gsudo icon indicating copy to clipboard operation
gsudo copied to clipboard
verified publisher icon gerardog

Add -TrustedInstaller switch to Invoke-Gsudo

Open God-damnit-all opened this issue 2 years ago • 2 comments

This allows -TrustedInstaller to be used to send --ti to gsudo.

I gave -TrustedInstaller and -Credential their own parameter sets so they can't be used together. Through this process, I found out that even if you declare them together while using a string for the credential, the credential login from Windows still pops up before stopping you.

I removed the use of $dbg in the Start-Process line and the $user declaration since neither variable was being used for anything.

Honestly, I'd like to do a more comprehensive re-write of this script at some point.

God-damnit-all avatar Sep 19 '23 02:09 God-damnit-all

This allows -TrustedInstaller to be used to send --ti to gsudo.

Awesome! Thank you for getting involved.

I gave -TrustedInstaller and -Credential their own parameter sets so they can't be used together.

I like that.

Through this process, I found out that even if you declare them together while using a string for the credential, the credential login from Windows still pops up before stopping you.

Sorry, I don't understand...

I removed the use of $dbg in the Start-Process line and the $user declaration since neither variable was being used for anything.

💪

Honestly, I'd like to do a more comprehensive re-write of this script at some point.

Me too! Actually, I've already started rewriting it some time ago... But I got to a halt. I found a breaking change in the new approach and since I am doing gsudo only in my spare time, I didn't had the time to complete the re-write. To make things 'worse' I accidentally pushed, (and hence released in v2.4.0) the new approach as a new script named Invoke-ElevatedCommand.

The script file name was not even meant to be published, I put some alternative name to keep both files at the same time :). I did a huge mess.

The new script focuses on having all gsudo arguments, and using the hack of passing a scriptblock to gsudo pwsh which is then transparently serialized (user runs gsudo {echo 1} but the following is actually executed: gsudo -encodedCommand XX....XX, try it by running gsudo --debug {something} and looking at the Command Line info line.)

I didn't released it because Invoke-gsudo works better in try catch scenarios, or at least it mimics more closely what happens with invoke-command errors, so it would be a breaking change.

The idea was not to release Invoke-ElevatedCommand yet, and replace Invoke-Gsudo with it. The new approach has a powershell native syntax, while also using the brackets/encodedCommand trick (which performs way faster returning serialized objects). So I suggest you take a look at Invoke-ElevatedCommand first and then let me know what things do you think can be improved.

gerardog avatar Sep 19 '23 19:09 gerardog

Sorry, I don't understand...

This'll pop up first:

image

But only after it closes does it validate the parameters.

To counteract this, I have it call Get-Credential (if -Credential is a string) within the if-statement instead.

God-damnit-all avatar Sep 20 '23 06:09 God-damnit-all