From: Michael Tremer Date: Thu, 2 Nov 2023 08:23:43 +0000 (+0000) Subject: cli: Check for root privileges when needed X-Git-Tag: 0.9.30~1318 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9b8d2c6ec668a0decd89bd30186a9e8d60da37b6;p=pakfire.git cli: Check for root privileges when needed Signed-off-by: Michael Tremer --- diff --git a/src/cli/lib/build.c b/src/cli/lib/build.c index 59b559a46..cb8d9c778 100644 --- a/src/cli/lib/build.c +++ b/src/cli/lib/build.c @@ -151,7 +151,7 @@ int cli_build(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, NULL, NULL, parse, argc, argv, &config); + r = cli_parse(options, NULL, NULL, NULL, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/clean.c b/src/cli/lib/clean.c index 5fc6f67c0..232ae6be4 100644 --- a/src/cli/lib/clean.c +++ b/src/cli/lib/clean.c @@ -34,7 +34,7 @@ int cli_clean(void* data, int argc, char* argv[]) { struct cli_config* config = data; // Parse the command line - r = cli_parse(NULL, NULL, NULL, doc, NULL, argc, argv, NULL); + r = cli_parse(NULL, NULL, NULL, doc, NULL, 0, argc, argv, NULL); if (r) goto ERROR; diff --git a/src/cli/lib/client-build.c b/src/cli/lib/client-build.c index 39c7dc68d..e76b72075 100644 --- a/src/cli/lib/client-build.c +++ b/src/cli/lib/client-build.c @@ -106,7 +106,7 @@ int cli_client_build(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/command.c b/src/cli/lib/command.c index f224ab7f9..28a13fb6f 100644 --- a/src/cli/lib/command.c +++ b/src/cli/lib/command.c @@ -23,6 +23,7 @@ #include #include #include +#include #include "command.h" @@ -83,6 +84,7 @@ struct command_ctx { const struct argp_option* options; const struct command* commands; command_parse parse; + int flags; void* data; // The selected command @@ -131,6 +133,12 @@ static error_t __command_parse(int key, char* arg, struct argp_state* state) { // Perform some final checks when parsing has been completed case ARGP_KEY_SUCCESS: + // Check for root privileges + if (ctx->flags & CLI_REQUIRE_ROOT) { + if (getuid() || getgid()) + argp_failure(state, EXIT_FAILURE, 0, "Must be run as root"); + } + if (ctx->command) { int args = count_arguments(ctx->argc, ctx->argv); @@ -163,7 +171,7 @@ static error_t __command_parse(int key, char* arg, struct argp_state* state) { int cli_parse(const struct argp_option* options, const struct command* commands, const char* args_doc, const char* doc, - command_parse parse, int argc, char** argv, void* data) { + command_parse parse, int flags, int argc, char** argv, void* data) { int r; // Setup context @@ -171,6 +179,7 @@ int cli_parse(const struct argp_option* options, const struct command* commands, .options = options, .commands = commands, .parse = parse, + .flags = flags, .data = data, }; diff --git a/src/cli/lib/command.h b/src/cli/lib/command.h index c03e34fff..2d72fe9d4 100644 --- a/src/cli/lib/command.h +++ b/src/cli/lib/command.h @@ -25,6 +25,10 @@ typedef error_t (*command_parse)(int key, char* arg, struct argp_state* state, void* data); +typedef enum cli_command_flags { + CLI_REQUIRE_ROOT = (1 << 0), +} cli_command_flags_t; + struct command { const char* verb; int (*callback)(void* config, int argc, char* argv[]); @@ -37,6 +41,7 @@ struct command { }; int cli_parse(const struct argp_option* options, const struct command* commands, - const char* args_doc, const char* doc, command_parse parse, int argc, char** argv, void* data); + const char* args_doc, const char* doc, command_parse parse, int flags, + int argc, char** argv, void* data); #endif /* PAKFIRE_CLI_COMMAND_H */ diff --git a/src/cli/lib/dist.c b/src/cli/lib/dist.c index 5e1cad1af..4350354e0 100644 --- a/src/cli/lib/dist.c +++ b/src/cli/lib/dist.c @@ -70,7 +70,7 @@ int cli_dist(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/image.c b/src/cli/lib/image.c index 60678bd5f..c803e3a65 100644 --- a/src/cli/lib/image.c +++ b/src/cli/lib/image.c @@ -28,5 +28,5 @@ int cli_image(void* data, int argc, char* argv[]) { { NULL }, }; - return cli_parse(NULL, commands, NULL, NULL, NULL, argc, argv, data); + return cli_parse(NULL, commands, NULL, NULL, NULL, 0, argc, argv, data); } diff --git a/src/cli/lib/image_create.c b/src/cli/lib/image_create.c index cc2eb19d4..090f37eee 100644 --- a/src/cli/lib/image_create.c +++ b/src/cli/lib/image_create.c @@ -70,7 +70,7 @@ int cli_image_create(void* data, int argc, char* argv[]) { }; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/info.c b/src/cli/lib/info.c index 694107099..311919a1a 100644 --- a/src/cli/lib/info.c +++ b/src/cli/lib/info.c @@ -91,7 +91,7 @@ int cli_info(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/install.c b/src/cli/lib/install.c index 8f3369567..2502a31c1 100644 --- a/src/cli/lib/install.c +++ b/src/cli/lib/install.c @@ -116,7 +116,7 @@ int cli_install(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/provides.c b/src/cli/lib/provides.c index a02025a1d..3fb2751d3 100644 --- a/src/cli/lib/provides.c +++ b/src/cli/lib/provides.c @@ -66,7 +66,7 @@ int cli_provides(void* data, int argc, char* argv[]) { struct config config = {}; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/remove.c b/src/cli/lib/remove.c index bf4ef056c..7c654aa13 100644 --- a/src/cli/lib/remove.c +++ b/src/cli/lib/remove.c @@ -96,7 +96,7 @@ int cli_remove(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/repo.c b/src/cli/lib/repo.c index bf37a8322..1fb80d5e0 100644 --- a/src/cli/lib/repo.c +++ b/src/cli/lib/repo.c @@ -32,7 +32,7 @@ int cli_repo(void* data, int argc, char* argv[]) { { NULL }, }; - return cli_parse(NULL, commands, NULL, NULL, NULL, argc, argv, data); + return cli_parse(NULL, commands, NULL, NULL, NULL, 0, argc, argv, data); } int cli_repo_client(void* data, int argc, char* argv[]) { @@ -44,5 +44,5 @@ int cli_repo_client(void* data, int argc, char* argv[]) { { NULL }, }; - return cli_parse(NULL, commands, NULL, NULL, NULL, argc, argv, data); + return cli_parse(NULL, commands, NULL, NULL, NULL, 0, argc, argv, data); } diff --git a/src/cli/lib/repo_compose.c b/src/cli/lib/repo_compose.c index b460c3858..120b5ab9c 100644 --- a/src/cli/lib/repo_compose.c +++ b/src/cli/lib/repo_compose.c @@ -114,7 +114,7 @@ int cli_repo_compose(void* data, int argc, char* argv[]) { }; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/repo_create.c b/src/cli/lib/repo_create.c index e09b96d52..f825f47bb 100644 --- a/src/cli/lib/repo_create.c +++ b/src/cli/lib/repo_create.c @@ -82,7 +82,7 @@ int cli_repo_create(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/repo_delete.c b/src/cli/lib/repo_delete.c index cf70d8822..84a0ace4c 100644 --- a/src/cli/lib/repo_delete.c +++ b/src/cli/lib/repo_delete.c @@ -69,7 +69,7 @@ int cli_repo_delete(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/repo_list.c b/src/cli/lib/repo_list.c index fa82897ec..a00c2bb79 100644 --- a/src/cli/lib/repo_list.c +++ b/src/cli/lib/repo_list.c @@ -61,7 +61,7 @@ int cli_repo_list(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, NULL, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, NULL, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/repo_show.c b/src/cli/lib/repo_show.c index 18e18180e..9bdc7c794 100644 --- a/src/cli/lib/repo_show.c +++ b/src/cli/lib/repo_show.c @@ -67,7 +67,7 @@ int cli_repo_show(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, NULL, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, NULL, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/repolist.c b/src/cli/lib/repolist.c index c9bc4a357..b2d9a689f 100644 --- a/src/cli/lib/repolist.c +++ b/src/cli/lib/repolist.c @@ -38,7 +38,7 @@ int cli_repolist(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, NULL, doc, NULL, argc, argv, NULL); + r = cli_parse(NULL, NULL, NULL, doc, NULL, 0, argc, argv, NULL); if (r) goto ERROR; diff --git a/src/cli/lib/requires.c b/src/cli/lib/requires.c index ceefea211..f9d349feb 100644 --- a/src/cli/lib/requires.c +++ b/src/cli/lib/requires.c @@ -66,7 +66,7 @@ int cli_requires(void* data, int argc, char* argv[]) { struct config config = {}; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/search.c b/src/cli/lib/search.c index fc40fd703..9aa7c986b 100644 --- a/src/cli/lib/search.c +++ b/src/cli/lib/search.c @@ -66,7 +66,7 @@ int cli_search(void* data, int argc, char* argv[]) { struct config config = {}; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/shell.c b/src/cli/lib/shell.c index 7ad2d971a..819a3830d 100644 --- a/src/cli/lib/shell.c +++ b/src/cli/lib/shell.c @@ -86,7 +86,7 @@ int cli_shell(void* data, int argc, char* argv[]) { }; // Parse the command line - r = cli_parse(options, NULL, NULL, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, NULL, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/sync.c b/src/cli/lib/sync.c index b602c556d..b5ea449df 100644 --- a/src/cli/lib/sync.c +++ b/src/cli/lib/sync.c @@ -81,7 +81,7 @@ int cli_sync(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/update.c b/src/cli/lib/update.c index 9f374c920..b80ef2431 100644 --- a/src/cli/lib/update.c +++ b/src/cli/lib/update.c @@ -132,7 +132,7 @@ int cli_update(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(options, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/upload.c b/src/cli/lib/upload.c index 5a5dfd838..5c3305006 100644 --- a/src/cli/lib/upload.c +++ b/src/cli/lib/upload.c @@ -37,5 +37,5 @@ int cli_upload(void* data, int argc, char* argv[]) { { NULL }, }; - return cli_parse(NULL, commands, args_doc, NULL, NULL, argc, argv, data); + return cli_parse(NULL, commands, args_doc, NULL, NULL, 0, argc, argv, data); } diff --git a/src/cli/lib/upload_create.c b/src/cli/lib/upload_create.c index 78e7d2e2f..e0d3b4498 100644 --- a/src/cli/lib/upload_create.c +++ b/src/cli/lib/upload_create.c @@ -64,7 +64,7 @@ int cli_upload_create(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/upload_delete.c b/src/cli/lib/upload_delete.c index 2b32335c5..eeb09191f 100644 --- a/src/cli/lib/upload_delete.c +++ b/src/cli/lib/upload_delete.c @@ -68,7 +68,7 @@ int cli_upload_delete(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(NULL, NULL, args_doc, doc, parse, 0, argc, argv, &config); if (r) goto ERROR; diff --git a/src/cli/lib/upload_list.c b/src/cli/lib/upload_list.c index 3d3eb88b1..c8e5697e4 100644 --- a/src/cli/lib/upload_list.c +++ b/src/cli/lib/upload_list.c @@ -37,7 +37,7 @@ int cli_upload_list(void* data, int argc, char* argv[]) { struct cli_config* cli_config = data; // Parse the command line - r = cli_parse(NULL, NULL, NULL, doc, NULL, argc, argv, NULL); + r = cli_parse(NULL, NULL, NULL, doc, NULL, 0, argc, argv, NULL); if (r) goto ERROR; diff --git a/src/cli/pakfire-builder.c b/src/cli/pakfire-builder.c index bc5675429..adcabfde4 100644 --- a/src/cli/pakfire-builder.c +++ b/src/cli/pakfire-builder.c @@ -175,7 +175,8 @@ int main(int argc, char* argv[]) { }; // Parse the command line and run any commands - r = cli_parse(options, commands, args_doc, NULL, parse, argc, argv, &config); + r = cli_parse(options, commands, args_doc, NULL, + parse, CLI_REQUIRE_ROOT, argc, argv, &config); ERROR: if (ctx) diff --git a/src/cli/pakfire-client.c b/src/cli/pakfire-client.c index 934cc419a..b0d957e8d 100644 --- a/src/cli/pakfire-client.c +++ b/src/cli/pakfire-client.c @@ -94,7 +94,8 @@ int main(int argc, char* argv[]) { }; // Parse the command line and run any commands - r = cli_parse(options, commands, args_doc, doc, parse, argc, argv, &config); + r = cli_parse(options, commands, args_doc, doc, + parse, 0, argc, argv, &config); ERROR: if (ctx) diff --git a/src/cli/pakfire-daemon.c b/src/cli/pakfire-daemon.c index 17c3e5a19..788f8f5a5 100644 --- a/src/cli/pakfire-daemon.c +++ b/src/cli/pakfire-daemon.c @@ -64,7 +64,8 @@ int main(int argc, char* argv[]) { goto ERROR; // Parse the command line and run any commands - r = cli_parse(options, NULL, NULL, doc, parse, argc, argv, ctx); + r = cli_parse(options, NULL, NULL, doc, parse, + CLI_REQUIRES_ROOT, argc, argv, ctx); if (r) goto ERROR; diff --git a/src/cli/pakfire.c b/src/cli/pakfire.c index b60cd25d9..78e97f8a2 100644 --- a/src/cli/pakfire.c +++ b/src/cli/pakfire.c @@ -165,7 +165,8 @@ int main(int argc, char* argv[]) { }; // Parse the command line and run any commands - r = cli_parse(options, commands, args_doc, NULL, parse, argc, argv, &config); + r = cli_parse(options, commands, args_doc, NULL, parse, + CLI_REQUIRE_ROOT, argc, argv, &config); ERROR: if (ctx)