Don't attempt to escalate gce-api-manage privileges

Remove code which allowed gce-api-manage to attempt to escalate privileges so that configuration files can be read by users who normally wouldn't have access, but do have sudo access. Change-Id: I0a684f0239bef1669c15b6c54a658c6e6f2f430c Closes-Bug: 1611171
2016-09-17 16:42:01 +05:30 · 2016-09-17 16:42:01 +05:30 · 1e7910cc08
commit 1e7910cc08
parent 967108eafe
1 changed files with 3 additions and 17 deletions
--- a/gceapi/cmd/manage.py
+++ b/gceapi/cmd/manage.py
@ -17,7 +17,6 @@
  CLI interface for GCE API management.
 """

-import os
 import sys

 from oslo_config import cfg
@ -25,7 +24,6 @@ from oslo_log import log

 from gceapi import config
 from gceapi.db import migration
-from gceapi.i18n import _


 CONF = cfg.CONF
@ -61,22 +59,10 @@ command_opt = cfg.SubCommandOpt('command',


 def main():
+    """Parse options and call the appropriate class/method."""
    CONF.register_cli_opt(command_opt)
-    try:
-        config.parse_args(sys.argv)
-        log.setup(CONF, "gceapi")
-    except cfg.ConfigFilesNotFoundError:
-        cfgfile = CONF.config_file[-1] if CONF.config_file else None
-        if cfgfile and not os.access(cfgfile, os.R_OK):
-            st = os.stat(cfgfile)
-            print(_("Could not read %s. Re-running with sudo") % cfgfile)
-            try:
-                os.execvp('sudo', ['sudo', '-u', '#%s' % st.st_uid] + sys.argv)
-            except Exception:
-                print(_('sudo failed, continuing as if nothing happened'))
-
-        print(_('Please re-run gce-api-manage as root.'))
-        return(2)
+    config.parse_args(sys.argv)
+    log.setup(CONF, "gceapi")

    try:
        CONF.command.func()