From 12333dded6c24e8fa06f246f3843bd78bcf1fc07 Mon Sep 17 00:00:00 2001
From: Dominik Richter <dominik.richter@gmail.com>
Date: Tue, 30 May 2017 17:16:59 -0400
Subject: [PATCH] prevent sudo on localhost targets

See the original PR here: https://github.com/chef/inspec/pull/1741

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
---
 lib/train.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/train.rb b/lib/train.rb
index 960f9b53..e20e2961 100644
--- a/lib/train.rb
+++ b/lib/train.rb
@@ -116,6 +116,12 @@ def self.parse_uri(string)
   def self.validate_backend(conf, default = :local)
     return default if conf.nil?
     res = conf[:backend]
+
+    if (res.nil? || res == 'localhost') && conf[:sudo]
+      fail Train::UserError, 'Sudo is only valid when running against a remote host. '\
+        'To run this locally with elevated privileges, run the command with `sudo ...`.'
+    end
+
     return res if !res.nil?
 
     if !conf[:target].nil?