The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4458
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
Closes #4451
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
From a2690c8160bb1f672b7eb048f2f5c4509f9bfb83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgra...@ubuntu.com>
Date: Mon, 16 Apr 2018 18:17:48 +0200
Subject: [PATCH] lxd/init: Require root for interactive cluster join
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Closes #4451
Signed-off-by: Stéphane Graber <stgra...@ubuntu.com>
---
lxd/main_init_interactive.go | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lxd/main_init_interactive.go b/lxd/main_init_interactive.go
index 14d9b519f..311b1968d 100644
--- a/lxd/main_init_interactive.go
+++ b/lxd/main_init_interactive.go
@@ -135,6 +135,11 @@ func (c *cmdInit) askClustering(config *initData, d
lxd.ContainerServer) error {
break
}
+ // Root is required to access the certificate files
+ if os.Geteuid() != 0 {
+ return fmt.Errorf("Joining an existing cluster
requires root privileges")
+ }
+
// Confirm wiping
if !cli.AskBool("All existing data is lost when joining
a cluster, continue? (yes/no) [default=no] ", "no") {
return fmt.Errorf("User aborted configuration")
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel
