mirror of
https://github.com/Homebrew/brew.git
synced 2025-07-14 16:09:03 +08:00
bin/brew: do not exit on sudo errors for resetting timestamp
In #17694, a call to `sudo --reset-timestamp` was added to prevent cached credentials being run. Unfortunately, this breaks `brew` invocation under `sandbox-exec`, which forbids any attempts to exec setuid executables. This in turn breaks the OCaml opam package manager, which sandboxes its build commands (including brew prefix queries): see https://github.com/ocaml/opam/issues/6117 for that error. This commit just changes the sudo invocation to suppress errors and continue if it fails, which should be harmless in normal operation as sudo doesn't emit an error for this option when invoked normally.
This commit is contained in:
Anil Madhavapeddy
parent
759abe5446
commit
0c85c07be5
2
bin/brew
2
bin/brew
@ -39,7 +39,7 @@ fi
|
|||||||
# Reset sudo timestamp to avoid running unauthorized sudo commands
|
# Reset sudo timestamp to avoid running unauthorized sudo commands
|
||||||
if command -v sudo >/dev/null
|
if command -v sudo >/dev/null
|
||||||
then
|
then
|
||||||
sudo --reset-timestamp
|
sudo --reset-timestamp 2>/dev/null || true
|
||||||
fi
|
fi
|
||||||
|
|
||||||
quiet_cd() {
|
quiet_cd() {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user