mirror of
https://git.proxmox.com/git/mirror_lxc
synced 2025-07-15 06:43:14 +00:00
lxc-start-ephemeral: Parse passwd directly
On Ubuntu 15.04, lxc-start-ephemeral's call to pwd.getpwnam always fails. While I haven't been able to prove it or track down an exact cause, I strongly suspect that glibc does not guarantee that you can call NSS functions after a context switch without re-execing. (Running "id root" in a subprocess from the same point works fine.) It's safer to use getent to extract the relevant line from the passwd file and parse it directly. Signed-off-by: Colin Watson <cjwatson@ubuntu.com>
This commit is contained in:
parent
4928c7186c
commit
c6be89f857
@ -29,7 +29,6 @@ import argparse
|
|||||||
import gettext
|
import gettext
|
||||||
import lxc
|
import lxc
|
||||||
import os
|
import os
|
||||||
import pwd
|
|
||||||
import sys
|
import sys
|
||||||
import subprocess
|
import subprocess
|
||||||
import tempfile
|
import tempfile
|
||||||
@ -363,12 +362,17 @@ if os.path.exists("/proc/self/ns/pid"):
|
|||||||
if args.user:
|
if args.user:
|
||||||
username = args.user
|
username = args.user
|
||||||
|
|
||||||
user = pwd.getpwnam(username)
|
line = subprocess.check_output(
|
||||||
os.setgid(user.pw_gid)
|
["getent", "passwd", username],
|
||||||
os.initgroups(user.pw_name, user.pw_gid)
|
universal_newlines=True).rstrip("\n")
|
||||||
os.setuid(user.pw_uid)
|
_, _, pw_uid, pw_gid, _, pw_dir, _ = line.split(":", 6)
|
||||||
os.chdir(user.pw_dir)
|
pw_uid = int(pw_uid)
|
||||||
os.environ['HOME'] = user.pw_dir
|
pw_gid = int(pw_gid)
|
||||||
|
os.setgid(pw_gid)
|
||||||
|
os.initgroups(username, pw_gid)
|
||||||
|
os.setuid(pw_uid)
|
||||||
|
os.chdir(pw_dir)
|
||||||
|
os.environ['HOME'] = pw_dir
|
||||||
except:
|
except:
|
||||||
print(_("Unable to switch to user: %s" % username))
|
print(_("Unable to switch to user: %s" % username))
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
Loading…
Reference in New Issue
Block a user