forked from extern/shorewall_code
Straighten out -e and appropriate priv
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6368 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
parent
25a7fcf171
commit
d934b9e654
@ -260,6 +260,10 @@ compiler() {
|
||||
local command=$1
|
||||
|
||||
shift
|
||||
|
||||
if [ -z "$EXPORT" -a $(id -u) -ne 0 ]; then
|
||||
startup_error "Ordinary users may only comple for export (-e option)"
|
||||
fi
|
||||
#
|
||||
# We've now set SHOREWALL_DIR so recalculate CONFIG_PATH
|
||||
#
|
||||
|
||||
@ -485,7 +485,7 @@ sub read_a_line {
|
||||
$line =~ s/\s+$//; # Remove Trailing white space
|
||||
|
||||
#
|
||||
# Expand Shell Variables using $ENV
|
||||
# Expand Shell Variables using %ENV
|
||||
#
|
||||
$line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\${([a-zA-Z]\w*)}(.*)$/;
|
||||
$line = join( '', $1 , ( $ENV{$2} || '' ) , $3 ) while $line =~ /^(.*?)\$([a-zA-Z]\w*)(.*)$/;
|
||||
@ -805,12 +805,11 @@ sub require_capability( $$$ ) {
|
||||
#
|
||||
# Set default config path
|
||||
#
|
||||
sub ensure_config_path( $ ) {
|
||||
my $export = $_[0];
|
||||
sub ensure_config_path() {
|
||||
|
||||
my $f = "$globals{SHAREDIR}/configpath";
|
||||
|
||||
$globals{CONFDIR} = '/usr/share/shorewall/configfiles/' if $export || $> != 0;
|
||||
$globals{CONFDIR} = '/usr/share/shorewall/configfiles/' if $> != 0;
|
||||
|
||||
unless ( $config{CONFIG_PATH} ) {
|
||||
fatal_error "$f does not exist" unless -f $f;
|
||||
@ -850,7 +849,7 @@ sub get_configuration( $ ) {
|
||||
|
||||
my $export = $_[0];
|
||||
|
||||
ensure_config_path( $export );
|
||||
ensure_config_path;
|
||||
|
||||
my $file = find_file 'shorewall.conf';
|
||||
|
||||
@ -878,7 +877,7 @@ sub get_configuration( $ ) {
|
||||
fatal_error "$file does not exist!";
|
||||
}
|
||||
|
||||
ensure_config_path( $export );
|
||||
ensure_config_path;
|
||||
|
||||
default 'PATH' , '/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin';
|
||||
|
||||
@ -897,13 +896,10 @@ sub get_configuration( $ ) {
|
||||
unless ( open_file 'capabilities' ) {
|
||||
determine_capabilities;
|
||||
}
|
||||
} elsif ( $export ) {
|
||||
open_file 'capabilities' or fatal_error "The -e flag requires a capabilities file";
|
||||
} else {
|
||||
open_file 'capabilities' or fatal_error "Compiling under an ordinary user id requires a capabilities file";
|
||||
open_file 'capabilities' or fatal_error "The -e flag requires a capabilities file";
|
||||
}
|
||||
|
||||
|
||||
#
|
||||
# If we successfully called open_file above, then this loop will read the capabilities file.
|
||||
# Otherwise, the first call to read_a_line() below will return false
|
||||
|
||||
Loading…
Reference in New Issue
Block a user