diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-03-22 19:26:25 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-03-22 19:33:28 -0700 |
commit | e58070529de3074f6fe6abf5285396aa0adb8cf0 (patch) | |
tree | ebd3039fb714812f2345365984a230536aea65ef /src/connection/sudo.lisp | |
parent | ab7ae4da85c41ce4e75e5cb2498a426a5597a349 (diff) | |
download | consfigurator-e58070529de3074f6fe6abf5285396aa0adb8cf0.tar.gz |
move comments on :SUDO to the manual & drop a TODO
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
Diffstat (limited to 'src/connection/sudo.lisp')
-rw-r--r-- | src/connection/sudo.lisp | 20 |
1 files changed, 0 insertions, 20 deletions
diff --git a/src/connection/sudo.lisp b/src/connection/sudo.lisp index c0e8f02..df2b1c3 100644 --- a/src/connection/sudo.lisp +++ b/src/connection/sudo.lisp @@ -25,26 +25,6 @@ ;; data to obtain passwords by following the conventions for having ;; prerequisite data sources provide them. -;; Passing :as implies using a password, not passing it means assume NOPASSWD. -;; We only support querying prerequisite data sources for passwords. - -;; Be aware that if any connection types which start up remote Lisp images -;; occur before a :sudo entry in your connection chain, ESTABLISH-CONNECTION -;; will need to inform the newly-started remote Lisp image of any sudo -;; passwords needed for establishing the remaining hops. Depending on how the -;; connection type feeds instructions to the remote Lisp image, this may -;; involve writing your sudo password to a file under ~/.cache on the machine -;; which runs the remote Lisp image. At least :sbcl avoids this by sending -;; your password in on stdin. - -;; TODO Let's require the user pass :PASSWD or :NOPASSWD to indicate whether -;; we'll query prerequisite data sources and always try to send a password on -;; stdin, or never try to send one (and default to :NOPASSWD). Will still -;; require an :AS parameter, which is redundant in a sense, but this way -;; avoids it being implicit that we're always going to be sending a password -;; on stdin, which latter has security implications (e.g. if a password is not -;; actually required then the password is going into random processes). - (defmethod preprocess-connection-args ((type (eql :sudo)) &key as (to "root")) (list :sudo :user to |