Skip to content

Commit

Permalink
Fix linter issues
Browse files Browse the repository at this point in the history
  • Loading branch information
emilioalvap committed Apr 21, 2022
1 parent 56444d1 commit 0be900f
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
16 changes: 8 additions & 8 deletions heartbeat/security/security.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func init() {
// rather than relying on errors from `setcap`
_ = setCapabilities()

err := setSeccompRules()
err = setSeccompRules()
if err != nil {
panic(err)
}
Expand All @@ -71,33 +71,33 @@ func changeUser(localUserName string) error {
if err != nil {
return fmt.Errorf("could not lookup '%s': %w", localUser, err)
}
localUserUid, err := strconv.Atoi(localUser.Uid)
localUserUID, err := strconv.Atoi(localUser.Uid)
if err != nil {
return fmt.Errorf("could not parse UID '%s' as int: %w", localUser.Uid, err)
}
localUserGid, err := strconv.Atoi(localUser.Gid)
localUserGID, err := strconv.Atoi(localUser.Gid)
if err != nil {
return fmt.Errorf("could not parse GID '%s' as int: %w", localUser.Uid, err)
}
// We include the root group because the docker image contains many directories (data,logs)
// that are owned by root:root with 0775 perms. The heartbeat user is in both groups
// in the container, but we need to repeat that here.
err = syscall.Setgroups([]int{localUserGid, 0})
err = syscall.Setgroups([]int{localUserGID, 0})
if err != nil {
return fmt.Errorf("could not set groups: %w", err)
}

// Set the main group as localUserUid so new files created are owned by the user's group
err = syscall.Setgid(localUserGid)
err = syscall.Setgid(localUserGID)
if err != nil {
return fmt.Errorf("could not set gid to %d: %w", localUserGid, err)
return fmt.Errorf("could not set gid to %d: %w", localUserGID, err)
}

// Note this is not the regular SetUID! Look at the 'cap' package docs for it, it preserves
// capabilities post-SetUID, which we use to lock things down immediately
err = cap.SetUID(localUserUid)
err = cap.SetUID(localUserUID)
if err != nil {
return fmt.Errorf("could not setuid to %d: %w", localUserUid, err)
return fmt.Errorf("could not setuid to %d: %w", localUserUID, err)
}

// This may not be necessary, but is good hygiene, we do some shelling out to node/npm etc.
Expand Down
2 changes: 1 addition & 1 deletion libbeat/paths/paths.go
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ func (paths *Path) InitPaths(cfg *Path) error {
// make sure the data path exists
err = os.MkdirAll(paths.Data, 0770)
if err != nil {
return fmt.Errorf("Failed to create data path %s: %v", paths.Data, err)
return fmt.Errorf("failed to create data path %s: %w", paths.Data, err)
}

return nil
Expand Down

0 comments on commit 0be900f

Please sign in to comment.