mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-15 11:07:00 +02:00
Code Issues Projects Releases Wiki Activity
8352661b35
vault/helper/osutil/fileinfo_unix.go
akshya96 8352661b35
Vault 3992 ToB Config and Plugins Permissions (#14817) 
* updating changes from ent PR

* adding changelog

* fixing err

* fixing semgrep error
2022-04-04 09:45:41 -07:00

54 lines
1.1 KiB
Go
Raw Blame History

//go:build !windows
package osutil
import (
"fmt"
"io/fs"
"os/user"
"strconv"
"syscall"
)
func FileUIDEqual(info fs.FileInfo, uid int) bool {
if stat, ok := info.Sys().(*syscall.Stat_t); ok {
path_uid := int(stat.Uid)
if path_uid == uid {
return true
}
}
return false
}
func FileGIDEqual(info fs.FileInfo, gid int) bool {
if stat, ok := info.Sys().(*syscall.Stat_t); ok {
path_gid := int(stat.Gid)
if path_gid == gid {
return true
}
}
return false
}
func FileUidMatch(info fs.FileInfo, path string, uid int) (err error) {
currentUser, err := user.Current()
if err != nil {
return fmt.Errorf("failed to get details of current process owner. The error is: %w", err)
}
switch uid {
case 0:
currentUserUid, err := strconv.Atoi(currentUser.Uid)
if err != nil {
return fmt.Errorf("failed to convert uid %q to int. The error is: %w", currentUser.Uid, err)
}
if !FileUIDEqual(info, currentUserUid) {
return fmt.Errorf("path %q is not owned by my uid %s", path, currentUser.Uid)
}
default:
if !FileUIDEqual(info, uid) {
return fmt.Errorf("path %q is not owned by uid %d", path, uid)
}
}
return err
}
Reference in New Issue View Git Blame Copy Permalink