DenoDDeno
Powered by
andykaisA
Deno•3y ago•
1 reply
andykais

best practice when spawning commands that require sudo?

I am building a command line utility in deno that leverages data coming from 
tcpdump
tcpdump
. To get any meaningful data out of 
tcpdump
tcpdump
, I need elevated permissions. To keep this command portable, that means running 
sudo tcpdump
sudo tcpdump
 inside my deno program. How can I set up deno permissions to run a specific command executed through 
sudo
sudo
? A simple permission of 
--allow-run=sudo
--allow-run=sudo
 would be dangerous. I could just let the user approve each time, but even then, all they know is that they are approving 
sudo
sudo
, there is no other knowledge of what the subcommand is:
┌ ⚠️  Deno requests run access to "sudo".
├ Requested by `Deno.Command().spawn()` API.
├ Run again with --allow-run to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all run permissions) > y
┌ ⚠️  Deno requests run access to "sudo".
├ Requested by `Deno.Command().spawn()` API.
├ Run again with --allow-run to bypass this prompt.
└ Allow? [y/n/A] (y = yes, allow; n = no, deny; A = allow all run permissions) > y


Im not sure if I have a suggestion yet on how we could improve this. Right now I am just curious if anyone else has ran into this. I could leverage roles & permissions on my linux machine to allow this program to run without sudo, but thats not very portable, other users would have to do the same "add user/allow user access to x,y,z/change user to run the command/etc"
Deno banner
DenoJoin
Chat about Deno, a modern runtime for JavaScript and TypeScript.
20,934Members
Resources
Recent Announcements

Similar Threads

Was this page helpful?

Similar Threads

Best practice to import internal components
danilkinkinDdanilkinkin / help
17mo ago
`require()` equivalent
NeTTNNeTT / help
4y ago