Closed toobuntu closed 5 months ago
Verified that the askpass helper does get executed without exporting PATH:
# success
sudo --reset-timestamp; env -i HOMEBREW_PREFIX="$HOMEBREW_PREFIX" SUDO_ASKPASS="$HOME/devel/sudo_gui_script_contents" sudo --validate --askpass
# pinentry-mac: command not found
sudo --reset-timestamp; env -i SUDO_ASKPASS="$HOME/devel/sudo_gui_script_contents" sudo --validate --askpass
Makes sense to me. Thank you @toobuntu and @swissbuechi for the review also.
First commit
pinentry-mac
. This way, if Homebrew Autoupdate attempts an upgrade with--sudo
when the user is not available to enter the admin password, the upgrade of that cask can fail and any remaining upgrades can proceed.Second commit
sudo --askpass
expects the helper program to output to stdout. pinentry already prints to stdout. That's processed with awk and also printed to stdout already. Addresses my comment in issue #40.PATH
. We already require the formula pinentry-mac, which is linked toHOMEBREW_PREFIX/bin
. So, set that as PATH and use a full path for/usr/bin/awk
. That way, we are (more) sure what awk is going to do to the password, too. (An alternative to setting PATH altogether would be calling pinentry like/usr/bin/env -P"$HOMEBREW_PREFIX/bin" pinentry-mac
.)