Skip to content

Commit 3c60bf3

Browse files
joe4devjoe4dev
committed
Apply review feedback
1 parent 5678a18 commit 3c60bf3

File tree

2 files changed

+15
-9
lines changed

2 files changed

+15
-9
lines changed

cmd/localstack/main.go

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -67,8 +67,7 @@ func main() {
6767
uid := 993
6868
gid := 990
6969
AddUser(lsOpts.User, uid, gid)
70-
err := os.Chown("/tmp", uid, gid)
71-
if err != nil {
70+
if err := os.Chown("/tmp", uid, gid); err != nil {
7271
log.Errorln("Error changing owner of /tmp:", err)
7372
}
7473
UserLogger().Debugln("Process running as root user.")

cmd/localstack/user.go

Lines changed: 14 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ func AddUser(user string, uid int, gid int) {
3030
}
3131
}
3232

33-
// doesFileContainEntry returns true of the entry string is contained in the given file
33+
// doesFileContainEntry returns true if the entry string exists in the given file
3434
func doesFileContainEntry(file string, entry string) bool {
3535
data, err := os.ReadFile(file)
3636
if err != nil {
@@ -41,16 +41,19 @@ func doesFileContainEntry(file string, entry string) bool {
4141
}
4242

4343
// addEntry appends an entry string to the given file
44-
func addEntry(file string, entry string) {
44+
func addEntry(file string, entry string) error {
4545
f, err := os.OpenFile(file,
4646
os.O_APPEND|os.O_WRONLY, 0644)
4747
if err != nil {
4848
log.Errorln("Error opening file:", file, err)
49+
return err
4950
}
5051
defer f.Close()
5152
if _, err := f.WriteString(entry); err != nil {
5253
log.Errorln("Error appending entry to file:", file, err)
54+
return err
5355
}
56+
return nil
5457
}
5558

5659
// IsRootUser returns true if the current process is root and false otherwise.
@@ -80,32 +83,36 @@ func UserLogger() *log.Entry {
8083

8184
// DropPrivileges switches to another UNIX user by dropping root privileges
8285
// Initially based on https://stackoverflow.com/a/75545491/6875981
83-
func DropPrivileges(userToSwitchTo string) {
86+
func DropPrivileges(userToSwitchTo string) error {
8487
// Lookup user and group IDs for the user we want to switch to.
8588
userInfo, err := user.Lookup(userToSwitchTo)
8689
if err != nil {
8790
log.Errorln("Error looking up user:", userToSwitchTo, err)
91+
return err
8892
}
8993
// Convert group ID and user ID from string to int.
9094
gid, err := strconv.Atoi(userInfo.Gid)
9195
if err != nil {
9296
log.Errorln("Error converting gid:", userInfo.Gid, err)
97+
return err
9398
}
9499
uid, err := strconv.Atoi(userInfo.Uid)
95100
if err != nil {
96101
log.Errorln("Error converting uid:", userInfo.Uid, err)
102+
return err
97103
}
98104

99105
// Limitation: Debugger gets stuck when stepping over these syscalls!
100106
// No breakpoints beyond this point are hit.
101107
// Set group ID (real and effective).
102-
err = syscall.Setgid(gid)
103-
if err != nil {
108+
if err = syscall.Setgid(gid); err != nil {
104109
log.Errorln("Failed to set group ID:", err)
110+
return err
105111
}
106112
// Set user ID (real and effective).
107-
err = syscall.Setuid(uid)
108-
if err != nil {
113+
if err = syscall.Setuid(uid); err != nil {
109114
log.Errorln("Failed to set user ID:", err)
115+
return err
110116
}
117+
return nil
111118
}

0 commit comments

Comments
 (0)