On Wed, May 22, 2024 at 10:59:04PM +0200, Stefano Brivio wrote:
> libguestfs tools have a good reason to run as root: if the guest image
> is owned by root, it would be counterproductive to encourage users to
> invoke them as non-root, as it would require changing permissions or
> ownership of the image file.
> 
> And if they run as root, we'll start as root, too. Warn users we'll
> switch to 'nobody', but don't tell them what to do.
> 
> Reported-by: Richard W.M. Jones <rjones@redhat.com>
> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

> ---
>  conf.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/conf.c b/conf.c
> index 21d46fe..2e0d909 100644
> --- a/conf.c
> +++ b/conf.c
> @@ -1093,7 +1093,7 @@ static void conf_ugid(char *runas, uid_t *uid, gid_t *gid)
>  		return;
>  
>  	/* ...otherwise use nobody:nobody */
> -	warn("Don't run as root. Changing to nobody...");
> +	warn("Started as root. Changing to nobody...");
>  	{
>  #ifndef GLIBC_NO_STATIC_NSS
>  		const struct passwd *pw;

-- 
David Gibson			| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you.  NOT _the_ _other_
				| _way_ _around_!
http://www.ozlabs.org/~dgibson