MCPcopy Create free account
hub / github.com/apache/trafficserver / verify_runroot

Method verify_runroot

src/traffic_layout/engine.cc:652–726  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

650}
651
652void
653LayoutEngine::verify_runroot()
654{
655 // require sudo permission for --fix
656 if (arguments.get("fix") && getuid() != 0) {
657 ink_error("To fix permission issues, root privilege is required.\nPlease run with sudo.");
658 status_code = EX_SOFTWARE;
659 return;
660 }
661
662 // retrieve information
663 std::string path = path_handler(arguments.get("path").value(), false, _argv[0]);
664 std::string user;
665 char user_buf[MAX_LOGIN + 1];
666 if (arguments.get("with-user")) {
667 user = arguments.get("with-user").value();
668 } else {
669 RecProcessInit(nullptr /* diags */);
670 LibRecordsConfigInit();
671 if (RecGetRecordString("proxy.config.admin.user_id", user_buf, sizeof(user_buf)) != 0 || strlen(user_buf) == 0) {
672 user = user_buf;
673 } else {
674 user = TS_PKGSYSUSER;
675 }
676 }
677 // Numeric user notation for user
678 if (user[0] == '#') {
679 struct passwd *pwd = getpwuid(atoi(&user[1]));
680 if (!pwd) {
681 ink_error("No user found under id '%s'", user.c_str());
682 status_code = EX_OSERR;
683 return;
684 }
685 user = pwd->pw_name;
686 }
687 std::cout << "Verifying permission as user: \x1b[1m" << user << "\x1b[0m" << std::endl << std::endl;
688 // try to find the user from password file
689 struct passwd *pwd = getpwnam(user.c_str());
690 if (!pwd) {
691 ink_error("No user found under name '%s'", user.c_str());
692 status_code = EX_OSERR;
693 return;
694 }
695 // put paths from yaml file or default paths to path_map
696 RunrootMapType path_map;
697 if (path.empty()) {
698 path_map = runroot_map_default();
699 } else {
700 path_map = runroot_map(Layout::relative_to(path, "runroot.yaml"));
701 }
702 // setup the permission map
703 PermissionMapType permission_map;
704 for (const auto &it : dir_vector) {
705 permission_map[it].name = it;
706 permission_map[it].path = path_map[it];
707 }
708 // root always has full access and no need to check for root
709 if (user != "root") {

Callers 1

mainFunction · 0.80

Calls 13

ink_errorFunction · 0.85
path_handlerFunction · 0.85
RecProcessInitFunction · 0.85
LibRecordsConfigInitFunction · 0.85
RecGetRecordStringFunction · 0.85
runroot_map_defaultFunction · 0.85
runroot_mapFunction · 0.85
set_permissionFunction · 0.85
fix_runrootFunction · 0.85
getMethod · 0.45
valueMethod · 0.45
c_strMethod · 0.45

Tested by

no test coverage detected