Code review comment for ~litios/ubuntu-security-tools:build-sources-list/use-auth-conf
Revision history for this message
| Steve Beattie (sbeattie) wrote | # |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
On Wed, Oct 18, 2023 at 12:00:43PM -0000, Spyros Seimenis wrote:
> 3) Remove sudo from build-sources-
One challenge here is that the auth credentials are queried
from launchpad through an authenticated connection via
launchpadlib. Depending on what the user has done before this and/or
how sudo is invoked, it could end up with either a cached credential
in the /root/ homedir *or* root owned files in the user's directory.
I did not like embedding sudo in the original script, but trying to
navigate things that need to happen as the user and things that need
to happen as root was tricky, which is the current compromise is the
way it is.
One comment I'd also make is that when I thought about doing this,
my intent was to create an auth.conf.d file per ppa.
As to blatting over the existing one, I'm not sure the ppa
subscription credentials ever change -- maybe if you unsubscribe and
then resubscribe to the ppa -- but if they did, I'd want to think
carefully about what situations the existing file should or should
not get overwritten.
+1 on adding the esm-*-updates ppas by default.
--
Steve Beattie
<email address hidden>