Merge pull request #140 from lopsided98/master
Add '--no-privilege-elevation' option to bypass root check.
This commit is contained in:
commit
95a79af395
|
@ -215,6 +215,10 @@ As of 1.4.18, syncoid also automatically supports and enables resume of interrup
|
||||||
|
|
||||||
This prints a list of snapshots during the run.
|
This prints a list of snapshots during the run.
|
||||||
|
|
||||||
|
+ --no-privilege-elevation
|
||||||
|
|
||||||
|
Bypass the root check and assume syncoid has the necessary permissions (for use with ZFS permission delegation).
|
||||||
|
|
||||||
+ --sshport
|
+ --sshport
|
||||||
|
|
||||||
Allow sync to/from boxes running SSH on non-standard ports.
|
Allow sync to/from boxes running SSH on non-standard ports.
|
||||||
|
|
7
syncoid
7
syncoid
|
@ -20,7 +20,7 @@ my %args = ('sshkey' => '', 'sshport' => '', 'sshcipher' => '', 'sshoption' => [
|
||||||
GetOptions(\%args, "no-command-checks", "monitor-version", "compress=s", "dumpsnaps", "recursive|r",
|
GetOptions(\%args, "no-command-checks", "monitor-version", "compress=s", "dumpsnaps", "recursive|r",
|
||||||
"source-bwlimit=s", "target-bwlimit=s", "sshkey=s", "sshport=i", "sshcipher|c=s", "sshoption|o=s@",
|
"source-bwlimit=s", "target-bwlimit=s", "sshkey=s", "sshport=i", "sshcipher|c=s", "sshoption|o=s@",
|
||||||
"debug", "quiet", "no-stream", "no-sync-snap", "no-resume", "exclude=s@", "skip-parent", "identifier=s",
|
"debug", "quiet", "no-stream", "no-sync-snap", "no-resume", "exclude=s@", "skip-parent", "identifier=s",
|
||||||
"no-clone-handling") or pod2usage(2);
|
"no-clone-handling", "no-privilege-elevation") or pod2usage(2);
|
||||||
|
|
||||||
my %compressargs = %{compressargset($args{'compress'} || 'default')}; # Can't be done with GetOptions arg, as default still needs to be set
|
my %compressargs = %{compressargset($args{'compress'} || 'default')}; # Can't be done with GetOptions arg, as default still needs to be set
|
||||||
|
|
||||||
|
@ -1186,7 +1186,7 @@ sub getssh {
|
||||||
$rhost =~ s/:\Q$fs\E$//;
|
$rhost =~ s/:\Q$fs\E$//;
|
||||||
my $remoteuser = $rhost;
|
my $remoteuser = $rhost;
|
||||||
$remoteuser =~ s/\@.*$//;
|
$remoteuser =~ s/\@.*$//;
|
||||||
if ($remoteuser eq 'root') { $isroot = 1; } else { $isroot = 0; }
|
if ($remoteuser eq 'root' || $args{'no-privilege-elevation'}) { $isroot = 1; } else { $isroot = 0; }
|
||||||
# now we need to establish a persistent master SSH connection
|
# now we need to establish a persistent master SSH connection
|
||||||
$socket = "/tmp/syncoid-$remoteuser-$rhost-" . time();
|
$socket = "/tmp/syncoid-$remoteuser-$rhost-" . time();
|
||||||
open FH, "$sshcmd -M -S $socket -o ControlPersist=1m $args{'sshport'} $rhost exit |";
|
open FH, "$sshcmd -M -S $socket -o ControlPersist=1m $args{'sshport'} $rhost exit |";
|
||||||
|
@ -1194,7 +1194,7 @@ sub getssh {
|
||||||
$rhost = "-S $socket $rhost";
|
$rhost = "-S $socket $rhost";
|
||||||
} else {
|
} else {
|
||||||
my $localuid = $<;
|
my $localuid = $<;
|
||||||
if ($localuid == 0) { $isroot = 1; } else { $isroot = 0; }
|
if ($localuid == 0 || $args{'no-privilege-elevation'}) { $isroot = 1; } else { $isroot = 0; }
|
||||||
}
|
}
|
||||||
# if ($isroot) { print "this user is root.\n"; } else { print "this user is not root.\n"; }
|
# if ($isroot) { print "this user is root.\n"; } else { print "this user is not root.\n"; }
|
||||||
return ($rhost,$fs,$isroot);
|
return ($rhost,$fs,$isroot);
|
||||||
|
@ -1455,3 +1455,4 @@ Options:
|
||||||
--no-command-checks Do not check command existence before attempting transfer. Not recommended
|
--no-command-checks Do not check command existence before attempting transfer. Not recommended
|
||||||
--no-resume Don't use the ZFS resume feature if available
|
--no-resume Don't use the ZFS resume feature if available
|
||||||
--no-clone-handling Don't try to recreate clones on target
|
--no-clone-handling Don't try to recreate clones on target
|
||||||
|
--no-privilege-elevation Bypass the root check, for use with ZFS permission delegation
|
||||||
|
|
Loading…
Reference in New Issue