diff options
-rw-r--r-- | client/go/vespa/switch_user.go | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/client/go/vespa/switch_user.go b/client/go/vespa/switch_user.go new file mode 100644 index 00000000000..20d624965f8 --- /dev/null +++ b/client/go/vespa/switch_user.go @@ -0,0 +1,49 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +// load default environment variables (from $VESPA_HOME/conf/vespa/default-env.txt) +// Author: arnej + +package vespa + +import ( + "fmt" + "os" + "os/user" + + "github.com/vespa-engine/vespa/client/go/trace" + "github.com/vespa-engine/vespa/client/go/util" +) + +// re-execute a script-utils action after switching to the vespa user +// (used by vespa-start-configserver and vespa-start-services) +func MaybeSwitchUser(action string) error { + const SU_PROG = "vespa-run-as-vespa-user" + const ENV_CHECK = "VESPA_ALREADY_SWITCHED_USER_TO" + vespaHome := FindHome() + vespaUser := FindVespaUser() + + wantUser, err := user.Lookup(vespaUser) + if err != nil { + trace.Trace("user.Lookup", vespaUser, "failed:", err) + return err + } + currUser, err := user.Current() + if err != nil { + trace.Trace("user.Current() failed:", err) + return err + } + trace.Trace("want to switch user from:", currUser.Username) + trace.Trace("want to switch user to:", wantUser.Username) + if wantUser.Username != currUser.Username { + alreadyTried := os.Getenv(ENV_CHECK) + if alreadyTried != "" { + // safety check to avoid infinite loop + trace.Warning("already tried to switch user to", alreadyTried) + return fmt.Errorf("could not switch user to %s", wantUser.Username) + } + mySelf := fmt.Sprintf("%s/%s", vespaHome, scriptUtilsFilename) + os.Setenv(ENV_CHECK, wantUser.Username) + args := []string{SU_PROG, mySelf, action} + return util.Execvp(SU_PROG, args) + } + return nil +} |