----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: http://reviewboard-fedoraserver.rhcloud.com/r/131/#review364 -----------------------------------------------------------
src/rolekit/async.py http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment192
Note that 0 is False in Python.
How about (untested) > if (uid is None) != (gid is None):
src/rolekit/async.py http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment193
AFAICS _calling_ the demote() function is superfluous and, to me, confusing; we only need to pass the set_ids callable.
src/rolekit/async.py http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment195
setre[ug]id() to make it explicit that both are changed?
src/rolekit/async.py http://reviewboard-fedoraserver.rhcloud.com/r/131/#comment194
One way to fix: move this check inside set_ids(), and then call Popen(… preexec_fn=set_ids)
Another way, more similar to the current code: > if (user_uid is not None or user_gid is not None): # minimal cleanup related to 0/none and being paranoid > preexec_fn = set_ids > else: > preexec_fn = None … and then call Popen(…, preexec_fn=preexec_fn) (change names as you like)
- Miloslav Trmac
On Led. 20, 2015, 7:12 odp., Stephen Gallagher wrote:
This is an automatically generated e-mail. To reply, visit: http://reviewboard-fedoraserver.rhcloud.com/r/131/
(Updated Led. 20, 2015, 7:12 odp.)
Review request for RoleKit Mailing List, Miloslav Trmac, Stephen Gallagher, and Thomas Woerner.
Repository: rolekit
Description
Allow impersonating a different UID/GID in subprocesses
Diffs
src/rolekit/async.py 0f9ddaac1beb27cebdf41ca0383a62a807c4fcb6
Diff: http://reviewboard-fedoraserver.rhcloud.com/r/131/diff/
Testing
Thanks,
Stephen Gallagher