Clean up and simplify rpkic privilege-dropping code. All sudo voodoo

is now handled in the outermost script, before rpki.rpkic is even
loaded; rpki.rpkic just assumes that euid and ruid have been set up
correctly and swaps them temporarily when it needs to do file I/O.

svn path=/branches/tk705/; revision=6340

1 files changed, 0 insertions, 34 deletions

diff --git a/rpki/rpkic.py b/rpki/rpkic.py
index 4cba846c..a595fa2c 100644
--- a/rpki/rpkic.py
+++ b/rpki/rpkic.py
@@ -98,9 +98,6 @@ class main(Cmd):
     argsubparsers = full_argparser.add_subparsers(title = "Commands", metavar = "")
 
     def __init__(self):
-
-        self.drop_privs()
-
         Cmd.__init__(self)
         os.environ["TZ"] = "UTC"
         time.tzset()
@@ -138,37 +135,6 @@ class main(Cmd):
         else:
             args.func(self, args)
 
-
-    def drop_privs(self):
-        """
-        Initialize UID swapping and drop unneeded privs.
-
-        Any error here we don't understand is dangerous and therefore fatal.
-        """
-
-        try:
-
-            try:
-                os.setgid(int(os.environ["SUDO_GID"]))
-            except KeyError:
-                pass
-
-            try:
-                uid = int(os.environ["SUDO_UID"])
-            except KeyError:
-                uid = os.getuid()
-
-            try:
-                os.setreuid(uid, pwd.getpwnam(rpki.autoconf.RPKI_USER).pw_uid)
-            except KeyError:
-                # This is normal when testing uninstalled code, but warn user just in case
-                print "Warning: User \"{}\" not found, not dropping privileges".format(rpki.autoconf.RPKI_USER)
-            except OSError as e:
-                sys.exit("Couldn't drop privs to user {}: {!s}".format(rpki.autoconf.RPKI_USER, e))
-
-        except Exception as e:
-            sys.exit("Fatal error trying to drop privs: {!s}".format(e))
-
     def read_history(self):
         """
         UID-swapping wrapper for parent .read_history() method.