From 0e6c1f902549914e2a34023f60319467e1c90a1c Mon Sep 17 00:00:00 2001
From: Axel Burri <axel@tty0.ch>
Date: Tue, 23 Oct 2018 15:34:36 +0200
Subject: [PATCH] btrbk: fix regression: call "sudo readlink" for
 backend=btrfs-progs-sudo

It is possible that the subvolume path is not accessible by the user
calling btrbk. When resolving mount points, "readlink" is used on the
path, which also needs to be wrapped with "sudo".
---
 btrbk                     | 4 ++--
 doc/btrbk.conf.5.asciidoc | 4 ++--
 ssh_filter_btrbk.sh       | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/btrbk b/btrbk
index 5cff413..aae1a25 100755
--- a/btrbk
+++ b/btrbk
@@ -232,6 +232,7 @@ my %backend_cmd_map = (
                            "btrfs receive"            => [ "sudo", "-n", "btrfs", "receive"               ],
                            "btrfs filesystem usage"   => [ "sudo", "-n", "btrfs", "filesystem", "usage"   ],
                            "btrfs qgroup destroy"     => [ "sudo", "-n", "btrfs", "qgroup", "destroy"     ],
+                           "readlink"                 => [ "sudo", "-n", "readlink"                       ],
                          },
 );
 
@@ -1813,7 +1814,7 @@ sub system_realpath($)
 
   my $path = $vol->{PATH} // die;;
   my @quiet = ($loglevel < 3) ? ('-q') : ();
-  my $ret = run_cmd(cmd => [ qw(readlink), '-e', @quiet, { unsafe => $path } ],
+  my $ret = run_cmd(cmd => vinfo_cmd($vol, "readlink", '-e', @quiet, { unsafe => $path } ),
                     rsh => vinfo_rsh($vol),
                     non_destructive => 1,
                    );
@@ -2429,7 +2430,6 @@ sub vinfo_cmd($$@)
   }
   else {
     my @ret_cmd = split(/\s/, $cmd);
-    die unless($ret_cmd[0] eq 'btrfs');
     TRACE "vinfo_cmd: no mapping found for backend=$backend cmd=\"$cmd\", assuming btrfs-progs: " . join(' ', @ret_cmd);
     $ret = [ @ret_cmd, @cmd_args ];
   }
diff --git a/doc/btrbk.conf.5.asciidoc b/doc/btrbk.conf.5.asciidoc
index 4fed055..e817f52 100644
--- a/doc/btrbk.conf.5.asciidoc
+++ b/doc/btrbk.conf.5.asciidoc
@@ -345,8 +345,8 @@ btrfs-progs-btrbk::
 btrfs-progs-sudo::
     btrfs commands are prefixed with "sudo -n" (e.g. "sudo -n btrfs
     subvolume show" instead of "btrfs subvolume show"). Make sure to
-    have appropriate (root) permissions for "btrfs" command groups in
-    /etc/sudoers.
+    have appropriate (root) permissions for the "btrfs" command groups
+    and the "readlink" command in /etc/sudoers.
 --
 +
 For convenience, it is also possible to set *backend_local* or
diff --git a/ssh_filter_btrbk.sh b/ssh_filter_btrbk.sh
index 69775c1..8f47c46 100755
--- a/ssh_filter_btrbk.sh
+++ b/ssh_filter_btrbk.sh
@@ -163,7 +163,7 @@ done
 
 allow_cmd "${sudo_prefix}btrfs subvolume show"; # subvolume queries are always allowed
 allow_exact_cmd "${sudo_prefix}btrfs subvolume list ${file_match}"; # subvolume queries are always allowed
-allow_cmd "readlink"                            # used to resolve mountpoints
+allow_cmd "${sudo_prefix}readlink"              # used to resolve mountpoints
 allow_exact_cmd "cat /proc/self/mountinfo"      # used to resolve mountpoints
 allow_exact_cmd "cat /proc/self/mounts"         # legacy, for btrbk < 0.27.0