sudo: Reduce indentation
This commit is contained in:
+38
-40
@@ -53,53 +53,51 @@ pub fn main() {
|
||||
|
||||
let user = users.get_by_id(uid).unwrap_or_exit(1);
|
||||
|
||||
if uid != 0 {
|
||||
let sudo_group = groups.get_by_name("sudo").unwrap_or_exit(1);
|
||||
if uid == 0 {
|
||||
run_command_as_root(&cmd, &args.collect::<Vec<String>>());
|
||||
exit(0);
|
||||
}
|
||||
|
||||
if sudo_group.users.iter().any(|name| name == &user.user) {
|
||||
//If the user's password is not empty...
|
||||
if !user.is_passwd_blank() {
|
||||
let mut attempts = 0;
|
||||
let sudo_group = groups.get_by_name("sudo").unwrap_or_exit(1);
|
||||
if !sudo_group.users.iter().any(|name| name == &user.user) {
|
||||
eprintln!("sudo: '{}' not in sudo group", user.user);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
loop {
|
||||
print!("[sudo] password for {}: ", user.user);
|
||||
let _ = stdout.flush();
|
||||
if user.is_passwd_blank() {
|
||||
// FIXME: We should not be doing this as provides access to any
|
||||
// user w/o auth to run stuff as root. We should be doing something like:
|
||||
// eprintln!("sudo: '{}' is in sudo group but does not have a password set", user.user);
|
||||
// exit(1);
|
||||
run_command_as_root(&cmd, &args.collect::<Vec<String>>());
|
||||
exit(0);
|
||||
}
|
||||
|
||||
match stdin.read_passwd(&mut stdout).unwrap() {
|
||||
Some(password) => {
|
||||
write!(stdout, "\n").unwrap();
|
||||
let _ = stdout.flush();
|
||||
let mut attempts = 0;
|
||||
|
||||
if user.verify_passwd(&password) {
|
||||
break;
|
||||
} else {
|
||||
attempts += 1;
|
||||
eprintln!(
|
||||
"sudo: incorrect password ({}/{})",
|
||||
attempts, MAX_ATTEMPTS
|
||||
);
|
||||
if attempts >= MAX_ATTEMPTS {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
None => {
|
||||
write!(stdout, "\n").unwrap();
|
||||
exit(1);
|
||||
}
|
||||
loop {
|
||||
print!("[sudo] password for {}: ", user.user);
|
||||
let _ = stdout.flush();
|
||||
|
||||
match stdin.read_passwd(&mut stdout).unwrap() {
|
||||
Some(password) => {
|
||||
write!(stdout, "\n").unwrap();
|
||||
let _ = stdout.flush();
|
||||
|
||||
if user.verify_passwd(&password) {
|
||||
break;
|
||||
} else {
|
||||
attempts += 1;
|
||||
eprintln!("sudo: incorrect password ({}/{})", attempts, MAX_ATTEMPTS);
|
||||
if attempts >= MAX_ATTEMPTS {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// FIXME: We should not be doing this as provides access to any
|
||||
// user w/o auth to run stuff as root. We should be doing something like:
|
||||
// eprintln!("sudo: '{}' is in sudo group but does not have a password set", user.user);
|
||||
// exit(1);
|
||||
run_command_as_root(&cmd, &args.collect::<Vec<String>>());
|
||||
exit(0);
|
||||
}
|
||||
} else {
|
||||
eprintln!("sudo: '{}' not in sudo group", user.user);
|
||||
exit(1);
|
||||
None => {
|
||||
write!(stdout, "\n").unwrap();
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user