Recently I was on an operational call and heard the people running my code placing the code in the /tmp directory and running as root. I had not planned on that. So I want to add some checks to my code (using ksh93):
# ---------- ---------- ----------
# root not allowed to run this
# ---------- ---------- ----------
[[ $( whoami ) = root ]] && exit 2
# ---------- ---------- ----------
# Don't run this in /tmp
# ---------- ---------- ----------
[[ $( pwd ) = /tmp* ]] && exit 3
# ---------- ---------- ----------
# Don't run as sudo
# ---------- ---------- ----------
# ---------- ---------- ----------
# How much space is available here?
#
# Filesystem Type 1K-blocks Used Available Use% Mounted on
# /dev/sda3 ext3 68588072 32259392 32788356 50% /home
# ---------- ---------- ----------
integer _avail=$( df -k . | grep -v "^Filesystem" | awk '{ print $4 }' )
integer _threshold=26214400 # 25GB
(( _avail < _threshold )) && {
print -u2 "***> There is not enough space (25gb) on this mount point!"
print -u2 " Only found ${_avail} kb."
exit 4
}
What I can't find is a means to check the case where my code was run with sudo or "su -". The above 'whomai' returns the users name, not the fact it was run with root access through sudo. There are many reasons to use sudo, but in this case I want my app to run as a normal user with normal permissions, no extra help.
Is this possible? any ideas? I've done some google searching and all the references I can find are on how to use sudo, not how to identify it is being used.
Thanks for any help.
Eric