`exec` runs sudo commands with `-u` to preserve user #3959

levkropp · 2025-02-26T15:14:52Z

I had to run the sudo concierge prepare -p dev --extra-snaps terraform command twice whether I was shelled in with multipass shell or using multipass exec. Running multipass exec juju-dev -- sudo env | grep SUDO_ gives the correct SUDO environment variables

~/CLionProjects/multipass/build$ ./bin/multipass launch noble --disk 50G --memory 4G --cpus 2 --mount .  --name juju-dev
Launched: juju-dev
Mounted '.' into 'juju-dev:'
~/CLionProjects/multipass/build$ ./bin/multipass exec juju-dev -- sudo snap install concierge --classic
concierge 0.11.1 from Jon Seager (jnsgruk✪) installed
frame@frame-laptop:~/CLionProjects/multipass/build$ ./bin/multipass exec juju-dev -- sudo concierge prepare -p dev --extra-snaps terraform
time=2025-02-26T09:49:17.825-05:00 level=INFO msg="Preset selected" preset=dev
time=2025-02-26T09:49:37.624-05:00 level=INFO msg="Installed snap" snap=charmcraft
time=2025-02-26T09:49:47.641-05:00 level=INFO msg="Installed apt package" package=python3-pip
time=2025-02-26T09:49:50.327-05:00 level=INFO msg="Installed snap" snap=jq
time=2025-02-26T09:49:51.198-05:00 level=INFO msg="Installed apt package" package=python3-venv
time=2025-02-26T09:49:54.497-05:00 level=INFO msg="Installed snap" snap=yq
time=2025-02-26T09:50:29.489-05:00 level=INFO msg="Installed snap" snap=rockcraft
time=2025-02-26T09:50:42.662-05:00 level=INFO msg="Installed snap" snap=snapcraft
time=2025-02-26T09:51:02.735-05:00 level=INFO msg="Installed snap" snap=jhack
time=2025-02-26T09:51:08.384-05:00 level=INFO msg="Installed snap" snap=terraform
time=2025-02-26T09:51:22.508-05:00 level=INFO msg="Installed snap" snap=k8s
time=2025-02-26T09:51:28.145-05:00 level=INFO msg="Installed snap" snap=kubectl
time=2025-02-26T09:51:28.621-05:00 level=INFO msg="Refreshed snap" snap=lxd
Command: /snap/bin/k8s status
Output:
Error: The node is not part of a Kubernetes cluster. You can bootstrap a new cluster with:

  sudo k8s bootstrap
time=2025-02-26T09:51:33.206-05:00 level=INFO msg="Prepared provider" provider=lxd
time=2025-02-26T09:53:00.624-05:00 level=INFO msg="Prepared provider" provider=k8s
time=2025-02-26T09:53:19.510-05:00 level=INFO msg="Installed snap" snap=juju
Command: sudo -u ubuntu /snap/bin/juju show-controller concierge-k8s
Output:
{}
ERROR controller concierge-k8s not found
time=2025-02-26T09:53:25.349-05:00 level=INFO msg="Bootstrapping Juju" provider=k8s
Command: sudo -u ubuntu /snap/bin/juju show-controller concierge-lxd
Output:
{}
ERROR controller concierge-lxd not found
time=2025-02-26T09:53:27.397-05:00 level=INFO msg="Bootstrapping Juju" provider=lxd
time=2025-02-26T09:55:00.176-05:00 level=INFO msg="Bootstrapped Juju" provider=k8s
time=2025-02-26T09:56:18.206-05:00 level=INFO msg="Bootstrapped Juju" provider=lxd
~/CLionProjects/multipass/build$ ./bin/multipass exec juju-dev -- sudo concierge prepare -p dev --extra-snaps terraform
time=2025-02-26T09:56:59.249-05:00 level=INFO msg="Preset selected" preset=dev
time=2025-02-26T09:57:01.532-05:00 level=INFO msg="Refreshed snap" snap=jq
time=2025-02-26T09:57:02.270-05:00 level=INFO msg="Installed apt package" package=python3-pip
time=2025-02-26T09:57:02.522-05:00 level=INFO msg="Refreshed snap" snap=yq
time=2025-02-26T09:57:02.889-05:00 level=INFO msg="Installed apt package" package=python3-venv
time=2025-02-26T09:57:03.653-05:00 level=INFO msg="Refreshed snap" snap=rockcraft
time=2025-02-26T09:57:04.715-05:00 level=INFO msg="Refreshed snap" snap=snapcraft
time=2025-02-26T09:57:05.708-05:00 level=INFO msg="Refreshed snap" snap=jhack
time=2025-02-26T09:57:06.733-05:00 level=INFO msg="Refreshed snap" snap=charmcraft
time=2025-02-26T09:57:07.567-05:00 level=INFO msg="Refreshed snap" snap=terraform
time=2025-02-26T09:57:17.126-05:00 level=INFO msg="Refreshed snap" snap=k8s
time=2025-02-26T09:57:17.611-05:00 level=INFO msg="Refreshed snap" snap=lxd
time=2025-02-26T09:57:25.153-05:00 level=INFO msg="Refreshed snap" snap=kubectl
time=2025-02-26T09:57:27.131-05:00 level=INFO msg="Prepared provider" provider=lxd
time=2025-02-26T09:57:49.081-05:00 level=INFO msg="Prepared provider" provider=k8s
time=2025-02-26T09:57:50.248-05:00 level=INFO msg="Refreshed snap" snap=juju
time=2025-02-26T09:57:53.383-05:00 level=INFO msg="Previous Juju controller found" provider=lxd
time=2025-02-26T09:57:54.850-05:00 level=INFO msg="Previous Juju controller found" provider=k8s
~/CLionProjects/multipass/build$ ./bin/multipass exec juju-dev -- juju controllers
Use --refresh option with this command to see the latest information.

Controller      Model    User   Access     Cloud/Region         Models  Nodes    HA  Version
concierge-k8s   testing  admin  superuser  k8s                       2      -     -  3.6.2  
concierge-lxd*  testing  admin  superuser  localhost/localhost       2      1  none  3.6.2

In order to cd into directories we need to do sudo sh -c because cd cannot be run with sudo. This changes our SUDO_ user. We could use sudo -E to preserve the entire environment but that may cause unintended behavior. Instead we use sudo -u to restore the user. We know the user from the ssh_info.username()

codecov · 2025-02-27T20:11:04Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.11%. Comparing base (1954ca0) to head (15d9e46).
Report is 26 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3959      +/-   ##
==========================================
- Coverage   89.11%   89.11%   -0.01%     
==========================================
  Files         255      255              
  Lines       14603    14604       +1     
==========================================
  Hits        13014    13014              
- Misses       1589     1590       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

exec runs sudo commands with -u to preserve user

46b5823

levkropp force-pushed the exec-sudo-dir-mapping branch 2 times, most recently from 4a2ddab to 1e95dc2 Compare February 27, 2025 19:54

fix exec test expectation for command string

15d9e46

levkropp force-pushed the exec-sudo-dir-mapping branch from 1e95dc2 to 15d9e46 Compare February 27, 2025 20:12

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

`exec` runs sudo commands with `-u` to preserve user #3959

`exec` runs sudo commands with `-u` to preserve user #3959

levkropp commented Feb 26, 2025

codecov bot commented Feb 27, 2025 •

edited

Loading

exec runs sudo commands with -u to preserve user #3959

Are you sure you want to change the base?

exec runs sudo commands with -u to preserve user #3959

Conversation

levkropp commented Feb 26, 2025

codecov bot commented Feb 27, 2025 • edited Loading

Codecov Report

`exec` runs sudo commands with `-u` to preserve user #3959

`exec` runs sudo commands with `-u` to preserve user #3959

codecov bot commented Feb 27, 2025 •

edited

Loading