cc-backend/internal/runtimeEnv/setup.go

143 lines
3.2 KiB
Go
Raw Permalink Normal View History

2024-04-11 23:04:30 +02:00
// Copyright (C) NHR@FAU, University Erlangen-Nuremberg.
// All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2022-06-21 17:52:36 +02:00
package runtimeEnv
2022-02-03 11:35:42 +01:00
import (
"bufio"
"errors"
"fmt"
"os"
"os/exec"
"os/user"
"strconv"
"strings"
"syscall"
"github.com/ClusterCockpit/cc-backend/pkg/log"
2022-02-03 11:35:42 +01:00
)
2022-03-15 08:29:29 +01:00
// Very simple and limited .env file reader.
// All variable definitions found are directly
// added to the processes environment.
2022-06-21 17:52:36 +02:00
func LoadEnv(file string) error {
2022-02-03 11:35:42 +01:00
f, err := os.Open(file)
if err != nil {
2023-05-11 09:39:23 +02:00
log.Error("Error while opening .env file")
2022-02-03 11:35:42 +01:00
return err
}
defer f.Close()
s := bufio.NewScanner(bufio.NewReader(f))
for s.Scan() {
line := s.Text()
if strings.HasPrefix(line, "#") || len(line) == 0 {
continue
}
if strings.Contains(line, "#") {
return errors.New("'#' are only supported at the start of a line")
}
line = strings.TrimPrefix(line, "export ")
parts := strings.SplitN(line, "=", 2)
if len(parts) != 2 {
return fmt.Errorf("RUNTIME/SETUP > unsupported line: %#v", line)
2022-02-03 11:35:42 +01:00
}
key := strings.TrimSpace(parts[0])
val := strings.TrimSpace(parts[1])
if strings.HasPrefix(val, "\"") {
if !strings.HasSuffix(val, "\"") {
return fmt.Errorf("RUNTIME/SETUP > unsupported line: %#v", line)
2022-02-03 11:35:42 +01:00
}
runes := []rune(val[1 : len(val)-1])
sb := strings.Builder{}
for i := 0; i < len(runes); i++ {
if runes[i] == '\\' {
i++
switch runes[i] {
case 'n':
sb.WriteRune('\n')
case 'r':
sb.WriteRune('\r')
case 't':
sb.WriteRune('\t')
case '"':
sb.WriteRune('"')
default:
return fmt.Errorf("RUNTIME/SETUP > unsupported escape sequence in quoted string: backslash %#v", runes[i])
2022-02-03 11:35:42 +01:00
}
continue
}
sb.WriteRune(runes[i])
}
val = sb.String()
}
os.Setenv(key, val)
}
return s.Err()
}
2022-03-15 08:29:29 +01:00
// Changes the processes user and group to that
// specified in the config.json. The go runtime
// takes care of all threads (and not only the calling one)
// executing the underlying systemcall.
2022-06-21 17:52:36 +02:00
func DropPrivileges(username string, group string) error {
if group != "" {
g, err := user.LookupGroup(group)
2022-02-03 11:35:42 +01:00
if err != nil {
log.Warn("Error while looking up group")
2022-02-03 11:35:42 +01:00
return err
}
gid, _ := strconv.Atoi(g.Gid)
if err := syscall.Setgid(gid); err != nil {
log.Warn("Error while setting gid")
2022-02-03 11:35:42 +01:00
return err
}
}
2022-06-21 17:52:36 +02:00
if username != "" {
u, err := user.Lookup(username)
2022-02-03 11:35:42 +01:00
if err != nil {
log.Warn("Error while looking up user")
2022-02-03 11:35:42 +01:00
return err
}
uid, _ := strconv.Atoi(u.Uid)
if err := syscall.Setuid(uid); err != nil {
log.Warn("Error while setting uid")
2022-02-03 11:35:42 +01:00
return err
}
}
return nil
}
// If started via systemd, inform systemd that we are running:
// https://www.freedesktop.org/software/systemd/man/sd_notify.html
2022-06-21 17:52:36 +02:00
func SystemdNotifiy(ready bool, status string) {
2022-02-03 11:35:42 +01:00
if os.Getenv("NOTIFY_SOCKET") == "" {
// Not started using systemd
return
}
args := []string{fmt.Sprintf("--pid=%d", os.Getpid())}
if ready {
args = append(args, "--ready")
}
if status != "" {
args = append(args, fmt.Sprintf("--status=%s", status))
}
cmd := exec.Command("systemd-notify", args...)
cmd.Run() // errors ignored on purpose, there is not much to do anyways.
}