diff options
| -rw-r--r-- | ipapython/ipautil.py | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py index a25dc358..65e1c724 100644 --- a/ipapython/ipautil.py +++ b/ipapython/ipautil.py @@ -42,6 +42,7 @@ import datetime import netaddr import time import krbV +import pwd from dns import resolver, rdatatype from dns.exception import DNSException @@ -246,7 +247,8 @@ def shell_quote(string): return "'" + string.replace("'", "'\\''") + "'" def run(args, stdin=None, raiseonerr=True, - nolog=(), env=None, capture_output=True, skip_output=False, cwd=None): + nolog=(), env=None, capture_output=True, skip_output=False, cwd=None, + runas=None): """ Execute a command and return stdin, stdout and the process return code. @@ -298,9 +300,19 @@ def run(args, stdin=None, raiseonerr=True, root_logger.debug('Starting external process') root_logger.debug('args=%s' % arg_string) + preexec_fn = None + if runas is not None: + pent = pwd.getpwnam(runas) + root_logger.debug('runas=%s (UID %d, GID %s)', runas, + pent.pw_uid, pent.pw_gid) + + preexec_fn = lambda: (os.setegid(pent.pw_uid), + os.seteuid(pent.pw_gid)) + try: p = subprocess.Popen(args, stdin=p_in, stdout=p_out, stderr=p_err, - close_fds=True, env=env, cwd=cwd) + close_fds=True, env=env, cwd=cwd, + preexec_fn=preexec_fn) stdout,stderr = p.communicate(stdin) stdout,stderr = str(stdout), str(stderr) # Make pylint happy except KeyboardInterrupt: |