[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: [PATCH] provide real error message when trying to run xm as non root

On Tue, Jul 26, 2005 at 10:52:35AM -0400, Andrew Thompson wrote:
> Sean Dague wrote:
> >This patch prevents you from getting a screen full of stack trace when
> >trying to run commands like xm list as a normal user, and instead provides 
> >a
> >helpful error message.
> 
> +1, Admirable. (non-binding/non-voter/non-commiter)
> 
> >Signed-off-by: Sean Dague <sean@xxxxxxxxx>
> >
> >Diffstat output:
> > main.py |    7 +++++++
> > 1 files changed, 7 insertions(+)
> >
> >diff -r 48aed1403fe3 tools/python/xen/xm/main.py
> >--- a/tools/python/xen/xm/main.py    Fri Jul 22 16:44:33 2005
> >+++ b/tools/python/xen/xm/main.py    Tue Jul 26 10:31:24 2005
> >@@ -11,6 +11,13 @@
> > 
> > from xen.xend import PrettyPrint
> > from xen.xend import sxp
> >+# this is a nasty place to stick this in, but required because
> >+# log file access is set up via a 5 deep import chain.  This
> >+# ensures the user sees a useful message instead of a stack trace
> >+if os.getuid() != 0:
> >+    print "xm requires root access to execute, please try again as root"
> >+    sys.exit(1)
> >+
> > from xen.xend.XendClient import XendError, server
> > from xen.xend.XendClient import main as xend_client_main
> > from xen.xm import create, destroy, migrate, shutdown, sysrq
> 
> Please allow me to show my possible ignorance...
> 
> Is there no better way to test for elevated privileges?
> Would it be unreasonable to think xm maintenance tasks could be handed 
> off to members of a non-root group?

Unfortunately the root problem comes from the fact that xm writes to the
xend log file directly, and in unprivileged state, throws an exception
because it doesn't have write access to that file.  The 2nd part of this
problem is that this exception is buried down a whole series of 5 level
magical import object creation paths, and hence is very hard to reasonably
get to from the xm main().

I'm sure you *could* reorder xm code to make this a strict perms check, but
the level of spagetti sorting to get there may not really be worth it.  I
also think you'd have to remove the direct logging from xm to be able to do
priv seperate between xm and xend, and that is really strewn throughout all
the code.

        -Sean

-- 
__________________________________________________________________

Sean Dague                                       Mid-Hudson Valley
sean at dague dot net                            Linux Users Group
http://dague.net                                 http://mhvlug.org

There is no silver bullet.  Plus, werewolves make better neighbors
than zombies, and they tend to keep the vampire population down.
__________________________________________________________________

Attachment: pgpK8jKRVJR4x.pgp
Description: PGP signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.