On 2014-11-26 08:58, Tim Daneliuk wrote: > On 11/26/2014 06:56 AM, Tim Chase wrote: > > On 2014-11-26 00:04, Tim Daneliuk wrote: > >> someprog.py uname && sudo cat /etc/sudoers > >> > >> vs. > >> > >> someprog.py uname && echo "sudo cat /etc/suoders" > >> > >> > >> In the first instance, I need the sudo passoword, in the second I > >> don't. > > > > This doesn't jibe with the pairs of quotes you sent and your > > request for nesting. In most popular shells, the majority of > > your "quote" characters don't actually quote anything: > > > > bash$ echo // hello > > // hello > > bash$ echo /* hello */ > > [returns all the items in my root directory, the word "hello", > > along with all the sub-directories in the current directory] > > bash$ echo this#and#that > > this#and#that > > bash$ echo this # and #that > > this > > > > and has problems with things like > > > > someprog.py uname && su""do cat /etc/sudoers > > someprog.py uname && s"ud"o cat /etc/sudoers > > > > which my shell will parse valid execution of sudo. > > I am not writing in bash, but in python. > > The specific program in question I am modifying is one that takes a > shell command and executes it remotely on many machines.
While my examples used bash, it doesn't matter whether your local code is Python, Perl, Ruby, Lua, or Visual Basic: you have to parse the string like it's the shell on those remote machines that parses for whether sudo is used. This could be bash, zsh, tcsh, sh, pdksh, dash, or whatever. The particular shell doesn't matter (in the abstract). What matters is that you are checking whether a command that will be processed by one of these remote shells will need a password. To do that, you need to parse the string as that particular shell would. Usually, on Linux boxes, this is bash, while on FreeBSD defaults to tcsh, and OpenBSD defaults to pdksh. Unless you successfully parse it like your target shell will, you will have edge cases where the quoting fails. -tkc -- https://mail.python.org/mailman/listinfo/python-list
