MCPcopy Index your code
hub / github.com/sshuttle/sshuttle / build_config

Function build_config

sshuttle/sudoers.py:7–38  ·  view source on GitHub ↗

Generates a sudoers configuration to allow passwordless execution of sshuttle.

(user_name)

Source from the content-addressed store, hash-verified

5
6
7def build_config(user_name):
8 """Generates a sudoers configuration to allow passwordless execution of sshuttle."""
9
10 argv0 = os.path.abspath(sys.argv[0])
11 is_python_script = argv0.endswith('.py')
12 executable = f"{sys.executable} {argv0}" if is_python_script else argv0
13 dist_packages = os.path.dirname(os.path.abspath(__file__))
14 cmd_alias = f"SSHUTTLE{uuid4().hex[-3:].upper()}"
15
16 template = f"""
17# WARNING: If you intend to restrict a user to only running the
18# sshuttle command as root, THIS CONFIGURATION IS INSECURE.
19# When a user can run sshuttle as root (with or without a password),
20# they can also run other commands as root because sshuttle itself
21# can run a command specified by the user with the --ssh-cmd option.
22
23# INSTRUCTIONS: Add this text to your sudo configuration to run
24# sshuttle without needing to enter a sudo password. To use this
25# configuration, run 'visudo /etc/sudoers.d/sshuttle_auto' as root and
26# paste this text into the editor that it opens. If you want to give
27# multiple users these privileges, you may wish to use different
28# filenames for each one (i.e., /etc/sudoers.d/sshuttle_auto_john).
29
30# This configuration was initially generated by the
31# 'sshuttle --sudoers-no-modify' command.
32
33Cmnd_Alias {cmd_alias} = /usr/bin/env PYTHONPATH={dist_packages} {executable} *
34
35{user_name} ALL=NOPASSWD: {cmd_alias}
36"""
37
38 return template
39
40
41def sudoers(user_name=None):

Callers 1

sudoersFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected