From 2fae0e2258d47aabc780356ce8ad3273a099840c Mon Sep 17 00:00:00 2001 From: Luke J Powlett Date: Thu, 5 Mar 2020 11:13:03 +0000 Subject: [PATCH] Fixed user information logging --- internal/user/user.go | 66 +++++------------------- pkg/containerruntimelogger/logruntime.go | 9 ++-- 2 files changed, 19 insertions(+), 56 deletions(-) diff --git a/internal/user/user.go b/internal/user/user.go index 2a61aaf..b70733f 100644 --- a/internal/user/user.go +++ b/internal/user/user.go @@ -1,5 +1,5 @@ /* -© Copyright IBM Corporation 2018, 2019 +© Copyright IBM Corporation 2018, 2020 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -16,66 +16,26 @@ limitations under the License. package user import ( - "fmt" - "os/user" - "strings" - - "github.com/ibm-messaging/mq-container/internal/command" + "golang.org/x/sys/unix" ) // User holds information on primary and supplemental OS groups type User struct { - UID string - Name string - PrimaryGID string - SupplementalGID []string + UID int + PrimaryGID int + SupplementalGID []int } // GetUser returns the current user and group information func GetUser() (User, error) { - u, err := user.Current() + u := User{ + UID: unix.Geteuid(), + PrimaryGID: unix.Getgid(), + } + groups, err := unix.Getgroups() if err != nil { - return User{}, err + return u, err } - g, err := getCurrentUserGroups() - if err != nil { - return User{}, err - } - if err != nil && len(g) == 0 { - return User{ - UID: u.Uid, - Name: u.Name, - PrimaryGID: u.Gid, - SupplementalGID: []string{}, - }, nil - } - // Look for the primary group in the list of group IDs - for i, v := range g { - if v == u.Gid { - // Remove the element from the slice - g = append(g[:i], g[i+1:]...) - } - } - return User{ - UID: u.Uid, - Name: u.Name, - PrimaryGID: u.Gid, - SupplementalGID: g, - }, nil -} - -func getCurrentUserGroups() ([]string, error) { - var nilArray []string - out, _, err := command.Run("id", "--groups") - if err != nil { - return nilArray, err - } - - out = strings.TrimSpace(out) - if out == "" { - return nilArray, fmt.Errorf("Unable to determine groups for current user") - } - - groups := strings.Split(out, " ") - return groups, nil + u.SupplementalGID = groups + return u, nil } diff --git a/pkg/containerruntimelogger/logruntime.go b/pkg/containerruntimelogger/logruntime.go index 1394768..91d69f2 100644 --- a/pkg/containerruntimelogger/logruntime.go +++ b/pkg/containerruntimelogger/logruntime.go @@ -1,5 +1,5 @@ /* -© Copyright IBM Corporation 2017, 2019 +© Copyright IBM Corporation 2017, 2020 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -45,11 +45,14 @@ func LogContainerDetails(log *logger.Logger) error { log.Printf("Base image: %v", bi) } u, err := user.GetUser() + if err != nil { + log.Printf("Error: %v\nUser:\n uid: %v\n gid: %v\n supGid: %v", err, u.UID, u.PrimaryGID, u.SupplementalGID) + } if err == nil { if len(u.SupplementalGID) == 0 { - log.Printf("Running as user ID %v (%v) with primary group %v", u.UID, u.Name, u.PrimaryGID) + log.Printf("Running as user ID %v with primary group %v", u.UID, u.PrimaryGID) } else { - log.Printf("Running as user ID %v (%v) with primary group %v, and supplementary groups %v", u.UID, u.Name, u.PrimaryGID, strings.Join(u.SupplementalGID, ",")) + log.Printf("Running as user ID %v with primary group %v, and supplementary groups %v", u.UID, u.PrimaryGID, strings.Trim(strings.Join(strings.Fields(fmt.Sprint(u.SupplementalGID)), ","), "[]")) } } caps, err := containerruntime.GetCapabilities()