Try to fix sudo fd

2022-09-10 10:36:55 -06:00 · 2022-09-10 10:36:55 -06:00 · 44bfbbb44d
parent 6ceacf023b
commit 44bfbbb44d
2 changed files with 3 additions and 3 deletions
--- a/back/lib/wg_peer_add
+++ b/back/lib/wg_peer_add
@ -22,8 +22,8 @@ source "${CONFIG_FILE}"

 set -x
 # TODO: Fix this to not give NOPASSWD visudo to bash or su
-# https://askubuntu.com/a/1334988/533341
-res="$(sudo bash -c '/usr/bin/wg set "${TLD}" peer "${1}" preshared-key <(printf "${2}\n") allowed-ips "${3}"' )" || (
+# https://askubuntu.com/a/1334988
+res="$(printf '%s\n' "${2}" | sudo /usr/bin/wg set "${TLD}" peer "${1}" preshared-key /dev/stdin allowed-ips "${3}")" || (
 	printf '%s %s\n' "${?}" "${res}" >>"${LOGFILE}"
 	exit 6
 )
--- a/back/srv/dashboard/Dockerfile
+++ b/back/srv/dashboard/Dockerfile
@ -13,7 +13,7 @@ RUN sed -i "s/ServerAdmin .*$/ServerAdmin ${ADMIN_EMAIL}/" \
 	/etc/apache2/sites-available/000-default.conf
 RUN sed -i "s|DocumentRoot .*$|DocumentRoot /var/www/cgi-bin\n\tScriptAlias / /var/www/cgi-bin/index.cgi|" \
 	/etc/apache2/sites-available/000-default.conf
-RUN echo "www-data ALL=(ALL:ALL) NOPASSWD: /bin/bash, /usr/bin/wg, /usr/bin/printf, /usr/bin/openssl" | sudo EDITOR='tee -a' visudo
+RUN echo "www-data ALL=(ALL:ALL) NOPASSWD: /usr/bin/wg, /usr/bin/openssl" | sudo EDITOR='tee -a' visudo
 RUN touch /var/local/wgapi_tokens
 RUN chown www-data:www-data /var/local/wgapi_tokens
 EXPOSE ${LISTEN_PORT}