This patch allow to run a command with an alternative user. At the moment we run all commands as root. --- src/PVE/Tools.pm | 7 +++++++ 1 file changed, 7 insertions(+)
diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm index 8c7f373..5a69daa 100644 --- a/src/PVE/Tools.pm +++ b/src/PVE/Tools.pm @@ -21,6 +21,7 @@ use Digest::SHA; use Text::ParseWords; use String::ShellQuote; use Time::HiRes qw(usleep gettimeofday tv_interval alarm); +use POSIX qw(setuid setgid); # avoid warning when parsing long hex values with hex() no warnings 'portable'; # Support for 64-bit ints required @@ -328,6 +329,7 @@ sub run_command { my $oldtimeout; my $pid; my $exitcode; + my $user = 'root'; my $outfunc; my $errfunc; @@ -360,6 +362,8 @@ sub run_command { $afterfork = $param{$p}; } elsif ($p eq 'noerr') { $noerr = $param{$p}; + } elsif ($p eq 'user') { + $user = $param{$p}; } else { die "got unknown parameter '$p' for run_command\n"; } @@ -388,6 +392,9 @@ sub run_command { my $orig_pid = $$; + POSIX::setuid((getpwnam($user))[2]); + POSIX::setgid((getgrnam($user))[3]); + eval { local $ENV{LC_ALL} = $lang; -- 2.1.4 _______________________________________________ pve-devel mailing list pve-devel@pve.proxmox.com http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel