From abe5fc6972fe92e9f9f02ce1b8ce5fcdb98b61c6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Th=C3=A9ophile=20Bastian?= <contact@tobast.fr>
Date: Thu, 19 Mar 2020 23:32:19 +0100
Subject: [PATCH] Ask and drop sudo rights at the right moment

---
 lxc_net/util.py  | 11 +++++++++++
 spawn_network.py | 14 +++++++++++---
 2 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/lxc_net/util.py b/lxc_net/util.py
index 91056d6..28ff6c2 100644
--- a/lxc_net/util.py
+++ b/lxc_net/util.py
@@ -149,3 +149,14 @@ def run_in_executor(f):
         return loop.run_in_executor(None, functools.partial(f, *args, **kwargs))
 
     return inner
+
+
+def ensure_sudo_rights():
+    """ Updates sudo credentials to ensure that the user is logged in afterwards,
+    without typing in a password """
+    run_cmd_retry(["sudo", "-v"])
+
+
+def drop_sudo_rights():
+    """ Drop sudo credentials """
+    run_cmd_retry(["sudo", "-k"])
diff --git a/spawn_network.py b/spawn_network.py
index 651b52a..9207faf 100755
--- a/spawn_network.py
+++ b/spawn_network.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 
-from lxc_net import parse_network, libvirt_error
+from lxc_net import parse_network, libvirt_error, util
 import signal
 import libvirt
 import argparse
@@ -16,7 +16,7 @@ def parse_args():
     return args
 
 
-def handle_dom(topology, cmd):
+def handle_dom(topology, cmd, sudo_drop=True):
     if not cmd:
         print("Missing argument.")
         return
@@ -30,13 +30,17 @@ def handle_dom(topology, cmd):
                 print("Bad id: {}".format(cmd[1]))
                 return
         state = cmd[0] == "up"
+
+        util.ensure_sudo_rights()
         if dom_id:
             for dom in dom_id:
                 topology.dom_setstate_single(dom, state, verbose=True)
         else:
             topology.dom_setstate(state, verbose=True)
+        if sudo_drop:
+            util.drop_sudo_rights()
     elif cmd[0] == "restart":
-        handle_dom(topology, ["down"] + cmd[1:])
+        handle_dom(topology, ["down"] + cmd[1:], sudo_drop=False)
         handle_dom(topology, ["up"] + cmd[1:])
     elif cmd[0] == "help":
         print("Available commands: up, down, restart, help")
@@ -97,15 +101,19 @@ def main():
 
     topology = parse_network.YamlTopology(args.topology, conn)
 
+    util.ensure_sudo_rights()
     topology.net_start(verbose=True)
     topology.dom_start(verbose=True)
+    util.drop_sudo_rights()
 
     print("Network running. Press ^C to terminate.")
 
     main_loop(topology)
 
+    util.ensure_sudo_rights()
     topology.dom_stop(verbose=True)
     topology.net_stop(verbose=True)
+    util.drop_sudo_rights()
 
 
 if __name__ == "__main__":