pakfire: Store UID of running user

This patch also moves the root permission check into the safety check
function.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/libpakfire/pakfire.c b/src/libpakfire/pakfire.c
index f1a94c3599a60578a053e3613766f49fb93db762..a0facdbaef0072c36060e03a8732642b7414164c 100644 (file)
--- a/src/libpakfire/pakfire.c
+++ b/src/libpakfire/pakfire.c
@@ -74,6 +74,7 @@ struct pakfire {
        char arch[ARCH_MAX];
        char keystore_path[PATH_MAX];
 
+       uid_t uid;
        int flags;
 
        // Lock
@@ -314,6 +315,13 @@ static int pakfire_safety_checks(struct pakfire* pakfire) {
        if (!pakfire_on_root(pakfire))
                return 0;
 
+       // We must be root in order to operate in /
+       if (pakfire->uid) {
+               ERROR(pakfire, "Must be running as root on /\n");
+               errno = EPERM;
+               return 1;
+       }
+
        if (strcmp(pakfire->distro.id, "ipfire") != 0) {
                ERROR(pakfire, "Not an IPFire system\n");
                errno = EPERM;
@@ -611,13 +619,6 @@ PAKFIRE_EXPORT int pakfire_create(struct pakfire** pakfire, const char* path,
                return 1;
        }
 
-       // Check if we are running as root
-       uid_t uid = getuid();
-       if (uid != 0) {
-               errno = EPERM;
-               return 1;
-       }
-
        struct pakfire* p = calloc(1, sizeof(*p));
        if (!p)
                return 1;
@@ -625,6 +626,9 @@ PAKFIRE_EXPORT int pakfire_create(struct pakfire** pakfire, const char* path,
        p->nrefs = 1;
        p->flags = flags;
 
+       // Store the UID we are running as
+       p->uid = getuid();
+
        // Set architecture
        pakfire_string_set(p->arch, arch);