sudo: Reduce indentation

This commit is contained in:
bjorn3
2025-03-11 21:31:43 +01:00
parent 88ccab8844
commit 4ccec7baae
+38 -40
View File
@@ -53,53 +53,51 @@ pub fn main() {
let user = users.get_by_id(uid).unwrap_or_exit(1);
if uid != 0 {
let sudo_group = groups.get_by_name("sudo").unwrap_or_exit(1);
if uid == 0 {
run_command_as_root(&cmd, &args.collect::<Vec<String>>());
exit(0);
}
if sudo_group.users.iter().any(|name| name == &user.user) {
//If the user's password is not empty...
if !user.is_passwd_blank() {
let mut attempts = 0;
let sudo_group = groups.get_by_name("sudo").unwrap_or_exit(1);
if !sudo_group.users.iter().any(|name| name == &user.user) {
eprintln!("sudo: '{}' not in sudo group", user.user);
exit(1);
}
loop {
print!("[sudo] password for {}: ", user.user);
let _ = stdout.flush();
if user.is_passwd_blank() {
// FIXME: We should not be doing this as provides access to any
// user w/o auth to run stuff as root. We should be doing something like:
// eprintln!("sudo: '{}' is in sudo group but does not have a password set", user.user);
// exit(1);
run_command_as_root(&cmd, &args.collect::<Vec<String>>());
exit(0);
}
match stdin.read_passwd(&mut stdout).unwrap() {
Some(password) => {
write!(stdout, "\n").unwrap();
let _ = stdout.flush();
let mut attempts = 0;
if user.verify_passwd(&password) {
break;
} else {
attempts += 1;
eprintln!(
"sudo: incorrect password ({}/{})",
attempts, MAX_ATTEMPTS
);
if attempts >= MAX_ATTEMPTS {
exit(1);
}
}
}
None => {
write!(stdout, "\n").unwrap();
exit(1);
}
loop {
print!("[sudo] password for {}: ", user.user);
let _ = stdout.flush();
match stdin.read_passwd(&mut stdout).unwrap() {
Some(password) => {
write!(stdout, "\n").unwrap();
let _ = stdout.flush();
if user.verify_passwd(&password) {
break;
} else {
attempts += 1;
eprintln!("sudo: incorrect password ({}/{})", attempts, MAX_ATTEMPTS);
if attempts >= MAX_ATTEMPTS {
exit(1);
}
}
} else {
// FIXME: We should not be doing this as provides access to any
// user w/o auth to run stuff as root. We should be doing something like:
// eprintln!("sudo: '{}' is in sudo group but does not have a password set", user.user);
// exit(1);
run_command_as_root(&cmd, &args.collect::<Vec<String>>());
exit(0);
}
} else {
eprintln!("sudo: '{}' not in sudo group", user.user);
exit(1);
None => {
write!(stdout, "\n").unwrap();
exit(1);
}
}
}