Commit 24b2e6e3 authored by Guillaume Hervier's avatar Guillaume Hervier Committed by Rafael Monnerat

portredir: Don't run socat as root if not needed (port >= 1024)

parent c53046b3
...@@ -103,7 +103,11 @@ class Manager(object): ...@@ -103,7 +103,11 @@ class Manager(object):
socat_dest = '{}:{}:{}'.format(socat_dest_type, dest_addr, dest_port) socat_dest = '{}:{}:{}'.format(socat_dest_type, dest_addr, dest_port)
command.append(socat_dest) command.append(socat_dest)
# If source port >= 1024, we don't need to run as root
as_user = source_port >= 1024
socat_programs.append({ socat_programs.append({
'as_user': as_user,
'command': ' '.join(command), 'command': ' '.join(command),
'name': 'socat-{}'.format(source_port), 'name': 'socat-{}'.format(source_port),
}) })
...@@ -116,7 +120,8 @@ class Manager(object): ...@@ -116,7 +120,8 @@ class Manager(object):
for program in socat_programs]) for program in socat_programs])
for program in socat_programs: for program in socat_programs:
partition.addProgramToGroup(group_id, program['name'], program['name'], partition.addProgramToGroup(group_id, program['name'], program['name'],
program['command'], as_user=False) program['command'],
as_user=program['as_user'])
partition.writeSupervisorConfigurationFile() partition.writeSupervisorConfigurationFile()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment