Capistrano sudo and sprinkle sudo can trip each other up

[joshgoebel]

See issue #42 for reference.

To summarize the problem

You're using capistrano with sudo that requries a password. No matter what you try push_text cannot push to a privileged file. Say you try:

push_text :sudo => true

Then push_text merely appends "sudo" which doesn't have the brains to deal with the sudo password prompt the same way that Capistrano does.

Or say you assume since you're using sudo with Capistrano (set :use_sudo, true) for everything that this would just be a non-issue... the problem is the command issued from capistrano looks like this:

sh -c 'sudo -p 'sudo password: ' ... blah | sudo tee'

It's simply spawning a new shell and then prefixing that with it's own sudo... but once you start piping you're back to the original permission set and the second sudo gets hung up at the password prompt as explained above.

Potential solution

A branch to review: https://github.com/sprinkle-tool/sprinkle/tree/smart_sudo

So we can let installers determine the actor's sudo mode and even ask the actor to build a sudo command for them... that's what the branch I linked to does. And it should actually work but then you get commands like this:

sh -c 'sudo -p 'sudo password: ' sudo -p 'sudo password: ' grep -qPzo '^now$' /etc/stupid_file || /bin/echo -e 'now' |sudo -p 'sudo password: ' tee -a /etc/stupid_file

In many cases sudo is now being called twice... so we could define a first_sudo_cmd that was blank when we knew the actor was going to be sudoing everything, but then that starts to seem really messy to me...

[joshgoebel]

It's simple enough to just add some logic to strip double sudos so that's what I'm going to do.

[joshgoebel]

Released in 0.5.2.