From c569d4070e40ad059555203cbc16ecfc09980c57 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@mimuw.edu.pl>
Date: Wed, 6 Apr 2011 23:52:39 +0200
Subject: [PATCH] Warning the user if calling qvm-{create,remove} as root
 (#200)

---
 dom0/qvm-tools/qvm-create | 11 +++++++++++
 dom0/qvm-tools/qvm-remove | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/dom0/qvm-tools/qvm-create b/dom0/qvm-tools/qvm-create
index eaa86352..f6197590 100755
--- a/dom0/qvm-tools/qvm-create
+++ b/dom0/qvm-tools/qvm-create
@@ -65,6 +65,8 @@ def main():
                         help="VCPUs count")
     parser.add_option ("-i", "--internal", action="store_true", dest="internal", default=False,
                         help="Create VM for internal use only (hidden in qubes-manager, no appmenus)")
+    parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
+                       help="Force to run, even with root privileges")
  
     parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True)
     (options, args) = parser.parse_args ()
@@ -75,6 +77,15 @@ def main():
     if options.netvm and options.proxyvm:
         parser.error ("You must specify at most one of --proxy and --net")
         
+    if os.geteuid() == 0:
+        print "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
+        if options.force_root:
+            print "Continuing as commanded. You have been warned."
+        else:
+            print "Retry as unprivileged user."
+            print "... or use --force-root to continue anyway."
+            exit(1)
+
     if options.label is None:
         print "You must choose a label for the new VM by passing the --label option."
         print "Possible values are:"
diff --git a/dom0/qvm-tools/qvm-remove b/dom0/qvm-tools/qvm-remove
index e29cb6bd..a299ea51 100755
--- a/dom0/qvm-tools/qvm-remove
+++ b/dom0/qvm-tools/qvm-remove
@@ -29,6 +29,8 @@ def main():
     parser.add_option ("-q", "--quiet", action="store_false", dest="verbose", default=True)
     parser.add_option ("--just-db", action="store_true", dest="remove_from_db_only", default=False,
                       help="Remove only from the Qubes Xen DB, do not remove any files")
+    parser.add_option ("--force-root", action="store_true", dest="force_root", default=False,
+                       help="Force to run, even with root privileges")
     (options, args) = parser.parse_args ()
     if (len (args) != 1):
         parser.error ("You must specify VM name!")
@@ -42,6 +44,15 @@ def main():
         print "A VM with the name '{0}' does not exist in the system.".format(vmname)
         exit(1)
 
+    if os.geteuid() == 0:
+        print "*** Running this tool as root is strongly discouraged, this will lead you in permissions problems."
+        if options.force_root:
+            print "Continuing as commanded. You have been warned."
+        else:
+            print "Retry as unprivileged user."
+            print "... or use --force-root to continue anyway."
+            exit(1)
+
     if vm.is_template():
         dependent_vms = qvm_collection.get_vms_based_on(vm.qid)
         if len(dependent_vms) > 0: