Fixed bug in user account switcheroo. We now use sudo instead of a non-existent bash...

author Sapan Bhatia <gwsapan@gmail.com>

Tue, 11 Mar 2014 02:27:29 +0000 (22:27 -0400)

committer Sapan Bhatia <gwsapan@gmail.com>

Tue, 11 Mar 2014 02:27:29 +0000 (22:27 -0400)
author Sapan Bhatia <gwsapan@gmail.com>
Tue, 11 Mar 2014 02:27:29 +0000 (22:27 -0400)
committer Sapan Bhatia <gwsapan@gmail.com>
Tue, 11 Mar 2014 02:27:29 +0000 (22:27 -0400)
diff --git a/lxcsu b/lxcsu

index 85b1ff7..4c4bc04 100755 (executable)
--- a/lxcsu
+++ b/lxcsu
@@ -244,11 +244,13 @@ def main ():
                  # we still want to drop capabilities, but don't want to switch UIDs
                  exec_args = [arch,'/bin/sh','--login',]+args.command_to_run
              else:
+                               # let's keep this check even though we don't use the uid
+                               # as a way of checking the existence of the slice account
                  uid = getuid (slice_name)
                  if not uid:
                      print "lxcsu could not spot %s in /etc/passwd - exiting"%slice_name
                      exit(1)
-                exec_args = [arch,'/bin/sh','--uid=%s'%uid,'--login',]+args.command_to_run
+                exec_args = [arch,'/usr/bin/sudo','-u',slice_name,'/bin/sh','--login',]+args.command_to_run
  # once we can drop f12, it would be nicer to instead go for
  # exec_args = [arch,'/usr/sbin/capsh',cap_arg,'--user=%s'%slice_name,'--login',]+args.command_to_run
          else:
author	Sapan Bhatia <gwsapan@gmail.com>
	Tue, 11 Mar 2014 02:27:29 +0000 (22:27 -0400)
committer	Sapan Bhatia <gwsapan@gmail.com>
	Tue, 11 Mar 2014 02:27:29 +0000 (22:27 -0400)