Change the way the command alias CC is handled to allow apps to safely uninstall
Currently, if any app's webconfig requires any more program permissions in the sudoers file, it calls the "addsudo" program which adds an entry to the Cmnd_Alias CC
line. This is necessarily a one way process and uninstalling the app cannot remove the entry it may have added in case another app also needs sudo access to that command.
There is a way of maintaining the sudoers file in a safe way. Only a core set of apps needed by the base webconfig should be put on the Cmnd_Alias CC
line. If an app needs any extra permissions it should drop a file into /etc/sudoers.d and in that file create its own Cmnd_Alias
line with the extra programs it needs against its own alias name. E.g app-bmbackup may create a file /etc/sudoers.d/app-bmbackup and in it put:
Cmnd_Alias APP-BMB = /usr/sbin/mkfs.xfs, /usr/sbin/mkfs.ext3, /usr/bin/mount
The app installer should then amend the webconfig line in the sudoers file:
webconfig ALL=NOPASSWD: CC
changes to:
webconfig ALL=NOPASSWD: CC, APP-BMB
This can safely be reversed. It would help if a utility similar to /usr/sbin/addsudo could be written as part of app-base that could both add and remove the , APP_BMB
part of the line.
If we go down this route, the developer guidelines will need to be updated.