From e63f3dcfc3e7c87a678e1153cc0f0257cf521ed6 Mon Sep 17 00:00:00 2001 From: Tim Gover Date: Wed, 30 Sep 2020 11:39:35 +0100 Subject: [PATCH] Require 'sudo' for --edit or --apply instead of spawing sudo command --- rpi-eeprom-config | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/rpi-eeprom-config b/rpi-eeprom-config index 7090a13..bf9d0a1 100755 --- a/rpi-eeprom-config +++ b/rpi-eeprom-config @@ -109,7 +109,7 @@ def apply_update(config, eeprom=None, config_src=None): # Ignore APT package checksums so that this doesn't fail when used # with EEPROMs with configs delivered outside of APT. # The checksums are really just a safety check for automatic updates. - args = ['sudo', 'rpi-eeprom-update', '-d', '-i', '-f', tmp_update] + args = ['rpi-eeprom-update', '-d', '-i', '-f', tmp_update] resp = shell_cmd(args) sys.stdout.write(resp) @@ -278,7 +278,10 @@ Operating modes: 4. Applies a given config file to an EEPROM image and invokes rpi-eeprom-update to schedule an update of the bootloader when the system is rebooted. - rpi-eeprom-config --apply boot.conf [pieeprom.bin] + Since this command launches rpi-eeprom-update to schedule the EERPOM update + it must be run as root. + + sudo rpi-eeprom-config --apply boot.conf [pieeprom.bin] If the \'eeprom\' argument is not specified then the latest available image is selected by calling \'rpi-eeprom-update -l\'. @@ -287,12 +290,15 @@ Operating modes: applying a predefined configuration file the default text editor ($EDITOR) is launched with the contents of the current EEPROM configuration. + Since this command launches rpi-eeprom-update to schedule the EERPOM update + it must be run as root. + The configuration file will be taken from: * The `eeprom` file - if specified. * The current pending update - typically /boot/pieeprom.upd * The cached bootloader configuration 'vcgencmd bootloader_config' - rpi-eeprom-config --edit [pieeprom.bin] + sudo rpi-eeprom-config --edit [pieeprom.bin] See 'rpi-eeprom-update -h' for more information about the available EEPROM images. @@ -308,6 +314,10 @@ images. parser.add_argument('eeprom', nargs='?', help='Name of EEPROM file to use as input') args = parser.parse_args() + + if (args.edit or args.apply is not None) and os.getuid() != 0: + exit_error("--edit/--apply must be run as root") + if args.edit: edit_config(args.eeprom) elif args.apply is not None: