Don't attempt to escalate masakari-manage privileges

Remove code which allowed masakari-manage to attempt to escalate
privileges so that configuration files can be read by users who
normally wouldn't have access, but do have sudo access.

NOTE:
This change is create based on the change with change id
I03063d2af14015e6506f1b6e958f5ff219aa4a87 from Kiall Mac Innes
in designate project.

Change-Id: Icba07a4bac4f41b921984204b32ad73fdbae4097
Co-Authored-By: Kiall Mac Innes <kiall@macinnes.ie>
Closes-Bug: 1611171
This commit is contained in:
Takashi Kajinami 2016-09-06 11:07:23 +09:00
parent 593fe8bd18
commit 53d9c2613d
1 changed files with 3 additions and 12 deletions

View File

@ -20,7 +20,6 @@
import logging as python_logging
import os
import sys
from oslo_config import cfg
@ -168,17 +167,9 @@ def main():
except cfg.ConfigDirNotFoundError as details:
print(_("Invalid directory: %s") % details)
sys.exit(2)
except cfg.ConfigFilesNotFoundError:
cfgfile = CONF.config_file[-1] if CONF.config_file else None
if cfgfile and not os.access(cfgfile, os.R_OK):
st = os.stat(cfgfile)
print(_("Could not read %s. Re-running with sudo") % cfgfile)
try:
os.execvp('sudo', ['sudo', '-u', '#%s' % st.st_uid] + sys.argv)
except Exception:
print(_('sudo failed, continuing as if nothing happened'))
print(_('Please re-run masakari-manage as root.'))
except cfg.ConfigFilesNotFoundError as e:
cfg_files = ', '.join(e.config_files)
print(_("Failed to read configuration file(s): %s") % cfg_files)
sys.exit(2)
fn = CONF.category.action_fn