From bac4be99c20cc74365d8f6b6fbb9087cef15a9d4 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Fri, 18 Apr 2025 02:02:10 +0100
Subject: lib.sh: do root check before python check

we don't need python before the root check

principle of least privilege

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 include/lib.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'include')

diff --git a/include/lib.sh b/include/lib.sh
index 4d7001cf..1fea3640 100644
--- a/include/lib.sh
+++ b/include/lib.sh
@@ -93,6 +93,9 @@ if [ $# -gt 0 ] && [ "$1" = "dependencies" ]; then
 	exit 0
 fi
 
+id -u 1>/dev/null 2>/dev/null || $err "suid check failed (id -u)"
+[ "$(id -u)" != "0" ] || $err "this command as root is not permitted"
+
 pyver="2"
 python="python3"
 command -v python3 1>/dev/null || python="python"
@@ -109,9 +112,6 @@ if [ "${pyver%%.*}" != "3" ]; then
 	exit 1
 fi
 
-id -u 1>/dev/null 2>/dev/null || $err "suid check failed (id -u)"
-[ "$(id -u)" != "0" ] || $err "this command as root is not permitted"
-
 # XBMK_CACHE is a directory, for caching downloads and git repositories
 [ -z "${XBMK_CACHE+x}" ] && export XBMK_CACHE="$xbmkpwd/cache"
 [ -z "$XBMK_CACHE" ] && export XBMK_CACHE="$xbmkpwd/cache"
-- 
cgit v1.2.1