diff --git a/exec.go b/exec.go index 675f12fb905..ad8a369a5dd 100644 --- a/exec.go +++ b/exec.go @@ -219,9 +219,9 @@ func getProcess(context *cli.Context, bundle string) (*specs.Process, error) { } p := spec.Process p.Args = context.Args()[1:] - // override the cwd, if passed - if context.String("cwd") != "" { - p.Cwd = context.String("cwd") + // Override the cwd, if passed. + if cwd := context.String("cwd"); cwd != "" { + p.Cwd = cwd } if ap := context.String("apparmor"); ap != "" { p.ApparmorProfile = ap @@ -240,27 +240,24 @@ func getProcess(context *cli.Context, bundle string) (*specs.Process, error) { // append the passed env variables p.Env = append(p.Env, context.StringSlice("env")...) - // set the tty - p.Terminal = false - if context.IsSet("tty") { - p.Terminal = context.Bool("tty") - } + // Always set tty to false, unless explicitly enabled from CLI. + p.Terminal = context.Bool("tty") if context.IsSet("no-new-privs") { p.NoNewPrivileges = context.Bool("no-new-privs") } - // override the user, if passed - if context.String("user") != "" { - u := strings.SplitN(context.String("user"), ":", 2) + // Override the user, if passed. + if user := context.String("user"); user != "" { + u := strings.SplitN(user, ":", 2) if len(u) > 1 { gid, err := strconv.Atoi(u[1]) if err != nil { - return nil, fmt.Errorf("parsing %s as int for gid failed: %w", u[1], err) + return nil, fmt.Errorf("bad gid: %w", err) } p.User.GID = uint32(gid) } uid, err := strconv.Atoi(u[0]) if err != nil { - return nil, fmt.Errorf("parsing %s as int for uid failed: %w", u[0], err) + return nil, fmt.Errorf("bad uid: %w", err) } p.User.UID = uint32(uid) } diff --git a/script/keyring_validate.sh b/script/keyring_validate.sh index 20a0b85618f..cb331f62e10 100755 --- a/script/keyring_validate.sh +++ b/script/keyring_validate.sh @@ -73,7 +73,7 @@ echo "------------------------------------------------------------" gpg --show-keys <"$root/$project.keyring" echo "------------------------------------------------------------" -# Check that each entry in the kering is actually a maintainer's key. +# Check that each entry in the keyring is actually a maintainer's key. while IFS="" read -d $'\0' -r block || [ -n "$block" ]; do username="$(sed -En "s|^Comment:.* github=(\w+).*|\1|p" <<<"$block")"