Don't attempt to escalate ec2-api-manage privileges

Remove code which allowed ec2-api-manage to attempt to escalate privileges so that configuration files can be read by users who normally wouldn't have access, but do have sudo access. Change-Id: I1ab7052fc117f064054e3127517da77598b6d27b Closes-Bug:#1611171
2016-09-17 18:28:28 +05:30 · 2016-09-17 18:28:28 +05:30 · f8dbd1cc45
parent 41abc11f58
commit f8dbd1cc45
1 changed files with 2 additions and 17 deletions
--- a/ec2api/cmd/manage.py
+++ b/ec2api/cmd/manage.py
@ -17,7 +17,6 @@
  CLI interface for EC2 API management.
 """

-import os
 import sys

 from oslo_config import cfg
@ -25,7 +24,6 @@ from oslo_log import log

 from ec2api import config
 from ec2api.db import migration
-from ec2api.i18n import _


 CONF = cfg.CONF
@ -62,21 +60,8 @@ command_opt = cfg.SubCommandOpt('command',

 def main():
    CONF.register_cli_opt(command_opt)
-    try:
-        config.parse_args(sys.argv)
-        log.setup(CONF, "ec2api")
-    except cfg.ConfigFilesNotFoundError:
-        cfgfile = CONF.config_file[-1] if CONF.config_file else None
-        if cfgfile and not os.access(cfgfile, os.R_OK):
-            st = os.stat(cfgfile)
-            print(_("Could not read %s. Re-running with sudo") % cfgfile)
-            try:
-                os.execvp('sudo', ['sudo', '-u', '#%s' % st.st_uid] + sys.argv)
-            except Exception:
-                print(_('sudo failed, continuing as if nothing happened'))
-
-        print(_('Please re-run ec2-api-manage as root.'))
-        return(2)
+    config.parse_args(sys.argv)
+    log.setup(CONF, "ec2api")

    try:
        CONF.command.func()