From 2e11ef800fe9e25f706ed6001db14fdaac548a17 Mon Sep 17 00:00:00 2001
From: Thierry Parmentelat <thierry.parmentelat@inria.fr>
Date: Wed, 26 Mar 2014 11:22:20 +0100
Subject: [PATCH] evaluate slice_uid earlier in the process the previous code
 was, for some reason, behaving oddly on older f18 nodes my hunch is that the
 call to pwd.getpwnam was taking place in a restricted environment the new
 code was tested successfully on a PLE node

---
 lxcsu | 37 ++++++++++++++++++++-----------------
 1 file changed, 20 insertions(+), 17 deletions(-)

diff --git a/lxcsu b/lxcsu
index 4c4bc04..b05342a 100755
--- a/lxcsu
+++ b/lxcsu
@@ -3,7 +3,7 @@
 import sys
 import os
 import setns
-import pdb
+import pwd
 
 from argparse import ArgumentParser
 
@@ -79,6 +79,24 @@ def main ():
     args = parser.parse_args()
     slice_name=args.slice_name
 
+    # support for either setting debug at the top of this file, or on the command-line
+    if args.debug:
+        global debug
+	debug=True
+
+    # somehow some older nodes won't be able to find the login name in /etc/passwd 
+    # when this is done down the road, so compute slice_uid while in a safe env
+    # even though we don't use the slice_uid any more, this is still 
+    # checked later on as a means to ensure existence of the slice account
+    try:
+        slice_uid = pwd.getpwnam(slice_name).pw_uid
+    except Exception, e:
+        if debug:
+            import traceback
+            print 'error while computing slice_uid',e
+            traceback.print_exc()
+        slice_uid=None
+
     # unless we run the symlink 'lxcsu-internal', or we specify the -i option, prepend '--' '-c'
     if sys.argv[0].find('internal')>=0: args.internal=True
 
@@ -93,11 +111,6 @@ def main ():
 	if not args.command_to_run: args.command_to_run=['/bin/sh']
 	args.command_to_run = [ '-c' ] + [" ".join(args.command_to_run)]
 
-    # support for either setting debug at the top of this file, or on the command-line
-    if args.debug:
-        global debug
-	debug=True
-
     try:
         cmd = '/usr/bin/virsh --connect lxc:/// domid %s'%slice_name
         # convert to int as a minimal raincheck
@@ -230,13 +243,6 @@ def main ():
 
     fork_pid = os.fork()
 
-    def getuid (slicename):
-        import pwd
-        try:
-            return pwd.getpwnam(slicename).pw_uid
-        except:
-            return
-
     if (fork_pid == 0):
         if (not args.root):
             setns.drop_caps() 
@@ -244,10 +250,7 @@ def main ():
                 # we still want to drop capabilities, but don't want to switch UIDs
                 exec_args = [arch,'/bin/sh','--login',]+args.command_to_run
             else:
-				# let's keep this check even though we don't use the uid
-				# as a way of checking the existence of the slice account
-                uid = getuid (slice_name)
-                if not uid:
+                if not slice_uid:
                     print "lxcsu could not spot %s in /etc/passwd - exiting"%slice_name
                     exit(1)
                 exec_args = [arch,'/usr/bin/sudo','-u',slice_name,'/bin/sh','--login',]+args.command_to_run
-- 
2.43.0