Commit 4231c55a authored by Samuel GAIST's avatar Samuel GAIST
Browse files

[scripts][execute] Cleanup user id handling

parent 80f425e6
Pipeline #32001 passed with stage
in 5 minutes and 44 seconds
......@@ -207,12 +207,13 @@ def main():
cfg = simplejson.load(f)
# Create a new user with less privileges (if necessary)
if os.getuid() != cfg["uid"]:
user_id = cfg["uid"]
if os.getuid() != user_id:
retcode = subprocess.call( # nosec
[
"adduser",
"--uid",
str(cfg["uid"]),
str(user_id),
"--no-create-home",
"--disabled-password",
"--disabled-login",
......@@ -227,15 +228,15 @@ def main():
logger,
socket,
"sys",
"Failed to create an user with the UID %d" % cfg["uid"],
"Failed to create an user with the UID %d" % user_id,
)
close(logger, [socket, db_socket, loop_socket], context)
return 1
# Change to the user with less privileges
try:
os.setgid(cfg["uid"])
os.setuid(cfg["uid"])
os.setgid(user_id)
os.setuid(user_id)
except Exception:
import traceback
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment