github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-25 15:02:45 +00:00
Code Issues Projects Releases Wiki Activity

forwarder: Make explicit root check

Browse Source 
Rather than generating a potentially misleading error message if the
socket bind fails, perform an explicit check for `root` for Hybrid
VSOCK.

Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
This commit is contained in:
James O. D. Hunt 2021-10-25 17:32:43 +01:00
parent e377578e08
commit b67fa9e450
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/trace-forwarder/src/server.rs
View File

@ -85,11 +85,16 @@ fn start_hybrid_vsock(
socket_path: &str,
dump_only: bool,
) -> Result<()> {
let effective = nix::unistd::Uid::effective();
if !effective.is_root() {
return Err(anyhow!("You need to be root"));
}
// Remove the socket if it already exists
let _ = std::fs::remove_file(socket_path);
let listener =
UnixListener::bind(socket_path).map_err(|e| anyhow!("You need to be root: {:?}", e))?;
let listener = UnixListener::bind(socket_path)?;
debug!(logger, "Waiting for connections";
"vsock-type" => "hybrid",