nu774 / sudo-for-cygwin Goto Github PK

View Code? Open in Web Editor NEW

72.0 16.0 17.0 13 KB

poor sudo clone for cygwin

Home Page: http://sites.google.com/site/qaacpage/

Python 100.00%

sudo-for-cygwin's Introduction

sudo for cygwin

What is this?

Emulates Unix sudo in cygwin.

You can use this like:

$ sudo vim /etc/hosts
$ sudo cp foo.txt /cygdrive/c/Program Files/
$ suco cygstart cmd # open elevated standard command prompt
$ sudo cygstart regedit
$ sudo # just invoke elevated shell

This might be handy if you are running cygwin on Vista or Windows 7 with UAC. By this program, you can run processes as an administator, from normal, non-elevated cygwin shell.

Caution

UAC Elevation is usually done through UI prompt for good reasons. By this program, you can run elevated process without UI prompt that does not go along well with Cygwin shell environment. However, it also means that you are weakening the system in terms of security.

How it works

This is in fact a client/server application.

It looks as if the child process is running in the current terminal. However, in fact, it's invoked by the server, and running remotely (though "remote" is in the same PC).

You must launch a python script named sudoserver.py beforehand, in desired privileges. If you want function like "Run as administrator", just run sudoserver as administrator. For this purpose, Windows built-in Task Scheduler is handy.

sudoserver.py opens a listening port 127.0.0.1:7070 (by defaults), then sits and wait for connections from sudo.

sudo, when invoked, connects to the sudoserver. Then it sends it's command line arguments, environment variables, current working directory, and terminal window size, to the sudoserver.

When sudoserver accepts connection from sudo, sudoserver forks a child process with pty, set up environments, current working directory or something, then execute the process.

The child process is spawned by the sudoserver, therefore it runs in the privileges same as the server.

And, as the child process runs in a pty, it acts as if running in ordinary terminals. Therefore you can run cygwin's interactive console-based program like vim or less.

After execution, sudo and sudoserver bridges user's tty and the process I/O.

Requirement

Both sudo and sudoserver.py is written in python, therefore you need to install Python.

Also, you need Python module named greenlet, and eventlet. These are not packaged in cygwin, therefore you must manually install them.

How to setup

Install python with cygwin installer.
Download greenlet. It can be downloaded from http://pypi.python.org/pypi/greenlet/
Download eventlet. It can be downloaded from http://pypi.python.org/pypi/eventlet/
If you don't have setuptools installed, you also need it. https://pypi.python.org/pypi/setuptools
Install greenlet package. Extract the archive, and cd to the directory. then you type in the cygwin shell:
```
$ python setup.py install
```
Install eventlet package. Extract the archive, and do the same with the above instruction for greenlet. If this doesn't work, probably you need setuptools. Download setuptools and install it. setuptools can be installed in same way as greenlet.
You can place sudo and sudoserver.py where you like. You will want to execute sudo via command line, therefore /usr/local/bin or somewhere in the PATH will be good.
If you want to use the TCP portnumber other than 7070 (default value), you have to edit the both script manually. It is written like:
```
PORT = 7070
```
At first, probably you want to test it. From cygwin shell, invoke sudoserver.py like:
```
$ /path/to/sudoserver.py
```
And then, test sudo command like:
```
$ sudo ls -l
```
If it seems to work, you can register sudoserver.py to the Windows task scheduler. I recommend you the following setup.
- Action: "Start a program"
- Triggers: "At log on"
- "Run with highest privileges": checked.
- "Run only when user is logged on": checked.
- "Program/script": C:\cygwin\bin\python.exe
- "Add arguments(optional)": /path/to/sudoserver.py -nw

Notes

With argument "-nw" is specified, sudoserver hides it's console window.

sudoserver sets an aditional environment variable "ELEVATED_SHELL" when spawing child processes. You can use this variable for changing your elevated shell prompt (PS1), to see which environment you are in. For example, you can put the following in your .bashrc:

case $ELEVATED_SHELL in
1) PS1='\[\033[31m\][\u@\h]#\[\033[0m\] ';;   # elevated
*) PS1='\[\033[32m\][\u@\h]$\[\033[0m\] ';;
esac

sudo-for-cygwin's People

Contributors

Stargazers

Watchers

Forkers

kamranzafar vimorenets olegstepura michelangelo13 weinhold yxs4406 rebroad vcgato29 spaceforcellc qhadron turtlepa icasimpan-lab michaelfroelich hexiyou allenk dankaplanses chronomonochrome

sudo-for-cygwin's Issues

..

error in line 40 os.chdir(cwd): OSError: [Errno 2] No such file or directory: '/cygdrive/b/path/to/some folder/2015/02_15'

Hello,
thank you for providing this software! I got an issue by running sudo in a script.
I followed the entry under issues and at the end of the readme to install the server as a task on login. This was successful.

It seems, that sudo will not work with network mapped drives of mount type type netapp !

I mapped \\DATENSERVER\ao to drive B:

In a script with this command, I get an error message, but the path '/cygdrive/b/path/to/some folder/2015/02_15' is valid!

It worked formerly as cygstart --action=runas cmd /c $command | tee -a "$log_cyg", but with the elevation prompt, that I want to prevent.

Here is the part of the script:

command='mklink /D "D:\path\folder" "\DATENSERVER\ao\path\to\some folder\2015\02_15\folder" 2>&1 | wtee -a "\DATENSERVER\ao\path\to\some folder\2015\02_15~log" '

sudo cmd /c $command | tee -a "$log_cyg"

This is the output i get:

File "/home/$USER/bin/sudo-for-cygwin-master/sudoserver.py", line 40, in child os.chdir(cwd) OSError: [Errno 2] No such file or directory: '/cygdrive/b/path/to/some folder/2015/02_15' Closing connection Exception KeyError: KeyError(4293775964L,) in <module 'threading' from '/usr/lib/python2.7/threading.pyc'> ignored

Maybe this helps?
KeyError in module 'threading' after a successful py.test run

[07. Week, Fr, 2015-02-13, 11:43] user@pc168 /cygdrive/b/path/to/some folder/2015/02_15
$ ls -d '/cygdrive/b/path/to/some folder/2015/02_15'
/cygdrive/b/path/to/some folder/2015/02_15

[07. Week, Fr, 2015-02-13, 11:43] user@pc168 /cygdrive/b/path/to/some folder/2015/02_15
$ sudo ls -d '/cygdrive/b/path/to/some folder/2015/02_15'
Traceback (most recent call last):
File "/home/user/bin/sudo-for-cygwin-master/sudoserver.py", line 40, in child
os.chdir(cwd)
OSError: [Errno 2] No such file or directory: '/cygdrive/b/path/to/some folder/2015/02_15'
Closing connection
Exception KeyError: KeyError(4293775964L,) in <module 'threading' from '/usr/lib/python2.7/threading.pyc'> ignored`

Further tests (drive 'G:' is a local drive):

[07. Week, Fr, 2015-02-13, 11:55] user@user168 /cygdrive/b/path/to/some folder/2015/02_15
$ pushd ~
~ /cygdrive/b/path/to/some folder/2015/02_15 ~

[07. Week, Fr, 2015-02-13, 11:56] user@user168 ~
$ sudo ls -d '/cygdrive/g/ao'
/cygdrive/g/ao

[07. Week, Fr, 2015-02-13, 11:56] user@user168 ~
$ mount |grep 'G:'
G: on /cygdrive/g type ntfs (binary,posix=0,user,noumount,auto)

[07. Week, Fr, 2015-02-13, 11:56] user@user168 ~
$ sudo ls -d '/cygdrive/b/path/to/some folder/2015/02_15'
ls: cannot access /cygdrive/b/path/to/some folder/2015/02_15: No such file or directory

[07. Week, Fr, 2015-02-13, 11:56] user@user168 ~
$ ls -d '/cygdrive/b/path/to/some folder/2015/02_15'
/cygdrive/b/path/to/some folder/2015/02_15

$ mount |grep 'B:'
B: on /cygdrive/b type netapp (binary,posix=0,user,noumount,auto)`

sudoers

The installation instructions make no mention of how to give users authority to use sudo, or if it's possible to restrict access to certain commands for certain users. Is this functionality available?

i had this error can you help me.........thanks

netstat -b does not run as elevated.

tgu bin $ ./sudoserver.py -nw &
[1] 11684
tgu bin $
tgu bin $ sudo netstat -b
Accepted connection from ('127.0.0.1', 63778)
The requested operation requires elevation.
FIN received
Closing connection
tgu bin $

BTW, '-nw' switch does not do its job, output from server is still send to terminal (as shown above - test has been done in the same terminal session).

Unable to interrupt with Control C

I have the server running and working.

But if I do:
sudo sleep 10

I cannot interrupt it by pressing Control + C

Automatically starting sudoserver

Hi,

I've been looking into autostarting sudoserver when I log in, without having a terminal window displayed. I have come upon a solution that seems to work. Let me know if you have anything simpler!

Create a Scheduled Event to launch sudoserver:
1. Launch Task Scheduler from the Windows Start menu
2. In the 'Actions' menu at the right, click 'Create Task':
3. Fill in the 'General' tab as below:
  
  Make sure that 'Run with highest priveleges' is selected!
4. On the 'Actions' tab, click 'New' and fill in the dialog box as below:
  
  and click "Ok".
5. The resulting action should look like this
6. Fill in the Triggers tab:
7. Fill in the Conditions tab:
8. Fill in the Settings tab:
9. Click on 'Ok' to save the new event:
10. On the 'Action' panel click on 'Run' to execute the event
Now open a Cygwin window and test it out by typing:

$ sudo touch /etc/hosts

If you get an error message, something is wrong. Otherwise, success!

Debugging tips: Replace 'run.exe' with 'mintty.exe' to open a window showing the output of sudoserver.py.

importing `fcntl` and `termios`

Hi, I'm having issues with steps 8 & 9. When I run $ python sudoserver.py from Cygwin after navigating to its location, I receive the following error message:

Traceback (most recent call last):
File "sudoserver.py", line 4, in
import fcntl
ImportError: No module named fcntl

and similarly for termios if I comment out fcntl.

Is this something I've done wrong? I'm running Windows 7. Thanks!

ImportError: No module named termios fro window 8

c:>python
Python 2.7.14 (v2.7.14:84471935ed, Sep 16 2017, 20:19:30) [MSC v.1500 32 bit (In
tel)] on win32
Type "help", "copyright", "credits" or "license" for more information.

import netmiko
Traceback (most recent call last):
File "", line 1, in
File "c:\Python27\lib\site-packages\netmiko_init_.py", line 8, in
from netmiko.ssh_dispatcher import ConnectHandler
File "c:\Python27\lib\site-packages\netmiko\ssh_dispatcher.py", line 4, in
from netmiko.a10 import A10SSH
File "c:\Python27\lib\site-packages\netmiko\a10_init_.py", line 2, in
from netmiko.a10.a10_ssh import A10SSH
File "c:\Python27\lib\site-packages\netmiko\a10\a10_ssh.py", line 4, in
from netmiko.cisco_base_connection import CiscoSSHConnection
File "c:\Python27\lib\site-packages\netmiko\cisco_base_connection.py", line 3,
in
from netmiko.base_connection import BaseConnection
File "c:\Python27\lib\site-packages\netmiko\base_connection.py", line 24, in <
module>
from netmiko.utilities import write_bytes, check_serial_port, get_structured
_data
File "c:\Python27\lib\site-packages\netmiko\utilities.py", line 9, in

import clitable

File "c:\Python27\lib\site-packages\clitable.py", line 34, in
import texttable
File "c:\Python27\lib\site-packages\texttable.py", line 34, in
import terminal
File "c:\Python27\lib\site-packages\terminal.py", line 34, in
import termios
ImportError: No module named termios

Not in cygwin distro

Any success at getting this approach adopted by Cygwin itself?

Fork with more security

Since nu774 said this project is abandoned and I was unhappy with the complicated setup and lack of security, I created a fork that has (hopefully 🙂 ) proper security and way simpler setup.

It does not need a running background process, but opens a UAC prompt for every execution in exchange.
It does not depend on any packages outside the stdlib, simplifying the setup.

You can find it here: https://github.com/Chronial/cygwin-sudo

@nu774 Your repo did not contain a license, so I hope you are fine with me doing this. If this is not the case, please notify me and I will take my repo down. Otherwise I would like to license my version under GPLv2, if that is ok with you?