feat: add -B/--bell flag (#1051)

shurizzle · shurizzle · squell · web-flow · commit bceee7ecf598 · 2025-03-31T10:34:25.000Z
As discussed in #1028 I opened the PR for -B/--bell flag --------- Co-authored-by: shurizzle <me@shurizzle.dev> Co-authored-by: Marc Schoolderman <marc@tweedegolf.com>
diff --git a/docs/man/sudo.8.md b/docs/man/sudo.8.md
@@ -8,7 +8,7 @@ title: SUDO(8) sudo-rs 0.2.4 | sudo-rs
 
 # SYNOPSIS
 
-`sudo` [`-u` *user*] [`-g` *group*] [`-D` *directory*] [`-knS`] [`-i` | `-s`] [`VAR=value`] [<*command*>] \
+`sudo` [`-u` *user*] [`-g` *group*] [`-D` *directory*] [`-BknS`] [`-i` | `-s`] [`VAR=value`] [<*command*>] \
 `sudo` `-h` | `-K` | `-k` | `-V`
 
 # DESCRIPTION
@@ -29,6 +29,9 @@ even if that process runs in its own pseudo terminal.
 
 # OPTIONS
 
+`-B`, `--bell`
+: Ring the bell as part of the password prompt when a terminal is present.
+
 `-D` *directory*, `--chdir`=*directory*
 :   Run the *command* in the specified *directory* instead of the current
     working directory. The security policy may return an error if the user does
diff --git a/src/common/context.rs b/src/common/context.rs
@@ -21,6 +21,7 @@ pub struct Context {
     pub target_user: User,
     pub target_group: Group,
     pub stdin: bool,
+    pub bell: bool,
     pub prompt: Option<String>,
     pub non_interactive: bool,
     pub use_session_records: bool,
@@ -88,6 +89,7 @@ impl Context {
             launch,
             chdir: sudo_options.chdir,
             stdin: sudo_options.stdin,
+            bell: sudo_options.bell,
             prompt: sudo_options.prompt,
             non_interactive: sudo_options.non_interactive,
             process: Process::new(),
@@ -112,6 +114,7 @@ impl Context {
             launch: Default::default(),
             chdir: None,
             stdin: sudo_options.stdin,
+            bell: sudo_options.bell,
             prompt: sudo_options.prompt,
             non_interactive: sudo_options.non_interactive,
             process: Process::new(),
@@ -156,6 +159,7 @@ impl Context {
             launch: Default::default(),
             chdir: None,
             stdin: sudo_options.stdin,
+            bell: sudo_options.bell,
             prompt: sudo_options.prompt,
             non_interactive: sudo_options.non_interactive,
             process: Process::new(),
diff --git a/src/pam/converse.rs b/src/pam/converse.rs
@@ -96,6 +96,7 @@ fn handle_message<C: Converser>(
 pub struct CLIConverser {
     pub(super) name: String,
     pub(super) use_stdin: bool,
+    pub(super) bell: bool,
     pub(super) password_feedback: bool,
 }
 
@@ -120,6 +121,9 @@ impl Converser for CLIConverser {
 
     fn handle_hidden_prompt(&self, msg: &str) -> PamResult<PamBuffer> {
         let mut tty = self.open()?;
+        if self.bell && !self.use_stdin {
+            tty.bell()?;
+        }
         tty.prompt(msg)?;
         if self.password_feedback {
             Ok(tty.read_password_with_feedback()?)
diff --git a/src/pam/mod.rs b/src/pam/mod.rs
@@ -47,11 +47,13 @@ impl PamContext {
         converser_name: &str,
         service_name: &str,
         use_stdin: bool,
+        bell: bool,
         no_interact: bool,
         password_feedback: bool,
         target_user: Option<&str>,
     ) -> PamResult<PamContext> {
         let converser = CLIConverser {
+            bell,
             name: converser_name.to_owned(),
             use_stdin,
             password_feedback,
diff --git a/src/pam/rpassword.rs b/src/pam/rpassword.rs
@@ -168,8 +168,8 @@ fn read_unbuffered_with_feedback(
 }
 
 /// Write something and immediately flush
-fn write_unbuffered(sink: &mut dyn io::Write, text: &str) -> io::Result<()> {
-    sink.write_all(text.as_bytes())?;
+fn write_unbuffered(sink: &mut dyn io::Write, text: &[u8]) -> io::Result<()> {
+    sink.write_all(text)?;
     sink.flush()
 }
 
@@ -221,7 +221,13 @@ impl Terminal<'_> {
 
     /// Display information
     pub fn prompt(&mut self, text: &str) -> io::Result<()> {
-        write_unbuffered(self.sink(), text)
+        write_unbuffered(self.sink(), text.as_bytes())
+    }
+
+    /// Ring the bell
+    pub fn bell(&mut self) -> io::Result<()> {
+        const BELL: &[u8; 1] = b"\x07";
+        write_unbuffered(self.sink(), BELL)
     }
 
     // boilerplate reduction functions
@@ -269,7 +275,7 @@ mod test {
     #[test]
     fn miri_test_write() {
         let mut data = Vec::new();
-        write_unbuffered(&mut data, "prompt").unwrap();
+        write_unbuffered(&mut data, b"prompt").unwrap();
         assert_eq!(std::str::from_utf8(&data).unwrap(), "prompt");
     }
 }
diff --git a/src/su/mod.rs b/src/su/mod.rs
@@ -29,7 +29,7 @@ fn authenticate(requesting_user: &str, user: &str, login: bool) -> Result<PamCon
         "su"
     };
     let use_stdin = true;
-    let mut pam = PamContext::new_cli("su", context, use_stdin, false, false, Some(user))?;
+    let mut pam = PamContext::new_cli("su", context, use_stdin, false, false, false, Some(user))?;
     pam.set_requesting_user(requesting_user)?;
 
     // attempt to set the TTY this session is communicating on
diff --git a/src/sudo/cli/help.rs b/src/sudo/cli/help.rs
@@ -1,13 +1,14 @@
 pub const USAGE_MSG: &str = "\
 usage: sudo -h | -K | -k | -V
-usage: sudo -v [-knS] [-g group] [-u user]
-usage: sudo -l [-knS] [-g group] [-U user] [-u user] [command [arg ...]]
-usage: sudo [-knS] [-D directory] [-g group] [-u user] [-i | -s] [command [arg ...]]
-usage: sudo -e [-knS] [-D directory] [-g group] [-u user] file ...";
+usage: sudo -v [-BknS] [-g group] [-u user]
+usage: sudo -l [-BknS] [-g group] [-U user] [-u user] [command [arg ...]]
+usage: sudo [-BknS] [-D directory] [-g group] [-u user] [-i | -s] [command [arg ...]]
+usage: sudo -e [-BknS] [-D directory] [-g group] [-u user] file ...";
 
 const DESCRIPTOR: &str = "sudo - run commands as another user";
 
 const HELP_MSG: &str = "Options:
+  -B, --bell                    ring bell when prompting
   -D, --chdir=directory         change the working directory before running command
   -g, --group=group             run command as the specified group name or ID
   -h, --help                    display help message and exit
diff --git a/src/sudo/cli/mod.rs b/src/sudo/cli/mod.rs
@@ -167,6 +167,8 @@ impl TryFrom<SudoOptions> for SudoResetTimestampOptions {
 
 // sudo -v [-ABkNnS] [-g group] [-h host] [-p prompt] [-u user]
 pub struct SudoValidateOptions {
+    // -B
+    pub bell: bool,
     // -k
     pub reset_timestamp: bool,
     // -n
@@ -189,16 +191,22 @@ impl TryFrom<SudoOptions> for SudoValidateOptions {
         let validate = mem::take(&mut opts.validate);
         debug_assert!(validate);
 
+        let bell = mem::take(&mut opts.bell);
         let reset_timestamp = mem::take(&mut opts.reset_timestamp);
         let non_interactive = mem::take(&mut opts.non_interactive);
         let stdin = mem::take(&mut opts.stdin);
         let prompt = mem::take(&mut opts.prompt);
         let group = mem::take(&mut opts.group);
         let user = mem::take(&mut opts.user);
 
+        if bell && stdin {
+            return Err("--bell conflicts with --stdin".into());
+        }
+
         reject_all("--validate", opts)?;
 
         Ok(Self {
+            bell,
             reset_timestamp,
             non_interactive,
             stdin,
@@ -212,6 +220,8 @@ impl TryFrom<SudoOptions> for SudoValidateOptions {
 // sudo -e [-ABkNnS] [-r role] [-t type] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] file ...
 #[allow(dead_code)]
 pub struct SudoEditOptions {
+    // -B
+    pub bell: bool,
     // -k
     pub reset_timestamp: bool,
     // -n
@@ -237,6 +247,7 @@ impl TryFrom<SudoOptions> for SudoEditOptions {
         let edit = mem::take(&mut opts.edit);
         debug_assert!(edit);
 
+        let bell = mem::take(&mut opts.bell);
         let reset_timestamp = mem::take(&mut opts.reset_timestamp);
         let non_interactive = mem::take(&mut opts.non_interactive);
         let stdin = mem::take(&mut opts.stdin);
@@ -246,13 +257,18 @@ impl TryFrom<SudoOptions> for SudoEditOptions {
         let user = mem::take(&mut opts.user);
         let positional_args = mem::take(&mut opts.positional_args);
 
+        if bell && stdin {
+            return Err("--bell conflicts with --stdin".into());
+        }
+
         reject_all("--edit", opts)?;
 
         if positional_args.is_empty() {
             return Err("must specify at least one file path".into());
         }
 
         Ok(Self {
+            bell,
             reset_timestamp,
             non_interactive,
             stdin,
@@ -267,6 +283,8 @@ impl TryFrom<SudoOptions> for SudoEditOptions {
 
 // sudo -l [-ABkNnS] [-g group] [-h host] [-p prompt] [-U user] [-u user] [command [arg ...]]
 pub struct SudoListOptions {
+    // -B
+    pub bell: bool,
     // -l OR -l -l
     pub list: List,
 
@@ -292,6 +310,7 @@ impl TryFrom<SudoOptions> for SudoListOptions {
     type Error = String;
 
     fn try_from(mut opts: SudoOptions) -> Result<Self, Self::Error> {
+        let bell = mem::take(&mut opts.bell);
         let list = opts.list.take().unwrap();
         let reset_timestamp = mem::take(&mut opts.reset_timestamp);
         let non_interactive = mem::take(&mut opts.non_interactive);
@@ -302,6 +321,10 @@ impl TryFrom<SudoOptions> for SudoListOptions {
         let user = mem::take(&mut opts.user);
         let positional_args = mem::take(&mut opts.positional_args);
 
+        if bell && stdin {
+            return Err("--bell conflicts with --stdin".into());
+        }
+
         // when present, `-u` must be accompanied by a command
         let has_command = !positional_args.is_empty();
         let valid_user_flag = user.is_none() || has_command;
@@ -313,6 +336,7 @@ impl TryFrom<SudoOptions> for SudoListOptions {
         reject_all("--list", opts)?;
 
         Ok(Self {
+            bell,
             list,
             reset_timestamp,
             non_interactive,
@@ -328,6 +352,8 @@ impl TryFrom<SudoOptions> for SudoListOptions {
 
 // sudo [-ABbEHnPS] [-C num] [-D directory] [-g group] [-h host] [-p prompt] [-R directory] [-T timeout] [-u user] [VAR=value] [-i | -s] [command [arg ...]]
 pub struct SudoRunOptions {
+    // -B
+    pub bell: bool,
     // -E
     pub preserve_env: PreserveEnv,
     // -k
@@ -357,6 +383,7 @@ impl TryFrom<SudoOptions> for SudoRunOptions {
     type Error = String;
 
     fn try_from(mut opts: SudoOptions) -> Result<Self, Self::Error> {
+        let bell = mem::take(&mut opts.bell);
         let preserve_env = mem::take(&mut opts.preserve_env);
         let reset_timestamp = mem::take(&mut opts.reset_timestamp);
         let non_interactive = mem::take(&mut opts.non_interactive);
@@ -370,6 +397,10 @@ impl TryFrom<SudoOptions> for SudoRunOptions {
         let shell = mem::take(&mut opts.shell);
         let positional_args = mem::take(&mut opts.positional_args);
 
+        if bell && stdin {
+            return Err("--bell conflicts with --stdin".into());
+        }
+
         let context = match (login, shell, positional_args.is_empty()) {
             (true, false, _) => "--login",
             (false, true, _) => "--shell",
@@ -392,6 +423,7 @@ impl TryFrom<SudoOptions> for SudoRunOptions {
         reject_all(context, opts)?;
 
         Ok(Self {
+            bell,
             preserve_env,
             reset_timestamp,
             non_interactive,
@@ -410,6 +442,8 @@ impl TryFrom<SudoOptions> for SudoRunOptions {
 
 #[derive(Default)]
 struct SudoOptions {
+    // -B
+    bell: bool,
     // -D
     chdir: Option<SudoPath>,
     // -g
@@ -628,6 +662,9 @@ impl SudoOptions {
         for arg in arg_iter {
             match arg {
                 SudoArg::Flag(flag) => match flag.as_str() {
+                    "-B" | "--bell" => {
+                        options.bell = true;
+                    }
                     "-E" | "--preserve-env" => {
                         options.preserve_env = PreserveEnv::Everything;
                     }
@@ -779,6 +816,7 @@ fn reject_all(context: &str, opts: SudoOptions) -> Result<(), String> {
     }
 
     let SudoOptions {
+        bell,
         chdir,
         group,
         login,
@@ -801,6 +839,7 @@ fn reject_all(context: &str, opts: SudoOptions) -> Result<(), String> {
     } = opts;
 
     let flags = [
+        tuple!(bell),
         tuple!(chdir),
         tuple!(edit),
         tuple!(group),
diff --git a/src/sudo/env/tests.rs b/src/sudo/env/tests.rs
@@ -133,6 +133,7 @@ fn create_test_context(sudo_options: SudoRunOptions) -> Context {
         use_session_records: false,
         use_pty: true,
         password_feedback: false,
+        bell: false,
     }
 }
 
diff --git a/src/sudo/pam.rs b/src/sudo/pam.rs
@@ -9,6 +9,7 @@ use crate::system::term::current_tty_name;
 pub(super) struct InitPamArgs<'a> {
     pub(super) launch: LaunchType,
     pub(super) use_stdin: bool,
+    pub(super) bell: bool,
     pub(super) non_interactive: bool,
     pub(super) password_feedback: bool,
     pub(super) auth_prompt: Option<String>,
@@ -22,6 +23,7 @@ pub(super) fn init_pam(
     InitPamArgs {
         launch,
         use_stdin,
+        bell,
         non_interactive,
         password_feedback,
         auth_prompt,
@@ -39,6 +41,7 @@ pub(super) fn init_pam(
         "sudo",
         service_name,
         use_stdin,
+        bell,
         non_interactive,
         password_feedback,
         None,
diff --git a/src/sudo/pipeline.rs b/src/sudo/pipeline.rs
@@ -174,6 +174,7 @@ fn auth_and_update_record_file(
     let mut pam_context = init_pam(InitPamArgs {
         launch: context.launch,
         use_stdin: context.stdin,
+        bell: context.bell,
         non_interactive: context.non_interactive,
         password_feedback: context.password_feedback,
         auth_prompt: context.prompt.clone(),

Original file line number	Diff line number	Diff line change
`@@ -168,8 +168,8 @@ fn read_unbuffered_with_feedback(`
`168`	`168`	`}`
`169`	`169`
`170`	`170`	`/// Write something and immediately flush`
`171`		`-fn write_unbuffered(sink: &mut dyn io::Write, text: &str) -> io::Result<()> {`
`172`		`- sink.write_all(text.as_bytes())?;`
	`171`	`+fn write_unbuffered(sink: &mut dyn io::Write, text: &[u8]) -> io::Result<()> {`
	`172`	`+ sink.write_all(text)?;`
`173`	`173`	`sink.flush()`
`174`	`174`	`}`
`175`	`175`
`@@ -221,7 +221,13 @@ impl Terminal<'_> {`
`221`	`221`
`222`	`222`	`/// Display information`
`223`	`223`	`pub fn prompt(&mut self, text: &str) -> io::Result<()> {`
`224`		`- write_unbuffered(self.sink(), text)`
	`224`	`+ write_unbuffered(self.sink(), text.as_bytes())`
	`225`	`+ }`
	`226`	`+`
	`227`	`+ /// Ring the bell`
	`228`	`+ pub fn bell(&mut self) -> io::Result<()> {`
	`229`	`+ const BELL: &[u8; 1] = b"\x07";`
	`230`	`+ write_unbuffered(self.sink(), BELL)`
`225`	`231`	`}`
`226`	`232`
`227`	`233`	`// boilerplate reduction functions`
`@@ -269,7 +275,7 @@ mod test {`
`269`	`275`	`#[test]`
`270`	`276`	`fn miri_test_write() {`
`271`	`277`	`let mut data = Vec::new();`
`272`		`- write_unbuffered(&mut data, "prompt").unwrap();`
	`278`	`+ write_unbuffered(&mut data, b"prompt").unwrap();`
`273`	`279`	`assert_eq!(std::str::from_utf8(&data).unwrap(), "prompt");`
`274`	`280`	`}`
`275`	`281`	`}`
Original file line number	Diff line number	Diff line change
`@@ -133,6 +133,7 @@ fn create_test_context(sudo_options: SudoRunOptions) -> Context {`
`133`	`133`	`use_session_records: false,`
`134`	`134`	`use_pty: true,`
`135`	`135`	`password_feedback: false,`
	`136`	`+ bell: false,`
`136`	`137`	`}`
`137`	`138`	`}`
`138`	`139`