From 34ca6ec87375ef7cee299ea40646f20fcd2d2b32 Mon Sep 17 00:00:00 2001
From: sjing <sjing@8638fb3e-16cb-4fca-ae20-7b5d299a9bcd>
Date: Tue, 24 Apr 2012 02:36:17 +0000
Subject: [PATCH] the fix for bug 3364300 - only allow root to run xcatbypass
 mode.

git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@12323 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
---
 perl-xCAT/xCAT/Client.pm | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/perl-xCAT/xCAT/Client.pm b/perl-xCAT/xCAT/Client.pm
index 49bb76912..4e59f059e 100644
--- a/perl-xCAT/xCAT/Client.pm
+++ b/perl-xCAT/xCAT/Client.pm
@@ -126,6 +126,12 @@ if (ref($request) eq 'HASH') { # the request is an array, not pure XML
        if (!(defined($request->{username}))) {
          $request->{username}->[0] = getpwuid($>);
        }
+
+       # only allow root to run
+       unless ($request->{username}->[0] =~ /root/) {
+         print ("WARNING: Only allow root to run XCATBYPASS mode, your current user ID is $request->{username}->[0].\n");
+         return 0;
+       }
      }
    # Load plugins from either specified or default dir
     require xCAT::Table;