aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--iurt_root_command124
1 files changed, 118 insertions, 6 deletions
diff --git a/iurt_root_command b/iurt_root_command
index a6fcedf..8be134a 100644
--- a/iurt_root_command
+++ b/iurt_root_command
@@ -26,6 +26,7 @@
use strict;
my $program_name = 'iurt_root_command';
use Mkcd::Commandline qw(parseCommandLine usage);
+use MDK::Common;
my $arg = @ARGV;
my (@params, %run);
@@ -40,12 +41,50 @@ $run{todo} = [ ];
#
# no_rsync, config_help and copy_srpm kept for compatibility reasons
#
- [ "", "$program_name", 0, "[--modprobe <module>]",
+ [ "", "$program_name", 0, "[--verbose <level>]
+ [--modprobe <module>]
+ [--mkdir [--parents] <dir1> <dir2> ... <dirn>]",
"$program_name is a perl script to execute commands which need root privilege, it helps probram which needs occasional root privileges for some commands.",
- sub { $arg or usage($program_name, \@params) }, "" ],
+ sub { $arg or usage($program_name, \@params) }, "Running $program_name" ],
+ [ "", "mkdir", [
+ ["", "mkdir", -1, "[--parents] <dir1> <dir2> ... <dirn>]", "mkdir create the given path",
+ sub {
+ my ($tmp, @arg) = @_;
+ $tmp->[0] ||= {};
+ push @$tmp, @arg;
+ 1
+ }, "Setting auto mode arguments"],
+ ["p", "parents", 0, "",
+ "Also create needed parents directories",
+ sub { my ($tmp) = @_; $tmp->[0]{parents} = 1; 1 }, "Set the parents flag"],
+ ], "[--parents] <dir1> <dir2> ... <dirn>]",
+ "mkdir create the given path",
+ \&mkdir, "Creating the path" ],
+ [ "", "rm", [
+ ["", "rm", -1, "[-f] [-r] <file1> <file2> ... <filen>]", "remove the provided files",
+ sub {
+ my ($tmp, @arg) = @_;
+ $tmp->[0] ||= {};
+ push @$tmp, @arg;
+ 1
+ }, "Setting rm command arguments"],
+ ["r", "recursive", 0, "",
+ "Also create needed parents directories",
+ sub { my ($tmp) = @_; $tmp->[0]{recursive} = 1; 1 }, "Set the recursive flag"],
+ ], "[-r] <file1> <file2> ... <filen>]",
+ "Remove files",
+ \&rm, "Removing files" ],
+ [ "", "initdb", [
+
+ ], "<chroot>]",
+ "perform a rpm --initdb in the chroot.",
+ \&initdb, "Initializing the rpm database" ],
+ [ "v", "verbose", 1, "<verbose level>",
+ "modprobe try to modprobe the given module if authorized.",
+ sub { $run{verbose} = @_->[0]; 1 }, "Setting verbose level" ],
[ "", "modprobe", 1, "<module>]",
- "$program_name is a perl script to execute commands which need root privilege, it helps probram which needs occasional root privileges for some commands.",
- \&modprobe, "" ],
+ "modprobe try to modprobe the given module if authorized.",
+ \&modprobe, "Modprobing" ],
);
open(my $LOG, ">&STDERR");
@@ -55,10 +94,10 @@ my $todo = parseCommandLine($program_name, \@ARGV, \@params);
@ARGV and usage($program_name, \@params, "@ARGV, too many arguments");
foreach my $t (@$todo) {
print {$run{LOG}} "$program_name: $t->[2]\n" if $run{verbose} > 5;
- &{$t->[0]}(@{$t->[1]}) or print {$run{LOG}} "ERROR: $t->[2]\n";
+ &{$t->[0]}(\%run, @{$t->[1]}) or print {$run{LOG}} "ERROR: $t->[2]\n";
}
-exit
+exit;
sub modprobe {
my ($run, $module) = @_;
@@ -69,3 +108,76 @@ sub modprobe {
system($sudo, "/sbin/depmod", "-a");
!system($sudo, "/sbin/modprobe", "-f", $module)
}
+
+sub mkdir {
+ my ($run, $opt, @dir) = @_;
+ foreach my $path (@dir) {
+ -d $path and next;
+ if ($path =~ m,/dev|/proc|/root|/var, && $path !~ /chroot|unionfs/) {
+ print {$run->{LOG}} "ERROR $program_name: $path creation forbidden\n";
+ }
+ if ($opt->{parents}) {
+ mkdir_p $path
+ } else {
+ mkdir $path
+ }
+ }
+ 1
+}
+
+sub initdb {
+ my ($run, $chroot) = @_;
+ if (-d $chroot && $chroot !~ /chroot|unionfs/) {
+ print {$run{LOG}} "ERROR $program_name: rpm --initddb not authorized in $chroot\n";
+ return 0
+ }
+ !system("rpm", "--initddb", "--root", "$chroot")
+}
+
+sub rm {
+ my ($run, $opt, @files) = @_;
+ my $ok = 1;
+ my $done;
+ my $unauthorized = "/root|/dev|/var|/lib|/usr";
+ foreach my $f (@files) {
+ if (-d $f) {
+ if (!$opt->{recursive}) {
+ print {$run->{LOG}} "$program_name: could not remove directories without the -r option\n";
+ $ok = 0
+ } else {
+ if ($f =~ m,$unauthorized,) {
+ print {$run->{LOG}} "$program_name: removal of $f forbidden\n";
+ $ok = 0
+ } else {
+ system($sudo, 'rm', '-rf', $f);
+ print {$run->{LOG}} "$program_name: removing $f\n" if $run->{verbose};
+ $done = 1
+ }
+ }
+ } else {
+ if ($f =~ m,/root|/dev|/var|/lib|/usr,) {
+ print {$run->{LOG}} "$program_name: removal of $f forbidden\n";
+ $ok = 0
+ } else {
+ if ($f =~ /\*?/) {
+ foreach my $file (glob $f) {
+ if ($f =~ m,/root|/dev|/var|/lib|/usr,) {
+ print {$run->{LOG}} "$program_name: removal of $f forbidden\n";
+ $ok = 0
+ } else {
+ unlink $file;
+ $done = 1;
+ print {$run->{LOG}} "$program_name: removing $file\n" if $run->{verbose}
+ }
+ }
+ } else {
+ unlink $f;
+ $done = 1;
+ print {$run->{LOG}} "$program_name: removing $f\n" if $run->{verbose}
+ }
+ }
+ }
+ }
+ if (!$done) { print {$run->{LOG}} "$program_name: nothing deleted\n" }
+ $ok
+}