cmd/fscrypt: Add --user flag for running as root

The --user flag can now be used to have the targe user (the one whose keyring and password will be used in fscrypt) be different than the calling user. Very usefull for things like sudo fscrypt purge /media/joerichey/usb --user=joerichey which will now have privileges to drop caches, but will properly clear the keys from the user's keyring.
author: Joe Richey <joerichey@google.com> 2017-08-30 18:16:16 -0700
committer: Joe Richey <joerichey@google.com> 2017-08-30 18:16:16 -0700
commit: 11b31826334bc3faa4d4c7ee05a3b2996a88c969 (patch)
tree: 8fe4a0d0a9e683b84ff70eed7986eebb857a2fdf /cmd/fscrypt/setup.go
parent: 5814155d0c0247d501f7479f760a676185cd4b6d (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/cmd/fscrypt/setup.go b/cmd/fscrypt/setup.go
index 6433b0c..72dfbdb 100644
--- a/cmd/fscrypt/setup.go
+++ b/cmd/fscrypt/setup.go
@@ -26,11 +26,12 @@ import (
 	"os"
 
 	"github.com/google/fscrypt/actions"
+	"github.com/google/fscrypt/util"
 )
 
 // createGlobalConfig creates (or overwrites) the global config file
 func createGlobalConfig(w io.Writer, path string) error {
-	if os.Getuid() != 0 {
+	if !util.IsUserRoot() {
 		return ErrMustBeRoot
 	}
 
@@ -61,7 +62,7 @@ func createGlobalConfig(w io.Writer, path string) error {
 
 // setupFilesystem creates the directories for a filesystem to use fscrypt.
 func setupFilesystem(w io.Writer, path string) error {
-	ctx, err := actions.NewContextFromMountpoint(path)
+	ctx, err := actions.NewContextFromMountpoint(path, nil)
 	if err != nil {
 		return err
 	}
author	Joe Richey <joerichey@google.com>	2017-08-30 18:16:16 -0700
committer	Joe Richey <joerichey@google.com>	2017-08-30 18:16:16 -0700
commit	11b31826334bc3faa4d4c7ee05a3b2996a88c969 (patch)
tree	8fe4a0d0a9e683b84ff70eed7986eebb857a2fdf /cmd/fscrypt/setup.go
parent	5814155d0c0247d501f7479f760a676185cd4b6d (diff)