diff options
| author | Michael Albinus <michael.albinus@gmx.de> | 2018-12-16 15:49:07 +0100 | 
|---|---|---|
| committer | Michael Albinus <michael.albinus@gmx.de> | 2018-12-16 15:49:07 +0100 | 
| commit | e8199e765f81968be840d8e7e3978f5974c1be9d (patch) | |
| tree | 354c9b7af9c126a49e614b716225c49135d702b4 | |
| parent | 4f230e8dd551d711433e2a8095a19c2ce00c9b4c (diff) | |
| download | emacs-e8199e765f81968be840d8e7e3978f5974c1be9d.tar.gz | |
Add Tramp sudoedit method
* doc/misc/tramp.texi (Quick Start Guide): New section "Using sudoedit".
(External methods) <sudoedit>: Describe.
* lisp/net/tramp-adb.el (tramp-adb-file-name-handler-alist):
* lisp/net/tramp-gvfs.el (tramp-gvfs-file-name-handler-alist):
* lisp/net/tramp-rclone.el (tramp-rclone-file-name-handler-alist):
* lisp/net/tramp-sh.el (tramp-sh-file-name-handler-alist)
* lisp/net/tramp-smb.el (tramp-smb-file-name-handler-alist):
Add handler.
* lisp/net/tramp-sh.el (tramp-sh-handle-set-file-uid-gid): Rename from
`tramp-sh-handle-set-file-uid-gid'.  Handle only remote file names.
* lisp/net/tramp-sudoedit.el: New file.
* lisp/net/tramp.el (tramp-file-name-for-operation): Handle also
`tramp-set-file-uid-gid'.
(tramp-set-file-uid-gid): New defun.
(tramp-get-local-uid, tramp-get-local-gid): Cache result.
* test/lisp/net/tramp-tests.el (tramp--test-sudoedit-p): New defun.
(tramp-test20-file-modes, tramp-test22-file-times)
(tramp--test-sudoedit-p): Use it.
| -rw-r--r-- | doc/misc/tramp.texi | 37 | ||||
| -rw-r--r-- | etc/NEWS | 6 | ||||
| -rw-r--r-- | lisp/net/tramp-adb.el | 1 | ||||
| -rw-r--r-- | lisp/net/tramp-archive.el | 1 | ||||
| -rw-r--r-- | lisp/net/tramp-cache.el | 7 | ||||
| -rw-r--r-- | lisp/net/tramp-gvfs.el | 3 | ||||
| -rw-r--r-- | lisp/net/tramp-rclone.el | 3 | ||||
| -rw-r--r-- | lisp/net/tramp-sh.el | 43 | ||||
| -rw-r--r-- | lisp/net/tramp-smb.el | 1 | ||||
| -rw-r--r-- | lisp/net/tramp-sudoedit.el | 880 | ||||
| -rw-r--r-- | lisp/net/tramp.el | 47 | ||||
| -rw-r--r-- | test/lisp/net/tramp-tests.el | 10 | 
12 files changed, 995 insertions, 44 deletions
| diff --git a/doc/misc/tramp.texi b/doc/misc/tramp.texi index a4946f0b8de..c9f1e75d8e6 100644 --- a/doc/misc/tramp.texi +++ b/doc/misc/tramp.texi @@ -468,6 +468,19 @@ The method @option{sg} stands for ``switch group''; the changed group  must be used here as user name.  The default host name is the same. +@anchor{Quick Start Guide: @option{sudoedit} method} +@section Using @command{sudoedit} +@cindex method @option{sudoedit} +@cindex @option{sudoedit} method + +The @option{sudoedit} method is similar to the @option{sudo} method. +However, it is a different implementation: it does not keep an open +session running in the background.  This is for security reasons; on +the backside this method is less performant than the @option{sudo} +method, it is restricted to the @samp{localhost} only, and it does not +support external processes. + +  @anchor{Quick Start Guide: @option{smb} method}  @section Using @command{smbclient}  @cindex method @option{smb} @@ -919,6 +932,30 @@ NAS hosts.  These dumb devices have severely restricted local shells,  such as the @command{busybox} and do not host any other encode or  decode programs. +@item @option{sudoedit} +@cindex method @option{sudoedit} +@cindex @option{sudoedit} method + +The @option{sudoedit} method allows to edit a file as a different user +on the local host.  You could regard this as @value{tramp}'s +implementation of the @command{sudoedit}.  Contrary to the +@option{sudo} method, all magic file name functions are implemented by +single @command{sudo @dots{}}  commands.  The purpose is to make +editing such a file as secure as possible; there must be no session +running in the Emacs background which could be attacked from inside +Emacs. + +Consequently, external processes are not implemented. + +The host name of such remote file names must represent the local host. +Since the default value is already proper, it is recommended not to +use any host name in the remote file name, like +@file{@trampfn{sudoedit,,/path/to/file}} or +@file{@trampfn{sudoedit,user@@,/path/to/file}}. + +Like the @option{sudo} method, a @option{sudoedit} password expires +after a predefined timeout. +  @item @option{ftp}  @cindex method @option{ftp}  @cindex @option{ftp} method @@ -865,6 +865,12 @@ or NextCloud hosted files and directories.  storages via the 'rclone' program.  This feature is experimental.  +++ +*** New connection method "sudoedit", which allows to edit local files +with different user credentials.  Contrary to the "sudo" method, no +session is run permanently in the background.  This is for security +reasons. + ++++  *** Connection methods "obex" and "synce" are removed, because they  are obsoleted in GVFS. diff --git a/lisp/net/tramp-adb.el b/lisp/net/tramp-adb.el index 7906ec9f7cf..7bf709b79a1 100644 --- a/lisp/net/tramp-adb.el +++ b/lisp/net/tramp-adb.el @@ -161,6 +161,7 @@ It is used for TCP/IP devices."      (start-file-process . tramp-adb-handle-start-file-process)      (substitute-in-file-name . tramp-handle-substitute-in-file-name)      (temporary-file-directory . tramp-handle-temporary-file-directory) +    (tramp-set-file-uid-gid . ignore)      (unhandled-file-name-directory . ignore)      (vc-registered . ignore)      (verify-visited-file-modtime . tramp-handle-verify-visited-file-modtime) diff --git a/lisp/net/tramp-archive.el b/lisp/net/tramp-archive.el index cb072ac720f..02580359f73 100644 --- a/lisp/net/tramp-archive.el +++ b/lisp/net/tramp-archive.el @@ -273,6 +273,7 @@ It must be supported by libarchive(3).")      (start-file-process . tramp-archive-handle-not-implemented)      ;; `substitute-in-file-name' performed by default handler.      (temporary-file-directory . tramp-archive-handle-temporary-file-directory) +    ;; `tramp-set-file-uid-gid' performed by default handler.      (unhandled-file-name-directory . ignore)      (vc-registered . ignore)      (verify-visited-file-modtime . tramp-handle-verify-visited-file-modtime) diff --git a/lisp/net/tramp-cache.el b/lisp/net/tramp-cache.el index 0a799d721d6..d13e6ee9f58 100644 --- a/lisp/net/tramp-cache.el +++ b/lisp/net/tramp-cache.el @@ -50,10 +50,11 @@  ;;   definitions already sent to the remote shell, "last-cmd-time" is  ;;   the time stamp a command has been sent to the remote process.  ;; -;; - The key is `nil'.  This are temporary properties related to the +;; - The key is nil.  This are temporary properties related to the  ;;   local machine.  Examples: "parse-passwd" and "parse-group" keep -;;   the results of parsing "/etc/passwd" and "/etc/group", "locale" -;;   is the used shell locale. +;;   the results of parsing "/etc/passwd" and "/etc/group", +;;   "{uid,gid}-{integer,string}" are the local uid and gid, and +;;   "locale" is the used shell locale.  ;; Some properties are handled special:  ;; diff --git a/lisp/net/tramp-gvfs.el b/lisp/net/tramp-gvfs.el index e034f7bba56..295b288d06e 100644 --- a/lisp/net/tramp-gvfs.el +++ b/lisp/net/tramp-gvfs.el @@ -589,6 +589,7 @@ It has been changed in GVFS 1.14.")      (start-file-process . ignore)      (substitute-in-file-name . tramp-handle-substitute-in-file-name)      (temporary-file-directory . tramp-handle-temporary-file-directory) +    (tramp-set-file-uid-gid . ignore)      (unhandled-file-name-directory . ignore)      (vc-registered . ignore)      (verify-visited-file-modtime . tramp-handle-verify-visited-file-modtime) @@ -1843,7 +1844,7 @@ connection if a previous connection has died for some reason."  	 (tramp-get-connection-process vec) "connected" t))))    ;; In `tramp-check-cached-permissions', the connection properties -  ;; {uig,gid}-{integer,string} are used.  We set them to proper values. +  ;; "{uid,gid}-{integer,string}" are used.  We set them to proper values.    (unless tramp-gvfs-get-remote-uid-gid-in-progress      (let ((tramp-gvfs-get-remote-uid-gid-in-progress t))        (tramp-gvfs-get-remote-uid vec 'integer) diff --git a/lisp/net/tramp-rclone.el b/lisp/net/tramp-rclone.el index 5ea42c07bf2..18cb971bd17 100644 --- a/lisp/net/tramp-rclone.el +++ b/lisp/net/tramp-rclone.el @@ -134,6 +134,7 @@      (start-file-process . ignore)      (substitute-in-file-name . tramp-handle-substitute-in-file-name)      (temporary-file-directory . tramp-handle-temporary-file-directory) +    (tramp-set-file-uid-gid . ignore)      (unhandled-file-name-directory . ignore)      (vc-registered . ignore)      (verify-visited-file-modtime . tramp-handle-verify-visited-file-modtime) @@ -575,7 +576,7 @@ connection if a previous connection has died for some reason."  	  (tramp-cleanup-connection vec 'keep-debug 'keep-password)))))    ;; In `tramp-check-cached-permissions', the connection properties -  ;; {uig,gid}-{integer,string} are used.  We set them to proper values. +  ;; "{uid,gid}-{integer,string}" are used.  We set them to proper values.    (with-tramp-connection-property        vec "uid-integer" (tramp-get-local-uid 'integer))    (with-tramp-connection-property diff --git a/lisp/net/tramp-sh.el b/lisp/net/tramp-sh.el index a6e9d299a87..a3038780e6c 100644 --- a/lisp/net/tramp-sh.el +++ b/lisp/net/tramp-sh.el @@ -1044,6 +1044,7 @@ of command line.")      (start-file-process . tramp-sh-handle-start-file-process)      (substitute-in-file-name . tramp-handle-substitute-in-file-name)      (temporary-file-directory . tramp-handle-temporary-file-directory) +    (tramp-set-file-uid-gid . tramp-sh-handle-set-file-uid-gid)      (unhandled-file-name-directory . ignore)      (vc-registered . tramp-sh-handle-vc-registered)      (verify-visited-file-modtime . tramp-sh-handle-verify-visited-file-modtime) @@ -1516,39 +1517,26 @@ of."  	      "")  	    (tramp-shell-quote-argument localname))))))) -(defun tramp-set-file-uid-gid (filename &optional uid gid) -  "Set the ownership for FILENAME. -If UID and GID are provided, these values are used; otherwise uid -and gid of the corresponding user is taken.  Both parameters must -be non-negative integers." +(defun tramp-sh-handle-set-file-uid-gid (filename &optional uid gid) +  "Like `tramp-set-file-uid-gid' for Tramp files."    ;; Modern Unices allow chown only for root.  So we might need    ;; another implementation, see `dired-do-chown'.  OTOH, it is mostly    ;; working with su(do)? when it is needed, so it shall succeed in    ;; the majority of cases.    ;; Don't modify `last-coding-system-used' by accident.    (let ((last-coding-system-used last-coding-system-used)) -    (if (tramp-tramp-file-p filename) -	(with-parsed-tramp-file-name filename nil -	  (if (and (zerop (user-uid)) (tramp-local-host-p v)) -	      ;; If we are root on the local host, we can do it directly. -	      (tramp-set-file-uid-gid localname uid gid) -	    (let ((uid (or (and (natnump uid) uid) -			   (tramp-get-remote-uid v 'integer))) -		  (gid (or (and (natnump gid) gid) -			   (tramp-get-remote-gid v 'integer)))) -	      (tramp-send-command -	       v (format -		  "chown %d:%d %s" uid gid -		  (tramp-shell-quote-argument localname)))))) - -      ;; We handle also the local part, because there doesn't exist -      ;; `set-file-uid-gid'.  On W32 "chown" does not work. -      (unless (memq system-type '(ms-dos windows-nt)) -	(let ((uid (or (and (natnump uid) uid) (tramp-get-local-uid 'integer))) -	      (gid (or (and (natnump gid) gid) (tramp-get-local-gid 'integer)))) -	  (tramp-call-process -	   nil "chown" nil nil nil -	   (format "%d:%d" uid gid) (shell-quote-argument filename))))))) +    (with-parsed-tramp-file-name filename nil +      (if (and (zerop (user-uid)) (tramp-local-host-p v)) +	  ;; If we are root on the local host, we can do it directly. +	  (tramp-set-file-uid-gid localname uid gid) +	(let ((uid (or (and (natnump uid) uid) +		       (tramp-get-remote-uid v 'integer))) +	      (gid (or (and (natnump gid) gid) +		       (tramp-get-remote-gid v 'integer)))) +	  (tramp-send-command +	   v (format +	      "chown %d:%d %s" uid gid +	      (tramp-shell-quote-argument localname))))))))  (defun tramp-remote-selinux-p (vec)    "Check, whether SELINUX is enabled on the remote host." @@ -2114,6 +2102,7 @@ file names."  	  ;; Handle `preserve-extended-attributes'.  We ignore possible  	  ;; errors, because ACL strings could be incompatible. +	  ;; `set-file-extended-attributes' exists since Emacs 24.4.  	  (when attributes  	    (ignore-errors  	      (apply 'set-file-extended-attributes (list newname attributes)))) diff --git a/lisp/net/tramp-smb.el b/lisp/net/tramp-smb.el index 5b7998ac970..fcc6f6c6ef0 100644 --- a/lisp/net/tramp-smb.el +++ b/lisp/net/tramp-smb.el @@ -282,6 +282,7 @@ See `tramp-actions-before-shell' for more info.")      (start-file-process . tramp-smb-handle-start-file-process)      (substitute-in-file-name . tramp-smb-handle-substitute-in-file-name)      (temporary-file-directory . tramp-handle-temporary-file-directory) +    (tramp-set-file-uid-gid . ignore)      (unhandled-file-name-directory . ignore)      (vc-registered . ignore)      (verify-visited-file-modtime . tramp-handle-verify-visited-file-modtime) diff --git a/lisp/net/tramp-sudoedit.el b/lisp/net/tramp-sudoedit.el new file mode 100644 index 00000000000..640fa570ff4 --- /dev/null +++ b/lisp/net/tramp-sudoedit.el @@ -0,0 +1,880 @@ +;;; tramp-sudoedit.el --- Functions for accessing under root permissions  -*- lexical-binding:t -*- + +;; Copyright (C) 2018 Free Software Foundation, Inc. + +;; Author: Michael Albinus <michael.albinus@gmx.de> +;; Keywords: comm, processes +;; Package: tramp + +;; This file is part of GNU Emacs. + +;; GNU Emacs is free software: you can redistribute it and/or modify +;; it under the terms of the GNU General Public License as published by +;; the Free Software Foundation, either version 3 of the License, or +;; (at your option) any later version. + +;; GNU Emacs is distributed in the hope that it will be useful, +;; but WITHOUT ANY WARRANTY; without even the implied warranty of +;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the +;; GNU General Public License for more details. + +;; You should have received a copy of the GNU General Public License +;; along with GNU Emacs.  If not, see <https://www.gnu.org/licenses/>. + +;;; Commentary: + +;; The "sudoedit" Tramp method allows to edit a file as a different +;; user on the local host.  Contrary to the "sudo" method, all magic +;; file name functions are implemented by single "sudo ..."  commands. +;; The purpose is to make editing such a file as secure as possible; +;; there must be no session running in the Emacs background which +;; could be attacked from inside Emacs. + +;; Consequently, external processes are not implemented. + +;;; Code: + +(require 'tramp) +(require 'server) + +;;;###tramp-autoload +(defconst tramp-sudoedit-method "sudoedit" +  "When this method name is used, call sudoedit for editing a file.") + +;;;###tramp-autoload +(add-to-list 'tramp-methods +  `(,tramp-sudoedit-method +    (tramp-sudo-login      (("sudo") ("-u" "%u") ("-S") ("-H") +			    ("-p" "Password:") ("--"))))) + +;;;###tramp-autoload +(add-to-list 'tramp-default-user-alist '("\\`sudoedit\\'" nil "root")) + +;;;###tramp-autoload +(eval-after-load 'tramp +  '(tramp-set-completion-function +    tramp-sudoedit-method tramp-completion-function-alist-su)) + +(defconst tramp-sudoedit-sudo-actions +  '((tramp-password-prompt-regexp tramp-action-password) +    (tramp-wrong-passwd-regexp tramp-action-permission-denied) +    (tramp-process-alive-regexp tramp-sudoedit-action-sudo)) +  "List of pattern/action pairs. +This list is used for sudo calls. + +See `tramp-actions-before-shell' for more info.") + +;;;###tramp-autoload +(defconst tramp-sudoedit-file-name-handler-alist +  '((access-file . ignore) +    (add-name-to-file . tramp-sudoedit-handle-add-name-to-file) +    (byte-compiler-base-file-name . ignore) +    ;; `copy-directory' performed by default handler. +    (copy-file . tramp-sudoedit-handle-copy-file) +    (delete-directory . tramp-sudoedit-handle-delete-directory) +    (delete-file . tramp-sudoedit-handle-delete-file) +    (diff-latest-backup-file . ignore) +    ;; `directory-file-name' performed by default handler. +    (directory-files . tramp-handle-directory-files) +    (directory-files-and-attributes +     . tramp-handle-directory-files-and-attributes) +    (dired-compress-file . ignore) +    (dired-uncache . tramp-handle-dired-uncache) +    (exec-path . ignore) +    (expand-file-name . tramp-sudoedit-handle-expand-file-name) +    (file-accessible-directory-p . tramp-handle-file-accessible-directory-p) +    (file-acl . tramp-sudoedit-handle-file-acl) +    (file-attributes . tramp-sudoedit-handle-file-attributes) +    (file-directory-p . tramp-handle-file-directory-p) +    (file-equal-p . tramp-handle-file-equal-p) +    (file-executable-p . tramp-sudoedit-handle-file-executable-p) +    (file-exists-p . tramp-sudoedit-handle-file-exists-p) +    (file-in-directory-p . tramp-handle-file-in-directory-p) +    (file-local-copy . tramp-handle-file-local-copy) +    (file-modes . tramp-handle-file-modes) +    (file-name-all-completions +     . tramp-sudoedit-handle-file-name-all-completions) +    (file-name-as-directory . tramp-handle-file-name-as-directory) +    (file-name-case-insensitive-p . tramp-handle-file-name-case-insensitive-p) +    (file-name-completion . tramp-handle-file-name-completion) +    (file-name-directory . tramp-handle-file-name-directory) +    (file-name-nondirectory . tramp-handle-file-name-nondirectory) +    ;; `file-name-sans-versions' performed by default handler. +    (file-newer-than-file-p . tramp-handle-file-newer-than-file-p) +    (file-notify-add-watch . ignore) +    (file-notify-rm-watch . ignore) +    (file-notify-valid-p . ignore) +    (file-ownership-preserved-p . ignore) +    (file-readable-p . tramp-sudoedit-handle-file-readable-p) +    (file-regular-p . tramp-handle-file-regular-p) +    (file-remote-p . tramp-handle-file-remote-p) +    (file-selinux-context . tramp-sudoedit-handle-file-selinux-context) +    (file-symlink-p . tramp-handle-file-symlink-p) +    (file-system-info . tramp-sudoedit-handle-file-system-info) +    (file-truename . tramp-sudoedit-handle-file-truename) +    (file-writable-p . tramp-sudoedit-handle-file-writable-p) +    (find-backup-file-name . tramp-handle-find-backup-file-name) +    ;; `get-file-buffer' performed by default handler. +    (insert-directory . tramp-handle-insert-directory) +    (insert-file-contents . tramp-handle-insert-file-contents) +    (load . tramp-handle-load) +    (make-auto-save-file-name . tramp-handle-make-auto-save-file-name) +    (make-directory . tramp-sudoedit-handle-make-directory) +    (make-directory-internal . ignore) +    (make-nearby-temp-file . tramp-handle-make-nearby-temp-file) +    (make-symbolic-link . tramp-sudoedit-handle-make-symbolic-link) +    (process-file . ignore) +    (rename-file . tramp-sudoedit-handle-rename-file) +    (set-file-acl . tramp-sudoedit-handle-set-file-acl) +    (set-file-modes . tramp-sudoedit-handle-set-file-modes) +    (set-file-selinux-context . tramp-sudoedit-handle-set-file-selinux-context) +    (set-file-times . tramp-sudoedit-handle-set-file-times) +    (set-visited-file-modtime . tramp-handle-set-visited-file-modtime) +    (shell-command . ignore) +    (start-file-process . ignore) +    (substitute-in-file-name . tramp-handle-substitute-in-file-name) +    (temporary-file-directory . tramp-handle-temporary-file-directory) +    (tramp-set-file-uid-gid . tramp-sudoedit-handle-set-file-uid-gid) +    (unhandled-file-name-directory . ignore) +    (vc-registered . ignore) +    (verify-visited-file-modtime . tramp-handle-verify-visited-file-modtime) +    (write-region . tramp-sudoedit-handle-write-region)) +  "Alist of handler functions for Tramp SUDOEDIT method.") + +;; It must be a `defsubst' in order to push the whole code into +;; tramp-loaddefs.el.  Otherwise, there would be recursive autoloading. +;;;###tramp-autoload +(defsubst tramp-sudoedit-file-name-p (filename) +  "Check if it's a filename for SUDOEDIT." +  (and (tramp-tramp-file-p filename) +       (string= (tramp-file-name-method (tramp-dissect-file-name filename)) +		tramp-sudoedit-method))) + +;;;###tramp-autoload +(defun tramp-sudoedit-file-name-handler (operation &rest args) +  "Invoke the SUDOEDIT handler for OPERATION. +First arg specifies the OPERATION, second arg is a list of arguments to +pass to the OPERATION." +  (let ((fn (assoc operation tramp-sudoedit-file-name-handler-alist))) +    (if fn +	(save-match-data (apply (cdr fn) args)) +      (tramp-run-real-handler operation args)))) + +;;;###tramp-autoload +(tramp-register-foreign-file-name-handler + 'tramp-sudoedit-file-name-p 'tramp-sudoedit-file-name-handler) + + +;; File name primitives. + +(defun tramp-sudoedit-handle-add-name-to-file +  (filename newname &optional ok-if-already-exists) +  "Like `add-name-to-file' for Tramp files." +  (unless (tramp-equal-remote filename newname) +    (with-parsed-tramp-file-name +	(if (tramp-tramp-file-p filename) filename newname) nil +      (tramp-error +       v 'file-error +       "add-name-to-file: %s" +       "only implemented for same method, same user, same host"))) +  (with-parsed-tramp-file-name filename v1 +    (with-parsed-tramp-file-name newname v2 +	;; Do the 'confirm if exists' thing. +	(when (file-exists-p newname) +	  ;; What to do? +	  (if (or (null ok-if-already-exists) ; not allowed to exist +		  (and (numberp ok-if-already-exists) +		       (not (yes-or-no-p +			     (format +			      "File %s already exists; make it a link anyway? " +			      v2-localname))))) +	      (tramp-error v2 'file-already-exists newname) +	    (delete-file newname))) +	(tramp-flush-file-properties v2 (file-name-directory v2-localname)) +	(tramp-flush-file-properties v2 v2-localname) +	(unless +	    (tramp-sudoedit-send-command +	     v1 "ln" +	     (tramp-compat-file-name-unquote v1-localname) +	     (tramp-compat-file-name-unquote v2-localname)) +	  (tramp-error +	   v1 'file-error +	   "error with add-name-to-file, see buffer `%s' for details" +	   (buffer-name)))))) + +(defun tramp-sudoedit-do-copy-or-rename-file +  (op filename newname &optional ok-if-already-exists keep-date +   preserve-uid-gid preserve-extended-attributes) +  "Copy or rename a remote file. +OP must be `copy' or `rename' and indicates the operation to perform. +FILENAME specifies the file to copy or rename, NEWNAME is the name of +the new file (for copy) or the new name of the file (for rename). +OK-IF-ALREADY-EXISTS means don't barf if NEWNAME exists already. +KEEP-DATE means to make sure that NEWNAME has the same timestamp +as FILENAME.  PRESERVE-UID-GID, when non-nil, instructs to keep +the uid and gid if both files are on the same host. +PRESERVE-EXTENDED-ATTRIBUTES activates selinux and acl commands. + +This function is invoked by `tramp-sudoedit-handle-copy-file' and +`tramp-sudoedit-handle-rename-file'.  It is an error if OP is +neither of `copy' and `rename'.  FILENAME and NEWNAME must be +absolute file names." +  (unless (memq op '(copy rename)) +    (error "Unknown operation `%s', must be `copy' or `rename'" op)) + +  (setq filename (file-truename filename)) +  (if (file-directory-p filename) +      (progn +	(copy-directory filename newname keep-date t) +	(when (eq op 'rename) (delete-directory filename 'recursive))) + +    (let ((t1 (tramp-sudoedit-file-name-p filename)) +	  (t2 (tramp-sudoedit-file-name-p newname)) +	  (file-times (tramp-compat-file-attribute-modification-time +		       (file-attributes filename))) +	  (file-modes (tramp-default-file-modes filename)) +	  ;; `file-extended-attributes' exists since Emacs 24.4. +	  (attributes (and preserve-extended-attributes +			   (apply 'file-extended-attributes (list filename)))) +	  (sudoedit-operation +	   (cond +	    ((and (eq op 'copy) preserve-uid-gid) '("cp" "-f" "-p")) +	    ((eq op 'copy) '("cp" "-f")) +	    ((eq op 'rename) '("mv" "-f")))) +	  (msg-operation (if (eq op 'copy) "Copying" "Renaming"))) + +      (with-parsed-tramp-file-name (if t1 filename newname) nil +	(when (and (not ok-if-already-exists) (file-exists-p newname)) +	  (tramp-error v 'file-already-exists newname)) + +	(if (or (and (file-remote-p filename) (not t1)) +		(and (file-remote-p newname)  (not t2))) +	    ;; We cannot copy or rename directly. +	    (let ((tmpfile (tramp-compat-make-temp-file filename))) +	      (if (eq op 'copy) +		  (copy-file filename tmpfile t) +		(rename-file filename tmpfile t)) +	      (rename-file tmpfile newname ok-if-already-exists)) + +	  ;; Direct action. +	  (with-tramp-progress-reporter +	      v 0 (format "%s %s to %s" msg-operation filename newname) +	    (unless (tramp-sudoedit-send-command +		     v sudoedit-operation +		     (tramp-compat-file-name-unquote +		      (tramp-compat-file-local-name filename)) +		     (tramp-compat-file-name-unquote +		      (tramp-compat-file-local-name newname))) +	      (tramp-error +	       v 'file-error +	       "Error %s `%s' `%s'" msg-operation filename newname)))) + +	;; When `newname' is local, we must change the ownership to +	;; the local user. +	(unless (file-remote-p newname) +	  (tramp-set-file-uid-gid +	   (concat (file-remote-p filename) newname) +	   (tramp-get-local-uid 'integer) +	   (tramp-get-local-gid 'integer))) + +	;; Set the time and mode. Mask possible errors. +	(when keep-date +	  (ignore-errors +	    (set-file-times newname file-times) +	    (set-file-modes newname file-modes))) + +	;; Handle `preserve-extended-attributes'.  We ignore possible +	;; errors, because ACL strings could be incompatible. +	;; `set-file-extended-attributes' exists since Emacs 24.4. +	(when attributes +	  (ignore-errors +	    (apply 'set-file-extended-attributes (list newname attributes)))) + +	(when (and t1 (eq op 'rename)) +	  (with-parsed-tramp-file-name filename v1 +	    (tramp-flush-file-properties +	     v1 (file-name-directory v1-localname)) +	    (tramp-flush-file-properties v1 v1-localname))) + +	(when t2 +	  (with-parsed-tramp-file-name newname v2 +	    (tramp-flush-file-properties +	     v2 (file-name-directory v2-localname)) +	    (tramp-flush-file-properties v2 v2-localname) +	    (when (tramp-rclone-file-name-p newname)))))))) + +(defun tramp-sudoedit-handle-copy-file +  (filename newname &optional ok-if-already-exists keep-date +   preserve-uid-gid preserve-extended-attributes) +  "Like `copy-file' for Tramp files." +  (setq filename (expand-file-name filename)) +  (setq newname (expand-file-name newname)) +  ;; At least one file a Tramp file? +  (if (or (tramp-tramp-file-p filename) +	  (tramp-tramp-file-p newname)) +      (tramp-sudoedit-do-copy-or-rename-file +       'copy filename newname ok-if-already-exists keep-date +       preserve-uid-gid preserve-extended-attributes) +    (tramp-run-real-handler +     'copy-file +     (list filename newname ok-if-already-exists keep-date +	   preserve-uid-gid preserve-extended-attributes)))) + +(defun tramp-sudoedit-handle-delete-directory +    (directory &optional recursive trash) +  "Like `delete-directory' for Tramp files." +  (setq directory (expand-file-name directory)) +  (with-parsed-tramp-file-name directory nil +    (tramp-flush-file-properties v (file-name-directory localname)) +    (tramp-flush-directory-properties v localname) +    (unless +	(tramp-sudoedit-send-command +	 v (or (and trash "trash") +	       (if recursive '("rm" "-rf") "rmdir")) +	 (tramp-compat-file-name-unquote localname)) +      (tramp-error v 'file-error "Couldn't delete %s" directory)))) + +(defun tramp-sudoedit-handle-delete-file (filename &optional trash) +  "Like `delete-file' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (tramp-flush-file-properties v (file-name-directory localname)) +    (tramp-flush-file-properties v localname) +    (unless +	(tramp-sudoedit-send-command +	 v (if (and trash delete-by-moving-to-trash) "trash" "rm") +	 (tramp-compat-file-name-unquote localname)) +      ;; Propagate the error. +      (with-current-buffer (tramp-get-connection-buffer v) +	(goto-char (point-min)) +	(tramp-error-with-buffer +	 nil v 'file-error "Couldn't delete %s" filename))))) + +(defun tramp-sudoedit-handle-expand-file-name (name &optional dir) +  "Like `expand-file-name' for Tramp files. +If the localname part of the given file name starts with \"/../\" then +the result will be a local, non-Tramp, file name." +  ;; If DIR is not given, use `default-directory' or "/". +  (setq dir (or dir default-directory "/")) +  ;; Unless NAME is absolute, concat DIR and NAME. +  (unless (file-name-absolute-p name) +    (setq name (concat (file-name-as-directory dir) name))) +  (with-parsed-tramp-file-name name nil +    ;; Tilde expansion if necessary.  We cannot accept "~/", because +    ;; under sudo "~/" is expanded to the local user home directory +    ;; but to the root home directory. +    (when (zerop (length localname)) +      (setq localname "~")) +    (unless (file-name-absolute-p localname) +      (setq localname (format "~%s/%s" user localname))) +    (when (string-match "\\`\\(~[^/]*\\)\\(.*\\)\\'" localname) +      (let ((uname (match-string 1 localname)) +	    (fname (match-string 2 localname))) +	(when (string-equal uname "~") +	  (setq uname (concat uname user))) +	(setq localname (concat uname fname)))) +    ;; Do normal `expand-file-name' (this does "~user/", "/./" and "/../"). +    (tramp-make-tramp-file-name v (expand-file-name localname)))) + +(defun tramp-sudoedit-remote-acl-p (vec) +  "Check, whether ACL is enabled on the remote host." +  (with-tramp-connection-property (tramp-get-connection-process vec) "acl-p" +    (zerop (tramp-call-process vec "getfacl" nil nil nil "/")))) + +(defun tramp-sudoedit-handle-file-acl (filename) +  "Like `file-acl' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (with-tramp-file-property v localname "file-acl" +      (let ((result (and (tramp-sudoedit-remote-acl-p v) +			 (tramp-sudoedit-send-command-string +			  v "getfacl" "-acp" +			  (tramp-compat-file-name-unquote localname))))) +	;; The acl string must have a trailing \n, which is not +	;; provided by `tramp-sudoedit-send-command-string'.  Add it. +	(and (stringp result) (concat result "\n")))))) + +(defun tramp-sudoedit-handle-file-attributes (filename &optional id-format) +  "Like `file-attributes' for Tramp files." +  (unless id-format (setq id-format 'integer)) +  (with-parsed-tramp-file-name (expand-file-name filename) nil +    (with-tramp-file-property +	v localname (format "file-attributes-%s" id-format) +      (tramp-message v 5 "file attributes: %s" localname) +      (ignore-errors +	(tramp-convert-file-attributes +	 v +	 (tramp-sudoedit-send-command-and-read +	  v "env" "QUOTING_STYLE=locale" "stat" "-c" +	  (format +	   ;; Apostrophes in the stat output are masked as +	   ;; `tramp-stat-marker', in order to make a proper shell +	   ;; escape of them in file names. +	   "((%s%%N%s) %%h %s %s %%X %%Y %%Z %%s %s%%A%s t %%i -1)" +	   tramp-stat-marker tramp-stat-marker +	   (if (eq id-format 'integer) +	       "%u" +	     (eval-when-compile +	       (concat tramp-stat-marker "%U" tramp-stat-marker))) +	   (if (eq id-format 'integer) +	       "%g" +	     (eval-when-compile +	       (concat tramp-stat-marker "%G" tramp-stat-marker))) +	   tramp-stat-marker tramp-stat-marker) +	  (tramp-compat-file-name-unquote localname))))))) + +(defun tramp-sudoedit-handle-file-executable-p (filename) +  "Like `file-executable-p' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (with-tramp-file-property v localname "file-executable-p" +      (tramp-sudoedit-send-command +       v "test" "-x" (tramp-compat-file-name-unquote localname))))) + +(defun tramp-sudoedit-handle-file-exists-p (filename) +  "Like `file-exists-p' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (with-tramp-file-property v localname "file-exists-p" +      (tramp-sudoedit-send-command +       v "test" "-e" (tramp-compat-file-name-unquote localname))))) + +(defun tramp-sudoedit-handle-file-name-all-completions (filename directory) +  "Like `file-name-all-completions' for Tramp files." +  (all-completions +   filename +   (with-parsed-tramp-file-name (expand-file-name directory) nil +     (with-tramp-file-property v localname "file-name-all-completions" +       (tramp-sudoedit-send-command +	v "ls" "-a1" "--quoting-style=literal" "--show-control-chars" +	(if (zerop (length localname)) +	    "" (tramp-compat-file-name-unquote localname))) +       (mapcar +	(lambda (f) +	  (if (file-directory-p (expand-file-name f directory)) +	      (file-name-as-directory f) +	    f)) +	(with-current-buffer (tramp-get-connection-buffer v) +	  (delq +	   nil +	   (mapcar +	    (lambda (l) (and (not (string-match-p  "^[[:space:]]*$" l)) l)) +	    (split-string (buffer-string) "\n" 'omit))))))))) + +(defun tramp-sudoedit-handle-file-readable-p (filename) +  "Like `file-readable-p' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (with-tramp-file-property v localname "file-readable-p" +      (tramp-sudoedit-send-command +       v "test" "-r" (tramp-compat-file-name-unquote localname))))) + +(defun tramp-sudoedit-handle-set-file-modes (filename mode) +  "Like `set-file-modes' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (tramp-flush-file-properties v (file-name-directory localname)) +    (tramp-flush-file-properties v localname) +    (unless (tramp-sudoedit-send-command +	     v "chmod" (format "%o" mode) +	     (tramp-compat-file-name-unquote localname)) +      (tramp-error +       v 'file-error "Error while changing file's mode %s" filename)))) + +(defun tramp-sudoedit-remote-selinux-p (vec) +  "Check, whether SELINUX is enabled on the remote host." +  (with-tramp-connection-property (tramp-get-connection-process vec) "selinux-p" +    (zerop (tramp-call-process vec "selinuxenabled")))) + +(defun tramp-sudoedit-handle-file-selinux-context (filename) +  "Like `file-selinux-context' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (with-tramp-file-property v localname "file-selinux-context" +      (let ((context '(nil nil nil nil)) +	    (regexp (eval-when-compile +		      (concat "\\([a-z0-9_]+\\):" "\\([a-z0-9_]+\\):" +			      "\\([a-z0-9_]+\\):" "\\([a-z0-9_]+\\)")))) +	(when (and (tramp-sudoedit-remote-selinux-p v) +		   (tramp-sudoedit-send-command +		    v "ls" "-d" "-Z" +		    (tramp-compat-file-name-unquote localname))) +	  (with-current-buffer (tramp-get-connection-buffer v) +	    (goto-char (point-min)) +	    (when (re-search-forward regexp (point-at-eol) t) +	      (setq context (list (match-string 1) (match-string 2) +				  (match-string 3) (match-string 4)))))) +	;; Return the context. +	context)))) + +(defun tramp-sudoedit-handle-file-system-info (filename) +  "Like `file-system-info' for Tramp files." +  (ignore-errors +    (with-parsed-tramp-file-name (expand-file-name filename) nil +      (tramp-message v 5 "file system info: %s" localname) +      (when (tramp-sudoedit-send-command +	     v "df" "--block-size=1" "--output=size,used,avail" +	     (tramp-compat-file-name-unquote localname))) +      (with-current-buffer (tramp-get-connection-buffer v) +	(goto-char (point-min)) +	(forward-line) +	(when (looking-at +	       (eval-when-compile +		 (concat "[[:space:]]*\\([[:digit:]]+\\)" +			 "[[:space:]]+\\([[:digit:]]+\\)" +			 "[[:space:]]+\\([[:digit:]]+\\)"))) +	  (list (string-to-number (match-string 1)) +		;; The second value is the used size.  We need the +		;; free size. +		(- (string-to-number (match-string 1)) +		   (string-to-number (match-string 2))) +		(string-to-number (match-string 3)))))))) + +(defun tramp-sudoedit-handle-set-file-times (filename &optional time) +  "Like `set-file-times' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (tramp-flush-file-properties v (file-name-directory localname)) +    (tramp-flush-file-properties v localname) +    (let ((time +	   (if (or (null time) +		   (tramp-compat-time-equal-p time tramp-time-doesnt-exist) +		   (tramp-compat-time-equal-p time tramp-time-dont-know)) +	       (current-time) +	     time))) +      (tramp-sudoedit-send-command +       v "env" "TZ=UTC" "touch" "-t" +       (format-time-string "%Y%m%d%H%M.%S" time t) +       (tramp-compat-file-name-unquote localname))))) + +(defun tramp-sudoedit-handle-file-truename (filename) +  "Like `file-truename' for Tramp files." +   ;; Preserve trailing "/". +  (funcall +   (if (string-equal (file-name-nondirectory filename) "") +       'file-name-as-directory 'identity) +   (with-parsed-tramp-file-name (expand-file-name filename) nil +     (tramp-make-tramp-file-name +      v +      (with-tramp-file-property v localname "file-truename" +	(let ((quoted (tramp-compat-file-name-quoted-p localname)) +	      (localname (tramp-compat-file-name-unquote localname)) +	      result) +	  (tramp-message v 4 "Finding true name for `%s'" filename) +	  (setq result (tramp-sudoedit-send-command-string +			v "readlink" "--canonicalize-missing" localname)) +	  ;; Detect cycle. +	  (when (and (file-symlink-p filename) +		     (string-equal result localname)) +	    (tramp-error +	     v 'file-error +	     "Apparent cycle of symbolic links for %s" filename)) +	  ;; If the resulting localname looks remote, we must quote it +	  ;; for security reasons. +	  (when (or quoted (file-remote-p result)) +	    (let (file-name-handler-alist) +	      (setq result (tramp-compat-file-name-quote result)))) +	  (tramp-message v 4 "True name of `%s' is `%s'" localname result) +	  result)) +      'nohop)))) + +(defun tramp-sudoedit-handle-file-writable-p (filename) +  "Like `file-writable-p' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (with-tramp-file-property v localname "file-writable-p" +      (if (file-exists-p filename) +	  (tramp-sudoedit-send-command +	   v "test" "-w" (tramp-compat-file-name-unquote localname)) +	(let ((dir (file-name-directory filename))) +	  (and (file-exists-p dir) +	       (file-writable-p dir))))))) + +(defun tramp-sudoedit-handle-make-directory (dir &optional parents) +  "Like `make-directory' for Tramp files." +  (setq dir (expand-file-name dir)) +  (with-parsed-tramp-file-name dir nil +    ;; When PARENTS is non-nil, DIR could be a chain of non-existent +    ;; directories a/b/c/...  Instead of checking, we simply flush the +    ;; whole cache. +    (tramp-flush-directory-properties +     v (if parents "/" (file-name-directory localname))) +    (unless (tramp-sudoedit-send-command +	     v (if parents '("mkdir" "-p") "mkdir") +	     (tramp-compat-file-name-unquote localname)) +      (tramp-error v 'file-error "Couldn't make directory %s" dir)))) + +(defun tramp-sudoedit-handle-make-symbolic-link +    (target linkname &optional ok-if-already-exists) +  "Like `make-symbolic-link' for Tramp files. +If TARGET is a non-Tramp file, it is used verbatim as the target +of the symlink.  If TARGET is a Tramp file, only the localname +component is used as the target of the symlink." +  (if (not (tramp-tramp-file-p (expand-file-name linkname))) +      (tramp-run-real-handler +       'make-symbolic-link (list target linkname ok-if-already-exists)) + +    (with-parsed-tramp-file-name linkname nil +      ;; If TARGET is a Tramp name, use just the localname component. +      (when (and (tramp-tramp-file-p target) +		 (tramp-file-name-equal-p v (tramp-dissect-file-name target))) +	(setq target +	      (tramp-file-name-localname +	       (tramp-dissect-file-name (expand-file-name target))))) + +      ;; If TARGET is still remote, quote it. +      (if (tramp-tramp-file-p target) +	  (make-symbolic-link +	   (let (file-name-handler-alist) (tramp-compat-file-name-quote target)) +	   linkname ok-if-already-exists) + +	;; Do the 'confirm if exists' thing. +	(when (file-exists-p linkname) +	  ;; What to do? +	  (if (or (null ok-if-already-exists) ; not allowed to exist +		  (and (numberp ok-if-already-exists) +		       (not +			(yes-or-no-p +			 (format +			  "File %s already exists; make it a link anyway? " +			  localname))))) +	      (tramp-error v 'file-already-exists localname) +	    (delete-file linkname))) + +	(tramp-flush-file-properties v (file-name-directory localname)) +	(tramp-flush-file-properties v localname) +        (tramp-sudoedit-send-command +	 v "ln" "-sf" +	 (tramp-compat-file-name-unquote target) +	 (tramp-compat-file-name-unquote localname)))))) + +(defun tramp-sudoedit-handle-rename-file +  (filename newname &optional ok-if-already-exists) +  "Like `rename-file' for Tramp files." +  (setq filename (expand-file-name filename)) +  (setq newname (expand-file-name newname)) +  ;; At least one file a Tramp file? +  (if (or (tramp-tramp-file-p filename) +          (tramp-tramp-file-p newname)) +      (tramp-sudoedit-do-copy-or-rename-file +       'rename filename newname ok-if-already-exists +       'keep-date 'preserve-uid-gid) +    (tramp-run-real-handler +     'rename-file (list filename newname ok-if-already-exists)))) + +(defun tramp-sudoedit-handle-set-file-acl (filename acl-string) +  "Like `set-file-acl' for Tramp files." +  (with-parsed-tramp-file-name (expand-file-name filename) nil +    (when (and (stringp acl-string) (tramp-sudoedit-remote-acl-p v)) +      ;; Massage `acl-string'. +      (setq acl-string +	    (mapconcat 'identity (split-string acl-string "\n" 'omit) ",")) +      (prog1 +	  (tramp-sudoedit-send-command +	   v "setfacl" "-m" +	   acl-string (tramp-compat-file-name-unquote localname)) +	(tramp-flush-file-property v localname "file-acl"))))) + +(defun tramp-sudoedit-handle-set-file-selinux-context (filename context) +  "Like `set-file-selinux-context' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (when (and (consp context) +	       (tramp-sudoedit-remote-selinux-p v)) +      (let ((user (and (stringp (nth 0 context)) (nth 0 context))) +	    (role (and (stringp (nth 1 context)) (nth 1 context))) +	    (type (and (stringp (nth 2 context)) (nth 2 context))) +	    (range (and (stringp (nth 3 context)) (nth 3 context)))) +	(when (tramp-sudoedit-send-command +	       v  "chcon" +	       (when user (format "--user=%s" user)) +	       (when role (format "--role=%s" role)) +	       (when type (format "--type=%s" type)) +	       (when range (format "--range=%s" range)) +	       (tramp-compat-file-name-unquote localname)) +	  (if (and user role type range) +	      (tramp-set-file-property +	       v localname "file-selinux-context" context) +	    (tramp-flush-file-property v localname "file-selinux-context")) +	  t))))) + +(defun tramp-sudoedit-get-remote-uid (vec id-format) +  "The uid of the remote connection VEC, in ID-FORMAT. +ID-FORMAT valid values are `string' and `integer'." +  (with-tramp-connection-property vec (format "uid-%s" id-format) +    (if (equal id-format 'integer) +	(tramp-sudoedit-send-command-and-read vec "id" "-u") +      (tramp-sudoedit-send-command-string vec "id" "-un")))) + +(defun tramp-sudoedit-get-remote-gid (vec id-format) +  "The gid of the remote connection VEC, in ID-FORMAT. +ID-FORMAT valid values are `string' and `integer'." +  (with-tramp-connection-property vec (format "gid-%s" id-format) +    (if (equal id-format 'integer) +	(tramp-sudoedit-send-command-and-read vec "id" "-g") +      (tramp-sudoedit-send-command-string vec "id" "-gn")))) + +(defun tramp-sudoedit-handle-set-file-uid-gid (filename &optional uid gid) +  "Like `tramp-set-file-uid-gid' for Tramp files." +    (with-parsed-tramp-file-name filename nil +      (tramp-sudoedit-send-command +       v "chown" +       (format "%d:%d" +	       (or uid (tramp-sudoedit-get-remote-uid v 'integer)) +	       (or gid (tramp-sudoedit-get-remote-gid v 'integer))) +       (tramp-compat-file-name-unquote +	(tramp-compat-file-local-name filename))))) + +(defun tramp-sudoedit-handle-write-region +  (start end filename &optional append visit lockname mustbenew) +  "Like `write-region' for Tramp files." +  (with-parsed-tramp-file-name filename nil +    (let ((uid (or (tramp-compat-file-attribute-user-id +		    (file-attributes filename 'integer)) +		   (tramp-sudoedit-get-remote-uid v 'integer))) +	  (gid (or (tramp-compat-file-attribute-group-id +		    (file-attributes filename 'integer)) +		   (tramp-sudoedit-get-remote-gid v 'integer))) +	  (modes (tramp-default-file-modes filename))) +      (prog1 +	  (tramp-handle-write-region +	   start end filename append visit lockname mustbenew) + +	;; Set the ownership and modes.  This is not performed in +	;; `tramp-handle-write-region'. +	(unless (and (= (tramp-compat-file-attribute-user-id +			 (file-attributes filename 'integer)) +			uid) +                     (= (tramp-compat-file-attribute-group-id +			 (file-attributes filename 'integer)) +			gid)) +          (tramp-set-file-uid-gid filename uid gid)) +	(set-file-modes filename modes))))) + + +;; Internal functions. + +;; Used in `tramp-sudoedit-sudo-actions'. +(defun tramp-sudoedit-action-sudo (proc vec) +  "Check, whether a sudo process copy has finished." +  ;; There might be pending output for the exit status. +  (tramp-accept-process-output proc 0.1) +  (when (not (process-live-p proc)) +    ;; Delete narrowed region, it would be in the way reading a Lisp form. +    (goto-char (point-min)) +    (widen) +    (delete-region (point-min) (point)) +    ;; Delete empty lines. +    (goto-char (point-min)) +    (while (and (not (eobp)) (= (point) (point-at-eol))) +      (forward-line)) +    (delete-region (point-min) (point)) +    (tramp-message vec 3 "Process has finished.") +    (throw 'tramp-action 'ok))) + +(defun tramp-sudoedit-maybe-open-connection (vec) +  "Maybe open a connection VEC. +Does not do anything if a connection is already open, but re-opens the +connection if a previous connection has died for some reason." +  ;; We need a process bound to the connection buffer.  Therefore, we +  ;; create a dummy process.  Maybe there is a better solution? +  (unless (tramp-get-connection-process vec) +    (let ((p (make-network-process +	      :name (tramp-buffer-name vec) +	      :buffer (tramp-get-connection-buffer vec) +	      :server t :host 'local :service t :noquery t))) +      (process-put p 'vector vec) +      (set-process-query-on-exit-flag p nil) + +      ;; Set connection-local variables. +      (tramp-set-connection-local-variables vec)) + +    ;; In `tramp-check-cached-permissions', the connection properties +    ;; "{uid,gid}-{integer,string}" are used.  We set them to proper values. +    (tramp-sudoedit-get-remote-uid vec 'integer) +    (tramp-sudoedit-get-remote-gid vec 'integer) +    (tramp-sudoedit-get-remote-uid vec 'string) +    (tramp-sudoedit-get-remote-gid vec 'string))) + +(defun tramp-sudoedit-send-command (vec &rest args) +  "Send commands ARGS to connection VEC. +If an element of ARGS is a list, it will be flattened.  If an +element of ARGS is nil, it will be deleted. +Erases temporary buffer before sending the command.  Returns nil +in case of error, t otherwise." +  (tramp-sudoedit-maybe-open-connection vec) +  (with-current-buffer (tramp-get-connection-buffer vec) +    (erase-buffer) +    (let* ((login (tramp-get-method-parameter vec 'tramp-sudo-login)) +	   (host (or (tramp-file-name-host vec) "")) +	   (user (or (tramp-file-name-user vec) "")) +	   (spec (format-spec-make ?h host ?u user)) +	   (args (append +		  (tramp-compat-flatten-list +		   (mapcar +		    (lambda (x) +		      (setq x (mapcar (lambda (y) (format-spec y spec)) x)) +		      (unless (member "" x) x)) +		    login)) +		  (tramp-compat-flatten-list (delq nil args)))) +	   (delete-exited-processes t) +	   (process-connection-type tramp-process-connection-type) +	   (p (apply 'start-process +		     (tramp-get-connection-name vec) (current-buffer) args)) +	   ;; We suppress the messages `Waiting for prompts from remote shell'. +	   (tramp-verbose (if (= tramp-verbose 3) 2 tramp-verbose)) +	   ;; We do not want to save the password. +	   auth-source-save-behavior) +      (tramp-message vec 6 "%s" (mapconcat 'identity (process-command p) " ")) +      ;; Avoid process status message in output buffer. +      (set-process-sentinel p 'ignore) +      (process-put p 'vector vec) +      (process-put p 'adjust-window-size-function 'ignore) +      (set-process-query-on-exit-flag p nil) +      (tramp-process-actions p vec nil tramp-sudoedit-sudo-actions) +      (tramp-message vec 6 "%s\n%s" (process-exit-status p) (buffer-string)) +      (prog1 +	  (zerop (process-exit-status p)) +	(delete-process p))))) + +(defun tramp-sudoedit-send-command-and-read (vec &rest args) +  "Run command ARGS and return the output, which must be a Lisp expression. +In case there is no valid Lisp expression, it raises an error." +  (when (apply 'tramp-sudoedit-send-command vec args) +    (with-current-buffer (tramp-get-connection-buffer vec) +      ;; Replace stat marker. +      (goto-char (point-min)) +      (when (search-forward tramp-stat-marker nil t) +	(goto-char (point-min)) +	(while (search-forward "\"" nil t) +	  (replace-match "\\\"" nil 'literal)) +	(goto-char (point-min)) +	(while (search-forward tramp-stat-marker nil t) +	  (replace-match "\""))) +      ;; Read the expression. +      (tramp-message vec 6 "\n%s" (buffer-string)) +      (goto-char (point-min)) +      (condition-case nil +	  (prog1 (read (current-buffer)) +	    ;; Error handling. +	    (when (re-search-forward "\\S-" (point-at-eol) t) +	      (error nil))) +	(error (tramp-error +		vec 'file-error +		"`%s' does not return a valid Lisp expression: `%s'" +		(car args) (buffer-string))))))) + +(defun tramp-sudoedit-send-command-string (vec &rest args) +  "Run command ARGS and return the output as astring." +  (when (apply 'tramp-sudoedit-send-command vec args) +    (with-current-buffer (tramp-get-connection-buffer vec) +      (tramp-message vec 6 "\n%s" (buffer-string)) +      (goto-char (point-max)) +      ;(delete-blank-lines) +      (while (looking-back "[ \t\n]+" nil 'greedy) +	(delete-region (match-beginning 0) (point))) +      (when (> (point-max) (point-min)) +	(substring-no-properties (buffer-string)))))) + +(add-hook 'tramp-unload-hook +	  (lambda () +	    (unload-feature 'tramp-sudoedit 'force))) + +(provide 'tramp-sudoedit) + +;;; TODO: + +;; * Fix *-selinux functions.  Likely, this is due to wrong file +;;   ownership after `write-region' and/or `copy-file'. + +;;; tramp-sudoedit.el ends here diff --git a/lisp/net/tramp.el b/lisp/net/tramp.el index a44abfdcbbd..a1514f85a32 100644 --- a/lisp/net/tramp.el +++ b/lisp/net/tramp.el @@ -2234,7 +2234,9 @@ ARGS are the arguments OPERATION has been called with."  	      ;; Emacs 26+ only.  	      file-name-case-insensitive-p  	      ;; Emacs 27+ only. -	      file-system-info)) +	      file-system-info +	      ;; Tramp internal magic file name function. +	      tramp-set-file-uid-gid))      (if (file-name-absolute-p (nth 0 args))  	(nth 0 args)        default-directory)) @@ -4329,24 +4331,49 @@ This is used internally by `tramp-file-mode-from-int'."  		(and suid (upcase suid-text)) ; suid, !execute  		(and x "x") "-"))))	; !suid +;; This is a Tramp internal function.  A general `set-file-uid-gid' +;; outside Tramp is not needed, I believe. +(defun tramp-set-file-uid-gid (filename &optional uid gid) +  "Set the ownership for FILENAME. +If UID and GID are provided, these values are used; otherwise uid +and gid of the corresponding remote or local user is taken, +depending whether FILENAME is remote or local.  Both parameters +must be non-negative integers. +If FILENAME is remote, a file name handler is called." +  (let ((handler (find-file-name-handler filename 'tramp-set-file-uid-gid))) +    (if handler +	(funcall handler 'tramp-set-file-uid-gid filename uid gid) +      ;; On W32 "chown" does not work. +      (unless (memq system-type '(ms-dos windows-nt)) +	(let ((uid (or (and (natnump uid) uid) (tramp-get-local-uid 'integer))) +	      (gid (or (and (natnump gid) gid) (tramp-get-local-gid 'integer)))) +	  (tramp-call-process +	   nil "chown" nil nil nil +	   (format "%d:%d" uid gid) (shell-quote-argument filename))))))) +  ;;;###tramp-autoload  (defun tramp-get-local-uid (id-format)    "The uid of the local user, in ID-FORMAT.  ID-FORMAT valid values are `string' and `integer'." -  (if (equal id-format 'integer) (user-uid) (user-login-name))) +  ;; We use key nil for local connection properties. +  (with-tramp-connection-property nil (format "uid-%s" id-format) +    (if (equal id-format 'integer) (user-uid) (user-login-name))))  ;;;###tramp-autoload  (defun tramp-get-local-gid (id-format)    "The gid of the local user, in ID-FORMAT.  ID-FORMAT valid values are `string' and `integer'." -  (cond -   ;; `group-gid' has been introduced with Emacs 24.4. -   ((and (fboundp 'group-gid) (equal id-format 'integer)) -    (tramp-compat-funcall 'group-gid)) -   ;; `group-name' has been introduced with Emacs 27.1. -   ((and (fboundp 'group-name) (equal id-format 'string)) -    (tramp-compat-funcall 'group-name (tramp-compat-funcall 'group-gid))) -   ((tramp-compat-file-attribute-group-id (file-attributes "~/" id-format))))) +  ;; We use key nil for local connection properties. +  (with-tramp-connection-property nil (format "gid-%s" id-format) +    (cond +     ;; `group-gid' has been introduced with Emacs 24.4. +     ((and (fboundp 'group-gid) (equal id-format 'integer)) +      (tramp-compat-funcall 'group-gid)) +     ;; `group-name' has been introduced with Emacs 27.1. +     ((and (fboundp 'group-name) (equal id-format 'string)) +      (tramp-compat-funcall 'group-name (tramp-compat-funcall 'group-gid))) +     ((tramp-compat-file-attribute-group-id +       (file-attributes "~/" id-format))))))  (defun tramp-get-local-locale (&optional vec)    "Determine locale, supporting UTF8 if possible. diff --git a/test/lisp/net/tramp-tests.el b/test/lisp/net/tramp-tests.el index d68804a1c4e..056b6ce8360 100644 --- a/test/lisp/net/tramp-tests.el +++ b/test/lisp/net/tramp-tests.el @@ -3009,7 +3009,7 @@ This tests also `file-readable-p', `file-regular-p' and    "Check `file-modes'.  This tests also `file-executable-p', `file-writable-p' and `set-file-modes'."    (skip-unless (tramp--test-enabled)) -  (skip-unless (tramp--test-sh-p)) +  (skip-unless (or (tramp--test-sh-p) (tramp--test-sudoedit-p)))    (dolist (quoted (if (tramp--test-expensive-test) '(nil t) '(nil)))      (let ((tmp-name (tramp--test-make-temp-name nil quoted))) @@ -3309,7 +3309,8 @@ This tests also `make-symbolic-link', `file-truename' and `add-name-to-file'."  (ert-deftest tramp-test22-file-times ()    "Check `set-file-times' and `file-newer-than-file-p'."    (skip-unless (tramp--test-enabled)) -  (skip-unless (or (tramp--test-adb-p) (tramp--test-sh-p))) +  (skip-unless +   (or (tramp--test-adb-p) (tramp--test-sh-p) (tramp--test-sudoedit-p)))    (dolist (quoted (if (tramp--test-expensive-test) '(nil t) '(nil)))      (let ((tmp-name1 (tramp--test-make-temp-name nil quoted)) @@ -4567,6 +4568,10 @@ This does not support special file names."     (tramp-find-foreign-file-name-handler tramp-test-temporary-file-directory)     'tramp-sh-file-name-handler)) +(defun tramp--test-sudoedit-p () +  "Check, whether the sudoedit method is used." +  (tramp-sudoedit-file-name-p tramp-test-temporary-file-directory)) +  (defun tramp--test-windows-nt ()    "Check, whether the locale host runs MS Windows."    (eq system-type 'windows-nt)) @@ -4761,6 +4766,7 @@ This requires restrictions of file name syntax."  	 (list  	  (if (or (tramp--test-gvfs-p)  		  (tramp--test-rclone-p) +		  (tramp--test-sudoedit-p)  		  (tramp--test-windows-nt-or-smb-p))  	      "foo bar baz"  	    (if (or (tramp--test-adb-p) | 
