Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

dom0/qvm-tools: Warn the user when running qvm-tool as root is not recommended (#612)

Browse Source
This commit is contained in:
Marek Marczykowski 2012-07-11 23:53:23 +02:00
parent 900d42ff63
commit b42e09e4ba
8 changed files with 72 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
dom0/qvm-tools/qvm-add-appvm
View File

@ -37,6 +37,8 @@ def main():
parser.add_option ("-c", "--conf", dest="conf_file",
help="Specify the Xen VM .conf file to use\
(relative to the template dir path)")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
if (len (args) != 2):
@ -44,6 +46,13 @@ def main():
vmname = args[0]
templatename = args[1]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_writing()
qvm_collection.load()

9
dom0/qvm-tools/qvm-add-template
View File

@ -38,6 +38,8 @@ def main():
parser.add_option ("--rpm", action="store_true", dest="installed_by_rpm",
help="Template files have been installed by RPM", default=False)
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
@ -45,6 +47,13 @@ def main():
parser.error ("You must specify at least the TemplateVM name!")
vmname = args[0]
if os.geteuid() == 0:
if not options.force_root and not options.installed_by_rpm:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_writing()
qvm_collection.load()

9
dom0/qvm-tools/qvm-backup
View File

@ -36,6 +36,8 @@ def main():
parser.add_option ("-x", "--exclude", action="append", dest="exclude_list",
help="Exclude the specified VM from backup (might be repeated)")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
@ -46,6 +48,13 @@ def main():
base_backup_dir = args[0]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
# Only for locking
qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_reading()

9
dom0/qvm-tools/qvm-block
View File

@ -50,9 +50,18 @@ def main():
help="Fail when device already connected to other VM")
parser.add_option ("--show-system-disks", dest="system_disks", action="store_true", default=False,
help="List also system disks")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
if options.do_file_attach:
options.do_attach = True

9
dom0/qvm-tools/qvm-clone
View File

@ -34,6 +34,8 @@ def main():
parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True)
parser.add_option ("-p", "--path", dest="dir_path",
help="Specify path to the template directory")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
if (len (args) != 2):
@ -41,6 +43,13 @@ def main():
srcname = args[0]
dstname = args[1]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_writing()
qvm_collection.load()

9
dom0/qvm-tools/qvm-firewall
View File

@ -257,6 +257,8 @@ def main():
parser.add_option ("-n", "--numeric", dest="numeric", action="store_true", default=False,
help="Display port numbers instead of services (makes sense only with --list)")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
if (len (args) < 1):
@ -264,6 +266,13 @@ def main():
vmname = args[0]
args = args[1:]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
if options.do_add or options.do_del or options.set_policy or options.set_icmp or options.set_dns or options.set_yum_proxy:
options.do_list = False
qvm_collection = QubesVmCollection()

9
dom0/qvm-tools/qvm-prefs
View File

@ -342,6 +342,8 @@ def main():
parser = OptionParser (usage)
parser.add_option ("-l", "--list", action="store_true", dest="do_list", default=False)
parser.add_option ("-s", "--set", action="store_true", dest="do_set", default=False)
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
if (len (args) < 1):
@ -349,6 +351,13 @@ def main():
vmname = args[0]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
if options.do_list and options.do_set:
print >> sys.stderr, "You cannot provide -l and -s at the same time!"
exit (1)

9
dom0/qvm-tools/qvm-sync-appmenus
View File

@ -143,6 +143,8 @@ def main():
parser = OptionParser (usage)
parser.add_option ("-v", "--verbose", action="store_true", dest="verbose", default=False)
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args ()
if (len (args) != 1) and env_vmname is None:
@ -153,6 +155,13 @@ def main():
else:
vmname=args[0]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_reading()
qvm_collection.load()