From 5a1f4b6647c2482f7f53e3c158fb5a7eafdb82ea Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Tue, 20 Sep 2022 10:26:00 -0700 Subject: [PATCH] actions: Allow actions to be called by other users There is not much additional risk by doing this. This is needed in case of some exceptional cases such as storage.validate_directory() which need to run as a different user other than root. Tests: - Directory validation works in transmission and deluge. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- actions/actions | 3 --- plinth/tests/test_actions_actions.py | 5 ----- 2 files changed, 8 deletions(-) diff --git a/actions/actions b/actions/actions index 9264b5cfe..e012b4b3c 100755 --- a/actions/actions +++ b/actions/actions @@ -62,9 +62,6 @@ def main(): def _call(module_name, action_name, arguments): """Import the module and run action as superuser""" - if os.getuid() != 0: - raise PermissionError('This action is reserved for root') - if '.' in module_name: raise SyntaxError('Invalid module name') diff --git a/plinth/tests/test_actions_actions.py b/plinth/tests/test_actions_actions.py index 76802f111..05c18b20c 100644 --- a/plinth/tests/test_actions_actions.py +++ b/plinth/tests/test_actions_actions.py @@ -22,11 +22,6 @@ def test_call_syntax_checks(getuid, get_module_import_path, import_module, """Test that calling a method results in proper syntax checks.""" call = actions_module._call - # Test for root permissions - getuid.return_value = 1000 - with pytest.raises(PermissionError): - call('x-module', 'x-action', {}) - # Module name validation getuid.return_value = 0 with pytest.raises(SyntaxError, match='Invalid module name'):