Sha256: d4e938acb6ef7a48dd89655c43f95f30497bba735e2381cf9209d04a535bafda

Contents?: true

Size: 1.2 KB

Versions: 3

Compression:

Stored size: 1.2 KB

Contents

# frozen_string_literal: true

require "fusuma/custom_process"
require "etc"

module Fusuma
  module Plugin
    module Appmatcher
      # Drop sudo privileges
      class UserSwitcher
        include CustomProcess
        User = Struct.new(:username, :uid, :gid)

        attr_reader :login_user

        def initialize
          username = ENV["SUDO_USER"] || Etc.getlogin
          uid = `id -u #{username}`.chomp.to_i
          gid = `id -g #{username}`.chomp.to_i
          @login_user = User.new(username, uid, gid)
        end

        # Drops privileges to that of the specified user
        def drop_priv(user)
          # Process.initgroups(user.username, user.gid)
          Process::Sys.setegid(user.gid)
          Process::Sys.setgid(user.gid)
          Process::Sys.setuid(user.uid)
        end

        # Execute the provided block in a child process as the specified user
        # The parent blocks until the child finishes.
        def as_user(user = @login_user, proctitle:)
          self.proctitle = "#{self.class.name.underscore}(#{user.username}) -> #{proctitle}"

          fork do
            drop_priv(user)
            yield(user) if block_given?
          end
        end
      end
    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
fusuma-plugin-appmatcher-0.4.0 lib/fusuma/plugin/appmatcher/user_switcher.rb
fusuma-plugin-appmatcher-0.3.1 lib/fusuma/plugin/appmatcher/user_switcher.rb
fusuma-plugin-appmatcher-0.3.0 lib/fusuma/plugin/appmatcher/user_switcher.rb