-
Notifications
You must be signed in to change notification settings - Fork 250
/
os_groups_multiuser.go
60 lines (55 loc) · 1.86 KB
/
os_groups_multiuser.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
//go:build multiuser
package main
import (
"fmt"
"os/user"
)
// one instance per task
type OSGroups struct {
Task *TaskRun
// keep track of which groups we successfully update
AddedGroups []*user.Group
}
func (osGroups *OSGroups) Start() *CommandExecutionError {
groupNames := osGroups.Task.Payload.OSGroups
if len(groupNames) == 0 {
return nil
}
if config.RunTasksAsCurrentUser {
osGroups.Task.Infof("Not adding task user to group(s) %v since we are running as current user.", groupNames)
return nil
}
notAddedGroupNames := []string{}
for _, groupName := range groupNames {
err := addUserToGroup(taskContext.User.Name, groupName)
if err != nil {
notAddedGroupNames = append(notAddedGroupNames, groupName)
osGroups.Task.Errorf("[osGroups] Could not add task user to OS group %v: %v", groupName, err)
continue
}
group, err := user.LookupGroup(groupName)
if err != nil {
notAddedGroupNames = append(notAddedGroupNames, groupName)
osGroups.Task.Errorf("[osGroups] Could not look up group ID for OS group %v: %v", groupName, err)
continue
}
osGroups.AddedGroups = append(osGroups.AddedGroups, group)
}
if len(notAddedGroupNames) > 0 {
return MalformedPayloadError(fmt.Errorf("Could not add task user to OS group(s) %v", notAddedGroupNames))
}
return osGroups.refreshTaskCommands()
}
func (osGroups *OSGroups) Stop(err *ExecutionErrors) {
notRemovedGroupNames := []string{}
for _, group := range osGroups.AddedGroups {
e := removeUserFromGroup(taskContext.User.Name, group.Name)
if e != nil {
notRemovedGroupNames = append(notRemovedGroupNames, group.Name)
osGroups.Task.Errorf("[osGroups] Could not remove task user from OS group %v: %v", group, e)
}
}
if len(notRemovedGroupNames) > 0 {
err.add(executionError(internalError, errored, fmt.Errorf("Could not remove task user from OS group(s) %v", notRemovedGroupNames)))
}
}