diff --git a/cmd/installer/subcommands/subcommands.go b/cmd/installer/subcommands/subcommands.go index 08572327ae8e88..52afdc92184748 100644 --- a/cmd/installer/subcommands/subcommands.go +++ b/cmd/installer/subcommands/subcommands.go @@ -7,8 +7,6 @@ package subcommands import ( - "fmt" - "github.com/DataDog/datadog-agent/cmd/installer/command" "github.com/DataDog/datadog-agent/cmd/installer/subcommands/daemon" "github.com/DataDog/datadog-agent/cmd/installer/user" @@ -42,7 +40,7 @@ func withRoot(factory command.SubcommandFactory) command.SubcommandFactory { return nil } if !user.IsRoot() { - return fmt.Errorf("this command requires root privileges") + return user.ErrRootRequired } return user.DatadogAgentToRoot() }) @@ -54,7 +52,7 @@ func withDatadogAgent(factory command.SubcommandFactory) command.SubcommandFacto return nil } if !user.IsRoot() { - return fmt.Errorf("this command requires root privileges") + return user.ErrRootRequired } return user.RootToDatadogAgent() }) diff --git a/cmd/installer/user/user_darwin.go b/cmd/installer/user/user_darwin.go index 8701d984ce683d..c19de4c2ebeb77 100644 --- a/cmd/installer/user/user_darwin.go +++ b/cmd/installer/user/user_darwin.go @@ -8,7 +8,13 @@ // Package user provides helpers to change the user of the process. package user -import "syscall" +import ( + "fmt" + "syscall" +) + +// ErrRootRequired is the error returned when an operation requires root privileges. +var ErrRootRequired = fmt.Errorf("operation requires root privileges") // IsRoot always returns true on darwin. func IsRoot() bool { diff --git a/cmd/installer/user/user_nix.go b/cmd/installer/user/user_nix.go index bf10f18a1248a3..90cdea6f02eb13 100644 --- a/cmd/installer/user/user_nix.go +++ b/cmd/installer/user/user_nix.go @@ -15,6 +15,9 @@ import ( "syscall" ) +// ErrRootRequired is the error returned when an operation requires root privileges. +var ErrRootRequired = fmt.Errorf("operation requires root privileges") + // IsRoot returns true if the process is running as root. func IsRoot() bool { return syscall.Getuid() == 0 diff --git a/cmd/installer/user/user_windows.go b/cmd/installer/user/user_windows.go index edb6823500263c..cd2b236be1e2b0 100644 --- a/cmd/installer/user/user_windows.go +++ b/cmd/installer/user/user_windows.go @@ -8,9 +8,22 @@ // Package user provides helpers to change the user of the process. package user -// IsRoot always returns true on windows. +import ( + "fmt" + + "github.com/DataDog/datadog-agent/pkg/util/winutil" +) + +// ErrRootRequired is the error returned when an operation requires Administrator privileges. +var ErrRootRequired = fmt.Errorf("operation requires Administrator privileges") + +// IsRoot returns true if token has Administrators group enabled func IsRoot() bool { - return true + isAdmin, err := winutil.IsUserAnAdmin() + if err != nil { + fmt.Printf("error checking if user is admin: %v\n", err) + } + return isAdmin } // RootToDatadogAgent is a noop on windows. diff --git a/pkg/util/winutil/users.go b/pkg/util/winutil/users.go index 171017a32cbac6..581bcdbf63afc4 100644 --- a/pkg/util/winutil/users.go +++ b/pkg/util/winutil/users.go @@ -56,7 +56,7 @@ func IsUserAnAdmin() (bool, error) { 0, 0, 0, 0, 0, 0, &administratorsGroup) if err != nil { - return false, fmt.Errorf("could not get local system SID: %w", err) + return false, fmt.Errorf("could not get Administrators group SID: %w", err) } defer windows.FreeSid(administratorsGroup)