diff mbox series

batctl: Remove redundant check_root_or_die()

Message ID	20241122211235.2993017-1-mr.nuke.me@gmail.com (mailing list archive)
State	Accepted, archived
Delegated to:	Simon Wunderlich
Headers	From: Alexandru Gagniuc <mr.nuke.me@gmail.com> To: b.a.t.m.a.n@lists.open-mesh.org Cc: Alexandru Gagniuc <mr.nuke.me@gmail.com> Subject: [PATCH] batctl: Remove redundant check_root_or_die() Date: Fri, 22 Nov 2024 15:12:35 -0600 Message-ID: <20241122211235.2993017-1-mr.nuke.me@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-ID-Hash: UJTTDOM3ZHOI4KNACXWTBF4PFC3ONWSR Precedence: list Archived-At: <https://lists.open-mesh.org/mailman3/hyperkitty/list/b.a.t.m.a.n@lists.open-mesh.org/message/UJTTDOM3ZHOI4KNACXWTBF4PFC3ONWSR/>
Series	batctl: Remove redundant check_root_or_die() \| batctl: Remove redundant check_root_or_die()

Commit Message

Alexandru Gagniuc Nov. 22, 2024, 9:12 p.m. UTC

  Without running as root, batctl would abort. However, this check has
zero value as it is redundant. The kernel will warn us if we don't
have permission to manipulate networking via netlink:

    $ ./batctl if create ra BATMAN_V
    Error - failed to add create batman-adv interface: Operation not permitted

Without this check, it is possible to change networking settings
without root with the CAP_NET_ADMIN permission:

    $ sudo setcap cap_net_admin+eip ./batctl
    $ ./batctl if create ra BATMAN_V
    $ ./batctl if add enp6s0
    $ ./batctl if
    enp6s0: active

Thus, do not force batctl to run as root. Let the system admin and or
user decide how to manage permissions. For those that run batctl as
root, nothing changes.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
---
 debug.c           | 2 --
 functions.c       | 8 --------
 functions.h       | 1 -
 genl_json.c       | 2 --
 gw_mode.c         | 2 --
 interface.c       | 2 --
 loglevel.c        | 2 --
 ping.c            | 2 --
 routing_algo.c    | 2 --
 sys.c             | 2 --
 tcpdump.c         | 2 --
 throughputmeter.c | 2 --
 traceroute.c      | 2 --
 translate.c       | 2 --
 14 files changed, 33 deletions(-)

diff mbox series

Patch

diff --git a/debug.c b/debug.c
index 2fa8975..5629e1f 100644
--- a/debug.c
+++ b/debug.c
@@ -144,8 +144,6 @@  int handle_debug_table(struct state *state, int argc, char **argv)
 		}
 	}
 
-	check_root_or_die("batctl");
-
 	if (read_opt & UNICAST_ONLY && read_opt & MULTICAST_ONLY) {
 		fprintf(stderr, "Error - '-u' and '-m' are exclusive options\n");
 		debug_table_usage(state);
diff --git a/functions.c b/functions.c
index 482bdf5..bf6057c 100644
--- a/functions.c
+++ b/functions.c
@@ -946,14 +946,6 @@  void get_random_bytes(void *buf, size_t buflen)
 	get_random_bytes_fallback(buf, buflen);
 }
 
-void check_root_or_die(const char *cmd)
-{
-	if (geteuid() != 0) {
-		fprintf(stderr, "Error - you must be root to run '%s' !\n", cmd);
-		exit(EXIT_FAILURE);
-	}
-}
-
 int parse_bool(const char *val, bool *res)
 {
 	if (strcasecmp(val, "0") == 0 ||
diff --git a/functions.h b/functions.h
index 860d9f4..b85bbf1 100644
--- a/functions.h
+++ b/functions.h
@@ -60,7 +60,6 @@  int check_mesh_iface(struct state *state);
 int check_mesh_iface_ownership(struct state *state, char *hard_iface);
 
 void get_random_bytes(void *buf, size_t buflen);
-void check_root_or_die(const char *cmd);
 
 int parse_bool(const char *val, bool *res);
 bool parse_throughput(char *buff, const char *description,
diff --git a/genl_json.c b/genl_json.c
index b61acdb..855a218 100644
--- a/genl_json.c
+++ b/genl_json.c
@@ -598,8 +598,6 @@  int handle_json_query(struct state *state, int argc, char **argv)
 		}
 	}
 
-	check_root_or_die("batctl");
-
 	err = netlink_print_query_json(state, json_query);
 
 	return err;
diff --git a/gw_mode.c b/gw_mode.c
index 6261a9d..1b102a3 100644
--- a/gw_mode.c
+++ b/gw_mode.c
@@ -299,8 +299,6 @@  static int gw_mode(struct state *state, int argc, char **argv)
 	if (argc == 1)
 		return gw_read_setting(state);
 
-	check_root_or_die("batctl gw_mode");
-
 	res = parse_gw(state, argc, argv);
 	if (res < 0)
 		return EXIT_FAILURE;
diff --git a/interface.c b/interface.c
index d115247..6f70468 100644
--- a/interface.c
+++ b/interface.c
@@ -436,8 +436,6 @@  static int interface(struct state *state, int argc, char **argv)
 	if (rest_argc == 0)
 		return print_interfaces(state);
 
-	check_root_or_die("batctl interface");
-
 	if ((strcmp(rest_argv[0], "add") != 0) && (strcmp(rest_argv[0], "a") != 0) &&
 	    (strcmp(rest_argv[0], "del") != 0) && (strcmp(rest_argv[0], "d") != 0) &&
 	    (strcmp(rest_argv[0], "create") != 0) && (strcmp(rest_argv[0], "c") != 0) &&
diff --git a/loglevel.c b/loglevel.c
index b7ca14f..ab6f033 100644
--- a/loglevel.c
+++ b/loglevel.c
@@ -128,8 +128,6 @@  static int loglevel(struct state *state, int argc, char **argv)
 	}
 
 	if (argc != 1) {
-		check_root_or_die("batctl loglevel");
-
 		for (i = 1; i < argc; i++) {
 			if (strcmp(argv[i], "none") == 0) {
 				log_level_globals.log_level = 0;
diff --git a/ping.c b/ping.c
index 4cc8e00..f2f6c41 100644
--- a/ping.c
+++ b/ping.c
@@ -132,8 +132,6 @@  static int ping(struct state *state, int argc, char **argv)
 		return EXIT_FAILURE;
 	}
 
-	check_root_or_die("batctl ping");
-
 	dst_string = argv[found_args];
 	bat_hosts_init(0);
 	bat_host = bat_hosts_find_by_name(dst_string);
diff --git a/routing_algo.c b/routing_algo.c
index 5d29418..8d1b63e 100644
--- a/routing_algo.c
+++ b/routing_algo.c
@@ -279,8 +279,6 @@  static int routing_algo(struct state *state, int argc, char **argv)
 		}
 	}
 
-	check_root_or_die("batctl routing_algo");
-
 	if (argc == 2)
 		return write_default_ra(SYS_SELECTED_RA_PATH, argv[1]);
 
diff --git a/sys.c b/sys.c
index dbbdeb3..dcef51f 100644
--- a/sys.c
+++ b/sys.c
@@ -245,8 +245,6 @@  int handle_sys_setting(struct state *state, int argc, char **argv)
 	if (argc == 1)
 		return sys_read_setting(state);
 
-	check_root_or_die("batctl");
-
 	if (settings->parse) {
 		res = settings->parse(state, argc, argv);
 		if (res < 0)
diff --git a/tcpdump.c b/tcpdump.c
index 3b9ded5..d4e805d 100644
--- a/tcpdump.c
+++ b/tcpdump.c
@@ -1539,8 +1539,6 @@  static int tcpdump(struct state *state __maybe_unused, int argc, char **argv)
 		return EXIT_FAILURE;
 	}
 
-	check_root_or_die("batctl tcpdump");
-
 	bat_hosts_init(read_opt);
 
 	signal(SIGINT, sig_handler);
diff --git a/throughputmeter.c b/throughputmeter.c
index f3aa09a..4f3dc50 100644
--- a/throughputmeter.c
+++ b/throughputmeter.c
@@ -352,8 +352,6 @@  static int throughputmeter(struct state *state, int argc, char **argv)
 		return EXIT_FAILURE;
 	}
 
-	check_root_or_die("batctl throughputmeter");
-
 	dst_string = argv[found_args];
 	bat_hosts_init(read_opt);
 	bat_host = bat_hosts_find_by_name(dst_string);
diff --git a/traceroute.c b/traceroute.c
index 4a6f4cf..2409c30 100644
--- a/traceroute.c
+++ b/traceroute.c
@@ -83,8 +83,6 @@  static int traceroute(struct state *state, int argc, char **argv)
 		return EXIT_FAILURE;
 	}
 
-	check_root_or_die("batctl traceroute");
-
 	dst_string = argv[found_args];
 	bat_hosts_init(read_opt);
 	bat_host = bat_hosts_find_by_name(dst_string);
diff --git a/translate.c b/translate.c
index 9228863..0101724 100644
--- a/translate.c
+++ b/translate.c
@@ -32,8 +32,6 @@  static int translate(struct state *state, int argc, char **argv)
 		return EXIT_FAILURE;
 	}
 
-	check_root_or_die("batctl translate");
-
 	dst_string = argv[1];
 	bat_hosts_init(0);
 	bat_host = bat_hosts_find_by_name(dst_string);