[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
master b43c31d2f50: New Tramp method "run0"
|
From: |
Michael Albinus |
|
Subject: |
master b43c31d2f50: New Tramp method "run0" |
|
Date: |
Sat, 11 May 2024 04:03:58 -0400 (EDT) |
branch: master
commit b43c31d2f50dc71680dfd62412ce9b9afb6c65a4
Author: Michael Albinus <michael.albinus@gmx.de>
Commit: Michael Albinus <michael.albinus@gmx.de>
New Tramp method "run0"
* doc/misc/tramp.texi (Quick Start Guide, Inline methods)
(Password handling, Predefined connection information)
(Ad-hoc multi-hops): Add "run0".
(Remote processes): Mention tramp-use-connection-share.
* etc/NEWS: New Tramp method "run0".
* lisp/net/tramp.el (tramp-completion-dissect-file-name):
* lisp/net/tramp-cmds.el (tramp-list-remote-buffers):
* lisp/net/tramp-smb.el (tramp-smb-handle-insert-directory):
Use `tramp-compat-keep-seq'.
* lisp/net/tramp-cmds.el (tramp-file-name-with-method): Add "run0".
* lisp/net/tramp-sh.el (tramp-enable-run0-method): New defun.
(tramp-sh-handle-expand-file-name): Add "run0".
(tramp-maybe-open-connection): Simplify setting timeout.
---
doc/misc/tramp.texi | 59 +++++++++++++++++++++++++++++++++-----------------
etc/NEWS | 5 +++++
lisp/net/tramp-cmds.el | 11 +++++-----
lisp/net/tramp-sh.el | 29 ++++++++++++++++++++-----
lisp/net/tramp-smb.el | 6 ++---
lisp/net/tramp.el | 28 +++++++++++-------------
6 files changed, 87 insertions(+), 51 deletions(-)
diff --git a/doc/misc/tramp.texi b/doc/misc/tramp.texi
index 2b0a982e7f9..6c36429fb79 100644
--- a/doc/misc/tramp.texi
+++ b/doc/misc/tramp.texi
@@ -489,14 +489,16 @@ an @command{ssh} server:
@file{@trampfn{plink,user@@host,/path/to/file}}.
-@anchor{Quick Start Guide su, sudo, doas, androidsu and sg methods}
-@section Using @option{su}, @option{sudo}, @option{doas}, @option{androidsu}
and @option{sg}
+@anchor{Quick Start Guide su, sudo, doas, run0, androidsu and sg methods}
+@section Using @option{su}, @option{sudo}, @option{doas}, @option{run0},
@option{androidsu} and @option{sg}
@cindex method @option{su}
@cindex @option{su} method
@cindex method @option{sudo}
@cindex @option{sudo} method
@cindex method @option{doas}
@cindex @option{doas} method
+@cindex method @option{run0}
+@cindex @option{run0} method
@cindex method @option{androidsu}
@cindex @option{androidsu} method
@cindex method @option{sg}
@@ -504,9 +506,11 @@ an @command{ssh} server:
Sometimes, it is necessary to work on your local host under different
permissions. For this, you can use the @option{su} or @option{sudo}
-connection method. On OpenBSD systems, the @option{doas} connection
-method offers the same functionality. If your local system is
-Android, use the method @option{androidsu} instead of @option{su}.
+connection method. If your system is @code{systemd}-based, there is
+the @option{run0} connection method. On OpenBSD systems, the
+@option{doas} connection method offers the same functionality. If
+your local system is Android, use the method @option{androidsu}
+instead of @option{su}.
These methods use @samp{root} as default user name and the return
value of @code{(system-name)} as default host name. Therefore, it is
@@ -516,8 +520,8 @@ The method @option{sg} stands for ``switch group''; here
the user name
is used as the group to change to. The default host name is the same.
-@anchor{Quick Start Guide Combining ssh, plink, su, sudo and doas methods}
-@section Combining @option{ssh} or @option{plink} with @option{su},
@option{sudo} or @option{doas}
+@anchor{Quick Start Guide Combining ssh, plink, su, sudo, doas and run0
methods}
+@section Combining @option{ssh} or @option{plink} with @option{su},
@option{sudo}, @option{doas} or @option{run0}
@cindex method @option{ssh}
@cindex @option{ssh} method
@cindex method @option{plink}
@@ -528,13 +532,15 @@ is used as the group to change to. The default host name
is the same.
@cindex @option{sudo} method
@cindex method @option{doas}
@cindex @option{doas} method
-
-If the @option{su}, @option{sudo} or @option{doas} option should be
-performed on another host, it can be combined with a leading
-@option{ssh} or @option{plink} option. That means that @value{tramp}
-connects first to the other host with non-administrative credentials,
-and changes to administrative credentials on that host afterwards. In
-a simple case, the syntax looks like
+@cindex method @option{run0}
+@cindex @option{run0} method
+
+If the @option{su}, @option{sudo}, @option{doas} or @option{run0}
+method should be performed on another host, it can be combined with a
+leading @option{ssh} or @option{plink} method. That means that
+@value{tramp} connects first to the other host with non-administrative
+credentials, and changes to administrative credentials on that host
+afterwards. In a simple case, the syntax looks like
@file{@trampfn{ssh@value{postfixhop}user@@host|sudo,,/path/to/file}}.
@xref{Ad-hoc multi-hops}.
@@ -882,6 +888,16 @@ This method is used on OpenBSD like the @command{sudo}
command. Like
the @option{sudo} method, a @option{doas} connection is disabled after
a predefined timeout.
+@item @option{run0}
+@cindex method @option{run0}
+@cindex @option{run0} method
+
+This method is used on @code{systemd}-based hosts. Internally, it
+uses the @code{systemd-run} command. A @option{run0} connection is
+disabled after a predefined timeout as well.
+
+This is an optional method, @ref{Optional methods}.
+
@item @option{sg}
@cindex method @option{sg}
@cindex @option{sg} method
@@ -2104,8 +2120,9 @@ machine melancholia#4711 port davs login daniel%BIZARRE
password geheim
For the methods @option{doas}, @option{sudo} and @option{sudoedit} the
password of the user requesting the connection is needed, and not the
-password of the target user. If these connections happen on the local
-host, an entry with the local user and local host is used:
+password of the target user@footnote{On the local host, @code{run0}
+uses a graphical password agent.}. If these connections happen on the
+local host, an entry with the local user and local host is used:
@example
machine @var{host} port sudo login @var{user} password secret
@@ -2278,8 +2295,8 @@ All @file{tramp-sh.el} based methods accept the property
@t{"session-timeout"}. This is the time (in seconds) after a
connection is disabled for security reasons, and must be
reestablished. A value of @code{nil} disables this feature. Most of
-the methods do not set this property except the @option{sudo} and
-@option{doas} methods, which use predefined values.
+the methods do not set this property except the @option{sudo},
+@option{doas} and @option{run0} methods, which use predefined values.
@item @t{"~"}@*
@t{"~user"}
@@ -3815,7 +3832,7 @@ The buffer must either visit a file, or a directory
@defopt tramp-file-name-with-method
The method @code{tramp-revert-buffer-with-sudo} shows an alternate
buffer. It defaults to @code{sudo}, other valid methods are
-@code{su}, @code{doas}, and @code{ksu}.
+@code{su}, @code{doas}, @code{run0}, and @code{ksu}.
@lisp
(customize-set-variable 'tramp-file-name-with-method "doas")
@@ -4056,7 +4073,9 @@ here will not work as expected.
@vindex ForwardX11Trusted@r{, ssh option}
An alternate approach is specify @option{ForwardX11 yes} or
@option{ForwardX11Trusted yes} in @file{~/.ssh/config} on the local
-host.
+host. Furthermore, set @code{tramp-use-connection-share} to
+@code{nil} (@pxref{Using ssh connection sharing}), in order to avoid
+unwanted side effects.
@subsection Running @code{shell} on a remote host
diff --git a/etc/NEWS b/etc/NEWS
index bd68cd6d751..846bf759995 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -1069,6 +1069,11 @@ This provides access to system files with elevated
privileges granted by
the idiosyncratic 'su' implementations and system utilities customary on
Android.
++++
+*** New optional connection method "run0".
+This connection method is similar to "sudo", but it uses the
+'systemd-run' program internally.
+
+++
*** New connection methods "dockercp" and "podmancp".
These are the external methods counterparts of "docker" and "podman".
diff --git a/lisp/net/tramp-cmds.el b/lisp/net/tramp-cmds.el
index f381c2e9ff0..6cd856c10e5 100644
--- a/lisp/net/tramp-cmds.el
+++ b/lisp/net/tramp-cmds.el
@@ -70,12 +70,10 @@ SYNTAX can be one of the symbols `default' (default),
;;;###tramp-autoload
(defun tramp-list-remote-buffers ()
"Return a list of all buffers with remote `default-directory'."
- (delq
- nil
- (mapcar
- (lambda (x)
- (when (tramp-tramp-file-p (tramp-get-default-directory x)) x))
- (buffer-list))))
+ (tramp-compat-seq-keep
+ (lambda (x)
+ (when (tramp-tramp-file-p (tramp-get-default-directory x)) x))
+ (buffer-list)))
;;; Cleanup
@@ -567,6 +565,7 @@ For details, see `tramp-rename-files'."
:type '(choice (const "su")
(const "sudo")
(const "doas")
+ (const "run0")
(const "ksu")))
(defun tramp-file-name-with-sudo (filename)
diff --git a/lisp/net/tramp-sh.el b/lisp/net/tramp-sh.el
index 408e1611632..b79b55ee2cc 100644
--- a/lisp/net/tramp-sh.el
+++ b/lisp/net/tramp-sh.el
@@ -501,6 +501,24 @@ The string is used in `tramp-methods'.")
(tramp-set-completion-function "nc" tramp-completion-function-alist-telnet))
+;;;###tramp-autoload
+(defun tramp-enable-run0-method ()
+ "Enable \"run0\" method."
+ (add-to-list 'tramp-methods
+ `("run0"
+ (tramp-login-program "systemd-run")
+ (tramp-login-args (("--uid" "%u") ("-t") ("%l")))
+ (tramp-remote-shell ,tramp-default-remote-shell)
+ (tramp-remote-shell-args ("-c"))
+ (tramp-connection-timeout 10)
+ (tramp-session-timeout 300)
+ (tramp-password-previous-hop t)))
+
+ (add-to-list 'tramp-default-user-alist
+ `(,(rx bos "run0" eos) nil ,tramp-root-id-string))
+
+ (tramp-set-completion-function "run0" tramp-completion-function-alist-su))
+
;;;###tramp-autoload
(defun tramp-enable-ksu-method ()
"Enable \"ksu\" method."
@@ -2902,7 +2920,7 @@ the result will be a local, non-Tramp, file name."
;; use a user name from the config file.
(when (and (tramp-string-empty-or-nil-p uname)
(string-match-p
- (rx bos (| "su" "sudo" "doas" "ksu") eos) method))
+ (rx bos (| "su" "sudo" "doas" "run0" "ksu") eos)
method))
(setq uname user))
(when (setq hname (tramp-get-home-directory v uname))
(setq localname (concat hname fname)))))
@@ -5377,12 +5395,11 @@ connection if a previous connection has died for some
reason."
:host l-host :port l-port)))
;; Set session timeout.
- (when (tramp-get-method-parameter
- hop 'tramp-session-timeout)
+ (when-let ((timeout
+ (tramp-get-method-parameter
+ hop 'tramp-session-timeout)))
(tramp-set-connection-property
- p "session-timeout"
- (tramp-get-method-parameter
- hop 'tramp-session-timeout)))
+ p "session-timeout" timeout))
;; Replace `login-args' place holders.
(setq
diff --git a/lisp/net/tramp-smb.el b/lisp/net/tramp-smb.el
index 3616cad2fb3..a51b2b904ec 100644
--- a/lisp/net/tramp-smb.el
+++ b/lisp/net/tramp-smb.el
@@ -1068,17 +1068,15 @@ PRESERVE-UID-GID and PRESERVE-EXTENDED-ATTRIBUTES are
completely ignored."
;; Filter entries.
(setq entries
- (delq
- nil
(if (or wildcard (string-empty-p base))
;; Check for matching entries.
- (mapcar
+ (tramp-compat-seq-keep
(lambda (x)
(when (string-match-p (rx bol (literal base)) (nth 0 x))
x))
entries)
;; We just need the only and only entry FILENAME.
- (list (assoc base entries)))))
+ (list (assoc base entries))))
;; Sort entries.
(setq entries
diff --git a/lisp/net/tramp.el b/lisp/net/tramp.el
index f92a7ff14d4..02a493f0a78 100644
--- a/lisp/net/tramp.el
+++ b/lisp/net/tramp.el
@@ -2978,17 +2978,15 @@ They are collected by
`tramp-completion-dissect-file-name1'."
(regexp tramp-prefix-ipv6-regexp)
(group (? (regexp tramp-ipv6-regexp))) eol)
1 2 3 nil)))
- (delq
- nil
- (mapcar
- (lambda (structure) (tramp-completion-dissect-file-name1 structure name))
- (list
- tramp-completion-file-name-structure1
- tramp-completion-file-name-structure2
- tramp-completion-file-name-structure3
- tramp-completion-file-name-structure4
- tramp-completion-file-name-structure5
- tramp-completion-file-name-structure6)))))
+ (tramp-compat-seq-keep
+ (lambda (structure) (tramp-completion-dissect-file-name1 structure name))
+ (list
+ tramp-completion-file-name-structure1
+ tramp-completion-file-name-structure2
+ tramp-completion-file-name-structure3
+ tramp-completion-file-name-structure4
+ tramp-completion-file-name-structure5
+ tramp-completion-file-name-structure6))))
(defun tramp-completion-dissect-file-name1 (structure name)
"Return a `tramp-file-name' structure for NAME matching STRUCTURE.
@@ -4777,10 +4775,10 @@ Do not set it manually, it is used buffer-local in
`tramp-get-lock-pid'.")
vec "Method `%s' is not supported for multi-hops"
(tramp-file-name-method item)))))
- ;; Some methods ("su", "sg", "sudo", "doas", "ksu") do not use the
- ;; host name in their command template. In this case, the remote
- ;; file name must use either a local host name (first hop), or a
- ;; host name matching the previous hop.
+ ;; Some methods ("su", "sg", "sudo", "doas", "run0", "ksu") do not
+ ;; use the host name in their command template. In this case, the
+ ;; remote file name must use either a local host name (first hop),
+ ;; or a host name matching the previous hop.
(let ((previous-host (or tramp-local-host-regexp "")))
(setq choices target-alist)
(while (setq item (pop choices))
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- master b43c31d2f50: New Tramp method "run0",
Michael Albinus <=