visudo with Emacs

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

visudo with Emacs

From:	MON KEY
Subject:	visudo with Emacs
Date:	Sat, 18 Jun 2011 17:48:27 -0400

Using visudo with $EDITOR set to emacs when saving /etc/sudoers
I'm left with /etc/sudoers.tmp~ in /etc with permissions as rw, i.e:

root> ls -ldZ /etc/sudoers
 -r--r-----. root root unconfined_u:object_r:etc_t:s0 /etc/sudoers

root> ls -ldZ /etc/sudoers.tmp~
 -rw-------. root root unconfined_u:object_r:etc_t:s0 /etc/sudoers.tmp~

When $EDITOR is not set visudo falls back to using the nonsensical
editor (i.e. /bin/vi). However, unlike Emacs, that editor does not
leave behind an /etc/sudoers.tmp~

AFAICT the stray /etc/sudoers.tmp~ is not in keeping with the
spirit of visudo. Emacs should operate equivalently with vi.

I'm able to remedy this by modifying /root/.bashrc and /root/.emacs to
contain the following:

,---- in /root/.emacs
| (when (member "_=/usr/sbin/visudo" process-environment)
|       (add-hook 'find-file-hook 'visudo-sudoers-p))
|
| (defun visudo-sudoers-p ()
|   (setq backup-enable-predicate 'visudo-no-tmp~)
|   (add-hook 'after-save-hook  'kill-sudoers.tmp~)))
|
|  (defun kill-sudoers.tmp~ ()
|    (when (file-exists-p "/etc/sudoers.tmp~")
|      (delete-file "/etc/sudoers.tmp~")))
|
| (defun visudo-no-tmp~  (maybe-sudoers.tmp)
|   (if (string= maybe-sudoers.tmp "/etc/sudoers.tmp")
|       (with-current-buffer (get-buffer-create "sudoers.tmp")
|         (setq backup-inhibited t)
|         (auto-save-mode -1)
|         nil)
|     t))
`----

,---- /root/.bashrc
| export EMACS="emacs --no-window-system --no-site-file --no-init-file
|               -u root -fg white -bg red"
| export EDITOR="$EMACS"
| export VISUAL="$EMACS"
`----

The above exports are bash centric and should really prob. run with an
Emacs built specifically without X support, instead we just pass the
--no-window-system and assume invocation from something resembling a
terminal.

The fg/bg params are mostly so we _know_ we're in a root'd Emacs.
The --no-init-file is to prevent picking up the init file from the
environment of an su'd user.

I would think something like the elisp above should be included with
Emacs if only to save users the agony of having to use vi :P

I've tested the above configurations from a tty and a gdm'd X session
with an Emacs built from distribution sources and the following build
specs:

GNU Emacs 23.3.1 (i686-pc-linux-gnu, GTK+ Version 2.24.4) of 2011-06-15

Windowing system distributor `Fedora Project', version 11.0.11001000
configured using `configure ''--without-xft' '--with-x-toolkit=gtk'
'--with-dbus' '--with-gif' '--with-jpeg' '--with-png' '--with-rsvg'
'--with-tiff' '--with-xpm' '--without-sound''

Important settings:
  value of $LC_ALL: nil
  value of $LC_COLLATE: nil
  value of $LC_CTYPE: nil
  value of $LC_MESSAGES: nil
  value of $LC_MONETARY: nil
  value of $LC_NUMERIC: nil
  value of $LC_TIME: nil
  value of $LANG: en_US.UTF-8
  value of $XMODIFIERS: @im=none
  locale-coding-system: utf-8-unix
  default enable-multibyte-characters: t

--
/s_P\

[Prev in Thread]

Current Thread

[Next in Thread]

visudo with Emacs, MON KEY <=
- Re: visudo with Emacs, Eli Zaretskii, 2011/06/18
  - Re: visudo with Emacs, MON KEY, 2011/06/19
    - Re: visudo with Emacs, Sven Joachim, 2011/06/19
    - Re: visudo with Emacs, MON KEY, 2011/06/20
    - Re: visudo with Emacs, Sven Joachim, 2011/06/20

Prev by Date: Re: minibuffer-completion-help, metadata and determining completions sort order
Next by Date: Re: Changes in revno 100600 on the emacs-23 branch
Previous by thread: minibuffer-completion-help, metadata and determining completions sort order
Next by thread: Re: visudo with Emacs
Index(es):
- Date
- Thread