[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Finding simpler better sudo for Emacs
From: |
Jean Louis |
Subject: |
Re: Finding simpler better sudo for Emacs |
Date: |
Wed, 31 Mar 2021 09:27:53 +0300 |
User-agent: |
Mutt/2.0.6 (2021-03-06) |
* Utkarsh Singh <utkarsh190601@gmail.com> [2021-03-31 08:48]:
> > You see in this case with redirection of output, it is not so easy to
> > provide a command with call-process.
> >
> Hmm I see the problem with redirection. Do you know any other standard
> Emacs way to work with redirection? Maybe temp buffer?
There are redirection functions in Emacs. I just do not know now why
should I do it with "sudo" and I would not know how to do it. I have
no clue where to start.
I use this function to give some input as string and receive output:
(defun rcd-command-output-from-input (program input &rest args)
"Returns output from PROGRAM INPUT with optional ARGS"
(let* ((output (with-temp-buffer
(insert input)
(apply #'call-process-region nil nil program t t nil args)
(buffer-string))))
output))
Which then enables me for example to get HTML from markdown:
(defun rcd-markdown (text)
"Markdown processing"
(rcd-command-output-from-input "markdown" text))
And I use the fastest Markdown there is, the Discount Markdown which
also includes the command mkd2html, that can quickly create simple
HTML pages:
(defun rcd-mkd2html (text &optional title author date)
"Full page Markdown processing"
(let* ((title (if title
(format "%% %s\n" title)
"% NO TITLE\n"))
(author (if author
(format "%% %s\n" author)
"% NO AUTHOR\n"))
(date (if date
(format "%% %s\n" date)
"% NO DATE"))
(header (concat title author date))
(css-line "<style> body { max-width: 70ch; line-height: 1.5; padding:
2ch; margin: auto; font-family: \"Helvetica\", \"Arial\", sans-serif; }
h1,h2,h3,h4,h5,h6 { line-height: 1.2; } pre { width: 100%; margin: 2ch;
padding: 1ch; background: #f5deb3; border: 2px solid #777; } pre code {
tab-width: 4; color #333; } </style>")
(viewport-line "<meta name=\"viewport\" content=\"width=device-width,
initial-scale=1\">")
(text (concat header "\n" text)))
(rcd-command-output-from-input "mkd2html" text "-header" viewport-line
"-header" css-line)))
You see, sudo command helps me run some commands without password if I
set sudoers file properly. But then again, to invoke redirection with
sudo it requires more fiddling, so I am spawning command "su" with
"sudo".
Then "su" is calling shell anyway -- so it is not really process
calling as Stefan pointed out, it defeats itself right there, if I
wish to freely supply command to "sudo", so the default shell is
spawned with different user privileges in the shell.
Now I have improved it that I can use it with different username.
(defun sudo (command &optional username)
"Execute COMMAND with system command `sudo'.
Optional argument USERNAME executes system command `sudo' with
that USERNAME privileges.
As this command uses system command `su', it will invoke the
default shall of the USERNAME."
(let ((not-remote (not (file-remote-p default-directory)))
(sudo-buffer (get-buffer-create "*sudo*"))
(current-buffer (current-buffer)))
(switch-to-buffer sudo-buffer)
(erase-buffer)
(switch-to-buffer current-buffer)
(if not-remote
(let* ((username (or username "root"))
(sudo `(call-process "sudo" nil ,sudo-buffer t "su" "-c" "--"
,username "-c" ,command))
(status (eval sudo))
(status (if (= 0 status) "Success" status))
(current-buffer (current-buffer))
(output (progn
(switch-to-buffer sudo-buffer)
(buffer-string))))
(switch-to-buffer current-buffer)
(message "%s%s\nStatus: %s" output (prin1-to-string sudo) status))
(message "This `sudo' does not work on remote directory: %s"
default-directory))))
That opens possibility to quickly launch browser from different user
space, similar to how it is recommended on:
How to Run a More Secure Browser
https://www.dragonflybsd.org/docs/handbook/RunSecureBrowser/
In this case I use "iceweasel" browser, one could use something else.
(defun browse-safe-url (url)
"Browse URL with b"
(let ((username "louis")) ;; different username than my own
;; Insecurity settings for personal DISPLAY only
(shell-command "xhost +")
;; Browse URL with different username
(sudo (format "iceweasel \"%s\"" url) username)))
--
Jean
Take action in Free Software Foundation campaigns:
https://www.fsf.org/campaigns
- Re: Finding simpler better sudo for Emacs, (continued)
- Re: Finding simpler better sudo for Emacs, Jean Louis, 2021/03/30
- Re: Finding simpler better sudo for Emacs, Michael Albinus, 2021/03/30
- Re: Finding simpler better sudo for Emacs, Jean Louis, 2021/03/30
- Re: Finding simpler better sudo for Emacs, Michael Albinus, 2021/03/30
- Re: Finding simpler better sudo for Emacs, Jean Louis, 2021/03/30
Re: Control of fan-speed on Lenovo Thinkpads, Stefan Monnier, 2021/03/30
Re: Control of fan-speed on Lenovo Thinkpads, Utkarsh Singh, 2021/03/31
- Re: Finding simpler better sudo for Emacs,
Jean Louis <=