chore: use os.Chown instead of calling chown command (#524)

Use os.Chown instead of calling chown command when changing ownership of
the aoc config files. Also fix the aoc running user to be `aoc` since
the environment override is not very useful but create more complicated
use cases.

Author: haojhcwa

pkg/userutils/userutil_linux.go

@@ -18,20 +18,23 @@
 package userutils
 
 import (
+	"fmt"
 	"log"
 	"os"
-	"os/exec"
-	gouser "os/user"
-	"strconv"
+	"path/filepath"
 	"syscall"
 
 	"github.com/opencontainers/runc/libcontainer/user"
 	"golang.org/x/sys/unix"
 )
 
-var defaultUser = "aoc"
+var aocUserName = "aoc"
 var defaultInstallPath = "/opt/aws/aws-otel-collector/"
 
+type ChownFunc func(name string, uid, gid int) error
+
+var chown ChownFunc = os.Chown
+
 // switchUser swithes the current process to new user
 func switchUser(execUser *user.ExecUser) error {
 	if err := unix.Setgroups(execUser.Sgids); err != nil {
@@ -76,73 +79,84 @@ func getRunAsExecUser(runasuser string) (*user.ExecUser, error) {
 // ChangeUser allow customers to run the collector in selected user
 // by default it ran as 'aoc' user but can be set by environment variable
 func ChangeUser() (string, error) {
-	runAsUser := getCustomUser()
-	log.Printf("I! Detected runAsUser: %v", runAsUser)
 
-	_, err := user.LookupUser(runAsUser)
+	_, err := user.LookupUser(aocUserName)
 	if err != nil {
-		log.Printf("E! User %s does not exist: %v", runAsUser, err)
+		log.Printf("E! User %s does not exist: %v", aocUserName, err)
 		return "root", err
 	}
 
-	if runAsUser == "root" {
-		return "root", nil
-	}
-
-	execUser, err := getRunAsExecUser(runAsUser)
+	execUser, err := getRunAsExecUser(aocUserName)
 	if err != nil {
 		log.Printf("E! Failed to getRunAsExecUser: %v", err)
-		return runAsUser, err
+		return aocUserName, err
 	}
 
-	changeFileOwner(runAsUser, execUser.Gid)
+	changeFileOwner(execUser.Uid, execUser.Gid)
 
 	if err := switchUser(execUser); err != nil {
-		log.Printf("E! failed switching to %q: %v", runAsUser, err)
-		return runAsUser, err
+		log.Printf("E! failed switching to %q: %v", aocUserName, err)
+		return aocUserName, err
 	}
 
-	return runAsUser, nil
+	return aocUserName, nil
 }
 
 // changeFileOwner changes the folder to new user as owner
-func changeFileOwner(runAsUser string, groupId int) {
-	group, err := gouser.LookupGroupId(strconv.Itoa(groupId))
-	owner := runAsUser
-	if err == nil {
-		owner = owner + ":" + group.Name
-	} else {
-		log.Printf("I! Failed to get the group name: %v, it will just change the user, but not group.", err)
-	}
-	log.Printf("I! Change ownership to %v", owner)
-
-	chowncmd := exec.Command("chown", "-R", "-L", owner, getInstallPath()+"logs")
-	stdoutStderr, err := chowncmd.CombinedOutput()
-	if err != nil {
-		log.Printf("E! Change ownership of %slogs: %s %v", getInstallPath(), stdoutStderr, err)
+func changeFileOwner(uid int, gid int) {
+	if err := chownRecursive(uid, gid, filepath.Join(getInstallPath(), "logs")); err != nil {
+		log.Printf("E! Change ownership of %slogs: %v", getInstallPath(), err)
 	}
 
-	chowncmd = exec.Command("chown", "-R", "-L", owner, getInstallPath()+"etc")
-	stdoutStderr, err = chowncmd.CombinedOutput()
-	if err != nil {
-		log.Printf("E! Change ownership of %setc: %s %v", getInstallPath(), stdoutStderr, err)
+	if err := chownRecursive(uid, gid, filepath.Join(getInstallPath(), "etc")); err != nil {
+		log.Printf("E! Change ownership of %setc: %v", getInstallPath(), err)
 	}
 
-	chowncmd = exec.Command("chown", "-R", "-L", owner, getInstallPath()+"var")
-	stdoutStderr, err = chowncmd.CombinedOutput()
-	if err != nil {
-		log.Printf("E! Change ownership of %svar: %s %v", getInstallPath(), stdoutStderr, err)
+	if err := chownRecursive(uid, gid, filepath.Join(getInstallPath(), "var")); err != nil {
+		log.Printf("E! Change ownership of %svar: %v", getInstallPath(), err)
 	}
-}
 
-// getCustomUser allows to override the default user
-func getCustomUser() string {
-	if user, ok := os.LookupEnv("AOT_RUN_USER"); ok {
-		defaultUser = user
-	}
-	return defaultUser
+	log.Printf("I! Change ownership to %v:%v", uid, gid)
 }
 
 func getInstallPath() string {
 	return defaultInstallPath
 }
+
+func chownRecursive(uid, gid int, dir string) error {
+
+	err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		fmode := info.Mode()
+		if fmode.IsRegular() {
+			if fmode&os.ModeSetuid != 0 || fmode&os.ModeSetgid != 0 {
+				return nil
+			}
+
+			if fmode.Perm()&0111 != 0 {
+				return nil
+			}
+
+			if fmode.Perm()&0002 != 0 {
+				return nil
+			}
+		}
+
+		if fmode&os.ModeSymlink != 0 {
+			return nil
+		}
+
+		if err := chown(path, uid, gid); err != nil {
+			return err
+		}
+		return nil
+	})
+
+	if err != nil {
+		return fmt.Errorf("error change owner of dir %s to %v:%v due to error: %w", dir, uid, gid, err)
+	}
+	return nil
+}

pkg/userutils/userutil_test.go

@@ -0,0 +1,107 @@
+// +build linux
+
+package userutils
+
+import (
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"reflect"
+	"testing"
+)
+
+type MockChowner struct {
+	chowns []chownEvent
+}
+
+type chownEvent struct {
+	path     string
+	uid, gid int
+}
+
+func (c *MockChowner) Chown(path string, uid, gid int) error {
+	c.chowns = append(c.chowns, chownEvent{path, uid, gid})
+	return nil
+}
+
+func TestChangeFileOwner(t *testing.T) {
+	base, err := ioutil.TempDir("", "testChown")
+	if err != nil {
+		t.Fatalf("failed to crate temp test folder: %v", err)
+	}
+	defer os.RemoveAll(base) // Post test clean up
+
+	// Override the agent dirs
+	defaultInstallPath = base
+	agentLogDir := filepath.Join(base, "logs")
+	agentEtcDir := filepath.Join(base, "etc")
+	agentVarDir := filepath.Join(base, "var")
+
+	linkedTo := filepath.Join(base, "file-to-be-linked-to.txt")
+	createFile(t, linkedTo, 0644)
+
+	// etc
+	createFile(t, filepath.Join(agentEtcDir, "normal-config.yaml"), 0644)
+
+	// var
+	createFile(t, filepath.Join(agentVarDir, "some-file-in-var"), 0644)
+
+	// Log files
+	createFile(t, filepath.Join(agentLogDir, "normal-log-file.log"), 0644)
+
+	// Files that should be excluded
+	createFile(t, filepath.Join(agentLogDir, "anyone-can-write.log"), 0666)
+	createFile(t, filepath.Join(agentLogDir, "suid-file.log"), 0644|os.ModeSetuid)
+	createFile(t, filepath.Join(agentLogDir, "sgid-file.log"), 0644|os.ModeSetgid)
+	createFile(t, filepath.Join(agentLogDir, "suid-and-sgid-file.log"), 0644|os.ModeSetuid|os.ModeSetgid)
+	createFile(t, filepath.Join(agentLogDir, "owner-executable.log"), 0744)
+	createFile(t, filepath.Join(agentLogDir, "group-executable.log"), 0654)
+	createFile(t, filepath.Join(agentLogDir, "other-executable.log"), 0645)
+	createFile(t, filepath.Join(agentLogDir, "all-executable.log"), 0755)
+	createSymlink(t, linkedTo, filepath.Join(agentLogDir, "link-to-other-file"))
+
+	// Call changeFileOwner
+	var mc MockChowner
+	chown = mc.Chown
+	const someUid, someGid = 1111, 9999
+	changeFileOwner(someUid, someGid)
+
+	expected := []chownEvent{
+		{filepath.Join(base, "logs"), someUid, someGid},
+		{filepath.Join(base, "logs/normal-log-file.log"), someUid, someGid},
+		{filepath.Join(base, "etc"), someUid, someGid},
+		{filepath.Join(base, "etc/normal-config.yaml"), someUid, someGid},
+		{filepath.Join(base, "var"), someUid, someGid},
+		{filepath.Join(base, "var/some-file-in-var"), someUid, someGid},
+	}
+
+	if !reflect.DeepEqual(mc.chowns, expected) {
+		t.Errorf("wrong files has been changed ownership, expecting\n%v\n\n but got\n%v", expected, mc.chowns)
+	}
+}
+
+func mkdir(t *testing.T, path string) {
+	if err := os.MkdirAll(path, 0755); err != nil {
+		t.Fatalf("failed to create dir %v: %v", path, err)
+	}
+}
+
+func createFile(t *testing.T, path string, mode os.FileMode) {
+	dir, _ := filepath.Split(path)
+	mkdir(t, dir)
+	f, err := os.Create(path)
+	if err != nil {
+		t.Fatalf("failed to create file %v: %v", path, err)
+	}
+	f.Close()
+
+	if err := os.Chmod(path, mode); err != nil {
+		t.Fatalf("failed to change file mode of %v to mode %o: %v", path, mode, err)
+	}
+}
+
+func createSymlink(t *testing.T, from, to string) {
+	if err := os.Symlink(from, to); err != nil {
+		t.Fatalf("failed to create symbolic link from %v to %v: %v", from, to, err)
+	}
+}