[PATCH] warning when not running "xm" as root

[PATCH] warning when not running "xm" as root

[aq]

hello,

Currently -unstable requires user must be root to run xm. But the
error spit out is not clear enough, or even misleaded ("Error: Error
connecting to xend, is xend running?")

This patch checks to see if the user is root, and warns if not
(patched against cset 1.1440)

Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com>

===== tools/python/xen/xm/main.py 1.52 vs edited =====
--- 1.52/tools/python/xen/xm/main.py    2005-05-13 00:04:56 +09:00
+++ edited/tools/python/xen/xm/main.py  2005-05-18 12:30:51 +09:00
@@ -129,6 +129,8 @@
         sys.exit(1)
 
     def main(self, args):
+        if os.geteuid() != 0:
+            self.err("xm must be run as root.")
         try:
             self.main_call(args)
         except socket.error, ex:

RE: [PATCH] warning when not running "xm" as root

[Ian Pratt]

> Currently -unstable requires user must be root to run xm. But 
> the error spit out is not clear enough, or even misleaded 
> ("Error: Error connecting to xend, is xend running?")
> 
> This patch checks to see if the user is root, and warns if 
> not (patched against cset 1.1440)

Thanks. I'd appreciate it if you could knock up a patch that enables the
user/group of the unix domain socket used for xm-xend communication to
be set in xend-config.sxp, defaulting to root/root. It would be great if
you could update the error message accordingly.

Thanks,
Ian
 
> Signed-off-by: Nguyen Anh Quynh <aquynh@gmail.com>
> 
> ===== tools/python/xen/xm/main.py 1.52 vs edited =====
> --- 1.52/tools/python/xen/xm/main.py    2005-05-13 00:04:56 +09:00
> +++ edited/tools/python/xen/xm/main.py  2005-05-18 12:30:51 +09:00
> @@ -129,6 +129,8 @@
>          sys.exit(1)
>  
>      def main(self, args):
> +        if os.geteuid() != 0:
> +            self.err("xm must be run as root.")
>          try:
>              self.main_call(args)
>          except socket.error, ex:
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
> 

Re: [PATCH] warning when not running "xm" as root

[aq]

On 5/18/05, Ian Pratt <m+Ian.Pratt@cl.cam.ac.uk> wrote:
> 
> > Currently -unstable requires user must be root to run xm. But
> > the error spit out is not clear enough, or even misleaded
> > ("Error: Error connecting to xend, is xend running?")
> >
> > This patch checks to see if the user is root, and warns if
> > not (patched against cset 1.1440)
> 
> Thanks. I'd appreciate it if you could knock up a patch that enables the
> user/group of the unix domain socket used for xm-xend communication to
> be set in xend-config.sxp, defaulting to root/root. It would be great if
> you could update the error message accordingly.

you meant you want user to be able to reconfigure it incase he wishes
to run xm under unprivileged user/group?

ok, i will take a look to see what can be done.
-- 
regards,
aq

RE: [PATCH] warning when not running "xm" as root

[Ian Pratt]

 
> > Thanks. I'd appreciate it if you could knock up a patch 
> that enables 
> > the user/group of the unix domain socket used for xm-xend 
> > communication to be set in xend-config.sxp, defaulting to 
> root/root. 
> > It would be great if you could update the error message accordingly.
> 
> you meant you want user to be able to reconfigure it incase 
> he wishes to run xm under unprivileged user/group?

Yep, that's the idea. 
It's also been suggested that some 'safe' operations like 'xm list'
could optionaly be allowed for any user. Given that the socket needs rw
access, I'm not sure how we could do this without implementing the
permission checking within xend rather than relying on the OS. Perhaps
phase 2...
 
> ok, i will take a look to see what can be done.

Thanks,
Ian