[Libguestfs] [PATCH] p2v: Test for sudo requiring a password first (RHBZ#1500673).

Richard W.M. Jones rjones at redhat.com
Wed Oct 11 14:16:32 UTC 2017 

When testing if sudo -n requires a password, we tested for the prompt
earlier than testing for the magic sudo message ‘a password is
required’.

Since the shell will print the prompt just after the sudo message:

  prompt$ sudo -n virt-v2v --version
  sudo: a password is required
  prompt$

the prompt nearly always matched and we missed the magic sudo message.
(The exception is in the case where we are running everything on
localhost where the sudo message could be read in a single call to
read(2) without seeing the prompt immediately afterwards.  Even this
exception was non-deterministic.)

By swapping the priority of the sudo message and prompt we avoid this.

Looking at the debug output (enabled by editing common/miniexpect)
makes this clearer:

  DEBUG: writing: sudo -n virt-v2v --version
  DEBUG: buffer content: sudo: a password is required
  ESC]0;rjones at hamr:~^G###bphcxtq5###

Thanks: Ming Xie.
---
 p2v/ssh.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/p2v/ssh.c b/p2v/ssh.c
index bfeb80661..991888348 100644
--- a/p2v/ssh.c
+++ b/p2v/ssh.c
@@ -792,8 +792,8 @@ test_connection (struct config *config)
     switch (mexp_expect (h,
                          (mexp_regexp[]) {
                            { 100, .re = version_re },
-                           { 101, .re = prompt_re },
-                           { 102, .re = sudo_password_re },
+                           { 101, .re = sudo_password_re },
+                           { 102, .re = prompt_re },
                            { 0 }
                          }, ovector, ovecsize)) {
     case 100:                   /* Got version string. */
@@ -805,15 +805,15 @@ test_connection (struct config *config)
 #endif
       break;
 
-    case 101:             /* Got the prompt. */
-      goto end_of_version;
-
-    case 102:
+    case 101:
       set_ssh_error ("sudo for user \"%s\" requires a password.  Edit /etc/sudoers on the conversion server to ensure the \"NOPASSWD:\" option is set for this user.",
                      config->username);
       mexp_close (h);
       return -1;
 
+    case 102:             /* Got the prompt. */
+      goto end_of_version;
+
     case MEXP_EOF:
       set_ssh_unexpected_eof ("\"virt-v2v --version\" output");
       mexp_close (h);
-- 
2.13.2

More information about the Libguestfs mailing list