-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard-fedoraserver.rhcloud.com/r/131/#review364
-----------------------------------------------------------
src/rolekit/async.py
<
http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment192>
Note that 0 is False in Python.
How about (untested)
if (uid is None) != (gid is None):
src/rolekit/async.py
<
http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment193>
AFAICS _calling_ the demote() function is superfluous and, to me, confusing; we only
need to pass the set_ids callable.
src/rolekit/async.py
<
http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment195>
setre[ug]id() to make it explicit that both are changed?
src/rolekit/async.py
<
http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment194>
One way to fix: move this check inside set_ids(), and then call Popen(…
preexec_fn=set_ids)
Another way, more similar to the current code:
if (user_uid is not None or user_gid is not None): # minimal cleanup
related to 0/none and being paranoid
preexec_fn = set_ids
else:
preexec_fn = None
…
and then call Popen(…, preexec_fn=preexec_fn)
(change names as you like)
- Miloslav Trmac
On Led. 20, 2015, 7:12 odp., Stephen Gallagher wrote:
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard-fedoraserver.rhcloud.com/r/131/
-----------------------------------------------------------
(Updated Led. 20, 2015, 7:12 odp.)
Review request for RoleKit Mailing List, Miloslav Trmac, Stephen Gallagher, and Thomas
Woerner.
Repository: rolekit
Description
-------
Allow impersonating a different UID/GID in subprocesses
Diffs
-----
src/rolekit/async.py 0f9ddaac1beb27cebdf41ca0383a62a807c4fcb6
Diff:
http://reviewboard-fedoraserver.rhcloud.com/r/131/diff/
Testing
-------
Thanks,
Stephen Gallagher