Per the telecon and chat with Jeff, let root only do the version option without warning. Otherwise, require that the user specifically indicate allow-use-as-root
Этот коммит содержится в:
Ralph Castain
родитель
b6043ec459
Коммит
f863147b05
@ -79,6 +79,7 @@
|
||||
|
||||
#include "opal/version.h"
|
||||
#include "opal/runtime/opal.h"
|
||||
#include "opal/runtime/opal_info_support.h"
|
||||
#include "opal/util/os_path.h"
|
||||
#include "opal/util/path.h"
|
||||
#include "opal/class/opal_pointer_array.h"
|
||||
@ -656,9 +657,67 @@ int orterun(int argc, char *argv[])
|
||||
return rc;
|
||||
}
|
||||
|
||||
/* print version if requested. Do this before check for help so
|
||||
that --version --help works as one might expect. */
|
||||
if (orterun_globals.version) {
|
||||
char *str, *project_name = NULL;
|
||||
if (0 == strcmp(orte_basename, "mpirun")) {
|
||||
project_name = "Open MPI";
|
||||
} else {
|
||||
project_name = "OpenRTE";
|
||||
}
|
||||
str = opal_info_make_version_str("all",
|
||||
OPAL_MAJOR_VERSION, OPAL_MINOR_VERSION,
|
||||
OPAL_RELEASE_VERSION,
|
||||
OPAL_GREEK_VERSION,
|
||||
OPAL_REPO_REV);
|
||||
if (NULL != str) {
|
||||
fprintf(stdout, "%s (%s) %s\n\nReport bugs to %s\n",
|
||||
orte_basename, project_name, str, PACKAGE_BUGREPORT);
|
||||
free(str);
|
||||
}
|
||||
exit(0);
|
||||
}
|
||||
|
||||
/* DO NOT LET ROOT CALL ORTE_INIT/FINALIZE AS IT CAN BLAST SYSTEM FILES
|
||||
* TO BE FULLY SAFE, WE DON'T ALLOW ANYTHING MORE THAN THE VERSION OUTPUT */
|
||||
|
||||
/* check if we are running as root - if we are, then only allow
|
||||
* us to proceed if the allow-run-as-root flag was given. Otherwise,
|
||||
* exit with a giant warning flag
|
||||
*/
|
||||
if (0 == geteuid() && !orterun_globals.run_as_root) {
|
||||
if (orterun_globals.help) {
|
||||
char *project_name = NULL;
|
||||
if (0 == strcmp(orte_basename, "mpirun")) {
|
||||
project_name = "Open MPI";
|
||||
} else {
|
||||
project_name = "OpenRTE";
|
||||
}
|
||||
fprintf(stderr, "%s cannot provide the help message when run as root\n"
|
||||
"Please run as regular user, or add the --run-as-root flag\n"
|
||||
"NOTE: running as root is not recommended as it can lead\n"
|
||||
"to unintended deletion of system files if the prefix used\n"
|
||||
"to build %s points to a system location\n",
|
||||
project_name, project_name);
|
||||
} else {
|
||||
/* show_help is not yet available, so print an error manually */
|
||||
fprintf(stderr, "--------------------------------------------------------------------------\n");
|
||||
fprintf(stderr, "%s has detected an attempt to run as root. This is *strongly*\n", orte_basename);
|
||||
fprintf(stderr, "discouraged as any mistake (e.g., in defining TMPDIR) or bug can\n");
|
||||
fprintf(stderr, "result in catastrophic damage to the OS file system, leaving\n");
|
||||
fprintf(stderr, "your system in an unusable state.\n\n");
|
||||
fprintf(stderr, "You can override this protection by adding the --allow-run-as-root\n");
|
||||
fprintf(stderr, "option to your cmd line. However, we reiterate our strong advice\n");
|
||||
fprintf(stderr, "against doing so - please do so at your own risk.\n");
|
||||
fprintf(stderr, "--------------------------------------------------------------------------\n");
|
||||
}
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/*
|
||||
* Since this process can now handle MCA/GMCA parameters, make sure to
|
||||
* process them.
|
||||
* process them - we can do this step WITHOUT first calling opal_init
|
||||
*/
|
||||
if (OPAL_SUCCESS != mca_base_cmd_line_process_args(&cmd_line, &environ, &environ)) {
|
||||
exit(1);
|
||||
@ -681,27 +740,6 @@ int orterun(int argc, char *argv[])
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/* print version if requested. Do this before check for help so
|
||||
that --version --help works as one might expect. */
|
||||
if (orterun_globals.version) {
|
||||
char *str, *project_name = NULL;
|
||||
if (0 == strcmp(orte_basename, "mpirun")) {
|
||||
project_name = "Open MPI";
|
||||
} else {
|
||||
project_name = "OpenRTE";
|
||||
}
|
||||
str = opal_show_help_string("help-orterun.txt", "orterun:version",
|
||||
false,
|
||||
orte_basename, project_name, OPAL_VERSION,
|
||||
PACKAGE_BUGREPORT);
|
||||
if (NULL != str) {
|
||||
printf("%s", str);
|
||||
free(str);
|
||||
}
|
||||
opal_finalize();
|
||||
exit(0);
|
||||
}
|
||||
|
||||
/* Check for help request */
|
||||
if (orterun_globals.help) {
|
||||
char *str, *args = NULL;
|
||||
@ -727,25 +765,6 @@ int orterun(int argc, char *argv[])
|
||||
exit(0);
|
||||
}
|
||||
|
||||
/* check if we are running as root - if we are, then only allow
|
||||
* us to proceed if the allow-run-as-root flag was given. Otherwise,
|
||||
* exit with a giant warning flag
|
||||
*/
|
||||
if (0 == geteuid() && !orterun_globals.run_as_root) {
|
||||
/* show_help is not yet available, so print an error manually */
|
||||
fprintf(stderr, "--------------------------------------------------------------------------\n");
|
||||
fprintf(stderr, "%s has detected an attempt to run as root. This is *strongly*\n", orte_basename);
|
||||
fprintf(stderr, "discouraged as any mistake (e.g., in defining TMPDIR) or bug can\n");
|
||||
fprintf(stderr, "result in catastrophic damage to the OS file system, leaving\n");
|
||||
fprintf(stderr, "your system in an unusable state.\n\n");
|
||||
fprintf(stderr, "You can override this protection by adding the --allow-run-as-root\n");
|
||||
fprintf(stderr, "option to your cmd line. However, we reiterate our strong advice\n");
|
||||
fprintf(stderr, "against doing so - please do so at your own risk.\n");
|
||||
fprintf(stderr, "--------------------------------------------------------------------------\n");
|
||||
opal_finalize();
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/* may look strange, but the way we handle prefix is a little weird
|
||||
* and probably needs to be addressed more fully at some future point.
|
||||
* For now, we have a conflict between app_files and cmd line usage.
|
||||
|
||||
Загрузка…
x
Ссылка в новой задаче
Block a user