Changeset c8e24a5 in rattail-fabric


Ignore:
Timestamp:
02/22/19 15:28:06 (10 months ago)
Author:
Lance Edgar <ledgar@…>
Branches:
master
Children:
658bc3e
Parents:
c87ef42
Message:

Prevent default use of shell when running commands as postgres

so that our sudoers config can work as expected

File:
1 edited

Legend:

Unmodified
Added
Removed
  • rattail_fabric/postgresql.py

    rc87ef42 rc8e24a5  
    6060        port='--port={}'.format(port) if port else '',
    6161        sql=sql, database=database)
    62     return sudo(cmd, user='postgres')
     62    return sudo(cmd, user='postgres', shell=False)
    6363
    6464
     
    7676    else: # run as postgres
    7777        kw = dict(port=port, path=path, db=database)
    78         return sudo("psql {port} --file='{path}' {db}".format(**kw), user='postgres')
     78        return sudo("psql {port} --file='{path}' {db}".format(**kw), user='postgres', shell=False)
    7979
    8080
     
    9696            createdb='--{}createdb'.format('' if createdb else 'no-'),
    9797            name=name)
    98         sudo(cmd, user='postgres')
     98        sudo(cmd, user='postgres', shell=False)
    9999        if password:
    100100            set_user_password(name, password, port=port)
     
    126126            owner='--owner={}'.format(owner) if owner else '',
    127127            name=name)
    128         sudo(cmd, user='postgres')
     128        sudo(cmd, user='postgres', shell=False)
    129129
    130130
     
    142142    """
    143143    if not checkfirst or db_exists(name):
    144         sudo('dropdb {}'.format(name), user='postgres')
     144        sudo('dropdb {}'.format(name), user='postgres', shell=False)
    145145
    146146
     
    157157        port='--port={}'.format(port) if port else '',
    158158        exclude_tables='--exclude-table-data={}'.format(exclude_tables) if exclude_tables else '')
    159     sudo(cmd, user='postgres')
     159    sudo(cmd, user='postgres', shell=False)
    160160    run('gzip --force {0}.sql'.format(name))
    161161    get('{0}.sql.gz'.format(name), destination)
     
    194194    # restore database on target server
    195195    run('gunzip --force {}.sql.gz'.format(name))
    196     sudo('psql --echo-errors --file={0}.sql {0}'.format(name), user='postgres')
     196    sudo('psql --echo-errors --file={0}.sql {0}'.format(name), user='postgres', shell=False)
    197197    run('rm {}.sql'.format(name))
Note: See TracChangeset for help on using the changeset viewer.