| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_515567355C0AA854BDA68C3A219A18040B0A@qq.com>
Date: Wed, 12 Feb 2025 18:14:30 +0800
From: Rong Tao <rtoax@...mail.com>
To: qmo@...nel.org,
ast@...nel.org,
daniel@...earbox.net,
andrii@...nel.org
Cc: rongtao@...t.ccn,
rtoax@...mail.com,
Rong Tao <rongtao@...tc.cn>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Eduard Zingerman <eddyz87@...il.com>,
Song Liu <song@...nel.org>,
Yonghong Song <yonghong.song@...ux.dev>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Stanislav Fomichev <sdf@...ichev.me>,
Hao Luo <haoluo@...gle.com>,
Jiri Olsa <jolsa@...nel.org>,
Tao Chen <chen.dylane@...il.com>,
Mykyta Yatsenko <yatsenko@...a.com>,
Daniel Xu <dxu@...uu.xyz>,
bpf@...r.kernel.org (open list:BPF [TOOLING] (bpftool)),
linux-kernel@...r.kernel.org (open list)
Subject: [PATCH bpf-next] bpftool: bash-completion: Add nopasswd sudo prefix for bpftool
From: Rong Tao <rongtao@...tc.cn>
In the bpftool script of bash-completion, many bpftool commands require
superuser privileges to execute. Otherwise, Operation not permission will
be displayed. Here, we check whether ordinary users are exempt from
entering the sudo password. If so, we need to add the sudo prefix to the
bpftool command to be executed. In this way, we can obtain the correct
command completion content instead of the wrong one.
For example, when updating array_of_maps, the wrong 'hex' is completed:
$ sudo bpftool map update name arr_maps key 0 0 0 0 value [tab]
$ sudo bpftool map update name arr_maps key 0 0 0 0 value hex
However, what we need is "id name pinned". Similarly, there is the same
problem in getting the map 'name' and 'id':
$ sudo bpftool map show name [tab] < get nothing
$ sudo bpftool map show id [tab] < get nothing
This commit fixes the issue.
$ sudo bpftool map update name arr_maps key 0 0 0 0 value [tab]
id name pinned
$ sudo bpftool map show name
arr_maps cgroup_hash inner_arr1 inner_arr2
$ sudo bpftool map show id
11 1383 4091 4096
Signed-off-by: Rong Tao <rongtao@...tc.cn>
---
tools/bpf/bpftool/bash-completion/bpftool | 29 +++++++++++++++--------
1 file changed, 19 insertions(+), 10 deletions(-)
diff --git a/tools/bpf/bpftool/bash-completion/bpftool b/tools/bpf/bpftool/bash-completion/bpftool
index 1ce409a6cbd9..25fb859cdfa4 100644
--- a/tools/bpf/bpftool/bash-completion/bpftool
+++ b/tools/bpf/bpftool/bash-completion/bpftool
@@ -5,6 +5,15 @@
#
# Author: Quentin Monnet <quentin.monnet@...ronome.com>
+# In the bpftool script of bash-completion, many bpftool commands require
+# superuser privileges to be executed. Otherwise, EPERM will occur. Here,
+# it is detected whether ordinary users are exempt from sudo passwords. If
+# so, it is necessary to add the "sudo" prefix to the required bpftool
+# command execution.
+if sudo --non-interactive true 2>/dev/null; then
+ _sudo=sudo
+fi
+
# Takes a list of words in argument; each one of them is added to COMPREPLY if
# it is not already present on the command line. Returns no value.
_bpftool_once_attr()
@@ -46,7 +55,7 @@ _bpftool_one_of_list()
_bpftool_get_map_ids()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp map 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp map 2>&1 | \
command sed -n 's/.*"id": \(.*\),$/\1/p' )" -- "$cur" ) )
}
@@ -54,14 +63,14 @@ _bpftool_get_map_ids()
_bpftool_get_map_ids_for_type()
{
local type="$1"
- COMPREPLY+=( $( compgen -W "$( bpftool -jp map 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp map 2>&1 | \
command grep -C2 "$type" | \
command sed -n 's/.*"id": \(.*\),$/\1/p' )" -- "$cur" ) )
}
_bpftool_get_map_names()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp map 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp map 2>&1 | \
command sed -n 's/.*"name": \(.*\),$/\1/p' )" -- "$cur" ) )
}
@@ -69,38 +78,38 @@ _bpftool_get_map_names()
_bpftool_get_map_names_for_type()
{
local type="$1"
- COMPREPLY+=( $( compgen -W "$( bpftool -jp map 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp map 2>&1 | \
command grep -C2 "$type" | \
command sed -n 's/.*"name": \(.*\),$/\1/p' )" -- "$cur" ) )
}
_bpftool_get_prog_ids()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp prog 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp prog 2>&1 | \
command sed -n 's/.*"id": \(.*\),$/\1/p' )" -- "$cur" ) )
}
_bpftool_get_prog_tags()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp prog 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp prog 2>&1 | \
command sed -n 's/.*"tag": "\(.*\)",$/\1/p' )" -- "$cur" ) )
}
_bpftool_get_prog_names()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp prog 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp prog 2>&1 | \
command sed -n 's/.*"name": "\(.*\)",$/\1/p' )" -- "$cur" ) )
}
_bpftool_get_btf_ids()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp btf 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp btf 2>&1 | \
command sed -n 's/.*"id": \(.*\),$/\1/p' )" -- "$cur" ) )
}
_bpftool_get_link_ids()
{
- COMPREPLY+=( $( compgen -W "$( bpftool -jp link 2>&1 | \
+ COMPREPLY+=( $( compgen -W "$( ${_sudo} bpftool -jp link 2>&1 | \
command sed -n 's/.*"id": \(.*\),$/\1/p' )" -- "$cur" ) )
}
@@ -156,7 +165,7 @@ _bpftool_map_guess_map_type()
[[ -z $ref ]] && return 0
local type
- type=$(bpftool -jp map show $keyword $ref | \
+ type=$(${_sudo} bpftool -jp map show $keyword $ref | \
command sed -n 's/.*"type": "\(.*\)",$/\1/p')
[[ -n $type ]] && printf $type
}
--
2.48.1
Powered by blists - more mailing lists