From 745e5e4017d9c1947f669b508719afe30227fe5c Mon Sep 17 00:00:00 2001
From: Sean Whitton <spwhitton@spwhitton.name>
Date: Sat, 27 Mar 2021 16:10:28 -0700
Subject: :CHROOT.FORK: check for Lisp-type connection and root

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
---
 src/connection/chroot/fork.lisp | 2 ++
 src/package.lisp                | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/connection/chroot/fork.lisp b/src/connection/chroot/fork.lisp
index 0983def..50dcbc9 100644
--- a/src/connection/chroot/fork.lisp
+++ b/src/connection/chroot/fork.lisp
@@ -25,6 +25,8 @@
   #-(or sbcl) (foreign-funcall "chroot" :string path :int))
 
 (defmethod establish-connection ((type (eql :chroot.fork)) remaining &key into)
+  (unless (and (lisp-connection-p) (zerop (foreign-funcall "geteuid" :int)))
+    (error "~&Forking into a chroot requires a Lisp image running as root"))
   (informat 1 "~&Forking into chroot at ~A" into)
   (with-fork-connection (remaining)
       (unless (zerop (chroot into))
diff --git a/src/package.lisp b/src/package.lisp
index c2fa817..26d5ef8 100644
--- a/src/package.lisp
+++ b/src/package.lisp
@@ -341,7 +341,7 @@
   (:use #:cl
 	#:consfigurator
 	#:consfigurator.connection.fork
-	#-(or sbcl) #:cffi))
+	#:cffi))
 
 (defpackage :consfigurator.connection.chroot.shell
   (:use #:cl
-- 
cgit v1.2.3