Module: check_mk
Branch: master
Commit: 770ce6172598994a608be2b4584f2c2c2f2d5688
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=770ce617259899…
Author: Jukka Aro <ja(a)mathias-kettner.de>
Date: Mon Oct 23 08:26:02 2017 +0200
Make a more secure check for existing chroot user
Only match the exact username within word boundaries. Prevents
accidental matches with substrings especially with our two-character
usernames that can match almost whatever in /etc/passwd.
Change-Id: I2053e484462f7a6de1891f0076003658dbc3ec46
---
agents/windows/make-chroot | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/agents/windows/make-chroot b/agents/windows/make-chroot
index 1236f0c..df319a9 100755
--- a/agents/windows/make-chroot
+++ b/agents/windows/make-chroot
@@ -148,8 +148,9 @@ if [ ! -h $CHROOT_PATH/usr/bin/python ] ; then
ln -sf python2.7 $CHROOT_PATH/usr/bin/python
fi
-# Add user for building windows agent without root privileges
-if ! grep -q $SUDO_USER "$CHROOT_PATH/etc/passwd" ; then
+# Add user for building windows agent without root privileges.
+# Check that user does not exist before since SUDO_USER may be root, as well.
+if ! grep -q "\<${SUDO_USER}\>" "$CHROOT_PATH/etc/passwd" ;
then
./do-chroot "useradd -lmo -u $(id -u $SUDO_USER) -s /bin/bash $SUDO_USER"
fi