Struct Plugin

pub struct Plugin {
    pub version: Version,
    pub command: Vec<CString>,
    pub settings: Settings,
    pub user_info: UserInfo,
    pub command_info: CommandInfo,
    pub user_env: OptionMap,
    pub plugin_options: OptionMap,
    /* private fields */
}

An implementation of a sudo plugin, initialized and parsed from the values passed to the underlying open callback.

Fields

version: Version

The plugin API version supported by the invoked sudo command.

command: Vec<CString>

The command being executed, in the same form as would be passed to the execve(2) system call.

settings: Settings

A map of user-supplied sudo settings. These settings correspond to flags the user specified when running sudo. As such, they will only be present when the corresponding flag has been specified on the command line.

user_info: UserInfo

A map of information about the user running the command.

command_info: CommandInfo

A map of information about the command being run.

user_env: OptionMap

A map of the user’s environment variables.

plugin_options: OptionMap

A map of options provided to the plugin after the its path in sudo.conf.

Settings that aren’t of the form key=value will have a key in the map whose value is the same as the key, similar to how HTML handles valueless attributes (e.g., disabled will become plugin_options["disabled"] => "disabled").

Implementations

impl Plugin

pub unsafe fn new( version: c_uint, argc: c_int, argv: *const *mut c_char, conversation: sudo_conv_t, plugin_printf: sudo_printf_t, settings: *const *mut c_char, user_info: *const *mut c_char, command_info: *const *mut c_char, user_env: *const *mut c_char, plugin_options: *const *mut c_char, ) -> Result<Self>

Initializes a Plugin from the arguments provided to the underlying C open callback function. Verifies the API version advertised by the underlying sudo is supported by this library, parses all provided options, and wires up communication facilities.

Returns an error if there was a problem initializing the plugin.

pub fn stdout(&self) -> Printf

Returns a facility implementing std::io::Write that emits to the invoking user’s STDOUT.

pub fn stderr(&self) -> Printf

Returns a facility implementing std::io::Write that emits to the invoking user’s STDERR.

pub fn tty(&self) -> Option<Tty>

Returns a facility implementing std::io::Write that emits to the user’s TTY, if sudo detected one.

pub fn invocation(&self) -> Vec<u8>

As best as can be reconstructed, what was actually typed at the shell in order to launch this invocation of sudo.

pub fn cwd(&self) -> &PathBuf

The cwd to be used for the command being run. This is typically set on the user_info component, but may be overridden by the policy plugin setting its value on command_info.

pub fn runas_gids(&self) -> HashSet<gid_t>

The complete set of groups the invoked command will have privileges for. If the -P (--preserve-groups) flag was passed to sudo, the underlying command_info will not have this set and this method will return the list of original groups from the running the command.

This set will always contain runas_egid.