Skip to main content

run_interactive_auth

pacsea::logic::privilege

Function run_interactive_auth 

Source 
pub fn run_interactive_auth(tool: PrivilegeTool) -> Result<bool, String>
Expand description

What: Run the privilege tool interactively to let the user authenticate.

Inputs:

  • tool: Resolved privilege tool (sudo or doas).

Output:

  • Ok(true) if authentication succeeded, Ok(false) if it failed.

§Errors

Returns Err if the tool binary cannot be executed.

Details:

  • For sudo: runs sudo -v which validates credentials without executing a command. On success, the credential cache is refreshed so subsequent sudo calls don’t re-prompt.
  • For doas: runs doas true (a no-op command) to trigger authentication. If persist is configured in doas.conf, subsequent doas calls won’t re-prompt. Without persist, each doas invocation will re-prompt (known limitation).
  • The caller is responsible for ensuring the terminal is in a state where the user can interact with the prompt (e.g. not in TUI raw mode).