examples "#uninstall_phase or #zap_phase" do
.and_return(["my.fancy.package.service.12345"]) .and_return(["my.fancy.package.service.12345"])
allow(fake_system_command).to receive(:run) allow(fake_system_command).to receive(:run)
.with("/bin/launchctl", args: ["list", "my.fancy.package.service.12345"], print_stderr: false, sudo: false) .with(
"/bin/launchctl",
args: ["list", "my.fancy.package.service.12345"],
print_stderr: false,
sudo: false,
sudo_as_root: false,
)
.and_return(instance_double(SystemCommand::Result, stdout: unknown_response)) .and_return(instance_double(SystemCommand::Result, stdout: unknown_response))
allow(fake_system_command).to receive(:run) allow(fake_system_command).to receive(:run)
.with("/bin/launchctl", args: ["list", "my.fancy.package.service.12345"], print_stderr: false, sudo: true) .with(
"/bin/launchctl",
args: ["list", "my.fancy.package.service.12345"],
print_stderr: false,
sudo: true,
sudo_as_root: true,
)
.and_return(instance_double(SystemCommand::Result, stdout: service_info)) .and_return(instance_double(SystemCommand::Result, stdout: service_info))
expect(fake_system_command).to receive(:run!) expect(fake_system_command).to receive(:run!)
.with("/bin/launchctl", args: ["remove", "my.fancy.package.service.12345"], sudo: true) .with("/bin/launchctl", args: ["remove", "my.fancy.package.service.12345"], sudo: true, sudo_as_root: true)
.and_return(instance_double(SystemCommand::Result)) .and_return(instance_double(SystemCommand::Result))
subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command) subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command)
@ -148,19 +184,19 @@ shared_examples "#uninstall_phase or #zap_phase" do
it "is supported" do it "is supported" do
allow(subject).to receive(:system_command!) allow(subject).to receive(:system_command!)
.with("/usr/sbin/kextstat", args: ["-l", "-b", kext_id], sudo: true) .with("/usr/sbin/kextstat", args: ["-l", "-b", kext_id], sudo: true, sudo_as_root: true)
.and_return(instance_double("SystemCommand::Result", stdout: "loaded")) .and_return(instance_double("SystemCommand::Result", stdout: "loaded"))
expect(subject).to receive(:system_command!) expect(subject).to receive(:system_command!)
.with("/sbin/kextunload", args: ["-b", kext_id], sudo: true) .with("/sbin/kextunload", args: ["-b", kext_id], sudo: true, sudo_as_root: true)
.and_return(instance_double("SystemCommand::Result")) .and_return(instance_double("SystemCommand::Result"))
expect(subject).to receive(:system_command!) expect(subject).to receive(:system_command!)
.with("/usr/sbin/kextfind", args: ["-b", kext_id], sudo: true) .with("/usr/sbin/kextfind", args: ["-b", kext_id], sudo: true, sudo_as_root: true)
.and_return(instance_double("SystemCommand::Result", stdout: "/Library/Extensions/FancyPackage.kext\n")) .and_return(instance_double("SystemCommand::Result", stdout: "/Library/Extensions/FancyPackage.kext\n"))
expect(subject).to receive(:system_command!) expect(subject).to receive(:system_command!)
.with("/bin/rm", args: ["-rf", "/Library/Extensions/FancyPackage.kext"], sudo: true) .with("/bin/rm", args: ["-rf", "/Library/Extensions/FancyPackage.kext"], sudo: true, sudo_as_root: true)
subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command) subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command)
end end
@ -281,13 +317,14 @@ shared_examples "#uninstall_phase or #zap_phase" do
it "is supported" do it "is supported" do
allow(fake_system_command).to receive(:run).with(any_args).and_call_original allow(fake_system_command).to receive(:run).with(any_args).and_call_original
expect(fake_system_command).to receive(:run).with( expect(fake_system_command).to receive(:run)
cask.staged_path.join("MyFancyPkg", "FancyUninstaller.tool"), .with(
args: ["--please"], cask.staged_path.join("MyFancyPkg", "FancyUninstaller.tool"),
must_succeed: true, args: ["--please"],
print_stdout: true, must_succeed: true,
sudo: false, print_stdout: true,
) sudo: false,
)
InstallHelper.install_without_artifacts(cask) InstallHelper.install_without_artifacts(cask)
subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command) subject.public_send(:"#{artifact_dsl_key}_phase", command: fake_system_command)

12
Library/Homebrew/test/cask/dsl/shared_examples/staged.rb
View File

@ -67,7 +67,11 @@ shared_examples Cask::Staged do
allow(staged).to receive(:Pathname).and_return(fake_pathname) allow(staged).to receive(:Pathname).and_return(fake_pathname)
expect(fake_system_command).to receive(:run!) expect(fake_system_command).to receive(:run!)
.with("/usr/sbin/chown", args: ["-R", "--", "fake_user:staff", fake_pathname, fake_pathname], sudo: true) .with(
"/usr/sbin/chown",
args: ["-R", "--", "fake_user:staff", fake_pathname, fake_pathname],
sudo: true,
)
staged.set_ownership([fake_pathname.to_s, fake_pathname.to_s]) staged.set_ownership([fake_pathname.to_s, fake_pathname.to_s])
end end
@ -78,7 +82,11 @@ shared_examples Cask::Staged do
allow(staged).to receive(:Pathname).and_return(fake_pathname) allow(staged).to receive(:Pathname).and_return(fake_pathname)
expect(fake_system_command).to receive(:run!) expect(fake_system_command).to receive(:run!)
.with("/usr/sbin/chown", args: ["-R", "--", "other_user:other_group", fake_pathname], sudo: true) .with(
"/usr/sbin/chown",
args: ["-R", "--", "other_user:other_group", fake_pathname],
sudo: true,
)
staged.set_ownership(fake_pathname.to_s, user: "other_user", group: "other_group") staged.set_ownership(fake_pathname.to_s, user: "other_user", group: "other_group")
end end

12
Library/Homebrew/test/cask/pkg_spec.rb
View File

@ -63,8 +63,9 @@ describe Cask::Pkg, :cask do
expect(fake_system_command).to receive(:run!).with( expect(fake_system_command).to receive(:run!).with(
"/usr/sbin/pkgutil", "/usr/sbin/pkgutil",
args: ["--forget", "my.fake.pkg"], args: ["--forget", "my.fake.pkg"],
sudo: true, sudo: true,
sudo_as_root: true,
) )
pkg.uninstall pkg.uninstall
@ -114,9 +115,10 @@ describe Cask::Pkg, :cask do
allow(fake_system_command).to receive(:run!).and_call_original allow(fake_system_command).to receive(:run!).and_call_original
expect(fake_system_command).to receive(:run!).with( expect(fake_system_command).to receive(:run!).with(
"/usr/bin/xargs", "/usr/bin/xargs",
args: ["-0", "--", a_string_including("rmdir")], args: ["-0", "--", a_string_including("rmdir")],
input: [fake_dir].join("\0"), input: [fake_dir].join("\0"),
sudo: true, sudo: true,
sudo_as_root: true,
).and_return(instance_double(SystemCommand::Result, stdout: "")) ).and_return(instance_double(SystemCommand::Result, stdout: ""))
pkg.uninstall pkg.uninstall

5
Library/Homebrew/test/support/fixtures/cask/Casks/with-uninstall-script-app.rb
View File

@ -15,7 +15,8 @@ cask "with-uninstall-script-app" do
end end
uninstall script: { uninstall script: {
executable: "#{appdir}/MyFancyApp.app/uninstall.sh", executable: "#{appdir}/MyFancyApp.app/uninstall.sh",
sudo: false, sudo: false,
sudo_as_root: false,
} }
end end

5
Library/Homebrew/test/support/fixtures/cask/Casks/with-uninstall-script-user-relative.rb
View File

@ -15,7 +15,8 @@ cask "with-uninstall-script-user-relative" do
end end
uninstall script: { uninstall script: {
executable: "~/MyFancyApp.app/uninstall.sh", executable: "~/MyFancyApp.app/uninstall.sh",
sudo: false, sudo: false,
sudo_as_root: false,
} }
end end

2
Library/Homebrew/test/support/helper/cask/never_sudo_system_command.rb
View File

@ -5,6 +5,6 @@ require "system_command"
class NeverSudoSystemCommand < SystemCommand class NeverSudoSystemCommand < SystemCommand
def self.run(command, **options) def self.run(command, **options)
super(command, **options.merge(sudo: false)) super(command, **options.merge(sudo: false, sudo_as_root: false))
end end
end end

26
Library/Homebrew/test/system_command_spec.rb
View File

@ -9,12 +9,14 @@ describe SystemCommand do
env: env, env: env,
must_succeed: true, must_succeed: true,
sudo: sudo, sudo: sudo,
sudo_as_root: sudo_as_root,
) )
end end
let(:env_args) { ["bash", "-c", 'printf "%s" "${A?}" "${B?}" "${C?}"'] } let(:env_args) { ["bash", "-c", 'printf "%s" "${A?}" "${B?}" "${C?}"'] }
let(:env) { { "A" => "1", "B" => "2", "C" => "3" } } let(:env) { { "A" => "1", "B" => "2", "C" => "3" } }
let(:sudo) { false } let(:sudo) { false }
let(:sudo_as_root) { false }
context "when given some environment variables" do context "when given some environment variables" do
its("run!.stdout") { is_expected.to eq("123") } its("run!.stdout") { is_expected.to eq("123") }
@ -45,8 +47,9 @@ describe SystemCommand do
end end
end end
context "when given some environment variables and sudo: true" do context "when given some environment variables and sudo: true, sudo_as_root: false" do
let(:sudo) { true } let(:sudo) { true }
let(:sudo_as_root) { false }
describe "the resulting command line" do describe "the resulting command line" do
it "includes the given variables explicitly" do it "includes the given variables explicitly" do
@ -64,6 +67,27 @@ describe SystemCommand do
end end
end end
end end
context "when given some environment variables and sudo: true, sudo_as_root: true" do
let(:sudo) { true }
let(:sudo_as_root) { true }
describe "the resulting command line" do
it "includes the given variables explicitly" do
expect(Open3)
.to receive(:popen3)
.with(
an_instance_of(Hash), ["/usr/bin/sudo", "/usr/bin/sudo"], "-u", "root",
"-E", "A=1", "B=2", "C=3", "--", "env", *env_args, pgroup: nil
)
.and_wrap_original do |original_popen3, *_, &block|
original_popen3.call("true", &block)
end
command.run!
end
end
end
end end
context "when the exit code is 0" do context "when the exit code is 0" do