On Tue, Feb 14, 2017 at 02:56:01PM -0500, Ted Unangst wrote: > Paul de Weerd wrote: > > Well, in my case I can simply not use doas -n and ensure my script > > works without prompting for passwords more than once (which is what I > > care about). However, I have to say that doas works great in > > scripting setups: it asks for a password once and then all subsequent > > invocations of doas do not. Once the script ends, the process group > > is gone and with it, the persist ticket. So, yeah, persist works > > great for scripting. > > I must admit this usage is kind of strange, but that doesn't mean bad. > Unexpected though. :) > > However, do you need to use -n in this case? You've set things up so that the > first invocation asks for a password and then it relies on persist throughout. > So leave off of the -n?
Hmmmm, isn't that a big race condition? What if the script takes longer than the persists time? > > Maybe I will think about this some more. The current design, where -n > overrides persist, was deliberate. So it's not a "bug", but perhaps a wrong > decision. I just don't want anyone to rush to fix it.
