launchpadlib should not use keyring when running under sudo
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
launchpadlib |
Fix Released
|
High
|
Dan Streetman |
Bug Description
when logging into LP, python-keyring will be used (by default) to store the oauth credentials locally. However, when running under sudo, keyring will store the credentials in the root keyring, not the calling user's keyring.
This is unlikely to be useful, since the root keyring is most likely does not exist, and the sudo session may not be able to connect to the normal keyring provider (e.g. gnome keyring).
The result may be the user will see a prompt to create a new keyring, without indicating it's for the root user.
Additionally, if multiple users have sudo on the same system, if user A creates a new root keyring (with new password), then user B will be prompted to enter that password which they do not know, instead of a prompt to create a new keyring, leading to user B being unable to successfully login to LP under sudo, without manually removing user A's keyring.
[other info]
this is specifically important for bug 645404; after add-apt-repository is updated to use python-launchpadlib to login, since it also (currently) requires being called as root, it makes using the script under sudo difficult or impossible.
Related branches
- Colin Watson: Approve
-
Diff: 322 lines (+171/-44)2 files modifiedsrc/launchpadlib/credentials.py (+151/-43)
src/launchpadlib/launchpad.py (+20/-1)
description: | updated |
Fixed in launchpadlib 1.10.11. Thanks for the contribution.