@mh-cbon/yasudo
v1.0.10
Published
yet another sudo command helper
Downloads
82
Readme
yasudo - yet another sudo helper for node
An helper to run an sudo
command with node.
Install
npm i @mh-cbon/yasudo --save
Usage
// same as sudo sh -c 'ls -al'
// it will ask for your password
var child = require('@mh-cbon/yasudo')('ls', ['-al']);
child.stdout.pipe(process.stdout);
child.stderr.pipe(process.stderr);
// in depth options
require('@mh-cbon/yasudo')('ls', ['-al'], {
password: 'your sudo password, to automatically answer the challenge',
sudo: {
// to configure behavior of sudo, see man sudo
k: true, // When used without a command, invalidates the user's cached credentials.
E: true, // Indicates to the security policy that the user wishes to preserve their existing envi‐
// -ronment variables.
i: true, // Run the shell specified by the target user's password database entry as a login shell.
// This means that login-specific resource files such as .profile or .login
K: true, // Similar to the -k option, except that it removes the user's cached credentials entirely
// and may not be used in conjunction with a command or other option.
P: true, // Preserve the invoking user's group vector unaltered.
C: 4, // Close all file descriptors greater than or equal to num before executing a command.
g: "the group", // Run the command with the primary group set to group
u: "the user", // Run the command as a user other than the default target user (usually root).
r: "the role", // Run the command with an SELinux security context that includes the specified role.
t: "the type", // Run the command with an SELinux security context that includes the specified type.
}
})
// if one defines an ENV variable with its password,
// then it is possible to run commands automatically
var child = require('@mh-cbon/yasudo', {password: process.env['pwd']})('ls', ['-al']);
child.stdout.pipe(process.stdout);
child.stderr.pipe(process.stderr);
// last note, it exposes new events : success / faiure
require('@mh-cbon/yasudo')('ls', ['-al'])
.on('success', function () {
console.log('good to go !')
})
.on('failure', function () {
console.log('nop the challenge failed too many times')
})
.on('challenged', function (succeed) {
console.log('Challenge is now complete. succeeded ? %s', succeed)
})
Internals
It works by echoing a token
on stdout
and later detects it to determine that sudo
succeeded.
for sure,
- it does not rely on the output content of
sudo
to detect success/failure - it does not clutter your output with my token
- it respects
stdio
settings such asinherit
andignore
- it works seamlessly, even for
stdin
, see this example
Todo
- support
ipc
stdio
setting
Tests
To run the tests you shall use a command like this :
pwd=<your sudo password> mocha tests/
Read more
- http://stackoverflow.com/questions/1507816/with-bash-how-can-i-pipe-standard-error-into-another-process
- https://github.com/calmh/node-sudo