Commit a9be8e45 authored by Robert Ricci's avatar Robert Ricci

Added a magic environment variable that must be set for you to get

admin privs.  The idea is that you have to be explicit about when you
want to make use of your super powers, to prevent accidents.

Use the new withadminprivs script to get your admin privs, as in:
withadminprivs inuse
or
withadminprivs node_reboot -e testbed,foo
parent fc1d587b
......@@ -469,6 +469,15 @@ sub TBAdmin(;$)
my($uid) = @_;
my($name);
#
# No one is considered an admin unless they have the magic environment
# variable set (so that you have to be a bit more explict about wanting
# admin privs.) Use the withadminprivs script to get this variable set.
#
if (!$ENV{WITH_TB_ADMIN_PRIVS}) {
return 0;
}
if (!defined($uid)) {
$uid = $UID;
}
......
......@@ -36,6 +36,12 @@ use POSIX;
$| = 1;
#
# Set our WITH_TB_ADMIN_PRIVS environment variable, so that we have the
# privs we need to clear experiments out of the test database, etc.
#
$ENV{WITH_TB_ADMIN_PRIVS} = 1;
$pwd = `/bin/pwd`;
chop $pwd;
......
......@@ -9,7 +9,7 @@ SUBDIR = utils
include $(OBJDIR)/Makeconf
BIN_SCRIPTS = delay_config sshtb create_image node_admin
SBIN_SCRIPTS = vlandiff vlansync
SBIN_SCRIPTS = vlandiff vlansync withadminprivs
LIBEXEC_SCRIPTS = webcreateimage
#
......
#!/bin/sh
#
# Simple script to run a command with testbed admin privs turned on
#
exec /usr/bin/env WITH_TB_ADMIN_PRIVS=1 "$@"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment