academy/mq-container
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed user information logging

Browse Source
This commit is contained in:
Luke J Powlett
2020-03-05 11:13:03 +00:00
parent c9bac5b544
commit 2fae0e2258
2 changed files with 19 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

66
internal/user/user.go
View File

@@ -1,5 +1,5 @@
/* /*
© Copyright IBM Corporation 2018, 2019 © Copyright IBM Corporation 2018, 2020
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.
@@ -16,66 +16,26 @@ limitations under the License.
package user package user
import ( import (
"fmt" "golang.org/x/sys/unix"
"os/user"
"strings"
"github.com/ibm-messaging/mq-container/internal/command"
) )
// User holds information on primary and supplemental OS groups // User holds information on primary and supplemental OS groups
type User struct { type User struct {
UID string UID int
Name string PrimaryGID int
PrimaryGID string SupplementalGID []int
SupplementalGID []string
} }
// GetUser returns the current user and group information // GetUser returns the current user and group information
func GetUser() (User, error) { func GetUser() (User, error) {
u, err := user.Current() u := User{
UID: unix.Geteuid(),
PrimaryGID: unix.Getgid(),
}
groups, err := unix.Getgroups()
if err != nil { if err != nil {
return User{}, err return u, err
} }
g, err := getCurrentUserGroups() u.SupplementalGID = groups
if err != nil { return u, nil
return User{}, err
}
if err != nil && len(g) == 0 {
return User{
UID: u.Uid,
Name: u.Name,
PrimaryGID: u.Gid,
SupplementalGID: []string{},
}, nil
}
// Look for the primary group in the list of group IDs
for i, v := range g {
if v == u.Gid {
// Remove the element from the slice
g = append(g[:i], g[i+1:]...)
}
}
return User{
UID: u.Uid,
Name: u.Name,
PrimaryGID: u.Gid,
SupplementalGID: g,
}, nil
}
func getCurrentUserGroups() ([]string, error) {
var nilArray []string
out, _, err := command.Run("id", "--groups")
if err != nil {
return nilArray, err
}
out = strings.TrimSpace(out)
if out == "" {
return nilArray, fmt.Errorf("Unable to determine groups for current user")
}
groups := strings.Split(out, " ")
return groups, nil
} }

9
pkg/containerruntimelogger/logruntime.go
View File

@@ -1,5 +1,5 @@
/* /*
© Copyright IBM Corporation 2017, 2019 © Copyright IBM Corporation 2017, 2020
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License. you may not use this file except in compliance with the License.
@@ -45,11 +45,14 @@ func LogContainerDetails(log *logger.Logger) error {
log.Printf("Base image: %v", bi) log.Printf("Base image: %v", bi)
} }
u, err := user.GetUser() u, err := user.GetUser()
if err != nil {
log.Printf("Error: %v\nUser:\n uid: %v\n gid: %v\n supGid: %v", err, u.UID, u.PrimaryGID, u.SupplementalGID)
}
if err == nil { if err == nil {
if len(u.SupplementalGID) == 0 { if len(u.SupplementalGID) == 0 {
log.Printf("Running as user ID %v (%v) with primary group %v", u.UID, u.Name, u.PrimaryGID) log.Printf("Running as user ID %v with primary group %v", u.UID, u.PrimaryGID)
} else { } else {
log.Printf("Running as user ID %v (%v) with primary group %v, and supplementary groups %v", u.UID, u.Name, u.PrimaryGID, strings.Join(u.SupplementalGID, ",")) log.Printf("Running as user ID %v with primary group %v, and supplementary groups %v", u.UID, u.PrimaryGID, strings.Trim(strings.Join(strings.Fields(fmt.Sprint(u.SupplementalGID)), ","), "[]"))
} }
} }
caps, err := containerruntime.GetCapabilities() caps, err := containerruntime.GetCapabilities()