kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #5179 from tstromberg/noroot 

Exit if uid=0, add --force flag to override
pull/5165/head^2
Thomas Strömberg 2019-08-22 16:24:28 -07:00 committed by GitHub
parent ea7250518b 655f06dd92
commit 15b3f21f45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 37 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
cmd/minikube/cmd/start.go
View File

@ -102,6 +102,7 @@ const (
dnsProxy = "dns-proxy" dnsProxy = "dns-proxy"
hostDNSResolver = "host-dns-resolver" hostDNSResolver = "host-dns-resolver"
waitUntilHealthy = "wait" waitUntilHealthy = "wait"
force = "force"
waitTimeout = "wait-timeout" waitTimeout = "wait-timeout"
) )
@ -134,6 +135,8 @@ func initMinikubeFlags() {
viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_")) viper.SetEnvKeyReplacer(strings.NewReplacer("-", "_"))
viper.AutomaticEnv() viper.AutomaticEnv()
startCmd.Flags().Bool(force, false, "Force minikube to perform possibly dangerous operations")
startCmd.Flags().Int(cpus, constants.DefaultCPUS, "Number of CPUs allocated to the minikube VM.") startCmd.Flags().Int(cpus, constants.DefaultCPUS, "Number of CPUs allocated to the minikube VM.")
startCmd.Flags().String(memory, constants.DefaultMemorySize, "Amount of RAM allocated to the minikube VM (format: <number>[<unit>], where unit = b, k, m or g).") startCmd.Flags().String(memory, constants.DefaultMemorySize, "Amount of RAM allocated to the minikube VM (format: <number>[<unit>], where unit = b, k, m or g).")
startCmd.Flags().String(humanReadableDiskSize, constants.DefaultDiskSize, "Disk size allocated to the minikube VM (format: <number>[<unit>], where unit = b, k, m or g).") startCmd.Flags().String(humanReadableDiskSize, constants.DefaultDiskSize, "Disk size allocated to the minikube VM (format: <number>[<unit>], where unit = b, k, m or g).")
@ -499,28 +502,48 @@ func selectImageRepository(mirrorCountry string, k8sVersion string) (bool, strin
return false, fallback, nil return false, fallback, nil
} }
// Return a minikube command containing the current profile name
func minikubeCmd() string {
if viper.GetString(cfg.MachineProfile) != constants.DefaultMachineName {
return fmt.Sprintf("minikube -p %s", cfg.MachineProfile)
}
return "minikube"
}
// validerUser validates minikube is run by the recommended user (privileged or regular) // validerUser validates minikube is run by the recommended user (privileged or regular)
func validateUser() { func validateUser() {
u, err := user.Current() u, err := user.Current()
d := viper.GetString(vmDriver) if err != nil {
// Check if minikube needs to run with sudo or not.
if err == nil {
if d == constants.DriverNone && u.Name != "root" {
exit.UsageT(`Please run with sudo. the vm-driver "{{.driver_name}}" requires sudo.`, out.V{"driver_name": constants.DriverNone})
} else if u.Name == "root" && !(d == constants.DriverHyperv || d == constants.DriverNone) {
out.T(out.WarningType, "Please don't run minikube as root or with 'sudo' privileges. It isn't necessary with {{.driver}} driver.", out.V{"driver": d})
}
} else {
glog.Errorf("Error getting the current user: %v", err) glog.Errorf("Error getting the current user: %v", err)
return
} }
d := viper.GetString(vmDriver)
useForce := viper.GetBool(force)
if d == constants.DriverNone && u.Uid != "0" && !useForce {
exit.WithCodeT(exit.Permissions, `The "{{.driver_name}}" driver requires root privileges. Please run minikube using 'sudo minikube --vm-driver={{.driver_name}}'.`, out.V{"driver_name": d})
}
if d == constants.DriverNone || u.Uid != "0" {
return
}
out.T(out.Stopped, "The {{.driver_name}} driver should not be used with root privileges.", out.V{"driver_name": d})
_, err = cfg.Load()
if err == nil || !os.IsNotExist(err) {
out.T(out.Tip, "Tip: To remove this root owned cluster, run: sudo {{.cmd}} delete", out.V{"cmd": minikubeCmd()})
}
if !useForce {
exit.WithCodeT(exit.Permissions, "Exiting")
}
} }
// validateConfig validates the supplied configuration against known bad combinations // validateConfig validates the supplied configuration against known bad combinations
func validateConfig() { func validateConfig() {
diskSizeMB := pkgutil.CalculateSizeInMB(viper.GetString(humanReadableDiskSize)) diskSizeMB := pkgutil.CalculateSizeInMB(viper.GetString(humanReadableDiskSize))
if diskSizeMB < pkgutil.CalculateSizeInMB(constants.MinimumDiskSize) { if diskSizeMB < pkgutil.CalculateSizeInMB(constants.MinimumDiskSize) && !viper.GetBool(force) {
exit.WithCodeT(exit.Config, "Requested disk size {{.requested_size}} is less than minimum of {{.minimum_size}}", out.V{"requested_size": diskSizeMB, "minimum_size": pkgutil.CalculateSizeInMB(constants.MinimumDiskSize)}) exit.WithCodeT(exit.Config, "Requested disk size {{.requested_size}} is less than minimum of {{.minimum_size}}", out.V{"requested_size": diskSizeMB, "minimum_size": pkgutil.CalculateSizeInMB(constants.MinimumDiskSize)})
} }
@ -530,10 +553,10 @@ func validateConfig() {
} }
memorySizeMB := pkgutil.CalculateSizeInMB(viper.GetString(memory)) memorySizeMB := pkgutil.CalculateSizeInMB(viper.GetString(memory))
if memorySizeMB < pkgutil.CalculateSizeInMB(constants.MinimumMemorySize) { if memorySizeMB < pkgutil.CalculateSizeInMB(constants.MinimumMemorySize) && !viper.GetBool(force) {
exit.UsageT("Requested memory allocation {{.requested_size}} is less than the minimum allowed of {{.minimum_size}}", out.V{"requested_size": memorySizeMB, "minimum_size": pkgutil.CalculateSizeInMB(constants.MinimumMemorySize)}) exit.UsageT("Requested memory allocation {{.requested_size}} is less than the minimum allowed of {{.minimum_size}}", out.V{"requested_size": memorySizeMB, "minimum_size": pkgutil.CalculateSizeInMB(constants.MinimumMemorySize)})
} }
if memorySizeMB < pkgutil.CalculateSizeInMB(constants.DefaultMemorySize) { if memorySizeMB < pkgutil.CalculateSizeInMB(constants.DefaultMemorySize) && !viper.GetBool(force) {
out.T(out.Notice, "Requested memory allocation ({{.memory}}MB) is less than the default memory allocation of {{.default_memorysize}}MB. Beware that minikube might not work correctly or crash unexpectedly.", out.T(out.Notice, "Requested memory allocation ({{.memory}}MB) is less than the default memory allocation of {{.default_memorysize}}MB. Beware that minikube might not work correctly or crash unexpectedly.",
out.V{"memory": memorySizeMB, "default_memorysize": pkgutil.CalculateSizeInMB(constants.DefaultMemorySize)}) out.V{"memory": memorySizeMB, "default_memorysize": pkgutil.CalculateSizeInMB(constants.DefaultMemorySize)})
} }
@ -956,7 +979,7 @@ func validateDriverVersion(vmDriver string) {
v := extractVMDriverVersion(string(output)) v := extractVMDriverVersion(string(output))
// if the driver doesn't have return any version, it is really old, we force a upgrade. // if the driver doesn't have return any version, it is really old, we force a upgrade.
if len(v) == 0 { if len(v) == 0 && !viper.GetBool(force) {
exit.WithCodeT( exit.WithCodeT(
exit.Failure, exit.Failure,
"Please upgrade the '{{.driver_executable}}'. {{.documentation_url}}", "Please upgrade the '{{.driver_executable}}'. {{.documentation_url}}",