1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-22 13:33:52 +03:00

M #-: Use non-interactive sudo, fix arping path on Debians (#4555)

* M #-: Force all sudo usage as non-interactive
* M #-: Fix sudoers arping path on Debian-like systems
This commit is contained in:
Vlastimil Holer 2020-04-17 19:26:31 +02:00 committed by GitHub
parent fe7933586c
commit 424ab046b7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 45 additions and 45 deletions

View File

@ -11,7 +11,7 @@ def clean_host_nic(veth)
return unless s == 0
cmd = "sudo ip link delete #{veth}"
cmd = "sudo -n ip link delete #{veth}"
OpenNebula.log "Found lingering nic #{veth}\n Running #{cmd}"
o, e, s = Open3.capture3(cmd)

View File

@ -25,12 +25,12 @@ fi
case $ACTION in
leader)
sudo ip address add $IFADDR dev $INTERFACE
sudo -n ip address add $IFADDR dev $INTERFACE
for i in $(seq 5); do
sudo arping -c 1 -U -I $INTERFACE ${IP}
sudo -n arping -c 1 -U -I $INTERFACE ${IP}
sleep 1
sudo arping -c 1 -A -I $INTERFACE ${IP}
sudo -n arping -c 1 -A -I $INTERFACE ${IP}
sleep 1
done
@ -62,8 +62,8 @@ leader)
;;
follower)
if sudo ip address show dev $INTERFACE | grep -qi " ${IP}/"; then
sudo ip address del $IFADDR dev $INTERFACE
if sudo -n ip address show dev $INTERFACE | grep -qi " ${IP}/"; then
sudo -n ip address del $IFADDR dev $INTERFACE
fi
if [ "${IS_SYSTEMD}" = 'yes' ]; then

View File

@ -3,7 +3,7 @@ Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
Cmnd_Alias ONE_FIRECRACKER = /usr/bin/jailer, /bin/mount, /usr/sbin/one-clean-firecracker-domain
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /bin/systemctl start opennebula-hem, /bin/systemctl stop opennebula-hem, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/service opennebula-hem start, /usr/sbin/service opennebula-hem stop, /usr/sbin/arping, /sbin/ip
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /bin/systemctl start opennebula-hem, /bin/systemctl stop opennebula-hem, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/service opennebula-hem start, /usr/sbin/service opennebula-hem stop, /usr/bin/arping, /sbin/ip
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
Cmnd_Alias ONE_LXD = /snap/bin/lxc, /usr/bin/catfstab, /bin/mount, /bin/umount, /bin/mkdir, /bin/lsblk, /sbin/losetup, /sbin/kpartx, /usr/bin/qemu-nbd, /sbin/blkid, /sbin/e2fsck, /sbin/resize2fs, /usr/sbin/xfs_growfs, /usr/bin/rbd-nbd, /usr/sbin/xfs_admin, /sbin/tune2fs
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh

View File

@ -90,7 +90,7 @@ function clean {
# Unmount mnt directory (if necessary)
if grep -qs "$dockerdir/mnt" /proc/mounts; then
sudo umount "$dockerdir/mnt"
sudo -n umount "$dockerdir/mnt"
fi
rm -rf $dockerdir
@ -289,13 +289,13 @@ esac
#-------------------------------------------------------------------------------
# Mount container disk image and untar rootfs contents to it
#-------------------------------------------------------------------------------
sudo mount $img_raw $dockerdir/mnt > /dev/null 2>&1
sudo chmod o+w $dockerdir/mnt
sudo tar xpf $tarball -C $dockerdir/mnt > /dev/null 2>&1
sudo -n mount $img_raw $dockerdir/mnt > /dev/null 2>&1
sudo -n chmod o+w $dockerdir/mnt
sudo -n tar xpf $tarball -C $dockerdir/mnt > /dev/null 2>&1
sync
sudo umount $dockerdir/mnt
sudo -n umount $dockerdir/mnt
if [ "$format" == "qcow2" ]; then
qemu-img convert -f raw -O qcow2 $img_raw $img_qcow > /dev/null 2>&1

View File

@ -307,7 +307,7 @@ esac
#-------------------------------------------------------------------------------
MK_CONTAINER=$LIB_LOCATION/sh/create_container_image.sh
cat << EOF | sudo $MK_CONTAINER $TMP_DIR $id $extension $terminal
cat << EOF | sudo -n $MK_CONTAINER $TMP_DIR $id $extension $terminal
$commands
EOF

View File

@ -5,7 +5,7 @@ cmd='lxc profile list 2>/dev/null'
profiles=$($cmd | grep -v -- -+- | grep -v NAME | grep -v default | awk '{print $2}')
if [ "$?" -ne "0" ]; then
profiles=$(sudo $cmd | grep -v -- -+- | grep -v NAME | grep -v default | awk '{print $2}')
profiles=$(sudo -n $cmd | grep -v -- -+- | grep -v NAME | grep -v default | awk '{print $2}')
fi
tmpfile=$(mktemp /tmp/lxd_probe.XXXXXX)

View File

@ -48,7 +48,7 @@ CP=${CP:-cp}
SCP=${SCP:-scp}
SED=${SED:-sed}
SSH=${SSH:-ssh}
SUDO=${SUDO:-sudo}
SUDO=${SUDO:-sudo -n}
SYNC=${SYNC:-sync}
TAR=${TAR:-tar}
TGTADM=${TGTADM:-tgtadm}
@ -556,7 +556,7 @@ function tgtadm_next_tid {
function tgt_admin_dump_config {
FILE_PATH="$1"
echo "$TGTADMIN --dump |sudo tee $FILE_PATH > /dev/null 2>&1"
echo "$TGTADMIN --dump |sudo -n tee $FILE_PATH > /dev/null 2>&1"
}
###

View File

@ -67,7 +67,7 @@ fi
# If vg-one-$DS_ID exists, we assume it's an fs_lvm image datastore, therefore'
# we return the space of the lvm, no of the filesystem
if PATH=\$PATH:/sbin:/bin:/usr/sbin:/usr/bin which vgdisplay &> /dev/null; then
LVM_SIZE=\$(sudo vgdisplay \
LVM_SIZE=\$(sudo -n vgdisplay \
--separator : \
--units m \
-o vg_size,vg_free \

View File

@ -31,7 +31,7 @@ class MicroVM
# List of commands executed by the driver.
#---------------------------------------------------------------------------
COMMANDS = {
:clean => 'sudo /usr/sbin/one-clean-firecracker-domain',
:clean => 'sudo -n /usr/sbin/one-clean-firecracker-domain',
:map_context => '/var/tmp/one/vmm/firecracker/map_context'
}
@ -46,7 +46,7 @@ class MicroVM
@fc = fc
@one = one
@jailer_command = 'sudo jailer'
@jailer_command = 'sudo -n jailer'
@vnc_command = 'screen -x'
# Location for maping the context
@ -97,7 +97,7 @@ class MicroVM
return false unless rc
# TODO, add option for hard links
Command.execute_rc_log("sudo mount -o bind #{@one.sysds_path}/#{@one.vm_id} #{@rootfs_dir}")
Command.execute_rc_log("sudo -n mount -o bind #{@one.sysds_path}/#{@one.vm_id} #{@rootfs_dir}")
end
def get_pid

View File

@ -70,7 +70,7 @@ class Container
@one = one
@lxc_command = 'lxc'
@lxc_command.prepend 'sudo ' if client.snap
@lxc_command.prepend 'sudo -n ' if client.snap
@rootfs_dir = "#{@client.lxd_path}/storage-pools/default/containers/"\
"#{name}/rootfs"
@ -501,7 +501,7 @@ class Container
def del_bridge_port(nic)
return true unless /ovswitch/ =~ nic['VN_MAD']
cmd = 'sudo ovs-vsctl --if-exists del-port '\
cmd = 'sudo -n ovs-vsctl --if-exists del-port '\
"#{nic['BRIDGE']} #{nic['TARGET']}"
rc, _o, e = Command.execute(cmd, false)

View File

@ -53,24 +53,24 @@ class Mapper
# as root
#---------------------------------------------------------------------------
COMMANDS = {
:lsblk => 'sudo lsblk',
:losetup => 'sudo losetup',
:mount => 'sudo mount',
:umount => 'sudo umount',
:kpartx => 'sudo kpartx',
:nbd => 'sudo -u root -g oneadmin qemu-nbd',
:su_mkdir => 'sudo mkdir -p',
:lsblk => 'sudo -n lsblk',
:losetup => 'sudo -n losetup',
:mount => 'sudo -n mount',
:umount => 'sudo -n umount',
:kpartx => 'sudo -n kpartx',
:nbd => 'sudo -n -u root -g oneadmin qemu-nbd',
:su_mkdir => 'sudo -n mkdir -p',
:mkdir => 'mkdir -p',
:catfstab => 'sudo catfstab',
:catfstab => 'sudo -n catfstab',
:cat => 'cat',
:file => 'file -L -s',
:blkid => 'sudo blkid',
:e2fsck => 'sudo e2fsck',
:resize2fs => 'sudo resize2fs',
:xfs_growfs => 'sudo xfs_growfs',
:rbd => 'sudo rbd-nbd --id',
:xfs_admin => 'sudo xfs_admin',
:tune2fs => 'sudo tune2fs',
:blkid => 'sudo -n blkid',
:e2fsck => 'sudo -n e2fsck',
:resize2fs => 'sudo -n resize2fs',
:xfs_growfs => 'sudo -n xfs_growfs',
:rbd => 'sudo -n rbd-nbd --id',
:xfs_admin => 'sudo -n xfs_admin',
:tune2fs => 'sudo -n tune2fs',
:mkfs => '/sbin/mkfs'
}

View File

@ -22,15 +22,15 @@ module VNMNetwork
# to local installations. Any modification requires to sync the hosts with
# onehost sync command.
COMMANDS = {
:ebtables => "sudo ebtables",
:iptables => "sudo iptables",
:ip6tables=> "sudo ip6tables",
:ip => "sudo ip",
:ebtables => "sudo -n ebtables",
:iptables => "sudo -n iptables",
:ip6tables=> "sudo -n ip6tables",
:ip => "sudo -n ip",
:virsh => "virsh -c qemu:///system",
:ovs_vsctl=> "sudo ovs-vsctl",
:ovs_ofctl=> "sudo ovs-ofctl",
:ovs_vsctl=> "sudo -n ovs-vsctl",
:ovs_ofctl=> "sudo -n ovs-ofctl",
:lsmod => "lsmod",
:ipset => "sudo ipset"
:ipset => "sudo -n ipset"
}
# Represents an Array of commands to be executed by the networking drivers

View File

@ -107,7 +107,7 @@ module VNMMAD
_o, _e, snap = Open3.capture3('snap list lxd;') # avoid cmd not found with;
@lxc_cmd = 'lxc'
@lxc_cmd.prepend('sudo ') if snap.exitstatus.zero?
@lxc_cmd.prepend('sudo -n ') if snap.exitstatus.zero?
end
# Get the VM information with lxc config show