diff options
| author | Katarina Behrens <Katarina.Behrens@cib.de> | 2015-06-15 14:52:45 +0200 |
|---|---|---|
| committer | Stephan Bergmann <sbergman@redhat.com> | 2015-06-15 16:51:49 +0000 |
| commit | 962d6d14a0f3fd8e8678aad39212affa98853780 (patch) | |
| tree | 3cb24d83b7e29101e8ec6a40242f0ed25b5afcbd | |
| parent | 15df868c728fe82d7adb3814727826cc2d5650b8 (diff) | |
Don't let root run unopkg without --shared or --bundled option
with the exception of -h|--help.
It only makes sense to run unopkg with root priviledges if adding,
deleting etc. extensions system-wide for all users (i.e with --shared
or --bundled switch). In all other cases it only messes up access
rights to extensions, so prevent that.
Fusion of 723e099972c16458a and 9444ffc93a3335ee3f
Change-Id: Ifa273a4d66b85d9d7ed7e8e22036ccc821507fd2
Reviewed-on: https://gerrit.libreoffice.org/16293
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Stephan Bergmann <sbergman@redhat.com>
| -rwxr-xr-x | desktop/scripts/unopkg.sh | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/desktop/scripts/unopkg.sh b/desktop/scripts/unopkg.sh index a9d43bf90220..ca1e3bc7f444 100755 --- a/desktop/scripts/unopkg.sh +++ b/desktop/scripts/unopkg.sh @@ -49,17 +49,35 @@ AIX) ;; esac -#collect all bootstrap variables specified on the command line -#so that they can be passed as arguments to javaldx later on +help_mode=0 +isnotuser=0 for arg in $@ do case "$arg" in + #collect all bootstrap variables specified on the command line + #so that they can be passed as arguments to javaldx later on -env:*) BOOTSTRAPVARS=$BOOTSTRAPVARS" ""$arg";; - --shared) umask 0022;; - # make sure shared extensions will be readable by all users + + # make sure shared extensions will be readable by all users + --shared) + umask 0022 + isnotuser=1 + ;; + + --bundled) isnotuser=1;; + -h|--help) help_mode=1;; esac done +# we don't really want root to run unopkg without --shared or --bundled option +# but we might at least let him read help +if [ "$(id -u)" -eq "0" ]; then + if [ $isnotuser -eq 0 ] && [ $help_mode -eq 0 ]; then + echo "Cannot run '${0} $*' as root without --shared or --bundled option." + exit 1 + fi +fi + # extend the ld_library_path for java: javaldx checks the sofficerc for us if [ -x "${sd_prog}/javaldx" ] ; then my_path=`"${sd_prog}/javaldx" $BOOTSTRAPVARS \ |