diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-05-23 13:19:46 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-05-23 16:55:07 -0700 |
commit | b914693a33ffcf0764ea9bc87bcc573e5ddf9943 (patch) | |
tree | a5f1451810cf940d03aa33d0761aa82b050e819e /src/property.lisp | |
parent | e4bda1ac845991cb79e6f3ad21db1d54ee36ddd2 (diff) | |
download | consfigurator-b914693a33ffcf0764ea9bc87bcc573e5ddf9943.tar.gz |
convert CONNECTION slots to connattrs & fix finding homedirs
HOME does not take into account /etc/passwd inside the chroot, even when
starting a login shell with, e.g., "chroot /chroot sh -lc 'echo $HOME'" -- we
would need something which emulates login(1), like su(1), but the -c argument
to su(1) is not portable. getent(1) is not POSIX. So use tilde expansion.
Additionally, avoid having UPLOAD-ALL-PREREQUISITE-DATA store values for the
remote UID, remote homedir etc. from *before* the chroot/setuid operation.
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
Diffstat (limited to 'src/property.lisp')
-rw-r--r-- | src/property.lisp | 19 |
1 files changed, 2 insertions, 17 deletions
diff --git a/src/property.lisp b/src/property.lisp index cf213b8..5f2227c 100644 --- a/src/property.lisp +++ b/src/property.lisp @@ -503,23 +503,8 @@ PATH already has the specified CONTENT and MODE." (defun assert-euid-root () "Assert that the remote user has uid 0 (root)" - (if-let ((uid (slot-value *connection* 'remote-uid))) - (unless (zerop uid) - (failed-change "Property requires root to apply")) - (multiple-value-bind (out err exit) - (run :may-fail "id" "-u") - (unless (zerop exit) - (failed-change #?"Failed to run id(1) on remote system: ${err}")) - (let ((new-uid (parse-integer out))) - (unless (zerop new-uid) - (failed-change "Property requires root to apply")) - (setf (slot-value *connection* 'remote-uid) new-uid))))) - -(defun get-user () - "Get the remote username." - (or (slot-value *connection* 'remote-user) - (setf (slot-value *connection* 'remote-user) - (parse-username-from-id (mrun "id"))))) + (unless (zerop (get-connattr :remote-uid)) + (failed-change "Property requires root to apply"))) (defun assert-connection-supports (type) (unless (or (eq type :posix) (lisp-connection-p)) |