feat: Inherits uid/gid from the PLC program when not executed as root

If the daemon is not executed as root, no alternative UID/GID can be set for the control program. In this case, the IDs of the daemon process are inherited to the control program.
2025-11-08 15:13:52 +01:00 · 2024-07-11 15:41:44 +02:00
parent c9877d8230
commit 91f33926a5
1 changed files with 17 additions and 9 deletions
--- a/src/revpipyload/plcsystem.py
+++ b/src/revpipyload/plcsystem.py
@@ -91,16 +91,24 @@ class RevPiPlc(Thread):
        """Setzt UID und GID fuer das PLC Programm."""
        proginit.logger.debug("enter RevPiPlc._setuppopen()")

-        proginit.logger.info("set uid {0} and gid {1} for plc program".format(self.uid, self.gid))
+        # If we are not root, the process is same uid / gid as daemon
+        if os.getuid() == 0:
+            proginit.logger.info("set uid {0} and gid {1} for plc program".format(self.uid, self.gid))

-        # Set user last to hold root right to do the group things
-        try:
-            name = getpwuid(self.uid).pw_name
-            os.initgroups(name, self.gid)
-        except Exception:
-            proginit.logger.warning("could not initialize the group access list with all groups")
-        os.setgid(self.gid)
-        os.setuid(self.uid)
+            # Set user last to hold root right to do the group things
+            try:
+                name = getpwuid(self.uid).pw_name
+                os.initgroups(name, self.gid)
+            except Exception:
+                proginit.logger.warning("could not initialize the group access list with all groups")
+            os.setgid(self.gid)
+            os.setuid(self.uid)
+        else:
+            proginit.logger.info(
+                "leave uid {0} and gid {1} for plc program, because not executed as root".format(
+                    os.getuid(), os.getgid()
+                )
+            )

        proginit.logger.debug("leave RevPiPlc._setuppopen()")