diff options
| author | Cesar Crusius <ccrusius@cisco.com> | 2015-09-18 08:43:52 -0700 |
|---|---|---|
| committer | Cesar Crusius <ccrusius@cisco.com> | 2015-09-18 08:43:52 -0700 |
| commit | 5119baf9cb8327f9f682f9446d923a1a3cf89a13 (patch) | |
| tree | cea06a33637f39df6d68ed0ac9e8fc6de30c6b1a /priv | |
| parent | c376ef688e5944fc2133c442beafc4f8247d1ee4 (diff) | |
| download | rebar-5119baf9cb8327f9f682f9446d923a1a3cf89a13.tar.gz | |
Fix #544 even more.
A bunch of fixes:
* Only try to find out the user that is running the script if
that's necessary. That allows us to error out if we can't find
the user name.
* Fallback to 'whoami' in the unlikely case that 'id -un' does
not work.
* Use 'su' if 'sudo' is not installed, and if the user is 'root'.
(The 'sudo' binary is not installed by default in many OSs.)
Diffstat (limited to 'priv')
| -rwxr-xr-x | priv/templates/simplenode.runner | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/priv/templates/simplenode.runner b/priv/templates/simplenode.runner index 887867b..ba43817 100755 --- a/priv/templates/simplenode.runner +++ b/priv/templates/simplenode.runner @@ -22,17 +22,31 @@ RUNNER_ETC_DIR=$RUNNER_BASE_DIR/etc # Note the trailing slash on $PIPE_DIR/ PIPE_DIR=/tmp/$RUNNER_BASE_DIR/ RUNNER_USER= -WHOAMI=$(id -un) # Make sure this script is running as the appropriate user -if ([ "$RUNNER_USER" ] && [ "x$WHOAMI" != "x$RUNNER_USER" ]); then - type sudo > /dev/null 2>&1 +if [ "$RUNNER_USER" ]; then + WHOAMI=$(id -un 2>/dev/null || whoami 2>/dev/null) if [ $? -ne 0 ]; then - echo "sudo doesn't appear to be installed and your EUID isn't $RUNNER_USER" 1>&2 + echo "Could not determine user name." exit 1 fi - echo "Attempting to restart script through sudo -H -u $RUNNER_USER" >&2 - exec sudo -H -u $RUNNER_USER -i $RUNNER_SCRIPT_DIR/$RUNNER_SCRIPT $@ + if [ "x$WHOAMI" != "x$RUNNER_USER" ]; then + # The 'su' command is more portable, but can't be configured as 'sudo' + # can to allow non-interactive calls from non-root users. + type sudo > /dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "Attempting to restart script through sudo -H -u $RUNNER_USER" >&2 + exec sudo -H -u $RUNNER_USER -i $RUNNER_SCRIPT_DIR/$RUNNER_SCRIPT $@ + else + if [ "x$WHOAMI" != "xroot" ]; then + echo "Only root can run $RUNNER_SCRIPT as $RUNNER_USER without requiring a password." + exit 1 + else + echo "Attempting to restart script through su $RUNNER_USER" >&2 + exec su $RUNNER_USER -c $RUNNER_SCRIPT_DIR/$RUNNER_SCRIPT $@ + fi + fi + fi fi # Identify the script name |