Add support for su-rs and sudo-rs programs

* doc/misc/tramp.texi (Inline methods): Add "surs" and "sudors" methods. * etc/NEWS: Add optional "surs" and "sudors" Tramp methods. Presentational fixes and improvements. * lisp/net/tramp-cmds.el (tramp-file-name-with-method): Add "surs" and "sudors" to :type. Adapt :version. * lisp/net/tramp-sh.el (tramp-enable-surs-method) (tramp-enable-sudors-method): New defuns (tramp-sh-handle-expand-file-name): Add "surs" and "sudors" in check. * lisp/net/tramp.el (tramp-methods): Adapt docstring. * lisp/comint.el (comint-password-prompt-regexp): * test/lisp/comint-tests.el (comint-testsuite-password-strings): Add su-rs and sudo-rs password prompts.
author: Michael Albinus 2025-10-15 10:30:29 +0200
committer: Michael Albinus 2025-10-15 10:30:29 +0200
commit: 53fa2b72183e110cc6da3ce172c48e40d3fea3c7 (patch)
tree: 7168f7b85363aca07ef77b917a160d9f2637a2e4
parent: 7845936cbbf8c56a4d57700fbd10246b7288aa01 (diff)
download: emacs-53fa2b72183e110cc6da3ce172c48e40d3fea3c7.tar.gz
emacs-53fa2b72183e110cc6da3ce172c48e40d3fea3c7.zip
7 files changed, 85 insertions, 21 deletions
diff --git a/doc/misc/tramp.texi b/doc/misc/tramp.texi
index 5ce41091048..7b3a4808a45 100644
--- a/doc/misc/tramp.texi
+++ b/doc/misc/tramp.texi
@@ -852,12 +852,20 @@ as the @option{rsh} method.
 @cindex method @option{su}
 @cindex @option{su} method
 @item @option{su}
+@cindex method @option{surs}
+@cindex @option{surs} method
+@item @option{surs}
 Instead of connecting to a remote host, @command{su} program allows
 editing as another user.  The host can be either @samp{localhost} or
 the host returned by the function @command{(system-name)}.
 @xref{Multi-hops}, for an exception to this behavior.
+Method @option{surs} is the same like method @option{su}, but it uses
+the modern @command{su-rs} program.  It can be used instead wherever
+method @option{su} is mentioned in this manual.  @option{surs} is an
+optional method, @pxref{Optional methods}.
 @cindex method @option{androidsu}
 @cindex @option{androidsu} method
 @item @option{androidsu}
@@ -876,6 +884,9 @@ default on @code{android} systems only.
 @cindex method @option{sudo}
 @cindex @option{sudo} method
 @item @option{sudo}
+@cindex method @option{sudors}
+@cindex @option{sudors} method
+@item @option{sudors}
 Similar to @option{su} method, @option{sudo} uses @command{sudo}.
 @command{sudo} must have sufficient rights to start a shell.
@@ -884,6 +895,11 @@ For security reasons, a @option{sudo} connection is disabled after a
 predefined timeout (5 minutes by default).  This can be changed,
 @pxref{Predefined connection information}.
+Method @option{sudors} is the same like method @option{sudo}, but it
+uses the modern @command{sudo-rs} program.  It can be used instead
+wherever method @option{sudo} is mentioned in this manual.
+@option{sudors} is an optional method, @pxref{Optional methods}.
 @cindex method @option{doas}
 @cindex @option{doas} method
 @item @option{doas}
diff --git a/etc/NEWS b/etc/NEWS
index 4e27d6fc44e..0b8d624d923 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -327,13 +327,13 @@ deleted implicitly by functions like 'kill-buffer', 'bury-buffer' and
 +++
 *** Buffer-local window change functions run in their buffers now.
 Running the buffer-local version of each of the abnormal hooks
-'window-buffer-change-functions', 'window-size-change-functions'
+'window-buffer-change-functions', 'window-size-change-functions',
 'window-selection-change-functions' and 'window-state-change-functions'
 will make the respective buffer temporarily current for running the
-hook.'
+hook.
 +++
-*** 'window-buffer-change-functions' is run for removed buffer too.
+*** 'window-buffer-change-functions' is run for removed buffers too.
 The buffer-local version of 'window-buffer-change-functions' may be run
 twice now: Once for the buffer removed from the respective window and
 once for the buffer now shown in that window.
@@ -1883,6 +1883,11 @@ default, "sudo".
 *** 'tramp-file-name-with-method' can now be set as connection-local variable.
 +++
+*** New optional connection methods "surs" and "sudors".
+These connection methods are similar to "su" and "sudo", but they use
+the modern 'su-rs' and 'sudo-rs' commands.
+++
 *** Connection method "kubernetes" supports now optional namespace.
 The host name for Kubernetes connections can be of kind
 [CONTAINER.]POD[%NAMESPACE], in order to specify the namespace to be
@@ -3320,10 +3325,10 @@ The column number is no longer available; the line number will be
 removed in next Emacs release.
 +++
-** defvar-keymap can now take a ':prefix t' option.
+** 'defvar-keymap' can now take a ':prefix t' option.
 This is an abbreviation for using the name of the keymap as the prefix
-command name.  E.g. (defvar-keymap foo-map :prefix t) is equivalent to
+command name.  E.g., '(defvar-keymap foo-map :prefix t)' is equivalent
-(defvar-keymap foo-map :prefix 'foo-map).
+to '(defvar-keymap foo-map :prefix 'foo-map)'.
 * Changes in Emacs 31.1 on Non-Free Operating Systems
diff --git a/lisp/comint.el b/lisp/comint.el
index c7315a90181..b7c609ed469 100644
--- a/lisp/comint.el
+++ b/lisp/comint.el
@@ -408,7 +408,8 @@ This variable is buffer-local."
      "Vault" "SSH" "BECOME"
      "Enter Auth" "enter auth" "Old" "old" "New" "new" "login"
      "Kerberos" "CVS" "UNIX" " SMB" "LDAP" "PEM" "SUDO"
-      "[sudo]" "doas" "Repeat" "Bad" "Retype" "Verify")
+      "[sudo]" "[sudo: authenticate]" "[su: authenticate]"
+      "doas" "Repeat" "Bad" "Retype" "Verify")
    t)
   ;; Allow for user name to precede password equivalent (Bug#31075).
   " +.*\\)"
diff --git a/lisp/net/tramp-cmds.el b/lisp/net/tramp-cmds.el
index 6042209d4f0..a4f74383325 100644
--- a/lisp/net/tramp-cmds.el
+++ b/lisp/net/tramp-cmds.el
@@ -631,9 +631,9 @@ For details, see `tramp-rename-files'."
 (defcustom tramp-file-name-with-method "sudo"
  "Which method to be used in `tramp-file-name-with-sudo'."
  :group 'tramp
-  :version "30.1"
+  :version "31.1"
-  :type '(choice (const "su")
+  :type '(choice (const "su") (const "surs")
-                 (const "sudo")
+                 (const "sudo") (const "sudors")
                 (const "doas")
                 (const "run0")
                 (const "ksu"))
diff --git a/lisp/net/tramp-sh.el b/lisp/net/tramp-sh.el
index 8922adb7586..98e3cae5a79 100644
--- a/lisp/net/tramp-sh.el
+++ b/lisp/net/tramp-sh.el
@@ -522,6 +522,42 @@ The string is used in `tramp-methods'.")
  (tramp-set-completion-function "nc" tramp-completion-function-alist-telnet))
 ;;;###tramp-autoload
+(defun tramp-enable-surs-method ()
+  "Enable \"surs\" method."
+  (add-to-list 'tramp-methods
+               `("surs"
+                 (tramp-login-program        "su-rs")
+                 (tramp-login-args           (("-") ("%u")))
+                 (tramp-remote-shell         ,tramp-default-remote-shell)
+                 (tramp-remote-shell-login   ("-l"))
+                 (tramp-remote-shell-args    ("-c"))
+                 (tramp-connection-timeout   10)))
+  (add-to-list 'tramp-default-user-alist
+               `(,(rx bos "surs" eos) nil ,tramp-root-id-string))
+  (tramp-set-completion-function "surs" tramp-completion-function-alist-su))
+;;;###tramp-autoload
+(defun tramp-enable-sudors-method ()
+  "Enable \"sudors\" method."
+  (add-to-list 'tramp-methods
+               `("sudors"
+                 (tramp-login-program        "sudo-rs")
+                 (tramp-login-args           (("-u" "%u") ("-s") ("%l")))
+                 (tramp-remote-shell         ,tramp-default-remote-shell)
+                 (tramp-remote-shell-login   ("-l"))
+                 (tramp-remote-shell-args    ("-c"))
+                 (tramp-connection-timeout   10)
+                 (tramp-session-timeout      300)
+                 (tramp-password-previous-hop t)))
+  (add-to-list 'tramp-default-user-alist
+               `(,(rx bos "sudors" eos) nil ,tramp-root-id-string))
+  (tramp-set-completion-function "sudors" tramp-completion-function-alist-su))
+;;;###tramp-autoload
 (defun tramp-enable-run0-method ()
  "Enable \"run0\" method."
 (add-to-list 'tramp-methods
@@ -2964,7 +3000,10 @@ the result will be a local, non-Tramp, file name."
            ;; use a user name from the config file.
            (when (and (tramp-string-empty-or-nil-p uname)
                       (string-match-p
-                        (rx bos (| "su" "sudo" "doas" "run0" "ksu") eos) method))
+                        (rx bos
+                            (| "su" "surs" "sudo" "sudors" "doas" "run0" "ksu")
+                            eos)
+                        method))
              (setq uname user))
            (when (setq hname (tramp-get-home-directory v uname))
              (setq localname (concat hname fname)))))
diff --git a/lisp/net/tramp.el b/lisp/net/tramp.el
index 546ffa5d638..ec57aca0568 100644
--- a/lisp/net/tramp.el
+++ b/lisp/net/tramp.el
@@ -418,12 +418,12 @@ Notes:
 All these arguments can be overwritten by connection properties.
 See Info node `(tramp) Predefined connection information'.
-When using `su', `sudo' or `doas' the phrase \"open connection to
+When using `su', `surs', `sg', `sudo', `sudors', `doas', `run0' or `ksu'
-a remote host\" sounds strange, but it is used nevertheless, for
+the phrase \"open connection to a remote host\" sounds strange, but it
-consistency.  No connection is opened to a remote host, but `su',
+is used nevertheless, for consistency.  No connection is opened to a
-`sudo' or `doas' is started on the local host.  You should
+remote host, but the respective command is started on the local host.
-specify a remote host `localhost' or the name of the local host.
+You should specify a remote host `localhost' or the name of the local
-Another host name is useful only in combination with
+host.  Another host name is useful only in combination with
 `tramp-default-proxies-alist'.")
 (defcustom tramp-default-method
@@ -5239,10 +5239,11 @@ Do not set it manually, it is used buffer-local in `tramp-get-lock-pid'.")
             vec "Method `%s' is not supported for multi-hops"
             (tramp-file-name-method item)))))
-      ;; Some methods ("su", "sg", "sudo", "doas", "run0", "ksu") do
+      ;; Some methods ("su", "surs", "sg", "sudo", "sudors", "doas",
-      ;; not use the host name in their command template.  In this
+      ;; "run0", "ksu") do not use the host name in their command
-      ;; case, the remote file name must use either a local host name
+      ;; template.  In this case, the remote file name must use either
-      ;; (first hop), or a host name matching the previous hop.
+      ;; a local host name (first hop), or a host name matching the
+      ;; previous hop.
      (let ((previous-host (or tramp-local-host-regexp "")))
        (setq choices target-alist)
        (while (setq item (pop choices))
diff --git a/test/lisp/comint-tests.el b/test/lisp/comint-tests.el
index d981aad7198..0ae5daa70ca 100644
--- a/test/lisp/comint-tests.el
+++ b/test/lisp/comint-tests.el
@@ -38,6 +38,8 @@
    "Enter your password: "             ; python3 -m twine ... Bug#37636
    "Passphrase for key root@GNU.ORG: " ; plink
    "[sudo] password for user:" ; Ubuntu sudo
+    "[sudo: authenticate] Password:" ; sudo-rs
+    "[su: authenticate] Password:" ; su-rs
    "[sudo] user 的密码：" ; localized
    "doas (user@host) password:" ; OpenBSD doas
    "PIN for user:"        ; Bug#35523
author	Michael Albinus	2025-10-15 10:30:29 +0200
committer	Michael Albinus	2025-10-15 10:30:29 +0200
commit	53fa2b72183e110cc6da3ce172c48e40d3fea3c7 (patch)
tree	7168f7b85363aca07ef77b917a160d9f2637a2e4
parent	7845936cbbf8c56a4d57700fbd10246b7288aa01 (diff)
download	emacs-53fa2b72183e110cc6da3ce172c48e40d3fea3c7.tar.gz emacs-53fa2b72183e110cc6da3ce172c48e40d3fea3c7.zip