diff options
author | Dirk Mueller <dirk@dmllr.de> | 2013-05-18 16:10:10 +0200 |
---|---|---|
committer | Dirk Mueller <dirk@dmllr.de> | 2013-05-27 10:58:34 +0200 |
commit | f0a9affcaf25b5b53b465b96a5afddf560703d95 (patch) | |
tree | a63a633704e3ba94f12c13b617c3c80a0395f474 /keystone/cli.py | |
parent | 7b99bd63e13d62e7a1bcbcd7033340818b2dfa51 (diff) | |
download | keystone-f0a9affcaf25b5b53b465b96a5afddf560703d95.tar.gz keystone-f0a9affcaf25b5b53b465b96a5afddf560703d95.tar.xz keystone-f0a9affcaf25b5b53b465b96a5afddf560703d95.zip |
Require keystone-user/-group for pki_setup
If pki_setup is run as root, require the keystone-user
and keystone-group parameter to be set, to enforce
the proper permissions to be created on the files.
This follows a suggestion in the Bugreport.
Fixes LP Bug #1031372
Change-Id: I00d9e0499d16716af3267914b6b78841f1ad1e0f
Diffstat (limited to 'keystone/cli.py')
-rw-r--r-- | keystone/cli.py | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/keystone/cli.py b/keystone/cli.py index b635878e..f3e62f1c 100644 --- a/keystone/cli.py +++ b/keystone/cli.py @@ -17,6 +17,7 @@ from __future__ import absolute_import import grp +import os import pwd from oslo.config import cfg @@ -61,8 +62,9 @@ class BaseCertificateSetup(BaseApp): def add_argument_parser(cls, subparsers): parser = super(BaseCertificateSetup, cls).add_argument_parser(subparsers) - parser.add_argument('--keystone-user') - parser.add_argument('--keystone-group') + running_as_root = (os.geteuid() == 0) + parser.add_argument('--keystone-user', required=running_as_root) + parser.add_argument('--keystone-group', required=running_as_root) return parser @staticmethod |