From 91f33926a5bf5305cd18cba642d6073b25418dcc Mon Sep 17 00:00:00 2001 From: Sven Sager Date: Thu, 11 Jul 2024 15:41:44 +0200 Subject: [PATCH] feat: Inherits uid/gid from the PLC program when not executed as root If the daemon is not executed as root, no alternative UID/GID can be set for the control program. In this case, the IDs of the daemon process are inherited to the control program. --- src/revpipyload/plcsystem.py | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/src/revpipyload/plcsystem.py b/src/revpipyload/plcsystem.py index 249d70a..f7eba0c 100644 --- a/src/revpipyload/plcsystem.py +++ b/src/revpipyload/plcsystem.py @@ -91,16 +91,24 @@ class RevPiPlc(Thread): """Setzt UID und GID fuer das PLC Programm.""" proginit.logger.debug("enter RevPiPlc._setuppopen()") - proginit.logger.info("set uid {0} and gid {1} for plc program".format(self.uid, self.gid)) + # If we are not root, the process is same uid / gid as daemon + if os.getuid() == 0: + proginit.logger.info("set uid {0} and gid {1} for plc program".format(self.uid, self.gid)) - # Set user last to hold root right to do the group things - try: - name = getpwuid(self.uid).pw_name - os.initgroups(name, self.gid) - except Exception: - proginit.logger.warning("could not initialize the group access list with all groups") - os.setgid(self.gid) - os.setuid(self.uid) + # Set user last to hold root right to do the group things + try: + name = getpwuid(self.uid).pw_name + os.initgroups(name, self.gid) + except Exception: + proginit.logger.warning("could not initialize the group access list with all groups") + os.setgid(self.gid) + os.setuid(self.uid) + else: + proginit.logger.info( + "leave uid {0} and gid {1} for plc program, because not executed as root".format( + os.getuid(), os.getgid() + ) + ) proginit.logger.debug("leave RevPiPlc._setuppopen()")