🦹 add execute_sudo subcommand

This subcommand takes following actions: * executes sudo commands from metadata * removes sudo from your system * locks root account Only run in a vm/container!!!
2025-11-14 19:20:29 +03:00 · 2025-10-27 18:11:37 +01:00 · 2025-10-27 18:11:37 +01:00 · 1c4fe22c5b
commit 1c4fe22c5b
parent f79801d65e
2 changed files with 126 additions and 0 deletions
--- a/fdroidserver/main.py
+++ b/fdroidserver/main.py
@ -68,6 +68,7 @@ COMMANDS_INTERNAL = [
    "build_local_run",
    "destroy",
    "exec",
    "execute_sudo",
    "install_ndk",
    "make_source_tarball",
    "prepare_source",
--- a/fdroidserver/execute_sudo.py
+++ b/fdroidserver/execute_sudo.py
@ -0,0 +1,125 @@
 #!/usr/bin/env python3
 #
 # execute_sudo.py - part of the F-Droid server tools
 # Copyright (C) 2024-2025, Michael Pöhn <michael@poehn.at>
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Affero General Public License for more details.
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 """Read the "sudo:" field from the build metadata then remove sudo.
 This assumes that the source code has not yet been pushed into the VM,
 since the sudo: script should not be able to touch the source code.
 Then after the sudo: script is run, sudo is removed and the root
 account is locked so the build job can no longer run anything as
 sudo/root.
 For more info, see:
 https://f-droid.org/docs/Build_Metadata_Reference/#build_sudo
 """
 import argparse
 import logging
 from fdroidserver import common, metadata
 def sudo_run(appid, vercode, virt_container_type, build):
    if build.sudo:
        try:
            common.inside_exec(
                appid,
                vercode,
                [
                    'DEBIAN_FRONTEND=noninteractive',
                    'bash',
                    '-e',
                    '-u',
                    '-o',
                    'pipefail',
                    '-x',
                    '-c',
                    '; '.join(build.sudo),
                ],
                virt_container_type,
                as_root=True,
            )
        except Exception as e:
            raise Exception(
                f"error running metadata sudo commands in '{appid}:{vercode}' container/VM"
            ) from e
 def sudo_lock_root(appid, vercode, virt_container_type):
    try:
        common.inside_exec(
            appid,
            vercode,
            ['passwd', '--lock', 'root'],
            virt_container_type,
            as_root=True,
        )
        logging.info("locked root user login in build container/VM")
    except Exception as e:
        raise Exception(
            f"Error locking root account in {appid}:{vercode} container/VM"
        ) from e
 def sudo_uninstall(appid, vercode, virt_container_type):
    try:
        common.inside_exec(
            appid,
            vercode,
            ['SUDO_FORCE_REMOVE=yes', 'dpkg', '--purge', 'sudo'],
            virt_container_type,
            as_root=True,
        )
        logging.info("uninstalled sudo in build container/VM")
    except Exception as e:
        raise Exception(f"Error removing sudo in {appid}:{vercode} VM") from e
 def execute_sudo_wrapper(appid, vercode, virt_container_type, build):
    sudo_run(appid, vercode, virt_container_type, build)
    sudo_lock_root(appid, vercode, virt_container_type)
    sudo_uninstall(appid, vercode, virt_container_type)
 def main():
    parser = argparse.ArgumentParser(description=__doc__)
    common.setup_global_opts(parser)
    common.setup_virt_container_type_opts(parser)
    parser.add_argument(
        "APPID:VERCODE",
        help="Application ID with Version Code in the form APPID:VERCODE",
    )
    options = common.parse_args(parser)
    common.set_console_logging(options.verbose)
    appid, vercode = common.split_pkg_arg(options.__dict__['APPID:VERCODE'])
    _ignored, build = metadata.get_single_build(appid, vercode)
    virt_container_type = common.get_virt_container_type(options)
    execute_sudo_wrapper(
        appid,
        vercode,
        virt_container_type,
        build,
    )
 if __name__ == "__main__":
    main()