Merge pull request 'Add uid and gid' (#2) from uid into master

Reviewed-on: #2
2022-12-29 13:59:46 +00:00 · 2022-12-29 13:59:46 +00:00 · cef1c1540a
parent 7e56a15352 4526f00f7b
commit cef1c1540a
2 changed files with 15 additions and 1 deletions
--- a/cmd/weblug/config.go
+++ b/cmd/weblug/config.go
@ -6,6 +6,7 @@ import (
 	"os/exec"
 	"strings"
 	"sync/atomic"
+	"syscall"

 	"gopkg.in/yaml.v2"
 )
@ -26,6 +27,8 @@ type Hook struct {
 	Background     bool   `yaml:"background"`  // Run in background
 	Concurrency    int    `yaml:"concurrency"` // Number of allowed concurrent runs
 	concurrentRuns int32  // Number of current concurrent runs
+	UID            int    `yaml:"uid"` // UID to use when running the command
+	GID            int    `yaml:"gid"` // GID to use when running the command
 }

 func (cf *Config) SetDefaults() {
@ -88,5 +91,14 @@ func (hook *Hook) Run() error {
 		args = split[1:]
 	}
 	cmd := exec.Command(split[0], args...)
-	return cmd.Run()
+	cmd.SysProcAttr = &syscall.SysProcAttr{}
+	cmd.SysProcAttr.Credential = &syscall.Credential{}
+	if hook.UID > 0 {
+		cmd.SysProcAttr.Credential.Uid = uint32(hook.UID)
+	}
+	if hook.GID > 0 {
+		cmd.SysProcAttr.Credential.Gid = uint32(hook.GID)
+	}
+	ret := cmd.Run()
+	return ret
 }
--- a/weblug.yaml
+++ b/weblug.yaml
@ -20,4 +20,6 @@ hooks:
  - name: 'hook 3'
    route: "/webhooks/data/3"
    command: "/srv/fetch-new-data.sh"
+    uid: 100                # Run command as system user id (uid) 100
+    gid: 200                # Run command with system group id (gid) 200
    concurrency: 1          # No concurrency. Returns 500 on parallel requests