[ostree] Add OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER
- From: Colin Walters <walters src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [ostree] Add OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER
- Date: Wed, 25 Mar 2015 21:25:43 +0000 (UTC)
commit aeab9df4fed450b2373c3b113d2b1008b33dadce
Author: Matthew Barnes <mbarnes redhat com>
Date: Sun Feb 22 16:06:39 2015 -0500
Add OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER
Indicates the command requires superuser privilege. Fails early with
a more helpful message than would otherwise be returned by libostree.
Currently all admin commands except 'status' require superuser.
src/ostree/ot-admin-builtin-cleanup.c | 2 +-
src/ostree/ot-admin-builtin-deploy.c | 2 +-
src/ostree/ot-admin-builtin-diff.c | 2 +-
src/ostree/ot-admin-builtin-init-fs.c | 2 +-
src/ostree/ot-admin-builtin-instutil.c | 2 +-
src/ostree/ot-admin-builtin-os-init.c | 2 +-
src/ostree/ot-admin-builtin-set-origin.c | 2 +-
src/ostree/ot-admin-builtin-switch.c | 2 +-
src/ostree/ot-admin-builtin-undeploy.c | 2 +-
src/ostree/ot-admin-builtin-upgrade.c | 2 +-
.../ot-admin-instutil-builtin-grub2-generate.c | 2 +-
...admin-instutil-builtin-selinux-ensure-labeled.c | 2 +-
src/ostree/ot-admin-instutil-builtin-set-kargs.c | 2 +-
src/ostree/ot-main.c | 10 ++++++++++
src/ostree/ot-main.h | 1 +
15 files changed, 24 insertions(+), 13 deletions(-)
---
diff --git a/src/ostree/ot-admin-builtin-cleanup.c b/src/ostree/ot-admin-builtin-cleanup.c
index 8607c11..98baf86 100644
--- a/src/ostree/ot-admin-builtin-cleanup.c
+++ b/src/ostree/ot-admin-builtin-cleanup.c
@@ -44,7 +44,7 @@ ot_admin_builtin_cleanup (int argc, char **argv, GCancellable *cancellable, GErr
context = g_option_context_new ("Delete untagged deployments and repository objects");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-deploy.c b/src/ostree/ot-admin-builtin-deploy.c
index 6e6acfc..091a7ea 100644
--- a/src/ostree/ot-admin-builtin-deploy.c
+++ b/src/ostree/ot-admin-builtin-deploy.c
@@ -67,7 +67,7 @@ ot_admin_builtin_deploy (int argc, char **argv, GCancellable *cancellable, GErro
context = g_option_context_new ("REFSPEC - Checkout revision REFSPEC as the new default deployment");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-diff.c b/src/ostree/ot-admin-builtin-diff.c
index be225d9..ede1f6e 100644
--- a/src/ostree/ot-admin-builtin-diff.c
+++ b/src/ostree/ot-admin-builtin-diff.c
@@ -56,7 +56,7 @@ ot_admin_builtin_diff (int argc, char **argv, GCancellable *cancellable, GError
g_option_context_add_main_entries (context, options, NULL);
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-init-fs.c b/src/ostree/ot-admin-builtin-init-fs.c
index c6e76be..d24becc 100644
--- a/src/ostree/ot-admin-builtin-init-fs.c
+++ b/src/ostree/ot-admin-builtin-init-fs.c
@@ -49,7 +49,7 @@ ot_admin_builtin_init_fs (int argc, char **argv, GCancellable *cancellable, GErr
context = g_option_context_new ("PATH - Initialize a root filesystem");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-instutil.c b/src/ostree/ot-admin-builtin-instutil.c
index 2d40487..58bb78f 100644
--- a/src/ostree/ot-admin-builtin-instutil.c
+++ b/src/ostree/ot-admin-builtin-instutil.c
@@ -117,7 +117,7 @@ ot_admin_builtin_instutil (int argc, char **argv, GCancellable *cancellable, GEr
/* This will not return for some options (e.g. --version). */
if (ostree_admin_option_context_parse (context, NULL, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
NULL, cancellable, error))
{
if (subcommand_name == NULL)
diff --git a/src/ostree/ot-admin-builtin-os-init.c b/src/ostree/ot-admin-builtin-os-init.c
index 2927fe7..b4e317c 100644
--- a/src/ostree/ot-admin-builtin-os-init.c
+++ b/src/ostree/ot-admin-builtin-os-init.c
@@ -47,7 +47,7 @@ ot_admin_builtin_os_init (int argc, char **argv, GCancellable *cancellable, GErr
context = g_option_context_new ("OSNAME - Initialize empty state for given operating system");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-set-origin.c b/src/ostree/ot-admin-builtin-set-origin.c
index 21d8ac9..ed2b44a 100644
--- a/src/ostree/ot-admin-builtin-set-origin.c
+++ b/src/ostree/ot-admin-builtin-set-origin.c
@@ -56,7 +56,7 @@ ot_admin_builtin_set_origin (int argc, char **argv, GCancellable *cancellable, G
context = g_option_context_new ("REMOTENAME URL [BRANCH]");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-switch.c b/src/ostree/ot-admin-builtin-switch.c
index 7cfaebf..ab6334f 100644
--- a/src/ostree/ot-admin-builtin-switch.c
+++ b/src/ostree/ot-admin-builtin-switch.c
@@ -69,7 +69,7 @@ ot_admin_builtin_switch (int argc, char **argv, GCancellable *cancellable, GErro
context = g_option_context_new ("REF - Construct new tree from current origin and deploy it, if it
changed");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-undeploy.c b/src/ostree/ot-admin-builtin-undeploy.c
index be864b1..3390ee9 100644
--- a/src/ostree/ot-admin-builtin-undeploy.c
+++ b/src/ostree/ot-admin-builtin-undeploy.c
@@ -47,7 +47,7 @@ ot_admin_builtin_undeploy (int argc, char **argv, GCancellable *cancellable, GEr
context = g_option_context_new ("INDEX - Delete deployment INDEX");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-builtin-upgrade.c b/src/ostree/ot-admin-builtin-upgrade.c
index a1e4aa3..25308aa 100644
--- a/src/ostree/ot-admin-builtin-upgrade.c
+++ b/src/ostree/ot-admin-builtin-upgrade.c
@@ -68,7 +68,7 @@ ot_admin_builtin_upgrade (int argc, char **argv, GCancellable *cancellable, GErr
context = g_option_context_new ("Construct new tree from current origin and deploy it, if it changed");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-instutil-builtin-grub2-generate.c
b/src/ostree/ot-admin-instutil-builtin-grub2-generate.c
index 3af1f34..1903a44 100644
--- a/src/ostree/ot-admin-instutil-builtin-grub2-generate.c
+++ b/src/ostree/ot-admin-instutil-builtin-grub2-generate.c
@@ -48,7 +48,7 @@ ot_admin_instutil_builtin_grub2_generate (int argc, char **argv, GCancellable *c
context = g_option_context_new ("[BOOTVERSION] - generate GRUB2 configuration from given BLS entries");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-instutil-builtin-selinux-ensure-labeled.c
b/src/ostree/ot-admin-instutil-builtin-selinux-ensure-labeled.c
index 130cf3b..bc20799 100644
--- a/src/ostree/ot-admin-instutil-builtin-selinux-ensure-labeled.c
+++ b/src/ostree/ot-admin-instutil-builtin-selinux-ensure-labeled.c
@@ -195,7 +195,7 @@ ot_admin_instutil_builtin_selinux_ensure_labeled (int argc, char **argv, GCancel
context = g_option_context_new ("[SUBPATH PREFIX] - relabel all or part of a deployment");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-admin-instutil-builtin-set-kargs.c
b/src/ostree/ot-admin-instutil-builtin-set-kargs.c
index 9bbad88..9150a26 100644
--- a/src/ostree/ot-admin-instutil-builtin-set-kargs.c
+++ b/src/ostree/ot-admin-instutil-builtin-set-kargs.c
@@ -57,7 +57,7 @@ ot_admin_instutil_builtin_set_kargs (int argc, char **argv, GCancellable *cancel
context = g_option_context_new ("ARGS - set new kernel command line arguments");
if (!ostree_admin_option_context_parse (context, options, &argc, &argv,
- OSTREE_ADMIN_BUILTIN_FLAG_NONE,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER,
&sysroot, cancellable, error))
goto out;
diff --git a/src/ostree/ot-main.c b/src/ostree/ot-main.c
index b1ad20e..10ff748 100644
--- a/src/ostree/ot-main.c
+++ b/src/ostree/ot-main.c
@@ -325,6 +325,16 @@ ostree_admin_option_context_parse (GOptionContext *context,
if (!ostree_option_context_parse (context, main_entries, argc, argv, OSTREE_BUILTIN_FLAG_NO_REPO, NULL,
cancellable, error))
goto out;
+ if (flags & OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER)
+ {
+ if (getuid () != 0)
+ {
+ g_set_error (error, G_IO_ERROR, G_IO_ERROR_PERMISSION_DENIED,
+ "You must be root to perform this command");
+ goto out;
+ }
+ }
+
sysroot_path = g_file_new_for_path (opt_sysroot);
sysroot = ostree_sysroot_new (sysroot_path);
diff --git a/src/ostree/ot-main.h b/src/ostree/ot-main.h
index b1c58a0..2ea5755 100644
--- a/src/ostree/ot-main.h
+++ b/src/ostree/ot-main.h
@@ -32,6 +32,7 @@ typedef enum {
typedef enum {
OSTREE_ADMIN_BUILTIN_FLAG_NONE = 0,
+ OSTREE_ADMIN_BUILTIN_FLAG_SUPERUSER = 1 << 0
} OstreeAdminBuiltinFlags;
typedef struct {
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
