[arch-projects] [initscripts][PATCH 2/2] rc.d: Add check to cleanly abort rc.d script if user doesn't have root privileges

[Seblu]

On Fri, May 27, 2011 at 11:42 AM, Eric Bélanger <snowmaniscool at gmail.com> wrote:
> This implements FS#24095. The check is only made for the start, stop and restart
> actions of the daemon scripts. This allows regular user to use the help and list
> functionality of rc.d and also to use rc.d for actions that doesn't require root
> privileges, like the status action of some daemon scripts.
>
> Signed-off-by: Eric Bélanger <snowmaniscool at gmail.com>
> ---
>  rc.d |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-)
>
> diff --git a/rc.d b/rc.d
> index 97f266a..2325623 100755
> --- a/rc.d
> +++ b/rc.d
> @@ -43,6 +43,10 @@ case $1 in
>                ;;
>        *)
>                action=$1
> +               if [[ "$EUID" != '0' ]] && [[ "$action" == 'start' || "$action" == 'stop' || "$action" == 'restart' ]] ; then
> +                   echo 'Error: this script must be run as root to use this functionality.'
> +                   exit 1
> +               fi
>                shift
>                # set same environment variables as init
>                runlevel=$(/sbin/runlevel)

As i said in FS#24095, if we really want do this, we should not do
this in rc.d script but in functions which is loaded by real rc
scripts.

Increasingly, why choose start/stop/restart and not reload by example?
By example, in virtualbox_bin we have fixusb, which must be run as root.

I think we should offer a check_root function which can be called in
rc scripts to ensure rootitude. Be we cannot generically know if a rc
need to be root or not.

Regards,

-- 
Sébastien Luttringer
www.seblu.net