From 13f9e928a344c3bf6244d274fb628fd90b95c0fe Mon Sep 17 00:00:00 2001
From: Olivier Blin <oblin@mandriva.com>
Date: Wed, 7 Mar 2007 18:39:56 +0000
Subject: add /root in unauthorized paths (import from cluster files, from
 warly/mrl/claudio ?)

---
 iurt_root_command | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'iurt_root_command')

diff --git a/iurt_root_command b/iurt_root_command
index 361e01d..d106eba 100755
--- a/iurt_root_command
+++ b/iurt_root_command
@@ -153,7 +153,7 @@ sub mkdir {
     my ($_run, $opt, @dir) = @_;
     foreach my $path (@dir) {
 	-d $path and next;
-	if ($path =~ m,/dev|/proc|/var, && $path !~ /chroot|unionfs/) {
+	if ($path =~ m,/dev|/proc|/root|/var, && $path !~ /chroot|unionfs/) {
 	    plog('FAIL', "ERROR: $path creation forbidden");
 	}
 	if ($opt->{parents}) {
@@ -178,7 +178,7 @@ sub rm {
     my ($_run, $opt, @files) = @_;
     my $ok = 1;
     my $done;
-    my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)";
+    my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
 
     foreach my $f (@files) {
 	if (-d $f) {
@@ -232,7 +232,7 @@ sub cp {
     my $ok = 1;
     my $done;
     my $dest = pop @files;
-    my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)";
+    my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
     if ($dest =~ /$unauthorized/ || $dest eq '/') {
 	plog('FAIL', "copying to $dest forbidden");
 	return;
@@ -275,7 +275,7 @@ sub cp {
 
 sub ln {
     my ($_run, $_opt, $file1, $file2) = @_;
-    my $unauthorized = "^(/etc|/dev|/var|/lib|/usr)";
+    my $unauthorized = "^(/etc|/root|/dev|/var|/lib|/usr)";
     if ($file2 =~ /$unauthorized/ || $file2 eq '/') {
 	plog('FAIL', "linking to $file2 forbidden");
 	return;
-- 
cgit v1.2.1