Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set right ownership for created files #37

Open
alegrey91 opened this issue Aug 15, 2024 · 1 comment
Open

Set right ownership for created files #37

alegrey91 opened this issue Aug 15, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@alegrey91
Copy link
Owner

Currently harpoon needs root privileges to run.
When we run harpoon, this creates several files with root ownership, making them unaccessible by the user who ran the command to create them.
We should add the ability to create these files with the ownership of the user that ran the command.
@alegrey91 alegrey91 added the enhancement New feature or request label Aug 15, 2024
@alegrey91 alegrey91 changed the title Set right ownership to created files Set right ownership for created files Aug 31, 2024
@alessio-perugini
Copy link
Contributor

alessio-perugini commented Dec 22, 2024
edited
Loading

We can use the following syscalls to drop the sudo privilege:

Main problem:

  • If we run harpoon as sudo, we are not able to see the uid of the user who invoked it. Calling the os.Geteuid() will return 0.

Possible solutions:

  • After invoking the necessary code as sudo, we could drop the privilege to be nobody or set it to be uid:1000.
  • Make configurable the uid/gid that we want to use when writing files. Through flags/envs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alessio-perugini @alegrey91