From 11b31826334bc3faa4d4c7ee05a3b2996a88c969 Mon Sep 17 00:00:00 2001
From: Joe Richey <joerichey@google.com>
Date: Wed, 30 Aug 2017 18:16:16 -0700
Subject: cmd/fscrypt: Add --user flag for running as root

The --user flag can now be used to have the targe user (the one whose
keyring and password will be used in fscrypt) be different than the
calling user. Very usefull for things like

	sudo fscrypt purge /media/joerichey/usb --user=joerichey

which will now have privileges to drop caches, but will properly clear
the keys from the user's keyring.
---
 cmd/fscrypt/setup.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'cmd/fscrypt/setup.go')

diff --git a/cmd/fscrypt/setup.go b/cmd/fscrypt/setup.go
index 6433b0c..72dfbdb 100644
--- a/cmd/fscrypt/setup.go
+++ b/cmd/fscrypt/setup.go
@@ -26,11 +26,12 @@ import (
 	"os"
 
 	"github.com/google/fscrypt/actions"
+	"github.com/google/fscrypt/util"
 )
 
 // createGlobalConfig creates (or overwrites) the global config file
 func createGlobalConfig(w io.Writer, path string) error {
-	if os.Getuid() != 0 {
+	if !util.IsUserRoot() {
 		return ErrMustBeRoot
 	}
 
@@ -61,7 +62,7 @@ func createGlobalConfig(w io.Writer, path string) error {
 
 // setupFilesystem creates the directories for a filesystem to use fscrypt.
 func setupFilesystem(w io.Writer, path string) error {
-	ctx, err := actions.NewContextFromMountpoint(path)
+	ctx, err := actions.NewContextFromMountpoint(path, nil)
 	if err != nil {
 		return err
 	}
-- 
cgit v1.2.3