dom0/qvm-tools: Warn the user when running qvm-tool as root is not recommended (#612)

This commit is contained in:
Marek Marczykowski 2012-07-11 23:53:23 +02:00
parent 6686159750
commit ba81866b2f
8 changed files with 72 additions and 0 deletions

View File

@ -37,6 +37,8 @@ def main():
parser.add_option ("-c", "--conf", dest="conf_file", parser.add_option ("-c", "--conf", dest="conf_file",
help="Specify the Xen VM .conf file to use\ help="Specify the Xen VM .conf file to use\
(relative to the template dir path)") (relative to the template dir path)")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if (len (args) != 2): if (len (args) != 2):
@ -44,6 +46,13 @@ def main():
vmname = args[0] vmname = args[0]
templatename = args[1] templatename = args[1]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_writing() qvm_collection.lock_db_for_writing()
qvm_collection.load() qvm_collection.load()

View File

@ -38,6 +38,8 @@ def main():
parser.add_option ("--rpm", action="store_true", dest="installed_by_rpm", parser.add_option ("--rpm", action="store_true", dest="installed_by_rpm",
help="Template files have been installed by RPM", default=False) help="Template files have been installed by RPM", default=False)
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
@ -45,6 +47,13 @@ def main():
parser.error ("You must specify at least the TemplateVM name!") parser.error ("You must specify at least the TemplateVM name!")
vmname = args[0] vmname = args[0]
if os.geteuid() == 0:
if not options.force_root and not options.installed_by_rpm:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_writing() qvm_collection.lock_db_for_writing()
qvm_collection.load() qvm_collection.load()

View File

@ -36,6 +36,8 @@ def main():
parser.add_option ("-x", "--exclude", action="append", dest="exclude_list", parser.add_option ("-x", "--exclude", action="append", dest="exclude_list",
help="Exclude the specified VM from backup (might be repeated)") help="Exclude the specified VM from backup (might be repeated)")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
@ -46,6 +48,13 @@ def main():
base_backup_dir = args[0] base_backup_dir = args[0]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
# Only for locking # Only for locking
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_reading() qvm_collection.lock_db_for_reading()

View File

@ -50,9 +50,18 @@ def main():
help="Fail when device already connected to other VM") help="Fail when device already connected to other VM")
parser.add_option ("--show-system-disks", dest="system_disks", action="store_true", default=False, parser.add_option ("--show-system-disks", dest="system_disks", action="store_true", default=False,
help="List also system disks") help="List also system disks")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
if options.do_file_attach: if options.do_file_attach:
options.do_attach = True options.do_attach = True

View File

@ -34,6 +34,8 @@ def main():
parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True) parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True)
parser.add_option ("-p", "--path", dest="dir_path", parser.add_option ("-p", "--path", dest="dir_path",
help="Specify path to the template directory") help="Specify path to the template directory")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if (len (args) != 2): if (len (args) != 2):
@ -41,6 +43,13 @@ def main():
srcname = args[0] srcname = args[0]
dstname = args[1] dstname = args[1]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_writing() qvm_collection.lock_db_for_writing()
qvm_collection.load() qvm_collection.load()

View File

@ -257,6 +257,8 @@ def main():
parser.add_option ("-n", "--numeric", dest="numeric", action="store_true", default=False, parser.add_option ("-n", "--numeric", dest="numeric", action="store_true", default=False,
help="Display port numbers instead of services (makes sense only with --list)") help="Display port numbers instead of services (makes sense only with --list)")
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if (len (args) < 1): if (len (args) < 1):
@ -264,6 +266,13 @@ def main():
vmname = args[0] vmname = args[0]
args = args[1:] args = args[1:]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
if options.do_add or options.do_del or options.set_policy or options.set_icmp or options.set_dns or options.set_yum_proxy: if options.do_add or options.do_del or options.set_policy or options.set_icmp or options.set_dns or options.set_yum_proxy:
options.do_list = False options.do_list = False
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()

View File

@ -386,6 +386,8 @@ def main():
parser = OptionParser (usage) parser = OptionParser (usage)
parser.add_option ("-l", "--list", action="store_true", dest="do_list", default=False) parser.add_option ("-l", "--list", action="store_true", dest="do_list", default=False)
parser.add_option ("-s", "--set", action="store_true", dest="do_set", default=False) parser.add_option ("-s", "--set", action="store_true", dest="do_set", default=False)
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if (len (args) < 1): if (len (args) < 1):
@ -393,6 +395,13 @@ def main():
vmname = args[0] vmname = args[0]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
if options.do_list and options.do_set: if options.do_list and options.do_set:
print >> sys.stderr, "You cannot provide -l and -s at the same time!" print >> sys.stderr, "You cannot provide -l and -s at the same time!"
exit (1) exit (1)

View File

@ -143,6 +143,8 @@ def main():
parser = OptionParser (usage) parser = OptionParser (usage)
parser.add_option ("-v", "--verbose", action="store_true", dest="verbose", default=False) parser.add_option ("-v", "--verbose", action="store_true", dest="verbose", default=False)
parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
help="Force to run, even with root privileges")
(options, args) = parser.parse_args () (options, args) = parser.parse_args ()
if (len (args) != 1) and env_vmname is None: if (len (args) != 1) and env_vmname is None:
@ -153,6 +155,13 @@ def main():
else: else:
vmname=args[0] vmname=args[0]
if os.geteuid() == 0:
if not options.force_root:
print >> sys.stderr, "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
print >> sys.stderr, "Retry as unprivileged user."
print >> sys.stderr, "... or use --force-root to continue anyway."
exit(1)
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_reading() qvm_collection.lock_db_for_reading()
qvm_collection.load() qvm_collection.load()