[rancid] Re: user wich is running rancid-run [suggestion]
Diego Ercolani
diego.ercolani at ssis.sm
Wed Sep 23 07:20:03 UTC 2009
In data martedì 22 settembre 2009 16:59:29, hai scritto:
> Tue, Sep 22, 2009 at 12:29:02PM +0200, Diego Ercolani:
> >
> > The Solution:
> > =============
> > Can be only a little prehamble in rancid-run and rancid-cvs scripts that
> > verify the user which is running scripts:
> >
> > example:
> > >>>>>>>>>>>>>CUT>>>>>>>
> >
> > CORRECT_USER="rancid"
> > if [ "$USER" != "$CORRECT_USER" ]; then
> > echo "User $USER is not allowed to run $0!" >&2
> > echo "Please invoke $0 as user $CORRECT_USER" >&2
exit -1
> > fi
> > <<<<<<<<CUT<<<<<<<<<<<<<
>
> thanks, but that may not be username other choose and it is entirely
> reasonable that any user on a system might like to run their own
> repository.
>
Yes, but rancid-run (without parameters) search for the configuration file in
/etc/rancid.conf so is system wide. We should try to evitate that a careless
user (like me in the example :-) ) with filesystem rights (of course) dirts
the repository. So maybe we could make some sofisticated control that enable
invoking of frontends with a generic user, only if we have correctly defined
configurations....
More information about the Rancid-discuss
mailing list