32 lines
1.1 KiB
Diff
32 lines
1.1 KiB
Diff
From dee4da950f2cd7161c444c221e01395d50282a92 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@ubuntu.com>
|
|
Date: Mon, 16 Apr 2018 18:17:48 +0200
|
|
Subject: lxd/init: Require root for interactive cluster join
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Closes #4451
|
|
|
|
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
|
|
---
|
|
lxd/main_init_interactive.go | 5 +++++
|
|
1 file changed, 5 insertions(+)
|
|
|
|
diff --git a/lxd/main_init_interactive.go b/lxd/main_init_interactive.go
|
|
index 14d9b519..311b1968 100644
|
|
--- a/lxd/main_init_interactive.go
|
|
+++ b/lxd/main_init_interactive.go
|
|
@@ -135,6 +135,11 @@ func (c *cmdInit) askClustering(config *initData, d lxd.ContainerServer) error {
|
|
break
|
|
}
|
|
|
|
+ // Root is required to access the certificate files
|
|
+ if os.Geteuid() != 0 {
|
|
+ return fmt.Errorf("Joining an existing cluster requires root privileges")
|
|
+ }
|
|
+
|
|
// Confirm wiping
|
|
if !cli.AskBool("All existing data is lost when joining a cluster, continue? (yes/no) [default=no] ", "no") {
|
|
return fmt.Errorf("User aborted configuration")
|