route sudo -e to pipeline (#1176)

Author: squell

Cargo.toml

@@ -55,6 +55,11 @@ dev = []
 # compilation using "cargo --all-features", which should not be used on sudo-rs
 do-not-use-all-features = []
 
+# whether to enable 'sudoedit' (this will become a default feature, or
+# perhaps we can just remove the feature flag altogether)
+# NOTE: this is currently work in progress and *NOT* implemented
+sudoedit = []
+
 [profile.release]
 strip = "symbols"
 lto = true

src/common/context.rs

@@ -2,7 +2,8 @@ use std::io;
 
 use crate::common::{HARDENED_ENUM_VALUE_0, HARDENED_ENUM_VALUE_1, HARDENED_ENUM_VALUE_2};
 use crate::exec::{RunOptions, Umask};
-use crate::sudo::{SudoListOptions, SudoRunOptions, SudoValidateOptions};
+#[cfg_attr(not(feature = "sudoedit"), allow(unused_imports))]
+use crate::sudo::{SudoEditOptions, SudoListOptions, SudoRunOptions, SudoValidateOptions};
 use crate::sudoers::Sudoers;
 use crate::system::{Group, Hostname, Process, User};
 
@@ -100,6 +101,42 @@ impl Context {
         })
     }
 
+    #[cfg(feature = "sudoedit")]
+    pub fn from_edit_opts(sudo_options: SudoEditOptions) -> Result<Context, Error> {
+        let hostname = Hostname::resolve();
+        let current_user = CurrentUser::resolve()?;
+
+        let (target_user, target_group) =
+            resolve_target_user_and_group(&sudo_options.user, &sudo_options.group, &current_user)?;
+
+        // TODO: the more Rust way of doing things would be to create an alternative for sudoedit instead;
+        // but a stringly typed interface feels the most decent thing to do (if we can pull it off)
+        // since "sudoedit" really is like a builtin command to sudo.
+        let command = CommandAndArguments {
+            command: std::path::PathBuf::from("sudoedit"),
+            arguments: sudo_options.positional_args,
+            ..Default::default()
+        };
+
+        Ok(Context {
+            hostname,
+            command,
+            current_user,
+            target_user,
+            target_group,
+            use_session_records: !sudo_options.reset_timestamp,
+            launch: Default::default(),
+            chdir: sudo_options.chdir,
+            stdin: sudo_options.stdin,
+            bell: sudo_options.bell,
+            prompt: sudo_options.prompt,
+            non_interactive: sudo_options.non_interactive,
+            process: Process::new(),
+            use_pty: true,
+            noexec: false,
+            umask: Umask::Preserve,
+        })
+    }
     pub fn from_validate_opts(sudo_options: SudoValidateOptions) -> Result<Context, Error> {
         let hostname = Hostname::resolve();
         let current_user = CurrentUser::resolve()?;

src/sudo/cli/mod.rs

@@ -9,8 +9,7 @@ pub mod help;
 #[cfg(test)]
 mod tests;
 
-// remove dead_code when sudoedit has been implemented
-#[allow(dead_code)]
+#[cfg_attr(not(feature = "sudoedit"), allow(dead_code))]
 pub enum SudoAction {
     Edit(SudoEditOptions),
     Help(SudoHelpOptions),
@@ -218,7 +217,7 @@ impl TryFrom<SudoOptions> for SudoValidateOptions {
 }
 
 // sudo -e [-ABkNnS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ...
-#[allow(dead_code)]
+#[cfg_attr(not(feature = "sudoedit"), allow(dead_code))]
 pub struct SudoEditOptions {
     // -B
     pub bell: bool,

src/sudo/mod.rs

@@ -15,7 +15,7 @@ use cli::SudoAction;
 use std::path::PathBuf;
 
 mod cli;
-pub(crate) use cli::{SudoListOptions, SudoRunOptions, SudoValidateOptions};
+pub(crate) use cli::{SudoEditOptions, SudoListOptions, SudoRunOptions, SudoValidateOptions};
 
 pub(crate) mod diagnostic;
 mod env;
@@ -108,6 +108,9 @@ fn sudo_process() -> Result<(), Error> {
                 }
             }
             SudoAction::List(options) => pipeline::run_list(options),
+            #[cfg(feature = "sudoedit")]
+            SudoAction::Edit(options) => pipeline::run_edit(options),
+            #[cfg(not(feature = "sudoedit"))]
             SudoAction::Edit(_) => {
                 eprintln_ignore_io_error!("error: `--edit` flag has not yet been implemented");
                 std::process::exit(1);

src/sudo/pipeline.rs

@@ -19,9 +19,13 @@ use crate::system::timestamp::{RecordScope, SessionRecordFile, TouchResult};
 use crate::system::{escape_os_str_lossy, Process};
 
 mod list;
-
 pub(super) use list::run_list;
 
+#[cfg(feature = "sudoedit")]
+mod edit;
+#[cfg(feature = "sudoedit")]
+pub(super) use edit::run_edit;
+
 fn read_sudoers() -> Result<Sudoers, Error> {
     let sudoers_path = &super::candidate_sudoers_file();
 

src/sudo/pipeline/edit.rs

@@ -0,0 +1,46 @@
+use std::process::exit;
+
+use super::super::cli::SudoEditOptions;
+use crate::common::{Context, Error};
+use crate::exec::ExitReason;
+use crate::sudoers::Authorization;
+
+pub fn run_edit(edit_opts: SudoEditOptions) -> Result<(), Error> {
+    let policy = super::read_sudoers()?;
+
+    let mut context = Context::from_edit_opts(edit_opts)?;
+
+    let policy = super::judge(policy, &context)?;
+
+    let Authorization::Allowed(auth, controls) = policy.authorization() else {
+        return Err(Error::Authorization(context.current_user.name.to_string()));
+    };
+
+    super::apply_policy_to_context(&mut context, &controls)?;
+    let mut pam_context = super::auth_and_update_record_file(&context, auth)?;
+
+    let pid = context.process.pid;
+
+    // run command and return corresponding exit code
+    let command_exit_reason = {
+        super::log_command_execution(&context);
+
+        eprintln_ignore_io_error!(
+            "this would launch sudoedit as requested, to edit the files: {:?}",
+            context.command.arguments.as_slice()
+        );
+
+        Ok::<_, std::io::Error>(ExitReason::Code(42))
+    };
+
+    pam_context.close_session();
+
+    match command_exit_reason? {
+        ExitReason::Code(code) => exit(code),
+        ExitReason::Signal(signal) => {
+            crate::system::kill(pid, signal)?;
+        }
+    }
+
+    Ok(())
+}