procyberian/emacs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

New Tramp method "run0"

Browse source 
* doc/misc/tramp.texi (Quick Start Guide, Inline methods)
(Password handling, Predefined connection information)
(Ad-hoc multi-hops): Add "run0".
(Remote processes): Mention tramp-use-connection-share.

* etc/NEWS: New Tramp method "run0".

* lisp/net/tramp.el (tramp-completion-dissect-file-name):
* lisp/net/tramp-cmds.el (tramp-list-remote-buffers):
* lisp/net/tramp-smb.el (tramp-smb-handle-insert-directory):
Use `tramp-compat-keep-seq'.

* lisp/net/tramp-cmds.el (tramp-file-name-with-method): Add "run0".

* lisp/net/tramp-sh.el (tramp-enable-run0-method): New defun.
(tramp-sh-handle-expand-file-name): Add "run0".
(tramp-maybe-open-connection): Simplify setting timeout.
This commit is contained in:
Michael Albinus 2024-05-11 10:03:45 +02:00
parent 1c4b1ce8fa
commit b43c31d2f5
6 changed files with 86 additions and 50 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
doc/misc/tramp.texi
View file

@ -489,14 +489,16 @@ an @command{ssh} server:
@file{@trampfn{plink,user@@host,/path/to/file}}.
@anchor{Quick Start Guide su, sudo, doas, androidsu and sg methods}
@section Using @option{su}, @option{sudo}, @option{doas}, @option{androidsu} and @option{sg}
@anchor{Quick Start Guide su, sudo, doas, run0, androidsu and sg methods}
@section Using @option{su}, @option{sudo}, @option{doas}, @option{run0}, @option{androidsu} and @option{sg}
@cindex method @option{su}
@cindex @option{su} method
@cindex method @option{sudo}
@cindex @option{sudo} method
@cindex method @option{doas}
@cindex @option{doas} method
@cindex method @option{run0}
@cindex @option{run0} method
@cindex method @option{androidsu}
@cindex @option{androidsu} method
@cindex method @option{sg}
@ -504,9 +506,11 @@ an @command{ssh} server:
Sometimes, it is necessary to work on your local host under different
permissions. For this, you can use the @option{su} or @option{sudo}
connection method. On OpenBSD systems, the @option{doas} connection
method offers the same functionality. If your local system is
Android, use the method @option{androidsu} instead of @option{su}.
connection method. If your system is @code{systemd}-based, there is
the @option{run0} connection method. On OpenBSD systems, the
@option{doas} connection method offers the same functionality. If
your local system is Android, use the method @option{androidsu}
instead of @option{su}.
These methods use @samp{root} as default user name and the return
value of @code{(system-name)} as default host name. Therefore, it is
@ -516,8 +520,8 @@ The method @option{sg} stands for ``switch group''; here the user name
is used as the group to change to. The default host name is the same.
@anchor{Quick Start Guide Combining ssh, plink, su, sudo and doas methods}
@section Combining @option{ssh} or @option{plink} with @option{su}, @option{sudo} or @option{doas}
@anchor{Quick Start Guide Combining ssh, plink, su, sudo, doas and run0 methods}
@section Combining @option{ssh} or @option{plink} with @option{su}, @option{sudo}, @option{doas} or @option{run0}
@cindex method @option{ssh}
@cindex @option{ssh} method
@cindex method @option{plink}
@ -528,13 +532,15 @@ is used as the group to change to. The default host name is the same.
@cindex @option{sudo} method
@cindex method @option{doas}
@cindex @option{doas} method
@cindex method @option{run0}
@cindex @option{run0} method
If the @option{su}, @option{sudo} or @option{doas} option should be
performed on another host, it can be combined with a leading
@option{ssh} or @option{plink} option. That means that @value{tramp}
connects first to the other host with non-administrative credentials,
and changes to administrative credentials on that host afterwards. In
a simple case, the syntax looks like
If the @option{su}, @option{sudo}, @option{doas} or @option{run0}
method should be performed on another host, it can be combined with a
leading @option{ssh} or @option{plink} method. That means that
@value{tramp} connects first to the other host with non-administrative
credentials, and changes to administrative credentials on that host
afterwards. In a simple case, the syntax looks like
@file{@trampfn{ssh@value{postfixhop}user@@host|sudo,,/path/to/file}}.
@xref{Ad-hoc multi-hops}.
@ -882,6 +888,16 @@ This method is used on OpenBSD like the @command{sudo} command. Like
the @option{sudo} method, a @option{doas} connection is disabled after
a predefined timeout.
@item @option{run0}
@cindex method @option{run0}
@cindex @option{run0} method
This method is used on @code{systemd}-based hosts. Internally, it
uses the @code{systemd-run} command. A @option{run0} connection is
disabled after a predefined timeout as well.
This is an optional method, @ref{Optional methods}.
@item @option{sg}
@cindex method @option{sg}
@cindex @option{sg} method
@ -2104,8 +2120,9 @@ machine melancholia#4711 port davs login daniel%BIZARRE password geheim
For the methods @option{doas}, @option{sudo} and @option{sudoedit} the
password of the user requesting the connection is needed, and not the
password of the target user. If these connections happen on the local
host, an entry with the local user and local host is used:
password of the target user@footnote{On the local host, @code{run0}
uses a graphical password agent.}. If these connections happen on the
local host, an entry with the local user and local host is used:
@example
machine @var{host} port sudo login @var{user} password secret
@ -2278,8 +2295,8 @@ All @file{tramp-sh.el} based methods accept the property
@t{"session-timeout"}. This is the time (in seconds) after a
connection is disabled for security reasons, and must be
reestablished. A value of @code{nil} disables this feature. Most of
the methods do not set this property except the @option{sudo} and
@option{doas} methods, which use predefined values.
the methods do not set this property except the @option{sudo},
@option{doas} and @option{run0} methods, which use predefined values.
@item @t{"~"}@*
@t{"~user"}
@ -3815,7 +3832,7 @@ The buffer must either visit a file, or a directory
@defopt tramp-file-name-with-method
The method @code{tramp-revert-buffer-with-sudo} shows an alternate
buffer. It defaults to @code{sudo}, other valid methods are
@code{su}, @code{doas}, and @code{ksu}.
@code{su}, @code{doas}, @code{run0}, and @code{ksu}.
@lisp
(customize-set-variable 'tramp-file-name-with-method "doas")
@ -4056,7 +4073,9 @@ here will not work as expected.
@vindex ForwardX11Trusted@r{, ssh option}
An alternate approach is specify @option{ForwardX11 yes} or
@option{ForwardX11Trusted yes} in @file{~/.ssh/config} on the local
host.
host. Furthermore, set @code{tramp-use-connection-share} to
@code{nil} (@pxref{Using ssh connection sharing}), in order to avoid
unwanted side effects.
@subsection Running @code{shell} on a remote host

5
etc/NEWS
View file

@ -1069,6 +1069,11 @@ This provides access to system files with elevated privileges granted by
the idiosyncratic 'su' implementations and system utilities customary on
Android.
+++
*** New optional connection method "run0".
This connection method is similar to "sudo", but it uses the
'systemd-run' program internally.
+++
*** New connection methods "dockercp" and "podmancp".
These are the external methods counterparts of "docker" and "podman".

11
lisp/net/tramp-cmds.el
View file

@ -70,12 +70,10 @@ SYNTAX can be one of the symbols `default' (default),
;;;###tramp-autoload
(defun tramp-list-remote-buffers ()
"Return a list of all buffers with remote `default-directory'."
(delq
nil
(mapcar
(lambda (x)
(when (tramp-tramp-file-p (tramp-get-default-directory x)) x))
(buffer-list))))
(tramp-compat-seq-keep
(lambda (x)
(when (tramp-tramp-file-p (tramp-get-default-directory x)) x))
(buffer-list)))
;;; Cleanup
@ -567,6 +565,7 @@ For details, see `tramp-rename-files'."
:type '(choice (const "su")
(const "sudo")
(const "doas")
(const "run0")
(const "ksu")))
(defun tramp-file-name-with-sudo (filename)

29
lisp/net/tramp-sh.el
View file

@ -501,6 +501,24 @@ The string is used in `tramp-methods'.")
(tramp-set-completion-function "nc" tramp-completion-function-alist-telnet))
;;;###tramp-autoload
(defun tramp-enable-run0-method ()
"Enable \"run0\" method."
(add-to-list 'tramp-methods
`("run0"
(tramp-login-program "systemd-run")
(tramp-login-args (("--uid" "%u") ("-t") ("%l")))
(tramp-remote-shell ,tramp-default-remote-shell)
(tramp-remote-shell-args ("-c"))
(tramp-connection-timeout 10)
(tramp-session-timeout 300)
(tramp-password-previous-hop t)))
(add-to-list 'tramp-default-user-alist
`(,(rx bos "run0" eos) nil ,tramp-root-id-string))
(tramp-set-completion-function "run0" tramp-completion-function-alist-su))
;;;###tramp-autoload
(defun tramp-enable-ksu-method ()
"Enable \"ksu\" method."
@ -2902,7 +2920,7 @@ the result will be a local, non-Tramp, file name."
;; use a user name from the config file.
(when (and (tramp-string-empty-or-nil-p uname)
(string-match-p
(rx bos (| "su" "sudo" "doas" "ksu") eos) method))
(rx bos (| "su" "sudo" "doas" "run0" "ksu") eos) method))
(setq uname user))
(when (setq hname (tramp-get-home-directory v uname))
(setq localname (concat hname fname)))))
@ -5377,12 +5395,11 @@ connection if a previous connection has died for some reason."
:host l-host :port l-port)))
;; Set session timeout.
(when (tramp-get-method-parameter
hop 'tramp-session-timeout)
(when-let ((timeout
(tramp-get-method-parameter
hop 'tramp-session-timeout)))
(tramp-set-connection-property
p "session-timeout"
(tramp-get-method-parameter
hop 'tramp-session-timeout)))
p "session-timeout" timeout))
;; Replace `login-args' place holders.
(setq

6
lisp/net/tramp-smb.el
View file

@ -1068,17 +1068,15 @@ PRESERVE-UID-GID and PRESERVE-EXTENDED-ATTRIBUTES are completely ignored."
;; Filter entries.
(setq entries
(delq
nil
(if (or wildcard (string-empty-p base))
;; Check for matching entries.
(mapcar
(tramp-compat-seq-keep
(lambda (x)
(when (string-match-p (rx bol (literal base)) (nth 0 x))
x))
entries)
;; We just need the only and only entry FILENAME.
(list (assoc base entries)))))
(list (assoc base entries))))
;; Sort entries.
(setq entries

28
lisp/net/tramp.el
View file

@ -2978,17 +2978,15 @@ They are collected by `tramp-completion-dissect-file-name1'."
(regexp tramp-prefix-ipv6-regexp)
(group (? (regexp tramp-ipv6-regexp))) eol)
1 2 3 nil)))
(delq
nil
(mapcar
(lambda (structure) (tramp-completion-dissect-file-name1 structure name))
(list
tramp-completion-file-name-structure1
tramp-completion-file-name-structure2
tramp-completion-file-name-structure3
tramp-completion-file-name-structure4
tramp-completion-file-name-structure5
tramp-completion-file-name-structure6)))))
(tramp-compat-seq-keep
(lambda (structure) (tramp-completion-dissect-file-name1 structure name))
(list
tramp-completion-file-name-structure1
tramp-completion-file-name-structure2
tramp-completion-file-name-structure3
tramp-completion-file-name-structure4
tramp-completion-file-name-structure5
tramp-completion-file-name-structure6))))
(defun tramp-completion-dissect-file-name1 (structure name)
"Return a `tramp-file-name' structure for NAME matching STRUCTURE.
@ -4777,10 +4775,10 @@ Do not set it manually, it is used buffer-local in `tramp-get-lock-pid'.")
vec "Method `%s' is not supported for multi-hops"
(tramp-file-name-method item)))))
;; Some methods ("su", "sg", "sudo", "doas", "ksu") do not use the
;; host name in their command template. In this case, the remote
;; file name must use either a local host name (first hop), or a
;; host name matching the previous hop.
;; Some methods ("su", "sg", "sudo", "doas", "run0", "ksu") do not
;; use the host name in their command template. In this case, the
;; remote file name must use either a local host name (first hop),
;; or a host name matching the previous hop.
(let ((previous-host (or tramp-local-host-regexp "")))
(setq choices target-alist)
(while (setq item (pop choices))