Skip to content
This repository has been archived by the owner on Apr 16, 2023. It is now read-only.

It is now possible to run only bin/manage_tuntap script via sudo, not /bi #18

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions bin/manage_tuntap
Original file line number Diff line number Diff line change
Expand Up @@ -22,22 +22,22 @@
# a virtual machine to the Internet.
# It is not intended for standalone usage.

: ${NETKIT_HOME:=$VLAB_HOME}

# Script arguments follow (arguments from 2 to 5 are only required when action
# Script arguments follow (arguments from 3 to 6 are only required when action
# is "start").
ACTION=$1 # either "start" or "stop"
USER_NAME=$2 # name of the user the tunnel is being configured for
TAP_ADDRESS=$3 # address of the (host side) tap interface
GUEST_ADDRESS=$4 # address of the (virtual machine side) guest interface
HUB_NAME=$5 # name of the virtual hub
NETKIT_HOME=$1 # NETKIT_HOME environment variable. Environment was reset after sudo so we pass it in command line.
ACTION=$2 # either "start" or "stop"
USER_NAME=$3 # name of the user the tunnel is being configured for
TAP_ADDRESS=$4 # address of the (host side) tap interface
GUEST_ADDRESS=$5 # address of the (virtual machine side) guest interface
HUB_NAME=$6 # name of the virtual hub


TAP_DEVICE="nk_tap_$USER_NAME"


# Include some important entries inside the path
export PATH=$PATH:/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
# Include some important entries inside the path along with $NETKIT_HOME/bin
PATH=$PATH:/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin:$NETKIT_HOME/bin
export PATH

# Use the correct syntax for echo, depending on the shell being used
if type source > /dev/null 2>&1; then
Expand Down
12 changes: 4 additions & 8 deletions bin/script_utils
Original file line number Diff line number Diff line change
Expand Up @@ -269,27 +269,23 @@ startInetHub() {
if [ ! -S "$1" ] || ! someOneUses "$1"; then
# Either socket does not exist yet or it is still unused
if [ "$USE_SUDO" = "yes" ]; then
# Default sudo configuration resets environment variables for security
# reasons (depends on the configuration in sudoers, and may happen even
# when using -E)
PRESERVE_ENV=$(env | egrep "(^NETKIT)|(^PATH=)")
TUNTAP_COMMAND="sudo -p \"$USER's password:\" /bin/sh -c \"eval $PRESERVE_ENV; $NETKIT_HOME/bin/manage_tuntap start $USER $2 $3 $1\""
TUNTAP_COMMAND="sudo -p \"$USER's password:\" $NETKIT_HOME/bin/manage_tuntap $NETKIT_HOME start $USER $2 $3 $1"
else
TUNTAP_COMMAND="su -mc \"$NETKIT_HOME/bin/manage_tuntap start $USER $2 $3 $1\""
TUNTAP_COMMAND="su -mc \"$NETKIT_HOME/bin/manage_tuntap $NETKIT_HOME start $USER $2 $3 $1\""
fi
if [ -z "$BE_QUIET" ]; then
echo "******** Starting Internet connected virtual hub ********"
echo " $TAP_ADDRESS (host side) - $GUEST_ADDRESS (guest side)"
echo "******** (root privileges are required) ********"
run_command "$JUST_PRINT" \
"$NETKIT_HOME/bin/manage_tuntap start $USER $2 $3 $1" \
"$NETKIT_HOME/bin/manage_tuntap $NETKIT_HOME start $USER $2 $3 $1" \
"$TUNTAP_COMMAND" || \
{ echo 1>&2 "Error while configuring the tunnel."; exit 1; }
echo "************** Abandoning root privileges ***************"
echo
else
run_command "$JUST_PRINT" \
"$NETKIT_HOME/bin/manage_tuntap start $USER $2 $3 $1" \
"$NETKIT_HOME/bin/manage_tuntap $NETKIT_HOME start $USER $2 $3 $1" \
"$TUNTAP_COMMAND" >/dev/null || \
{ echo 1>&2 "Error while configuring the tunnel."; exit 1; }
fi
Expand Down
10 changes: 3 additions & 7 deletions bin/vclean
Original file line number Diff line number Diff line change
Expand Up @@ -318,14 +318,10 @@ if [ ! -z "$REMOVE_TUNNELS" ]; then
echo " This will affect tap configurations for $USER_STRING."
echo "******** This operation requires root privileges ********"
fi
if [ "$USE_SUDO" = "yes" ]; then
# Default sudo configuration resets environment variables for security
# reasons (depends on the configuration in sudoers, and may happen even
# when using -E)
PRESERVE_ENV=$(env | egrep "(^NETKIT)|(^PATH=)")
TUNTAP_COMMAND="sudo -p \"$USER's password:\" /bin/sh -c \"eval $PRESERVE_ENV; $NETKIT_HOME/bin/manage_tuntap stop\""
if [ "$USE_SUDO" = "yes" ]; then
TUNTAP_COMMAND="sudo -p \"$USER's password:\" $NETKIT_HOME/bin/manage_tuntap $NETKIT_HOME stop\""
else
TUNTAP_COMMAND="su -mc \"$NETKIT_HOME/bin/manage_tuntap stop\""
TUNTAP_COMMAND="su -mc \"$NETKIT_HOME/bin/manage_tuntap $NETKIT_HOME stop\""
fi
if [ -z "$BE_QUIET" ]; then
run_command "" \
Expand Down