Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Checking server user permissions to use sudo #1442

Open
wants to merge 18 commits into
base: dev
Choose a base branch
from
Open

Checking server user permissions to use sudo #1442

wants to merge 18 commits into from

Conversation

lunardunno
Copy link
Collaborator

@lunardunno lunardunno commented Mar 1, 2025
edited
Loading

Adding support for the wheel group to work with the sudo package.

Checking and redefining the system locale to C if the system locale differs from en_US.UTF-8|C.UTF-8|C, for correct operation of the script with the server controller.

Checking that the sudo package is pre-installed if the user is not the root.

Checking the presence of the user or the required group in the sudoers file.

Checking permission to run the package manager via sudo.

Checking for no password prompt.

Implementation of using the user's home directory name to define the CUR_USER variable when whoami is missing.

Correction of descriptions and translations of errors: ServerUserNotInSudo and ServerPacketManagerError.

Checking the availability of the server user's home directory. Lack of such access leads to the incorrect information that the package manager is busy and Error 206 (ServerPacketManagerError). Or leads to the incorrect information that the server port already allocated (Error 201)

@lunardunno
Username if whoami returns an error
ed83810 
Сommand to use home directory name if whoami returns error or is missing for prepare_host.sh.
@lunardunno
Update check_user_in_sudo.sh
aafb72b 
Сommand to use home directory name if whoami returns error or is missing for check_user_in_sudo.sh.
Checking server user permissions to use sudo using a package manager or using uname.
Сhecking and redefining the system language.
Checking requirements for sudo users or root in script.
@lunardunno
Cases have been changed and added.
8ff09ef 
Changed description of the “Server User Not In Sudo” case.
Corrected the name and description of the "ServerPacketManagerError" case. Packet to Package.
Adding a "SudoPackageIsNotPreinstalled" case.
Adding a "ServerUserNotAllowedInSudoers" case.
Adding a "ServerUserPasswordRequired" case.
@lunardunno
Serves errors have been changed and added.
3a180cb 
Corrected the name of the "ServerPacketManagerError" error to "ServerPackageManagerError".
Adding a "SudoPackageIsNotPreinstalled" error.
Adding a "ServerUserNotAllowedInSudoers" error.
Adding a "ServerUserPasswordRequired" error.
@lunardunno
Return ServerPacketManagerError
5919e2f 
Return to the name "ServerPacketManagerError".
@lunardunno
Added errors handling
90e25e9 
Added new errors' handling to serverController.cpp.
Permission checks are also performed for the root user.
@lunardunno
Update translations
fd06f8a 
Updating translations for two existing server errors.
@lunardunno
Merge branch 'sudo_permissions' of https://github.com/amnezia-vpn/amn…
a97535a 
…ezia-client into sudo_permissions
@lunardunno lunardunno changed the title Check server user permissions to use sudo Checking server user permissions to use sudo Mar 1, 2025
@lunardunno
Myanmar translation update
b401c53
@lunardunno
Update for my_MM.ts
74e40cd
@lunardunno
checking for not allowed
bf2fafb 
Checking for "not allowed" in stdOut
@lunardunno
Removed "not allowed"
8dfa238 
Removed check for "not allowed" in stdOut
@lunardunno
Removed nested launch
0932f50 
Removed nested launch via sudo
@lunardunno
Returned nested launch
e0ad25b 
Returned nested launch via sudo
@lunardunno
All checks with sudo
78c74e6 
Both checks with sudo always run.
@lunardunno
Moved removing timestamp sudo
69e18ed 
Removing the sudo timestamp is done every time.
@lunardunno lunardunno marked this pull request as ready for review March 3, 2025 10:12
@lunardunno
Checking the user directory
fea5a86 
Checking the accessibility of the user's home directory
This was linked to issues Mar 3, 2025
Working only in bash shell only #1201
Open
The installer script may not work if user has sudo privileges given with a different user group other than "sudo" #1133
Open
@lunardunno
Polishing
1570647 
Изменение порядка обработки ошибок.
vanyasem
vanyasem reviewed Mar 3, 2025
View reviewed changes
client/server_scripts/check_user_in_sudo.sh
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't this script have a shebang #!/usr/bin/env bash at the top?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For what purposes?
This script is executed in sh.
Have you tried running it in sh?

Copy link

@vanyasem vanyasem Mar 4, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, a shebang won't help, as the script is executed line-by-line. My mistake

However, it uses the default user's shell instead of directly calling sh:

  1. The script is ran in ServerController::isUserInSudo:

    amnezia-client/client/core/controllers/serverController.cpp

    Line 771 in 1570647

    ErrorCode error = runScript(credentials, replaceVars(scriptData, genVarsForScript(credentials)), cbReadStdOut, cbReadStdErr);

  2. ServerController::runScript sends the command to an ssh client:

    amnezia-client/client/core/controllers/serverController.cpp

    Line 87 in 1570647

    error = m_sshClient.executeCommand(lineToExec, cbReadStdOut, cbReadStdErr);

  3. Finally, Client::executeCommand calls libssh:

    amnezia-client/client/core/sshclient.cpp

    Line 148 in 678bfff

    int result = ssh_channel_request_exec(m_channel, data.toUtf8());

  4. ssh_channel_request_exec Run a shell command without an interactive shell.: https://api.libssh.org/master/group__libssh__channel.html#ga567d509183ade0a77190f390e2b5747d

You might get confused by the phrase This is similar to 'sh -c command'.

This implies the fact that a non-interactive shell is spawned, similar to how sh -c executes commands in a non-interactive shell. It does not mean that the commands are in fact executed in sh. Any shell has a non-interactive mode, and the default shell for the particular user is used to run the command.

There is no guarantee that the user's shell will be POSIX-compliant. For example, having fish or pwsh set as a login shell breaks the execution of the script. See #1201

This could be fixed by prefixing every line with /bin/sh -c or something similar.

At the very least, there could be a check that verifies that a supported (POSIX-compliant) shell is being used by the specified ssh user.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I actually made a small example to prove that your assumption that the code is ran in /bin/sh is wrong: https://gist.github.com/vanyasem/4c931f186c48da7b98b0f5518f1c6c64

ssh_example establishes an SSH connection via a private key, and then executes ssh_channel_request_exec(channel, "echo $0"). The output of the command is printed to console. echo $0 returns the name of the currently running program, which in this case would be the name of the shell.

As you can see, changing the user's shell by calling chsh results in $SHELL being changed. If the commands were executed in sh, the value would always be sh

Screenshot 2025-03-04 at 12 04 52

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vanyasem vanyasem vanyasem left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@lunardunno @vanyasem