From 4c09ceb6560b4f3f5febd270c764adc836a497be Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20=C4=8Cerm=C3=A1k?= Date: Wed, 6 Aug 2025 17:27:44 +0200 Subject: [PATCH] Prevent root from running the enter.sh helper script (#4216) * Prevent root from running the enter.sh helper script Since configure doesn't like being ran as root, check in the enter.sh script that the user running it is not UID/GID 0. The script itself takes care of running what needs to be executed privileged with explicit sudo commands. Fixes #4214 * Reword the error message Co-authored-by: Stefan Agner --- scripts/enter.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/scripts/enter.sh b/scripts/enter.sh index 32f14b0fd..0dc5dee5c 100755 --- a/scripts/enter.sh +++ b/scripts/enter.sh @@ -7,6 +7,11 @@ CACHE_DIR="${CACHE_DIR:-$HOME/hassos-cache}" ARGS="$*" COMMAND="${ARGS:-bash}" +if [ "$BUILDER_UID" -eq "0" ] || [ "$BUILDER_GID" == "0" ]; then + echo "ERROR: Please run this script as a regular (non-root) user with sudo privileges." + exit 1 +fi + sudo mkdir -p "${CACHE_DIR}" sudo chown -R "${BUILDER_UID}:${BUILDER_GID}" "${CACHE_DIR}" sudo docker build -t hassos:local .