Page MenuHomePhabricator
Create Task
Maniphest T126489

deploy-local (TargetContext) should not default to utils.get_real_username()
Closed, ResolvedPublic
Actions

Description

When deploy-local is called directly, either from the shell or from puppet, the active pty might refer to a user other than the current effective uid. For the deployment host, looking up the real logged in user makes sense, but deploy-local shouldn't try to sudo back to root ( whatever user happens to be running sudo puppet agent --test)

So I'm thinking we should either 1) provide a constructor in TargetContext that overrides super:

class TargetContext(Context):
    """Manages target host paths and execution context."""

    def __init__(self, root, environment=None, user=None):
        if user is None:
            user = utils.get_username()
        super(self.__class__, self).__init__(root, environment, user)

Or, 2) pass the current effective user explicitly to TargetContext() in deploy.py line 64

@thcipriani, @dduvall: thoughts?

Revisions and Commits

rMSCA Scap
Restricted Differential RevisionrMSCA2a2a5b56b977 Default to the effective user in scap.Context

Event Timeline

mmodell created this task.Feb 10 2016, 6:26 PM
mmodell raised the priority of this task from to Medium.
mmodell updated the task description. (Show Details)
mmodell added a project: scap2.
mmodell added subscribers: mmodell, dduvall, thcipriani.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 10 2016, 6:26 PM
dduvall added a comment.Feb 10 2016, 6:30 PM

This makes total sense but I think it's a bit moot if we're to remove use of sudo_check_call everywhere. I think once that's done, we can probably remove context.user altogether?

mmodell added a comment.Feb 11 2016, 7:29 PM

@dduvall: I think the user still matters on the master, just not on the targets.

dduvall edited projects, added Scap; removed scap2.Feb 12 2016, 9:49 PM
dduvall set Security to None.
dduvall added a revision: Restricted Differential Revision.Feb 12 2016, 9:50 PM
mmodell assigned this task to dduvall.Feb 15 2016, 4:27 PM
mmodell moved this task from Needs triage to MediaWiki MVP on the Scap board.
dduvall closed this task as Resolved by committing rMSCA2a2a5b56b977: Default to the effective user in scap.Context.Feb 15 2016, 6:50 PM
dduvall added a commit: rMSCA2a2a5b56b977: Default to the effective user in scap.Context.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL