Bugfix.
Bug was revealed through manual integration testing. Checks used to be ran as unpriviledged user instead of the actual service command (duh~).
This commit is contained in:
parent
15aa28ea86
commit
fbeece112a
@ -143,13 +143,6 @@ class Service
|
||||
puts " - #{check.name}"
|
||||
|
||||
child = Process.fork do
|
||||
@reference.user.try do |user|
|
||||
unless System.become_user user
|
||||
STDERR << "service: child could not setuid() to user '#{user}'.\n"
|
||||
exit 1
|
||||
end
|
||||
end
|
||||
|
||||
Process.exec "sh", ["-c", evaluate check.command], output: Process::Redirect::Inherit, error: Process::Redirect::Inherit
|
||||
end.wait
|
||||
|
||||
@ -171,6 +164,13 @@ class Service
|
||||
LibC.dup2 stdout_file.fd, 1
|
||||
LibC.dup2 stderr_file.fd, 2
|
||||
|
||||
@reference.user.try do |user|
|
||||
unless System.become_user user
|
||||
STDERR << "service: child could not setuid() to user '#{user}'.\n"
|
||||
exit 1
|
||||
end
|
||||
end
|
||||
|
||||
Process.exec command, args, chdir: @reference.directory
|
||||
end
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user