topgrade/src/sudo.rs

use std::ffi::OsStr;
use std::path::Path;
use std::path::PathBuf;

use color_eyre::eyre::Context;
use color_eyre::eyre::Result;
use serde::Deserialize;
use strum::AsRefStr;

use crate::command::CommandExt;
use crate::execution_context::ExecutionContext;
use crate::executor::Executor;
use crate::terminal::print_separator;
use crate::utils::which;

#[derive(Clone, Debug)]
pub struct Sudo {
    /// The path to the `sudo` binary.
    path: PathBuf,
    /// The type of program being used as `sudo`.
    kind: SudoKind,
}

impl Sudo {
    /// Get the `sudo` binary or the `gsudo` binary in the case of `gsudo`
    /// masquerading as the `sudo` binary.
    fn determine_sudo_variant(sudo_p: PathBuf) -> (PathBuf, SudoKind) {
        match which("gsudo") {
            Some(gsudo_p) => {
                match std::fs::canonicalize(&gsudo_p).unwrap() == std::fs::canonicalize(&sudo_p).unwrap() {
                    true => (gsudo_p, SudoKind::Gsudo),
                    false => (sudo_p, SudoKind::Sudo),
                }
            }
            None => (sudo_p, SudoKind::Sudo),
        }
    }

    /// Get the `sudo` binary for this platform.
    pub fn detect() -> Option<Self> {
        which("doas")
            .map(|p| (p, SudoKind::Doas))
            .or_else(|| which("sudo").map(Self::determine_sudo_variant))
            .or_else(|| which("gsudo").map(|p| (p, SudoKind::Gsudo)))
            .or_else(|| which("pkexec").map(|p| (p, SudoKind::Pkexec)))
            .or_else(|| which("run0").map(|p| (p, SudoKind::Run0)))
            .or_else(|| which("please").map(|p| (p, SudoKind::Please)))
            .map(|(path, kind)| Self { path, kind })
    }

    /// Create Sudo from SudoKind, if found in the system
    pub fn new(kind: SudoKind) -> Option<Self> {
        which(kind.as_ref()).map(|path| Self { path, kind })
    }

    /// Elevate permissions with `sudo`.
    ///
    /// This helps prevent blocking `sudo` prompts from stopping the run in the middle of a
    /// step.
    ///
    /// See: https://github.com/topgrade-rs/topgrade/issues/205
    pub fn elevate(&self, ctx: &ExecutionContext) -> Result<()> {
        print_separator("Sudo");
        let mut cmd = ctx.execute(&self.path);
        match self.kind {
            SudoKind::Doas => {
                // `doas` doesn't have anything like `sudo -v` to cache credentials,
                // so we just execute a dummy `echo` command so we have something
                // unobtrusive to run.
                // See: https://man.openbsd.org/doas
                cmd.arg("echo");
            }
            SudoKind::Sudo => {
                // From `man sudo` on macOS:
                //   -v, --validate
                //   Update the user's cached credentials, authenticating the user
                //   if necessary.  For the sudoers plugin, this extends the sudo
                //   timeout for another 5 minutes by default, but does not run a
                //   command.  Not all security policies support cached credentials.
                cmd.arg("-v");
            }
            SudoKind::Gsudo => {
                // `gsudo` doesn't have anything like `sudo -v` to cache credentials,
                // so we just execute a dummy `echo` command so we have something
                // unobtrusive to run.
                // See: https://gerardog.github.io/gsudo/docs/usage
                cmd.arg("echo");
            }
            SudoKind::Pkexec => {
                // I don't think this does anything; `pkexec` usually asks for
                // authentication every time, although it can be configured
                // differently.
                //
                // See the note for `doas` above.
                //
                // See: https://linux.die.net/man/1/pkexec
                cmd.arg("echo");
            }
            SudoKind::Run0 => {
                // `run0` uses polkit for authentication
                // and thus has the same issues as `pkexec`.
                //
                // See: https://www.freedesktop.org/software/systemd/man/devel/run0.html
                cmd.arg("echo");
            }
            SudoKind::Please => {
                // From `man please`
                //   -w, --warm
                //   Warm the access token and exit.
                cmd.arg("-w");
            }
        }
        cmd.status_checked().wrap_err("Failed to elevate permissions")
    }

    /// Execute a command with `sudo`.
    pub fn execute_elevated(&self, ctx: &ExecutionContext, command: &Path, interactive: bool) -> Executor {
        let mut cmd = ctx.execute(&self.path);

        if let SudoKind::Sudo = self.kind {
            cmd.arg("--preserve-env=DIFFPROG");
        }

        if interactive {
            cmd.arg("-i");
        }

        cmd.arg(command);

        cmd
    }
}

#[derive(Clone, Copy, Debug, Deserialize, AsRefStr)]
#[serde(rename_all = "lowercase")]
#[strum(serialize_all = "lowercase")]
pub enum SudoKind {
    Doas,
    Sudo,
    Gsudo,
    Pkexec,
    Run0,
    Please,
}

impl AsRef<OsStr> for Sudo {
    fn as_ref(&self) -> &OsStr {
        self.path.as_ref()
    }
}