[lxc-devel] [PATCH] lxc-ls: Update code to allow non-root listing
Stéphane Graber
stgraber at ubuntu.com
Tue Dec 4 22:42:46 UTC 2012
Re-arrange the code so that we only grab the container object when doing
something more than building a simple list of existing containers.
This means that now the following calls can run unprivileged:
- lxc-ls
- lxc-ls -1
Everything else will still require root privileges.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
src/lxc/lxc-ls | 34 +++++++++++++++++++++-------------
1 file changed, 21 insertions(+), 13 deletions(-)
diff --git a/src/lxc/lxc-ls b/src/lxc/lxc-ls
index 2ad1f7f..98b7861 100644
--- a/src/lxc/lxc-ls
+++ b/src/lxc/lxc-ls
@@ -116,12 +116,6 @@ parser.add_argument("filter", metavar='FILTER', type=str, nargs="?",
args = parser.parse_args()
-# Basic checks
-## The user needs to be uid 0
-if not os.geteuid() == 0:
- parser.error(_("You must be root to run this script. Try running: sudo %s"
- % (sys.argv[0])))
-
# --active is the same as --running --frozen
if args.active:
if not args.state:
@@ -135,19 +129,33 @@ if not sys.stdout.isatty():
# Turn args.fancy_format into a list
args.fancy_format = args.fancy_format.strip().split(",")
+# Basic checks
+## The user needs to be uid 0
+if not os.geteuid() == 0 and (args.fancy or args.state):
+ parser.error(_("You must be root to access advanced container properties. "
+ "Try running: sudo %s"
+ % (sys.argv[0])))
+
# List of containers, stored as dictionaries
containers = []
-for container in lxc.list_containers(as_object=True):
- # Filter by status
- if args.state and container.state not in args.state:
- continue
+for container_name in lxc.list_containers():
+ entry = {}
+ entry['name'] = container_name
# Apply filter
- if args.filter and not re.match(args.filter, container.name):
+ if args.filter and not re.match(args.filter, container_name):
continue
- entry = {}
- entry['name'] = container.name
+ # Return before grabbing the object (non-root)
+ if not args.state and not args.fancy:
+ containers.append(entry)
+ continue
+
+ container = lxc.Container(container_name)
+
+ # Filter by status
+ if args.state and container.state not in args.state:
+ continue
# Nothing more is needed if we're not printing some fancy output
if not args.fancy:
--
1.8.0
More information about the lxc-devel
mailing list