From 46fcc07a51eec653c8befc10471346897e1e8e54 Mon Sep 17 00:00:00 2001 From: Holger Levsen Date: Wed, 6 Jan 2016 15:28:54 +0100 Subject: reproducible: fix perms to clean up nodes --- bin/jenkins_node_wrapper.sh | 2 +- bin/reproducible_cleanup_nodes.sh | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/bin/jenkins_node_wrapper.sh b/bin/jenkins_node_wrapper.sh index ebf61efe..5820d933 100755 --- a/bin/jenkins_node_wrapper.sh +++ b/bin/jenkins_node_wrapper.sh @@ -60,7 +60,7 @@ allowed_cmds=() if [[ "$*" =~ /bin/true ]] ; then exec /bin/true ; croak "Exec failed"; -elif [[ "$*" = "/srv/jenkins/bin/reproducible_slay.sh" ]] ; then +elif [[ "$*" = "cleanup_nodes /srv/jenkins/bin/reproducible_slay.sh" ]] ; then exec /srv/jenkins/bin/reproducible_slay.sh ; croak "Exec failed"; elif [[ "$*" =~ /bin/nc\ localhost\ 4949 ]] ; then exec /bin/nc localhost 4949 ; croak "Exec failed"; diff --git a/bin/reproducible_cleanup_nodes.sh b/bin/reproducible_cleanup_nodes.sh index 49094ac9..c6dd7d26 100755 --- a/bin/reproducible_cleanup_nodes.sh +++ b/bin/reproducible_cleanup_nodes.sh @@ -10,10 +10,13 @@ common_init "$@" # common code defining db access . /srv/jenkins/bin/reproducible_common.sh -# only run this on the main node +# only run this on the main node as jenkins if [ "$HOSTNAME" != "jenkins" ] ; then echo "this script must only be run on the main node, aborting." exit 1 +elif [ "$(whoami)" != "jenkins" ] ; then + echo "this script must only be run as jenkins user, aborting." + exit 1 fi # deny running this if jenkins is still running -- cgit v1.2.3-54-g00ecf