Hey Francesco, Here is the code you are seeking. Feel free to send me a personal email if you need more help.
#!/home/jordon/.ruby/1.9.3p125/bin/ruby # Here it is in gist form: https://gist.github.com/2040324 $stdin.each.each { |line| $stdout.puts "Item: #{line}" } $stdin = IO.new(IO.sysopen('/dev/tty', 'r'), 'r') $stdout.print 'What is your name: ' $stdout.puts 'Well, hello there ' + $stdin.gets.chomp + ', it certainly is nice to meet you.' ------ jordon@envygeeks:~ % su -c "cat input.txt | ./test.rb" Password: Item: one Item: two Item: three What is your name: Jordon Well, hello there Jordon, it certainly is nice to meet you. On Wed, Mar 14, 2012 at 5:21 PM, Francesco Poli <[email protected]> wrote: > Hello everybody, > this is a sort of call for help. > > Warning! I am *not* subscribed to the debian-ruby list, hence, > please Cc: me on replies. Thanks! > > > As some of you may remember (from a previous thread [1]), I am one of > the two co-maintainers of apt-listbugs. > Two bugs have been recently reported for apt-listbugs [2], both caused > by a recent security fix for su [3] that disabled the possibility to > open /dev/tty for the child process of su -c "command" . > > [1] http://lists.debian.org/debian-ruby/2012/01/msg00025.html > [2] if you have time and want to read more details, the two bugs > are #662865 and #662983 > [3] see #628843 for more details > > I tried to think of a way to address these issues by only modifying > apt-listbugs, but I am in trouble... Hence I am here asking for ideas > to people more knowledgeable than me about Ruby. > > The most general issue is that apt-listbugs needs to perform the > following steps (when run in "apt" mode): > > * first it reads some input through its STDIN, through a pipe > > * when this input ends (EOF), apt-listbugs needs to be able to become > interactive and ask questions to the user, and get answers from STDIN, > and possibly also run a web browser (that could be a textual browser, > depending on the user preferences) and let the user interact with the > browser > > Currently, apt-listbugs does all this by opening "/dev/tty", after the > input ends. > This no longer works, when apt-listbugs is invoked inside an su -c > "command" , due to the above-cited security fix. > > > So, the main problem seems to be reproducible with the following minimal > test (so short and essential, that I don't think it is covered by > copyright: hence, please use, copy, modify, and redistribute freely!) > > > $ cat input.txt > one > two > three > $ cat test.rb > #!/usr/bin/ruby > > STDIN.each { |line| > puts "item: #{line}" > # do many other things... > } > > tty = open("/dev/tty", "r") > > print "Enter something: " > ans = tty.gets.chomp > puts "You entered \"#{ans}\"" > # do many more things... > puts "Bye!" > $ cat input.txt | ./test.rb > item: one > item: two > item: three > Enter something: yeah! > You entered "yeah!" > Bye! > $ su -c "cat input.txt | ./test.rb" > Password: > item: one > item: two > item: three > ./test.rb:8:in `initialize': No such device or address - /dev/tty > (Errno::ENXIO) > from ./test.rb:8:in `open' > from ./test.rb:8 > > > The question is: is there a way to achieve this result, without being > limited by the above-cited security fix, so that the last command may > work as well? > > Any idea or suggestion? > Unfortunately, I haven't found much documentation about this kind of > tricks in Ruby... > I would greatly appreciate your help. > > Thanks for your time. > > > -- > http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt > New GnuPG key, see the transition document! > ..................................................... Francesco Poli . > GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
