[scripts][execute] Cleanup user id handling

4231c55a · Samuel GAIST · 80f425e6 · 4231c55a
Commit 4231c55a authored 5 years ago by Samuel GAIST
--- a/beat/backend/python/scripts/execute.py
+++ b/beat/backend/python/scripts/execute.py
@@ -207,12 +207,13 @@ def main():
        cfg = simplejson.load(f)

    # Create a new user with less privileges (if necessary)
-    if os.getuid() != cfg["uid"]:
+    user_id = cfg["uid"]
+    if os.getuid() != user_id:
        retcode = subprocess.call(  # nosec
            [
                "adduser",
                "--uid",
-                str(cfg["uid"]),
+                str(user_id),
                "--no-create-home",
                "--disabled-password",
                "--disabled-login",
@@ -227,15 +228,15 @@ def main():
                logger,
                socket,
                "sys",
-                "Failed to create an user with the UID %d" % cfg["uid"],
+                "Failed to create an user with the UID %d" % user_id,
            )
            close(logger, [socket, db_socket, loop_socket], context)
            return 1

        # Change to the user with less privileges
        try:
-            os.setgid(cfg["uid"])
-            os.setuid(cfg["uid"])
+            os.setgid(user_id)
+            os.setuid(user_id)
        except Exception:
            import traceback