stackabletech · siegfriedweber · Mar 11, 2021 · Mar 4, 2021 · Mar 5, 2021 · Mar 8, 2021
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -38,6 +38,11 @@ phf = { version = "0.7.24", features = ["macros"] }
 dbus = "0.9.2"
 hostname = "0.3"
 shellexpand = "2.1"
+regex = "1"
+nix = "0.20"
+lazy_static = "1"
+strum = { version = "0.20", features = ["derive"] }
+strum_macros = "0.20"
 
 [dev-dependencies]
 indoc = "1.0"
@@ -55,4 +60,4 @@ systemd-units = { enable = false }
 assets = [
     ["packaging/config/agent.conf", "etc/stackable-agent/", "644"],
     ["target/release/agent", "opt/stackable-agent/stackable-agent", "755"],
-]
+]
diff --git a/src/fsext.rs b/src/fsext.rs
@@ -0,0 +1,64 @@
+//! Filesystem manipulation operations.
+//!
+//! This module contains additional operations which are not present in
+//! `std::fs` and `std::os::$platform`.
+
+use anyhow::{anyhow, Result};
+use nix::unistd;
+use std::path::Path;
+
+/// User identifier
+pub struct Uid(unistd::Uid);
+
+impl Uid {
+    /// Gets a Uid by user name.
+    ///
+    /// If no user with the given `user_name` exists then `Ok(None)` is returned.
+    ///
+    /// # Errors
+    ///
+    /// If this function encounters any form of I/O or other error, an error
+    /// variant will be returned.
+    pub fn from_name(user_name: &str) -> Result<Option<Uid>> {
+        match unistd::User::from_name(user_name) {
+            Ok(maybe_user) => Ok(maybe_user.map(|user| Uid(user.uid))),
+            Err(err) => Err(anyhow!("Could not retrieve user [{}]. {}", user_name, err)),
+        }
+    }
+}
+
+/// Changes the ownership of the file or directory at `path` to be owned by the
+/// given `uid`.
+///
+/// # Errors
+///
+/// If this function encounters any form of I/O or other error, an error
+/// variant will be returned.
+pub fn change_owner(path: &Path, uid: &Uid) -> Result<()> {
+    Ok(unistd::chown(path, Some(uid.0), None)?)
+}
+
+/// Changes the ownership of the file or directory at `path` recursively to be
+/// owned by the given `uid`.
+///
+/// # Errors
+///
+/// If this function encounters any form of I/O or other error, an error
+/// variant will be returned.
+pub fn change_owner_recursively(root_path: &Path, uid: &Uid) -> Result<()> {
+    visit_recursively(root_path, &|path| change_owner(path, uid))
+}
+
+/// Calls the function `cb` on the given `path` and its contents recursively.
+fn visit_recursively<F>(path: &Path, cb: &F) -> Result<()>
+where
+    F: Fn(&Path) -> Result<()>,
+{
+    cb(path)?;
+    if path.is_dir() {
+        for entry in path.read_dir()? {
+            visit_recursively(entry?.path().as_path(), cb)?;
+        }
+    }
+    Ok(())
+}
diff --git a/src/lib.rs b/src/lib.rs
@@ -1,2 +1,3 @@
 pub mod config;
+pub mod fsext;
 pub mod provider;
diff --git a/src/provider/states/creating_config.rs b/src/provider/states/creating_config.rs
@@ -425,12 +425,11 @@ mod tests {
 
         // Test if an undefined variable leads to an error
         let template_with_undefined_var = "{{var4}}test";
-        let result = CreatingConfig::render_config_template(&context, template_with_undefined_var);
+        let _ = CreatingConfig::render_config_template(&context, template_with_undefined_var);
 
-        match CreatingConfig::render_config_template(&context, template_with_undefined_var) {
-            Ok(_) => assert!(false),
-            Err(_) => {}
-        }
+        assert!(
+            CreatingConfig::render_config_template(&context, template_with_undefined_var).is_err()
+        );
     }
 
     #[test]

diff --git a/src/provider/states/creating_service.rs b/src/provider/states/creating_service.rs
@@ -32,6 +32,8 @@ impl State<PodState> for CreatingService {
             }
         }
 
+        let user_mode = pod_state.systemd_manager.is_user_mode();
+
         // Naming schema
         //  Service name: `namespace-podname`
         //  SystemdUnit: `namespace-podname-containername`
@@ -40,7 +42,7 @@ impl State<PodState> for CreatingService {
 
         // Create a template from those settings that are derived directly from the pod, not
         // from container objects
-        let unit_template = match SystemDUnit::new_from_pod(&pod) {
+        let unit_template = match SystemDUnit::new_from_pod(&pod, user_mode) {
             Ok(unit) => unit,
             Err(pod_error) => {
                 error!(
@@ -58,7 +60,13 @@ impl State<PodState> for CreatingService {
             .containers()
             .iter()
             .map(|container| {
-                SystemDUnit::new(&unit_template, &service_prefix, container, pod_state)
+                SystemDUnit::new(
+                    &unit_template,
+                    &service_prefix,
+                    container,
+                    user_mode,
+                    pod_state,
+                )
             })
             .collect()
         {

diff --git a/src/provider/systemdmanager/manager.rs b/src/provider/systemdmanager/manager.rs
@@ -17,7 +17,7 @@ use std::path::PathBuf;
 use std::time::Duration;
 
 /// Enum that lists the supported unit types
-#[derive(Clone, Debug)]
+#[derive(Clone, Debug, Eq, PartialEq)]
 pub enum UnitTypes {
     Service,
 }
@@ -35,6 +35,7 @@ pub struct SystemdManager {
     units_directory: PathBuf,
     connection: SyncConnection, //TODO does this need to be closed?
     timeout: Duration,
+    user_mode: bool, // TODO Use the same naming (user_mode or session_mode) everywhere
 }
 
 /// By default the manager will connect to the system-wide instance of systemd,
@@ -73,9 +74,14 @@ impl SystemdManager {
             units_directory,
             connection,
             timeout,
+            user_mode,
         })
     }
 
+    pub fn is_user_mode(&self) -> bool {
+        self.user_mode
+    }
+
     // The main method for interacting with dbus, all other functions will delegate the actual
     // dbus access to this function.
     // Private on purpose as this should not be used by external dependencies