[Pkg-privacy-commits] [libgsecuredelete] 126/168: sfill wrapper: try becoming root to also wipe the reserved space

Ulrike Uhlig u-guest at moszumanska.debian.org
Thu Jul 7 20:06:46 UTC 2016 

This is an automated email from the git hooks/post-receive script.

u-guest pushed a commit to branch master
in repository libgsecuredelete.

commit 31565215daf570266917afdeaffcd00f0b1220c0
Author: Colomban Wendling <ban at herbesfolles.org>
Date:   Sat Jun 9 17:05:52 2012 +0200

    sfill wrapper: try becoming root to also wipe the reserved space
    
    Wiping the free disk space may require root privileges to be able to
    wipe some reserved portions on some file systems (ext for example).
    
    To do so, the `sfill` wrapper tries to re-launch itself as root through
    PolicyKit if needed.  However, if becoming root fails or isn't possible
    the script still does what it can without root privileges.
---
 README              |  1 +
 gsd-sfill-helper.in | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/README b/README
index 017a544..7571fa6 100644
--- a/README
+++ b/README
@@ -32,6 +32,7 @@ In addition to the build dependencies, you will need the following
 extra packages for the library to work properly:
 
 * secure-delete
+* pkexec (from the policykit package)
 
 Quick installation instructions
 ===============================
diff --git a/gsd-sfill-helper.in b/gsd-sfill-helper.in
index ce9edec..1e31362 100644
--- a/gsd-sfill-helper.in
+++ b/gsd-sfill-helper.in
@@ -30,6 +30,8 @@ OPT_l=
 OPT_v=
 OPT_z=
 
+MISSING_ROOT=0
+
 
 # die [MESSAGE]
 die() {
@@ -55,6 +57,7 @@ progress_step() {
 }
 
 
+
 # parse arguments
 while getopts 'fiIlvz' o; do
   case "$o" in
@@ -101,6 +104,23 @@ cleanup() {
   exit 1
 }
 
+
+# become root!
+if [ `whoami` != root ]; then
+  if which pkexec >/dev/null; then
+    pkexec --user root "$0" $OPT_f $OPT_i $OPT_I $OPT_l $OPT_v $OPT_z "$dir"
+    code=$?
+    if [ $code -ne 126 -a $code -ne 127 ]; then
+      # if becoming root succeeded, abort this instance
+      exit $code
+    fi
+  fi
+  
+  echo "Continuing without root privileges, wipe may be incomplete" >&2
+  MISSING_ROOT=1
+fi
+
+
 trap "rm -rf '$dir'" EXIT
 trap cleanup INT QUIT TERM
 
@@ -136,3 +156,10 @@ if [ -z "$OPT_i" ]; then
   
   progress_step
 fi
+
+
+# if we missed root permissions, report this as a special failure (42)
+if [ $MISSING_ROOT -ne 0 ]; then
+  echo "Wipe succeeded but may have been incomplete due to missing root privileges.">&2
+  exit 42
+fi

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/libgsecuredelete.git

More information about the Pkg-privacy-commits mailing list