Prevent default use of shell when running commands as postgres

so that our sudoers config can work as expected
2019-02-22 15:28:06 -06:00 · 2019-02-22 15:28:06 -06:00 · c8e24a55cf
parent c87ef42bad
commit c8e24a55cf
1 changed files with 7 additions and 7 deletions
--- a/rattail_fabric/postgresql.py
+++ b/rattail_fabric/postgresql.py
@ -59,7 +59,7 @@ def sql(sql, database='', port=None):
    cmd = 'psql {port} --tuples-only --no-align --command="{sql}" {database}'.format(
        port='--port={}'.format(port) if port else '',
        sql=sql, database=database)
-    return sudo(cmd, user='postgres')
+    return sudo(cmd, user='postgres', shell=False)


 def script(path, database='', port=None, user=None, password=None):
@ -75,7 +75,7 @@ def script(path, database='', port=None, user=None, password=None):

    else: # run as postgres
        kw = dict(port=port, path=path, db=database)
-        return sudo("psql {port} --file='{path}' {db}".format(**kw), user='postgres')
+        return sudo("psql {port} --file='{path}' {db}".format(**kw), user='postgres', shell=False)


 def user_exists(name, port=None):
@ -95,7 +95,7 @@ def create_user(name, password=None, port=None, checkfirst=True, createdb=False)
            port='--port={}'.format(port) if port else '',
            createdb='--{}createdb'.format('' if createdb else 'no-'),
            name=name)
-        sudo(cmd, user='postgres')
+        sudo(cmd, user='postgres', shell=False)
        if password:
            set_user_password(name, password, port=port)

@ -125,7 +125,7 @@ def create_db(name, owner=None, port=None, checkfirst=True):
            port='--port={}'.format(port) if port else '',
            owner='--owner={}'.format(owner) if owner else '',
            name=name)
-        sudo(cmd, user='postgres')
+        sudo(cmd, user='postgres', shell=False)


 def create_schema(name, dbname, owner='rattail', port=None):
@ -141,7 +141,7 @@ def drop_db(name, checkfirst=True):
    Drop a PostgreSQL database.
    """
    if not checkfirst or db_exists(name):
-        sudo('dropdb {}'.format(name), user='postgres')
+        sudo('dropdb {}'.format(name), user='postgres', shell=False)


 def download_db(name, destination=None, port=None, exclude_tables=None):
@ -156,7 +156,7 @@ def download_db(name, destination=None, port=None, exclude_tables=None):
        name=name,
        port='--port={}'.format(port) if port else '',
        exclude_tables='--exclude-table-data={}'.format(exclude_tables) if exclude_tables else '')
-    sudo(cmd, user='postgres')
+    sudo(cmd, user='postgres', shell=False)
    run('gzip --force {0}.sql'.format(name))
    get('{0}.sql.gz'.format(name), destination)
    run('rm {0}.sql.gz'.format(name))
@ -193,5 +193,5 @@ def clone_db(name, owner, download, user='rattail', force=False, workdir=None):

    # restore database on target server
    run('gunzip --force {}.sql.gz'.format(name))
-    sudo('psql --echo-errors --file={0}.sql {0}'.format(name), user='postgres')
+    sudo('psql --echo-errors --file={0}.sql {0}'.format(name), user='postgres', shell=False)
    run('rm {}.sql'.format(name))