From 75f06cb4139f6f00dfe952eac84ff31d3db014cb Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Thu, 14 Sep 2017 12:05:09 +0200 Subject: [PATCH 5/5] firewall-offline-cmd: Don't require root for help output Allow unprivileged users to retrieve help output. Fixes: RHBZ#1445214 Signed-off-by: Phil Sutter --- src/firewall-offline-cmd | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/firewall-offline-cmd b/src/firewall-offline-cmd index 1b4550830b7bb..fccfb7251c4f5 100755 --- a/src/firewall-offline-cmd +++ b/src/firewall-offline-cmd @@ -43,9 +43,10 @@ from firewall.core.io.helper import helper_reader from firewall.command import FirewallCommand # check for root user -if os.getuid() != 0: - sys.stderr.write("You need to be root to run %s.\n" % sys.argv[0]) - sys.exit(-1) +def assert_root(): + if os.getuid() != 0: + sys.stderr.write("You need to be root to run %s.\n" % sys.argv[0]) + sys.exit(-1) SYSTEM_CONFIG_FIREWALL = config.SYSCONFIGDIR + '/system-config-firewall' @@ -775,6 +776,8 @@ if len(sys.argv) > 1 and \ if a.help: __usage() sys.exit(0) + else: + assert_root() if a.quiet: # it makes no sense to use --quiet with these options a.quiet = False @@ -809,6 +812,7 @@ elif len(sys.argv) > 1: args = aux_args[:i+1] # all but not args.append(joinArgs(aux_args[i+1:])) # add as one arg else: + assert_root() # migrate configuration from SYSTEM_CONFIG_FIREWALL args = read_sysconfig_args() if not args: @@ -1020,6 +1024,8 @@ if a.help: __usage() sys.exit(0) +assert_root() + zone = a.zone fw = Firewall_test() fw.start() -- 2.13.1