Refactor privilege escalation

Registered by Thierry Carrez

This spec proposes a refactoring of the way nova executes commands as root. Rather than calling "sudo" in the command, a run_as_root=True parameter is added to the utils.execute call. This allows to plus another root helper than sudo.

* Removes rogue direct usage of subprocess module by proper utils.execute calls
* Adds a run_as_root parameter to utils.execute, that prefixes your command with FLAG.root_helper (which defaults to 'sudo')
* Turns all sudo calls into run_as_root=True calls
* Update fakes accordingly
* Replaces usage of "sudo -E" and "addl_env" parameter into passing environment in the command (allows it to be compatible with alternative sudo_helpers)
* Additionally, forces close_fds=True on all utils.execute calls, since it's a more secure default

Blueprint information

Status:
Complete
Approver:
Vish Ishaya
Priority:
Medium
Drafter:
Thierry Carrez
Direction:
Approved
Assignee:
Thierry Carrez
Definition:
Drafting
Series goal:
Accepted for diablo
Implementation:
Implemented
Milestone target:
milestone icon 2011.3
Started by
Thierry Carrez
Completed by
Thierry Carrez

Related branches

Sprints

Whiteboard

First appeared in diablo-4

(?)

Work Items

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.