diff options
author | Arne Juul <arnej@yahooinc.com> | 2022-10-26 07:04:34 +0000 |
---|---|---|
committer | Arne Juul <arnej@yahooinc.com> | 2022-10-26 07:04:34 +0000 |
commit | af1c2c435c0f44d1d5c4134e4d01a84d78f586e9 (patch) | |
tree | 0c7fc54a2e7760baea9a51319d19e6075c398861 /client/go | |
parent | 27f3a824c6fce4a829a36e7834abeb087afeba7b (diff) |
Reapply "move FindVespaUser(), add FindVespaUidAndGid()"
This reverts commit e85d69efab1601ce8d5191f14c2075e796cfbbff.
Diffstat (limited to 'client/go')
-rw-r--r-- | client/go/vespa/find_user.go | 76 | ||||
-rw-r--r-- | client/go/vespa/find_user_test.go | 27 | ||||
-rw-r--r-- | client/go/vespa/load_env.go | 35 |
3 files changed, 105 insertions, 33 deletions
diff --git a/client/go/vespa/find_user.go b/client/go/vespa/find_user.go new file mode 100644 index 00000000000..c3f4e32906f --- /dev/null +++ b/client/go/vespa/find_user.go @@ -0,0 +1,76 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// load default environment variables (from $VESPA_HOME/conf/vespa/default-env.txt) +// Author: arnej + +package vespa + +import ( + "os" + "os/user" + "strconv" +) + +// Which user should vespa services run as? If current user is root, +// we want to change to some non-privileged user. +// Should be run after LoadDefaultEnv() which possibly loads VESPA_USER +// Which user should vespa services run as? If current user is root, +// we want to change to some non-privileged user. +// Should be run after LoadDefaultEnv() which possibly loads VESPA_USER +func FindVespaUser() string { + uName := os.Getenv("VESPA_USER") + if uName != "" { + // no check here, assume valid + return uName + } + if os.Getuid() == 0 { + u, err := user.Lookup("vespa") + if err == nil { + uName = u.Username + } else { + u, err = user.Lookup("nobody") + if err == nil { + uName = u.Username + } + } + } + if uName == "" { + u, err := user.Current() + if err == nil { + uName = u.Username + } + } + if uName != "" { + os.Setenv("VESPA_USER", uName) + } + return uName +} + +// Which user/group should vespa services run as? If current user is root, +// we want to change to some non-privileged user. +// Should be run after LoadDefaultEnv() which possibly loads VESPA_USER + +func FindVespaUidAndGid() (userId, groupId int) { + userId = -1 + groupId = -1 + uName := os.Getenv("VESPA_USER") + gName := os.Getenv("VESPA_GROUP") + if uName == "" { + uName = FindVespaUser() + } + if uName != "" { + u, err := user.Lookup(uName) + if err == nil { + userId, _ = strconv.Atoi(u.Uid) + if gName == "" { + groupId, _ = strconv.Atoi(u.Gid) + } + } + } + if gName != "" { + g, err := user.LookupGroup(gName) + if err == nil { + groupId, _ = strconv.Atoi(g.Gid) + } + } + return +} diff --git a/client/go/vespa/find_user_test.go b/client/go/vespa/find_user_test.go new file mode 100644 index 00000000000..3d533b08c56 --- /dev/null +++ b/client/go/vespa/find_user_test.go @@ -0,0 +1,27 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package vespa + +import ( + "fmt" + "os" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestFindVespaUser(t *testing.T) { + var uName string + + t.Setenv("VESPA_USER", "nobody") + uName = FindVespaUser() + assert.Equal(t, "nobody", uName) + + t.Setenv("VESPA_USER", "") + uName = FindVespaUser() + assert.NotEqual(t, "", uName) +} + +func TestFindVespaUidAndGid(t *testing.T) { + uid, gid := FindVespaUidAndGid() + fmt.Fprintln(os.Stderr, "INFO: result from FindVespaUidAndGid() is", uid, "and", gid) +} diff --git a/client/go/vespa/load_env.go b/client/go/vespa/load_env.go index 8eb7c841235..ec60305e1cc 100644 --- a/client/go/vespa/load_env.go +++ b/client/go/vespa/load_env.go @@ -8,7 +8,6 @@ import ( "bufio" "fmt" "os" - "os/user" "strings" ) @@ -21,42 +20,12 @@ func LoadDefaultEnv() error { func ExportDefaultEnvToSh() error { holder := newShellEnvExporter() err := loadDefaultEnvTo(holder) + holder.overrideVar("VESPA_HOME", FindHome()) + holder.overrideVar("VESPA_USER", FindVespaUser()) holder.dump() return err } -// Which user should vespa services run as? If current user is root, -// we want to change to some non-privileged user. -// Should be run after LoadDefaultEnv() which possibly loads VESPA_USER -func FindVespaUser() string { - uName := os.Getenv("VESPA_USER") - if uName != "" { - // no check here, assume valid - return uName - } - if os.Getuid() == 0 { - u, err := user.Lookup("vespa") - if err == nil { - uName = u.Username - } else { - u, err = user.Lookup("nobody") - if err == nil { - uName = u.Username - } - } - } - if uName == "" { - u, err := user.Current() - if err == nil { - uName = u.Username - } - } - if uName != "" { - os.Setenv("VESPA_USER", uName) - } - return uName -} - type loadEnvReceiver interface { fallbackVar(varName, varVal string) overrideVar(varName, varVal string) |