diff options
| author | Michal Toman <mtoman@redhat.com> | 2011-03-21 12:08:44 +0100 |
|---|---|---|
| committer | Michal Toman <mtoman@redhat.com> | 2011-03-21 12:08:44 +0100 |
| commit | 40f58f66e99fa8381c4ed68b88508692ed9a3f9e (patch) | |
| tree | 7b5bf54c0a2eda212f5d3fe861f3745c59f7f48f /src/retrace | |
| parent | 5f7b0da99e850ebd0d9bcea32d48fbe15d18419c (diff) | |
| download | abrt-40f58f66e99fa8381c4ed68b88508692ed9a3f9e.tar.gz abrt-40f58f66e99fa8381c4ed68b88508692ed9a3f9e.tar.xz abrt-40f58f66e99fa8381c4ed68b88508692ed9a3f9e.zip | |
retrace server: run GDB without root privilegies
Diffstat (limited to 'src/retrace')
| -rw-r--r-- | src/retrace/retrace.py | 21 | ||||
| -rw-r--r-- | src/retrace/worker.c | 20 |
2 files changed, 27 insertions, 14 deletions
diff --git a/src/retrace/retrace.py b/src/retrace/retrace.py index eb324037..f3933fb3 100644 --- a/src/retrace/retrace.py +++ b/src/retrace/retrace.py @@ -142,7 +142,7 @@ def guess_release(package): def run_gdb(savedir): try: exec_file = open("%s/crash/executable" % savedir, "r") - executable = exec_file.read().replace("'", "") + executable = exec_file.read().replace("'", "").replace("\"", "") exec_file.close() except: return "" @@ -155,15 +155,16 @@ def run_gdb(savedir): return "" pipe = Popen(["mock", "shell", "-r", mockr, "--", - "gdb", "-batch", - "-ex", "'file %s'" % executable, - "-ex", "'core-file /var/spool/abrt/crash/coredump'", - "-ex", "'thread apply all backtrace 2048 full'", - "-ex", "'info sharedlib'", - "-ex", "'print (char*)__abort_msg'", - "-ex", "'print (char*)__glib_assert_msg'", - "-ex", "'info registers'", - "-ex", "'disassemble'", + "su", "mockbuild", "-c", + "\" gdb -batch" + " -ex 'file %s'" + " -ex 'core-file /var/spool/abrt/crash/coredump'" + " -ex 'thread apply all backtrace 2048 full'" + " -ex 'info sharedlib'" + " -ex 'print (char*)__abort_msg'" + " -ex 'print (char*)__glib_assert_msg'" + " -ex 'info registers'" + " -ex 'disassemble' \"" % executable, # redirect GDB's stderr, ignore mock's stderr "2>&1"], stdout=PIPE).stdout diff --git a/src/retrace/worker.c b/src/retrace/worker.c index 2020627d..83773e61 100644 --- a/src/retrace/worker.c +++ b/src/retrace/worker.c @@ -1,5 +1,6 @@ #include <stdio.h> #include <ctype.h> +#include <pwd.h> #include <stdlib.h> #include <unistd.h> @@ -13,6 +14,8 @@ int main(int argc, char **argv) char command[256]; FILE *pipe; int i; + struct passwd *apache_user; + const char *apache_username = "apache"; if (argc != 2) { @@ -33,9 +36,18 @@ int main(int argc, char **argv) return 3; } - /* needs to be set to make mock work properly */ - setenv("SUDO_USER", "root", 1); - setenv("SUDO_UID", "0", 1); + apache_user = getpwnam(apache_username); + if (!apache_user) + { + fprintf(stderr, "User \"%s\" not found.\n", apache_username); + return 4; + } + + sprintf(command, "%d", apache_user->pw_uid); + + setenv("SUDO_USER", apache_username, 1); + setenv("SUDO_UID", command, 1); + /* required by mock to be able to write into result directory */ setenv("SUDO_GID", "0", 1); /* launch worker.py */ @@ -44,7 +56,7 @@ int main(int argc, char **argv) if (pipe == NULL) { fputs("Unable to run 'worker.py'.", stderr); - return 4; + return 5; } return pclose(pipe) >> 8; |