dom0/qvm-tools: Warn the user when running qvm-tool as root is not recommended (#612)
This commit is contained in:
parent
6686159750
commit
ba81866b2f
@ -37,6 +37,8 @@ def main():
|
|||||||
parser.add_option ("-c", "--conf", dest="conf_file",
|
parser.add_option ("-c", "--conf", dest="conf_file",
|
||||||
help="Specify the Xen VM .conf file to use\
|
help="Specify the Xen VM .conf file to use\
|
||||||
(relative to the template dir path)")
|
(relative to the template dir path)")
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
if (len (args) != 2):
|
if (len (args) != 2):
|
||||||
@ -44,6 +46,13 @@ def main():
|
|||||||
vmname = args[0]
|
vmname = args[0]
|
||||||
templatename = args[1]
|
templatename = args[1]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
qvm_collection = QubesVmCollection()
|
qvm_collection = QubesVmCollection()
|
||||||
qvm_collection.lock_db_for_writing()
|
qvm_collection.lock_db_for_writing()
|
||||||
qvm_collection.load()
|
qvm_collection.load()
|
||||||
|
@ -38,6 +38,8 @@ def main():
|
|||||||
|
|
||||||
parser.add_option ("--rpm", action="store_true", dest="installed_by_rpm",
|
parser.add_option ("--rpm", action="store_true", dest="installed_by_rpm",
|
||||||
help="Template files have been installed by RPM", default=False)
|
help="Template files have been installed by RPM", default=False)
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
@ -45,6 +47,13 @@ def main():
|
|||||||
parser.error ("You must specify at least the TemplateVM name!")
|
parser.error ("You must specify at least the TemplateVM name!")
|
||||||
vmname = args[0]
|
vmname = args[0]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root and not options.installed_by_rpm:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
qvm_collection = QubesVmCollection()
|
qvm_collection = QubesVmCollection()
|
||||||
qvm_collection.lock_db_for_writing()
|
qvm_collection.lock_db_for_writing()
|
||||||
qvm_collection.load()
|
qvm_collection.load()
|
||||||
|
@ -36,6 +36,8 @@ def main():
|
|||||||
|
|
||||||
parser.add_option ("-x", "--exclude", action="append", dest="exclude_list",
|
parser.add_option ("-x", "--exclude", action="append", dest="exclude_list",
|
||||||
help="Exclude the specified VM from backup (might be repeated)")
|
help="Exclude the specified VM from backup (might be repeated)")
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
|
|
||||||
@ -46,6 +48,13 @@ def main():
|
|||||||
|
|
||||||
base_backup_dir = args[0]
|
base_backup_dir = args[0]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
# Only for locking
|
# Only for locking
|
||||||
qvm_collection = QubesVmCollection()
|
qvm_collection = QubesVmCollection()
|
||||||
qvm_collection.lock_db_for_reading()
|
qvm_collection.lock_db_for_reading()
|
||||||
|
@ -50,9 +50,18 @@ def main():
|
|||||||
help="Fail when device already connected to other VM")
|
help="Fail when device already connected to other VM")
|
||||||
parser.add_option ("--show-system-disks", dest="system_disks", action="store_true", default=False,
|
parser.add_option ("--show-system-disks", dest="system_disks", action="store_true", default=False,
|
||||||
help="List also system disks")
|
help="List also system disks")
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
if options.do_file_attach:
|
if options.do_file_attach:
|
||||||
options.do_attach = True
|
options.do_attach = True
|
||||||
|
|
||||||
|
@ -34,6 +34,8 @@ def main():
|
|||||||
parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True)
|
parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True)
|
||||||
parser.add_option ("-p", "--path", dest="dir_path",
|
parser.add_option ("-p", "--path", dest="dir_path",
|
||||||
help="Specify path to the template directory")
|
help="Specify path to the template directory")
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
if (len (args) != 2):
|
if (len (args) != 2):
|
||||||
@ -41,6 +43,13 @@ def main():
|
|||||||
srcname = args[0]
|
srcname = args[0]
|
||||||
dstname = args[1]
|
dstname = args[1]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
qvm_collection = QubesVmCollection()
|
qvm_collection = QubesVmCollection()
|
||||||
qvm_collection.lock_db_for_writing()
|
qvm_collection.lock_db_for_writing()
|
||||||
qvm_collection.load()
|
qvm_collection.load()
|
||||||
|
@ -257,6 +257,8 @@ def main():
|
|||||||
|
|
||||||
parser.add_option ("-n", "--numeric", dest="numeric", action="store_true", default=False,
|
parser.add_option ("-n", "--numeric", dest="numeric", action="store_true", default=False,
|
||||||
help="Display port numbers instead of services (makes sense only with --list)")
|
help="Display port numbers instead of services (makes sense only with --list)")
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
if (len (args) < 1):
|
if (len (args) < 1):
|
||||||
@ -264,6 +266,13 @@ def main():
|
|||||||
vmname = args[0]
|
vmname = args[0]
|
||||||
args = args[1:]
|
args = args[1:]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
if options.do_add or options.do_del or options.set_policy or options.set_icmp or options.set_dns or options.set_yum_proxy:
|
if options.do_add or options.do_del or options.set_policy or options.set_icmp or options.set_dns or options.set_yum_proxy:
|
||||||
options.do_list = False
|
options.do_list = False
|
||||||
qvm_collection = QubesVmCollection()
|
qvm_collection = QubesVmCollection()
|
||||||
|
@ -386,6 +386,8 @@ def main():
|
|||||||
parser = OptionParser (usage)
|
parser = OptionParser (usage)
|
||||||
parser.add_option ("-l", "--list", action="store_true", dest="do_list", default=False)
|
parser.add_option ("-l", "--list", action="store_true", dest="do_list", default=False)
|
||||||
parser.add_option ("-s", "--set", action="store_true", dest="do_set", default=False)
|
parser.add_option ("-s", "--set", action="store_true", dest="do_set", default=False)
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
if (len (args) < 1):
|
if (len (args) < 1):
|
||||||
@ -393,6 +395,13 @@ def main():
|
|||||||
|
|
||||||
vmname = args[0]
|
vmname = args[0]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
if options.do_list and options.do_set:
|
if options.do_list and options.do_set:
|
||||||
print >> sys.stderr, "You cannot provide -l and -s at the same time!"
|
print >> sys.stderr, "You cannot provide -l and -s at the same time!"
|
||||||
exit (1)
|
exit (1)
|
||||||
|
@ -143,6 +143,8 @@ def main():
|
|||||||
|
|
||||||
parser = OptionParser (usage)
|
parser = OptionParser (usage)
|
||||||
parser.add_option ("-v", "--verbose", action="store_true", dest="verbose", default=False)
|
parser.add_option ("-v", "--verbose", action="store_true", dest="verbose", default=False)
|
||||||
|
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
|
||||||
|
help="Force to run, even with root privileges")
|
||||||
|
|
||||||
(options, args) = parser.parse_args ()
|
(options, args) = parser.parse_args ()
|
||||||
if (len (args) != 1) and env_vmname is None:
|
if (len (args) != 1) and env_vmname is None:
|
||||||
@ -153,6 +155,13 @@ def main():
|
|||||||
else:
|
else:
|
||||||
vmname=args[0]
|
vmname=args[0]
|
||||||
|
|
||||||
|
if os.geteuid() == 0:
|
||||||
|
if not options.force_root:
|
||||||
|
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
|
||||||
|
print >> sys.stderr, "Retry as unprivileged user."
|
||||||
|
print >> sys.stderr, "... or use --force-root to continue anyway."
|
||||||
|
exit(1)
|
||||||
|
|
||||||
qvm_collection = QubesVmCollection()
|
qvm_collection = QubesVmCollection()
|
||||||
qvm_collection.lock_db_for_reading()
|
qvm_collection.lock_db_for_reading()
|
||||||
qvm_collection.load()
|
qvm_collection.load()
|
||||||
|
Loading…
Reference in New Issue
Block a user