diff options
| author | Donatas Abraitis <donatas@opensourcerouting.org> | 2022-04-20 17:33:06 +0200 |
|---|---|---|
| committer | Donatas Abraitis <donatas@opensourcerouting.org> | 2022-04-20 17:39:15 +0200 |
| commit | 0f65c5602c9e265cff84932b5157e271cb6d738a (patch) | |
| tree | bf5997ab1412756a02e080c569b1bf208d2c371c /tools | |
| parent | Merge pull request #11055 from donaldsharp/plist_crash (diff) | |
| download | frr-0f65c5602c9e265cff84932b5157e271cb6d738a.tar.xz frr-0f65c5602c9e265cff84932b5157e271cb6d738a.zip | |
tools: Allow running frrinit.sh only for EUID=0
watchfrr and staticd do not require <1024 ports to be running, thus they can
start, but others fail.
We should allow only users with EUID=0 (sudo or root) running frrinit.sh.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/frrcommon.sh.in | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tools/frrcommon.sh.in b/tools/frrcommon.sh.in index 52f5277d2..4683ceef1 100644 --- a/tools/frrcommon.sh.in +++ b/tools/frrcommon.sh.in @@ -42,6 +42,13 @@ RELOAD_SCRIPT="$D_PATH/frr-reload.py" # general helpers # +is_user_root () { + [ "${EUID:-$(id -u)}" -eq 0 ] || { + log_failure_msg "Only users having EUID=0 can start/stop daemons" + return 1 + } +} + debug() { [ -n "$watchfrr_debug" ] || return 0 @@ -150,6 +157,8 @@ daemon_prep() { daemon_start() { local dmninst daemon inst args instopt wrap bin + is_user_root || exit 1 + all=false [ "$1" = "--all" ] && { all=true; shift; } @@ -183,6 +192,8 @@ daemon_stop() { local dmninst daemon inst pidfile vtyfile pid cnt fail daemon_inst "$1" + is_user_root || exit 1 + pidfile="$V_PATH/$daemon${inst:+-$inst}.pid" vtyfile="$V_PATH/$daemon${inst:+-$inst}.vty" |