Restore nopasswd sudo rule on Mac OS X.

daztucker · Oct 30, 2023 · 4ff6b00 · 4ff6b00
1 parent a1f67f7
commit 4ff6b00
Showing 1 changed file with 18 additions and 14 deletions.
diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh
@@ -35,20 +35,24 @@ if [ -x "`which lsb_release 2>&1`" ]; then
 	lsb_release -a
 fi
 
-# Ubuntu 22.04 defaults to private home dirs which prevent the
-# agent-getpeerid test from running ssh-add as nobody.  See
-# https://github.com/actions/runner-images/issues/6106
-if [ ! -z "$SUDO" ] && ! "$SUDO" -u nobody test -x ~; then
-	echo ~ is not executable by nobody, adding perms.
-	chmod go+x ~
-fi
-
-if [ ! -z "$SUDO" ] && ! "$SUDO" -S -u nobody true </dev/null; then
-	home=`dirname ~`
-	ls -ld / $home ~
-	echo "Still can't sudo to nobody."
-	("$SUDO" ktrace trace -S -f C3 -c "$SUDO" -u nobody -S id </dev/null)
-	exit 1
+if [ ! -z "$SUDO" ]; then
+	# Ubuntu 22.04 defaults to private home dirs which prevent the
+	# agent-getpeerid test from running ssh-add as nobody.  See
+	# https://github.com/actions/runner-images/issues/6106
+	if ! "$SUDO" -u nobody test -x ~; then
+		echo ~ is not executable by nobody, adding perms.
+		chmod go+x ~
+	fi
+	# Some of the Mac OS X runners don't have a nopasswd sudo rule. Regular
+	# sudo still works, but sudo -u doesn't.  Restore the sudo rule.
+	if ! "$SUDO" grep  -E 'runner.*NOPASSWD' /etc/passwd >/dev/null; then
+		echo "Restoring runner nopasswd rule to sudoers."
+		echo 'runner ALL=(ALL) NOPASSWD: ALL' |$SUDO tee -a /etc/sudoers
+	fi
+	if ! "$SUDO" -u nobody test -x ~; then
+		echo "Still can't sudo to nobody."
+		exit 1
+	fi
 fi
 
 if [ "${TARGETS}" = "kitchensink" ]; then