From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1IqC0z-0004FG-SC for garchives@archives.gentoo.org; Thu, 08 Nov 2007 18:22:06 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.2/8.14.0) with SMTP id lA8ILFRl001874; Thu, 8 Nov 2007 18:21:15 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by robin.gentoo.org (8.14.2/8.14.0) with ESMTP id lA8IJIon031981 for ; Thu, 8 Nov 2007 18:19:19 GMT Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 49C686589E for ; Thu, 8 Nov 2007 18:19:18 +0000 (UTC) X-Virus-Scanned: amavisd-new at gentoo.org X-Spam-Score: 0 X-Spam-Level: X-Spam-Status: No, score=0 required=5.5 tests=[AWL=0.532, BAYES_00=-2.599, RCVD_NUMERIC_HELO=2.067] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z2rbOiBenx8A for ; Thu, 8 Nov 2007 18:19:11 +0000 (UTC) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id B3B52657F0 for ; Thu, 8 Nov 2007 18:19:08 +0000 (UTC) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1IqBxu-0006SH-14 for gentoo-dev@gentoo.org; Thu, 08 Nov 2007 18:18:54 +0000 Received: from 91.84.166.112 ([91.84.166.112]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 08 Nov 2007 18:18:54 +0000 Received: from slong by 91.84.166.112 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 08 Nov 2007 18:18:54 +0000 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Steve Long Subject: [gentoo-dev] Re: eselect_zenity: alpha eselect GUI Date: Thu, 08 Nov 2007 18:22:48 +0000 Message-ID: References: <20071108104813.GI5516@supernova> <20071108105454.1844a75c@blueyonder.co.uk> <20071108120742.GK5516@supernova> <20071108124333.2a3dfdc7@blueyonder.co.uk> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7Bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 91.84.166.112 User-Agent: KNode/0.10.4 Sender: news X-Archives-Salt: d2f0f648-34c6-4e5f-af50-5335b0174e63 X-Archives-Hash: 3972f6f7d5ddf8cb7942059b278ac902 Ciaran McCreesh wrote: > if [[ ${UID} -ne 0 ]]; then > > We've always told people not to do that. Capabilities required by > eselect modules should be tested by attempting to perform the action, > not by some arbitrary query done on UIDs or groups. Being UID 0 doesn't > mean you're allowed to do something, and not being UID 0 doesn't mean > you're not allowed to do something. > I've always used EUID for the root check, eg: if ((EUID)); then echo "You must be root to run this script" >&2 exit 1 fi This won't get round capabilities (so error status should still be checked and the script bail with appropriate output, if it can't do something it's supposed to) but it's sufficient for root privilege check, and is better than UID which requires login as root. This doesn't, of course, deal with non-root users, eg where users in group portage are allowed to carry out a task. You can check for that kind of thing with a writeable test, eg: [[ -w $PORTDIR ]] || die 'Write access to portage dir required" While none of this stops you from needing to check errors, it does make it nicer for users, imo, if scripts check early on for broader permissions where it's appropriate. Wrt signalling die, the correct way for a script to terminate on signal is something like this code, taken from a SIG_INT handler: trap INT kill -INT $$ This ensures the parent process is correctly notified. So IOW just kill self with the appropriate signal, ensuring any traps are cleared. -- gentoo-dev@gentoo.org mailing list