Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exit if uid=0, add --force flag to override #5179

Merged
merged 3 commits into from
Aug 22, 2019
Merged

Exit if uid=0, add --force flag to override #5179

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a43e311
Exit startup if uid=0, add --force flag to override
tstromberg Aug 22, 2019
c2c2d91
Add assistance if the user has a root owned config
tstromberg Aug 22, 2019
655f06d
Merge branch 'master' into noroot
tstromberg Aug 22, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 24 additions & 13 deletions cmd/minikube/cmd/start.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,7 @@ const (
dnsProxy = "dns-proxy"
hostDNSResolver = "host-dns-resolver"
waitUntilHealthy = "wait"
force = "force"
waitTimeout = "wait-timeout"
)

Expand Down Expand Up @@ -134,6 +135,8 @@ func initMinikubeFlags() {
viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
viper.AutomaticEnv()

startCmd.Flags().Bool(force, false, "Force minikube to perform possibly dangerous operations")

startCmd.Flags().Int(cpus, constants.DefaultCPUS, "Number of CPUs allocated to the minikube VM.")
startCmd.Flags().String(memory, constants.DefaultMemorySize, "Amount of RAM allocated to the minikube VM (format: <number>[<unit>], where unit = b, k, m or g).")
startCmd.Flags().String(humanReadableDiskSize, constants.DefaultDiskSize, "Disk size allocated to the minikube VM (format: <number>[<unit>], where unit = b, k, m or g).")
Expand Down Expand Up @@ -502,25 +505,33 @@ func selectImageRepository(mirrorCountry string, k8sVersion string) (bool, strin
// validerUser validates minikube is run by the recommended user (privileged or regular)
func validateUser() {
u, err := user.Current()
if err != nil {
glog.Errorf("Error getting the current user: %v", err)
return
}

d := viper.GetString(vmDriver)
// Check if minikube needs to run with sudo or not.
if err == nil {
if d == constants.DriverNone && u.Name != "root" {
exit.UsageT(`Please run with sudo. the vm-driver "{{.driver_name}}" requires sudo.`, out.V{"driver_name": constants.DriverNone})
} else if u.Name == "root" && !(d == constants.DriverHyperv || d == constants.DriverNone) {
out.T(out.WarningType, "Please don't run minikube as root or with 'sudo' privileges. It isn't necessary with {{.driver}} driver.", out.V{"driver": d})
}
useForce := viper.GetBool(force)

} else {
glog.Errorf("Error getting the current user: %v", err)
if d == constants.DriverNone && u.Uid != "0" && !useForce {
exit.WithCodeT(exit.Permissions, `The "{{.driver_name}}" driver requires root privileges. Please run minikube using 'sudo minikube --vm-driver={{.driver_name}}'.`, out.V{"driver_name": d})
}

if d == constants.DriverNone || u.Uid != "0" {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't this always exit, for driver none ? Or maybe that is the "happy path" of validateUser

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Never mind, the return will just go the same place as before (the checks were reversed)

return
}

if useForce {
out.T(out.WarningType, "Exiting, as the {{.driver_name}} driver should not be used with root privileges.", out.V{"driver_name": d})
return
}
exit.WithCodeT(exit.Permissions, "Exiting, as the {{.driver_name}} driver should not be used with root privileges.", out.V{"driver_name": d})
}

// validateConfig validates the supplied configuration against known bad combinations
func validateConfig() {
diskSizeMB := pkgutil.CalculateSizeInMB(viper.GetString(humanReadableDiskSize))
if diskSizeMB < pkgutil.CalculateSizeInMB(constants.MinimumDiskSize) {
if diskSizeMB < pkgutil.CalculateSizeInMB(constants.MinimumDiskSize) && !viper.GetBool(force) {
exit.WithCodeT(exit.Config, "Requested disk size {{.requested_size}} is less than minimum of {{.minimum_size}}", out.V{"requested_size": diskSizeMB, "minimum_size": pkgutil.CalculateSizeInMB(constants.MinimumDiskSize)})
}

Expand All @@ -530,10 +541,10 @@ func validateConfig() {
}

memorySizeMB := pkgutil.CalculateSizeInMB(viper.GetString(memory))
if memorySizeMB < pkgutil.CalculateSizeInMB(constants.MinimumMemorySize) {
if memorySizeMB < pkgutil.CalculateSizeInMB(constants.MinimumMemorySize) && !viper.GetBool(force) {
exit.UsageT("Requested memory allocation {{.requested_size}} is less than the minimum allowed of {{.minimum_size}}", out.V{"requested_size": memorySizeMB, "minimum_size": pkgutil.CalculateSizeInMB(constants.MinimumMemorySize)})
}
if memorySizeMB < pkgutil.CalculateSizeInMB(constants.DefaultMemorySize) {
if memorySizeMB < pkgutil.CalculateSizeInMB(constants.DefaultMemorySize) && !viper.GetBool(force) {
out.T(out.Notice, "Requested memory allocation ({{.memory}}MB) is less than the default memory allocation of {{.default_memorysize}}MB. Beware that minikube might not work correctly or crash unexpectedly.",
out.V{"memory": memorySizeMB, "default_memorysize": pkgutil.CalculateSizeInMB(constants.DefaultMemorySize)})
}
Expand Down Expand Up @@ -956,7 +967,7 @@ func validateDriverVersion(vmDriver string) {
v := extractVMDriverVersion(string(output))

// if the driver doesn't have return any version, it is really old, we force a upgrade.
if len(v) == 0 {
if len(v) == 0 && !viper.GetBool(force) {
exit.WithCodeT(
exit.Failure,
"Please upgrade the '{{.driver_executable}}'. {{.documentation_url}}",
Expand Down