diff options
| author | Filipp Lepalaan <filipp@mac.com> | 2017-08-08 15:49:07 +0300 |
|---|---|---|
| committer | Filipp Lepalaan <filipp@mac.com> | 2017-08-08 15:49:07 +0300 |
| commit | ad9c6dc0b0f5477535b1cc2a9cb8627aaffe30db (patch) | |
| tree | 6edfecce55598e496b7b8026e1e4190b871517f4 | |
| parent | fcedba3dad25d5168a3d4e6b317b804014c9dd4d (diff) | |
| download | machammer-ad9c6dc0b0f5477535b1cc2a9cb8627aaffe30db.tar.gz machammer-ad9c6dc0b0f5477535b1cc2a9cb8627aaffe30db.tar.bz2 machammer-ad9c6dc0b0f5477535b1cc2a9cb8627aaffe30db.zip | |
Added root checks to some dscl functions
| -rw-r--r-- | machammer/users.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/machammer/users.py b/machammer/users.py index 0066454..623556c 100644 --- a/machammer/users.py +++ b/machammer/users.py @@ -16,6 +16,7 @@ def dscl(*args): def get_info(username): + """Return info about a user""" path = '/Users/' + username s = check_output('/usr/bin/dscl', '-plist', '.', 'read', path) return plistlib.readPlistFromString(s) @@ -52,6 +53,8 @@ def remove_login_item(**kwargs): def create_user(realname, password, username=None, uid=None, gid=20): """Create a user account.""" + assert os.getuid() == 0, "Only root can create users" + if uid is None: uid = nextid() @@ -90,6 +93,8 @@ def hide_user(username, hide_home=True): def delete_user(username, delete_home=True): """Delete a user account.""" + assert os.getuid() == 0, "Only root can delete users" + path = '/Users/' + username userinfo = get_info(username) @@ -103,4 +108,6 @@ def delete_user(username, delete_home=True): def make_admin(username): """Give admin rights to username.""" + assert os.getuid() == 0, "Only root can modify users" + dscl('-append', '/Groups/admin', 'users', username) |