From d7851563f101b82e7ffba00550469a005f4d35dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Ravier?= Date: Tue, 16 Mar 2021 16:55:49 +0100 Subject: [PATCH] countme: Refuse to run as root We do not need root privileges and should only be started via the system service unit so avoid mistake by verifying that on startup. --- rust/src/countme.rs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/rust/src/countme.rs b/rust/src/countme.rs index e7376cb9..438f374e 100644 --- a/rust/src/countme.rs +++ b/rust/src/countme.rs @@ -4,6 +4,7 @@ use anyhow::{bail, Context, Result}; use curl::easy::Easy; +use nix::unistd::geteuid; use os_release::OsRelease; use std::path; @@ -35,11 +36,16 @@ fn send_countme(url: &str, ua: &str) -> Result<()> { /// Main entrypoint for countme pub fn entrypoint() -> Result<()> { - // Silently skip if we are not run on an ostree booted system + // Skip if we are not run on an ostree booted system if !path::Path::new("/run/ostree-booted").exists() { bail!("Not running on an ostree based system"); } + // Skip if we are not running with an unprivileged user + if geteuid().is_root() { + bail!("Must run under an unprivileged user"); + } + // Load repo configs and keep only those enabled, with a metalink and countme=1 let repos: Vec<_> = self::repo::all()? .into_iter()