| 650 | } |
| 651 | |
| 652 | void |
| 653 | LayoutEngine::verify_runroot() |
| 654 | { |
| 655 | // require sudo permission for --fix |
| 656 | if (arguments.get("fix") && getuid() != 0) { |
| 657 | ink_error("To fix permission issues, root privilege is required.\nPlease run with sudo."); |
| 658 | status_code = EX_SOFTWARE; |
| 659 | return; |
| 660 | } |
| 661 | |
| 662 | // retrieve information |
| 663 | std::string path = path_handler(arguments.get("path").value(), false, _argv[0]); |
| 664 | std::string user; |
| 665 | char user_buf[MAX_LOGIN + 1]; |
| 666 | if (arguments.get("with-user")) { |
| 667 | user = arguments.get("with-user").value(); |
| 668 | } else { |
| 669 | RecProcessInit(nullptr /* diags */); |
| 670 | LibRecordsConfigInit(); |
| 671 | if (RecGetRecordString("proxy.config.admin.user_id", user_buf, sizeof(user_buf)) != 0 || strlen(user_buf) == 0) { |
| 672 | user = user_buf; |
| 673 | } else { |
| 674 | user = TS_PKGSYSUSER; |
| 675 | } |
| 676 | } |
| 677 | // Numeric user notation for user |
| 678 | if (user[0] == '#') { |
| 679 | struct passwd *pwd = getpwuid(atoi(&user[1])); |
| 680 | if (!pwd) { |
| 681 | ink_error("No user found under id '%s'", user.c_str()); |
| 682 | status_code = EX_OSERR; |
| 683 | return; |
| 684 | } |
| 685 | user = pwd->pw_name; |
| 686 | } |
| 687 | std::cout << "Verifying permission as user: \x1b[1m" << user << "\x1b[0m" << std::endl << std::endl; |
| 688 | // try to find the user from password file |
| 689 | struct passwd *pwd = getpwnam(user.c_str()); |
| 690 | if (!pwd) { |
| 691 | ink_error("No user found under name '%s'", user.c_str()); |
| 692 | status_code = EX_OSERR; |
| 693 | return; |
| 694 | } |
| 695 | // put paths from yaml file or default paths to path_map |
| 696 | RunrootMapType path_map; |
| 697 | if (path.empty()) { |
| 698 | path_map = runroot_map_default(); |
| 699 | } else { |
| 700 | path_map = runroot_map(Layout::relative_to(path, "runroot.yaml")); |
| 701 | } |
| 702 | // setup the permission map |
| 703 | PermissionMapType permission_map; |
| 704 | for (const auto &it : dir_vector) { |
| 705 | permission_map[it].name = it; |
| 706 | permission_map[it].path = path_map[it]; |
| 707 | } |
| 708 | // root always has full access and no need to check for root |
| 709 | if (user != "root") { |
no test coverage detected