Refactor privilege escalation
This spec proposes a refactoring of the way nova executes commands as root. Rather than calling "sudo" in the command, a run_as_root=True parameter is added to the utils.execute call. This allows to plus another root helper than sudo.
* Removes rogue direct usage of subprocess module by proper utils.execute calls
* Adds a run_as_root parameter to utils.execute, that prefixes your command with FLAG.root_helper (which defaults to 'sudo')
* Turns all sudo calls into run_as_root=True calls
* Update fakes accordingly
* Replaces usage of "sudo -E" and "addl_env" parameter into passing environment in the command (allows it to be compatible with alternative sudo_helpers)
* Additionally, forces close_fds=True on all utils.execute calls, since it's a more secure default
Blueprint information
- Status:
- Complete
- Approver:
- Vish Ishaya
- Priority:
- Medium
- Drafter:
- Thierry Carrez
- Direction:
- Approved
- Assignee:
- Thierry Carrez
- Definition:
- Drafting
- Series goal:
- Accepted for diablo
- Implementation:
- Implemented
- Milestone target:
- 2011.3
- Started by
- Thierry Carrez
- Completed by
- Thierry Carrez
Whiteboard
First appeared in diablo-4
Work Items
Dependency tree
* Blueprints in grey have been implemented.