Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm
Precedence: bulk
X-No-Archive: yes
List-Id: Zsh Workers List <zsh-workers.zsh.org>
List-Post: <mailto:zsh-workers@zsh.org>
List-Help: <mailto:zsh-workers-help@zsh.org>
X-Qmail-Scanner-Diagnostics: from out5-smtp.messagingengine.com by f.primenet.com.au (envelope-from <d.s@daniel.shahaf.name>, uid 7791) with qmail-scanner-2.11 
 (clamdscan: 0.99.2/21882. spamassassin: 3.4.1.  
 Clear:RC:0(66.111.4.29):SA:0(0.0/5.0):. 
 Processed in 0.173533 secs); 22 Jul 2016 07:19:41 -0000
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on f.primenet.com.au
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=T_DKIM_INVALID
	autolearn=unavailable autolearn_force=no version=3.4.1
X-Envelope-From: d.s@daniel.shahaf.name
X-Qmail-Scanner-Mime-Attachments: |
X-Qmail-Scanner-Zip-Files: |
Received-SPF: none (ns1.primenet.com.au: domain at daniel.shahaf.name does not designate permitted sender hosts)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	daniel.shahaf.name; h=cc:content-transfer-encoding:content-type
	:date:from:in-reply-to:message-id:mime-version:references
	:subject:to:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=+HO/jOOYL8AzxQLE
	GfDbGFLeR8g=; b=VMbjima5Irx9Sysk9k3Jfz0snOL481Ekx3xkPN3TjGKvdt6O
	HBR+wjrrxBBH4UBFaXq5Ub3knykgj8qON6FEyxUQM5e6LE7lW0PPyWI+oDIaAPcv
	UUh0AigCwqFrwe3PFfsS4g4w2p6JHvo31kT7uWX0ackZ/hAgZMjrKgWtjLU=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:date:from:in-reply-to:message-id:mime-version:references
	:subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=+HO/jOOYL8AzxQL
	EGfDbGFLeR8g=; b=CA9Ix8oYC/6cf32ah0mjXk0xkPjlioAI0ePlhXnVzMFtE18
	C+8jcd7y6/mcvoSEimKUV23ZQHUQTA55zymbt9uN5ZIx3SxIh+oCH/UXFgMy9H84
	S/jvzs69mn9GXXAmTRePtZpvWgUkZkfY8i1PjsT4zLvDs5tDO1f8Jst9ALws=
X-Sasl-enc: cAH7OEKz02k3LEV9s+v5CArqPmAIMAuVzktYOI/Hrxvs 1469171971
Date: Fri, 22 Jul 2016 07:19:27 +0000
From: Daniel Shahaf <d.s@daniel.shahaf.name>
To: Oliver Kiddle <okiddle@yahoo.co.uk>
Cc: Marko Myllynen <myllynen@redhat.com>, zsh-workers@zsh.org
Subject: Re: [PATCH] _virsh (Was: Re: zsh virsh completion)
Message-ID: <20160722071927.GG2521@tarsus.local2>
References: <8eb6dce0-50d7-5ab2-503a-194c1de2e45d@redhat.com>
 <20160713045957.GA3893@tarsus.local2>
 <9968da53-c1fd-fa2a-f30c-c74f884d2478@redhat.com>
 <20160720065832.GA28939@tarsus.local2>
 <699166a0-b0f0-452c-2561-b7e3cc952062@redhat.com>
 <25001.1469117569@hydra.kiddle.eu>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <25001.1469117569@hydra.kiddle.eu>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Seq: zsh-workers 38912

Oliver Kiddle wrote on Thu, Jul 21, 2016 at 18:12:49 +0200:
> Marko Myllynen wrote:
> > +      _values servers ${=${(S)${${(f)$(sudo virt-admin srv-list)}##*--- }//[0-9]* }} && return 0
> 
> > +      _values servers ${=${${(f):-"$(sudo virt-admin srv-clients-list --server $srv)"}/ [a-z]*}//[^0-9]} && return 0
> 
> I have pushed the change but I've just noticed these two lines. I'm not
> sure it is a good idea to be running sudo within completion functions.
> That can trigger logging and is often denied when you're already root.
> And there may be alternatives like doas.
> 
> There's also another instance of this in Mandriva/Command/_rebootin.
> 
> Anyone, have any thoughts on how this should be handled? I'm inclined
> to think that users should have to specifically set a gain-root
> style to enable this. Or perhaps it could only trigger if you
> complete after sudo virt-admin.

In principle, I fully agree with you, with two differences:

First, in addition to 'zstyle -t … gain-root' and
'(( $+funcstack[(r)_sudo] ))' as the conditions for invoking sudo,
I think a third alternative is to use _call_program and let the user set
the 'command' style to '-sudo'.

Secondly, you don't touch on what we would do when the 'gain-root' style
is unset.  Given Marko's later email that virt-admin is not usable by
non-root users, perhaps we should do this:
.
    if (( EUID == 0 )); then
      # call 'virt-admin'
    elif The 'gain-root' or 'command' style is set; then
      # call virt-admin with sudo (or whatever the style prescribes)
    else
      _message "zsh: _libvirt: can't list completions because the 'gain-root' style is unset"
      return 1
    fi
.
?

The error message can also include the 'zstyle' incantation that sets
the style appropriately, to make it easier for the user.

Also, we should sanitize that $srv parameter before passing it to
a command run as root.  I'm not sure how virt-admin's command-line
parser works: is there any possibility for $srv to be tokenised as
anything other than the argument of the --server option?

Cheers,

Daniel

> Oliver