support dropprivs in execlog/execprog

author: Dmitry Vyukov <dvyukov@google.com> 2015-11-05 10:30:39 +0100
committer: Dmitry Vyukov <dvyukov@google.com> 2015-11-05 10:30:39 +0100
commit: a7d2a521f3ad75348fe3e7334f7a2bbfcc631540 (patch)
tree: 12639bc1d703d2525b24944b72fbba4003de203d /tools/execlog
parent: f563cc395beb7a45450990b3898642de5fd4e9e3 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/tools/execlog/execlog.go b/tools/execlog/execlog.go
index b1ee9fba8..54cadac12 100644
--- a/tools/execlog/execlog.go
+++ b/tools/execlog/execlog.go
@@ -22,6 +22,7 @@ var (
 	flagLog      = flag.String("log", "", "comma-delimited list of log files to execute")
 	flagProcs    = flag.Int("procs", 1, "number of parallel processes to execute the log")
 	flagThreaded = flag.Bool("threaded", false, "use threaded mode in executor")
+	flagNobody   = flag.Bool("nobody", true, "impersonate into nobody")
 	flagTimeout  = flag.Duration("timeout", 5*time.Second, "execution timeout")
 )
 
@@ -69,7 +70,10 @@ func main() {
 			if *flagThreaded {
 				flags |= ipc.FlagThreaded
 			}
-			env, err := ipc.MakeEnv(*flagExecutor, *flagTimeout, 0)
+			if *flagNobody {
+				flags |= ipc.FlagDropPrivs
+			}
+			env, err := ipc.MakeEnv(*flagExecutor, *flagTimeout, flags)
 			if err != nil {
 				log.Fatalf("failed to create ipc env: %v", err)
 			}
author	Dmitry Vyukov <dvyukov@google.com>	2015-11-05 10:30:39 +0100
committer	Dmitry Vyukov <dvyukov@google.com>	2015-11-05 10:30:39 +0100
commit	a7d2a521f3ad75348fe3e7334f7a2bbfcc631540 (patch)
tree	12639bc1d703d2525b24944b72fbba4003de203d /tools/execlog
parent	f563cc395beb7a45450990b3898642de5fd4e9e3 (diff)