Rework rpkic setuid handling to something a bit more robust.

svn path=/branches/tk705/; revision=6322
author: Rob Austein <sra@hactrn.net> 2016-03-21 02:39:08 +0000
committer: Rob Austein <sra@hactrn.net> 2016-03-21 02:39:08 +0000
commit: 004393bdc2f3df5d85da88819bf47d72a883f7bb (patch)
tree: f325be9f47b29c5f134832f4933ff0066529c8de /ca
parent: d3cb2a1152bdb9a0cb391a388c702ff2f3be8371 (diff)
1 files changed, 16 insertions, 3 deletions
diff --git a/ca/rpkic b/ca/rpkic
index 2e215095..598c075f 100755
--- a/ca/rpkic
+++ b/ca/rpkic
@@ -15,19 +15,32 @@ if __name__ == "__main__":
     import sys
     import rpki.autoconf
 
+    argv = [sys.executable, os.path.abspath(sys.argv[0])]
+    argv.extend(sys.argv[1:])
+
+    already_ran_sudo = os.getenv("SUDO_COMMAND") == " ".join(argv)
+
     try:
         uid = pwd.getpwnam(rpki.autoconf.RPKI_USER).pw_uid
     except:
         uid = None
 
-    if uid is None or uid == os.geteuid():
+    euid = os.geteuid()
+
+    if already_ran_sudo or uid is None or uid == euid or euid == 0:
+
+        if not already_ran_sudo:
+            for name in ("SUDO_COMMAND", "SUDO_GID", "SUDO_UID", "SUDO_USER"):
+                if name in os.environ:
+                    del os.environ[name]
+
         import rpki.rpkic
         rpki.rpkic.main()
 
     else:
+
         try:
-            argv = [rpki.autoconf.SUDO, "-u", rpki.autoconf.RPKI_USER, sys.executable]
-            argv.extend(os.path.abspath(a) if i == 0 else a for i, a in enumerate(sys.argv))
+            argv.insert(0, rpki.autoconf.SUDO)
             os.execv(argv[0], argv)
             sys.exit("rpkic startup failure, no exception so don't know why, sorry")
author	Rob Austein <sra@hactrn.net>	2016-03-21 02:39:08 +0000
committer	Rob Austein <sra@hactrn.net>	2016-03-21 02:39:08 +0000
commit	004393bdc2f3df5d85da88819bf47d72a883f7bb (patch)
tree	f325be9f47b29c5f134832f4933ff0066529c8de /ca
parent	d3cb2a1152bdb9a0cb391a388c702ff2f3be8371 (diff)