Beispiel #1
0
func HasRootPrivileges() (bool, error) {
	// TODO(tmrts): Move privilege check to sys.nss package
	ent, err := sys.Execute("getent", "gshadow", "root")
	if err != nil {
		return false, err
	}

	return ent != "", nil
}
Beispiel #2
0
func main() {
	// TODO: Build Meaningful Loggers
	flag.Parse()

	// cloudconfig
	if flags.cloudConfig != "" {
		cloudConfigContext, err := cloudconfig.Parse(flags.cloudConfig)
		if err != nil {
			panic(fmt.Errorf("fatal error config file: %v", err))
		}
	}

	metadataDigest := metadata.Get(10 * time.Second)

	conf := datasrc.Merge(metadataDigest, cloudConfigContext)

	StartContextualization()

	// usergroups
	idm := identity.Manager{Exec: sys.DefaultExecutor}

	for _, grp := range conf.Groups {
		if err := idm.CreateGroup(grp); err != nil {
			panic(err)
		}
	}

	for _, usr := range conf.Users {
		if err := idm.CreateUser(usr); err != nil {
			panic(err)
		}
	}

	for _, grp := range conf.Groups {
		for _, usr := range grp {
			if err := idm.AddUserToGroup(grp, usr); err != nil {
				panic(err)
			}
		}
	}

	// ssh_keys
	if err := ssh.InitializeFor("root"); err != nil {
		panic(err)
	}

	ssh.AuthorizeSSHKey(f, conf.AuthorizedKeys...)

	// write_files
	for _, f := range conf.Files {
		file.New(f.Name, file.Contents(f.Data), file.Uid(0), file.Gid(0), file.Permissions(f.Perms))
	}

	// run_cmd
	for _, cmd := range conf.Commands {
		sys.Execute(cmd)
	}

	if err := FinalizeContextualization(); err != nil {
		panic(err)
	}
}