revpi/revpipyload
1
0
Fork 0
mirror of https://github.com/naruxde/revpipyload.git synced 2025-11-08 23:23:52 +01:00
Code Issues Packages Releases Wiki Activity

feat: Inherits uid/gid from the PLC program when not executed as root

Browse Source 
If the daemon is not executed as root, no alternative UID/GID can be set
for the control program. In this case, the IDs of the daemon process
are inherited to the control program.
This commit is contained in:
Sven Sager
2024-07-11 15:41:44 +02:00
parent c9877d8230
commit 91f33926a5
1 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/revpipyload/plcsystem.py
View File

@@ -91,16 +91,24 @@ class RevPiPlc(Thread):
"""Setzt UID und GID fuer das PLC Programm.""" """Setzt UID und GID fuer das PLC Programm."""
proginit.logger.debug("enter RevPiPlc._setuppopen()") proginit.logger.debug("enter RevPiPlc._setuppopen()")
proginit.logger.info("set uid {0} and gid {1} for plc program".format(self.uid, self.gid)) # If we are not root, the process is same uid / gid as daemon
if os.getuid() == 0:
proginit.logger.info("set uid {0} and gid {1} for plc program".format(self.uid, self.gid))
# Set user last to hold root right to do the group things # Set user last to hold root right to do the group things
try: try:
name = getpwuid(self.uid).pw_name name = getpwuid(self.uid).pw_name
os.initgroups(name, self.gid) os.initgroups(name, self.gid)
except Exception: except Exception:
proginit.logger.warning("could not initialize the group access list with all groups") proginit.logger.warning("could not initialize the group access list with all groups")
os.setgid(self.gid) os.setgid(self.gid)
os.setuid(self.uid) os.setuid(self.uid)
else:
proginit.logger.info(
"leave uid {0} and gid {1} for plc program, because not executed as root".format(
os.getuid(), os.getgid()
)
)
proginit.logger.debug("leave RevPiPlc._setuppopen()") proginit.logger.debug("leave RevPiPlc._setuppopen()")