enable-tor: No longer needs to be run as root.
When run by not root, su's to root automatically. This commit was sponsored by Brock Spratlen on Patreon.
This commit is contained in:
Joey Hess
parent
944a6503b9
commit
f7ca2b92fb
6 changed files with 92 additions and 6 deletions
|
|
@ -5,12 +5,20 @@
|
|||
- Licensed under the GNU GPL version 3 or higher.
|
||||
-}
|
||||
|
||||
{-# LANGUAGE CPP #-}
|
||||
|
||||
module Command.EnableTor where
|
||||
|
||||
import Command
|
||||
import P2P.Address
|
||||
import Utility.Tor
|
||||
import Annex.UUID
|
||||
import Config.Files
|
||||
|
||||
#ifndef mingw32_HOST_OS
|
||||
import Utility.Su
|
||||
import System.Posix.User
|
||||
#endif
|
||||
|
||||
-- This runs as root, so avoid making any commits or initializing
|
||||
-- git-annex, or doing other things that create root-owned files.
|
||||
|
|
@ -23,9 +31,27 @@ seek :: CmdParams -> CommandSeek
|
|||
seek = withWords start
|
||||
|
||||
start :: [String] -> CommandStart
|
||||
start ps = case readish =<< headMaybe ps of
|
||||
Nothing -> giveup "Bad params"
|
||||
Just userid -> do
|
||||
start os = do
|
||||
#ifndef mingw32_HOST_OS
|
||||
curruserid <- liftIO getEffectiveUserID
|
||||
if curruserid == 0
|
||||
then case readish =<< headMaybe os of
|
||||
Nothing -> giveup "Need user-id parameter."
|
||||
Just userid -> go userid
|
||||
else do
|
||||
liftIO $ putStrLn "Need root access to enable tor..."
|
||||
gitannex <- liftIO readProgramFile
|
||||
let ps = [Param (cmdname cmd), Param (show curruserid)]
|
||||
ifM (liftIO $ runAsRoot gitannex ps)
|
||||
( stop
|
||||
, giveup $ unwords $
|
||||
[ "Failed to run as root:" , gitannex ] ++ toCommand ps
|
||||
)
|
||||
#else
|
||||
go 0
|
||||
#endif
|
||||
where
|
||||
go userid = do
|
||||
uuid <- getUUID
|
||||
when (uuid == NoUUID) $
|
||||
giveup "This can only be run in a git-annex repository."
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue