diff options
| author | Michael E Brown <michael_e_brown@dell.com> | 2007-11-28 15:51:10 -0600 |
|---|---|---|
| committer | Michael E Brown <michael_e_brown@dell.com> | 2007-11-28 15:51:10 -0600 |
| commit | 46cb317fd7dd3e7399d4dea53e20ef78aedced64 (patch) | |
| tree | 4645082366e8345049dba61a9a188ac5b157ff55 | |
| parent | 0ffeafe649dc02617ffce7de7086e3fac35a97ee (diff) | |
| download | mock-46cb317fd7dd3e7399d4dea53e20ef78aedced64.tar.gz mock-46cb317fd7dd3e7399d4dea53e20ef78aedced64.tar.xz mock-46cb317fd7dd3e7399d4dea53e20ef78aedced64.zip | |
drop privs early to parse cmdline args and config files. pick them up again before we start doing real work.
| -rwxr-xr-x | src/mock.py | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/mock.py b/src/mock.py index 0110b3a..e5cfda0 100755 --- a/src/mock.py +++ b/src/mock.py @@ -182,7 +182,7 @@ def set_config_opts_per_cmdline(config_opts, options): config_opts['clean'] = options.clean if options.resultdir: - config_opts['resultdir'] = options.resultdir + config_opts['resultdir'] = os.path.expanduser(options.resultdir) if options.uniqueext: config_opts['unique-ext'] = options.uniqueext if options.rpmbuild_timeout is not None: @@ -252,6 +252,13 @@ def do_rebuild(config_opts, chroot, srpms): raise def main(retParams): + # drop unprivleged to parse args, etc. + # uidManager saves current real uid/gid which are unpriviledged (callers) + # due to suid helper, our current effective uid is 0 + uidManager = mock.uid.uidManager(os.getuid(), os.getgid()) + uidManager.dropPrivsTemp() + del(os.environ["HOME"]) + # defaults config_opts = {} setup_default_config_opts(config_opts) @@ -298,9 +305,6 @@ def main(retParams): warn_obsolete_config_options(config_opts) # do whatever we're here to do - # uidManager saves current real uid/gid which are unpriviledged (callers) - # due to suid helper, our current effective uid is 0 - uidManager = mock.uid.uidManager(os.getuid(), os.getgid()) chroot = mock.backend.Root(config_opts, uidManager) # elevate privs |