Re: Help on /dev/tty and su -c
Hey Francesco,
Here is the code you are seeking. Feel free to send me a personal
email if you need more help.
#!/home/jordon/.ruby/1.9.3p125/bin/ruby
# Here it is in gist form: https://gist.github.com/2040324
$stdin.each.each { |line| $stdout.puts "Item: #{line}" }
$stdin = IO.new(IO.sysopen('/dev/tty', 'r'), 'r')
$stdout.print 'What is your name: '
$stdout.puts 'Well, hello there ' + $stdin.gets.chomp + ', it
certainly is nice to meet you.'
------
jordon@envygeeks:~ % su -c "cat input.txt | ./test.rb"
Password:
Item: one
Item: two
Item: three
What is your name: Jordon
Well, hello there Jordon, it certainly is nice to meet you.
On Wed, Mar 14, 2012 at 5:21 PM, Francesco Poli
<invernomuto@paranoici.org> wrote:
> Hello everybody,
> this is a sort of call for help.
>
> Warning! I am *not* subscribed to the debian-ruby list, hence,
> please Cc: me on replies. Thanks!
>
>
> As some of you may remember (from a previous thread [1]), I am one of
> the two co-maintainers of apt-listbugs.
> Two bugs have been recently reported for apt-listbugs [2], both caused
> by a recent security fix for su [3] that disabled the possibility to
> open /dev/tty for the child process of su -c "command" .
>
> [1] http://lists.debian.org/debian-ruby/2012/01/msg00025.html
> [2] if you have time and want to read more details, the two bugs
> are #662865 and #662983
> [3] see #628843 for more details
>
> I tried to think of a way to address these issues by only modifying
> apt-listbugs, but I am in trouble... Hence I am here asking for ideas
> to people more knowledgeable than me about Ruby.
>
> The most general issue is that apt-listbugs needs to perform the
> following steps (when run in "apt" mode):
>
> * first it reads some input through its STDIN, through a pipe
>
> * when this input ends (EOF), apt-listbugs needs to be able to become
> interactive and ask questions to the user, and get answers from STDIN,
> and possibly also run a web browser (that could be a textual browser,
> depending on the user preferences) and let the user interact with the
> browser
>
> Currently, apt-listbugs does all this by opening "/dev/tty", after the
> input ends.
> This no longer works, when apt-listbugs is invoked inside an su -c
> "command" , due to the above-cited security fix.
>
>
> So, the main problem seems to be reproducible with the following minimal
> test (so short and essential, that I don't think it is covered by
> copyright: hence, please use, copy, modify, and redistribute freely!)
>
>
> $ cat input.txt
> one
> two
> three
> $ cat test.rb
> #!/usr/bin/ruby
>
> STDIN.each { |line|
> puts "item: #{line}"
> # do many other things...
> }
>
> tty = open("/dev/tty", "r")
>
> print "Enter something: "
> ans = tty.gets.chomp
> puts "You entered \"#{ans}\""
> # do many more things...
> puts "Bye!"
> $ cat input.txt | ./test.rb
> item: one
> item: two
> item: three
> Enter something: yeah!
> You entered "yeah!"
> Bye!
> $ su -c "cat input.txt | ./test.rb"
> Password:
> item: one
> item: two
> item: three
> ./test.rb:8:in `initialize': No such device or address - /dev/tty (Errno::ENXIO)
> from ./test.rb:8:in `open'
> from ./test.rb:8
>
>
> The question is: is there a way to achieve this result, without being
> limited by the above-cited security fix, so that the last command may
> work as well?
>
> Any idea or suggestion?
> Unfortunately, I haven't found much documentation about this kind of
> tricks in Ruby...
> I would greatly appreciate your help.
>
> Thanks for your time.
>
>
> --
> http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
> New GnuPG key, see the transition document!
> ..................................................... Francesco Poli .
> GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
Reply to: