This patch allow to run a command with an alternative user.
At the moment we run all commands as root.
---
src/PVE/Tools.pm | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index 8c7f373..5a69daa 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -21,6 +21,7 @@ use Digest::SHA;
use Text::ParseWords;
use String::ShellQuote;
use Time::HiRes qw(usleep gettimeofday tv_interval alarm);
+use POSIX qw(setuid setgid);
# avoid warning when parsing long hex values with hex()
no warnings 'portable'; # Support for 64-bit ints required
@@ -328,6 +329,7 @@ sub run_command {
my $oldtimeout;
my $pid;
my $exitcode;
+ my $user = 'root';
my $outfunc;
my $errfunc;
@@ -360,6 +362,8 @@ sub run_command {
$afterfork = $param{$p};
} elsif ($p eq 'noerr') {
$noerr = $param{$p};
+ } elsif ($p eq 'user') {
+ $user = $param{$p};
} else {
die "got unknown parameter '$p' for run_command\n";
}
@@ -388,6 +392,9 @@ sub run_command {
my $orig_pid = $$;
+ POSIX::setuid((getpwnam($user))[2]);
+ POSIX::setgid((getgrnam($user))[3]);
+
eval {
local $ENV{LC_ALL} = $lang;
--
2.1.4
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
