From 5e7eb6e9a80493cd5ce15478cebb93a592c88120 Mon Sep 17 00:00:00 2001 From: Alexey Lesovsky Date: Wed, 31 Mar 2021 17:43:49 +0500 Subject: [PATCH] Choose default user depending on auto-update, use root when enabled, and postgres otherwise. --- doc/setup-pgscv-targz.md | 5 +++-- internal/packaging/autoupdate/autoupdate.go | 2 +- internal/packaging/bootstrap/bootstrap.go | 4 +++- internal/pgscv/pgscv.go | 2 +- 4 files changed, 8 insertions(+), 5 deletions(-) diff --git a/doc/setup-pgscv-targz.md b/doc/setup-pgscv-targz.md index 4ae33350..97cef596 100644 --- a/doc/setup-pgscv-targz.md +++ b/doc/setup-pgscv-targz.md @@ -91,9 +91,10 @@ wget https://github.com/weaponry/pgscv/releases/download/v0.4.17/pgscv_0.4.17_li tar xvzf pgscv_0.4.17_linux_amd64.tar.gz ``` -Specify all necessary environment variables and run pgSCV with `--bootstrap` flag: +Specify all necessary environment variables and run pgSCV with `--bootstrap` flag. +**NOTE**: these settings enable auto-update and run service under `root` user. This is necessary because auto-update restarts service using systemd and root privileges required. You can use `sudo` and allow to restart the service to unprivileged user. ``` -sudo -E PGSCV_RUN_AS_USER=postgres \ +sudo -E PGSCV_RUN_AS_USER=root \ PGSCV_SEND_METRICS_URL="https://push.weaponry.io" \ PGSCV_AUTOUPDATE=stable \ PGSCV_API_KEY=12345678-0000-1111-2222-1234567890ab \ diff --git a/internal/packaging/autoupdate/autoupdate.go b/internal/packaging/autoupdate/autoupdate.go index 4a057902..52dcd611 100644 --- a/internal/packaging/autoupdate/autoupdate.go +++ b/internal/packaging/autoupdate/autoupdate.go @@ -124,7 +124,7 @@ func runUpdate(c *Config) error { // Explicit cleanup, because after restart execution of the code will interrupted. doCleanup(workDir) - log.Infof("auto-update from '%s' to '%s' has been successful", c.BinaryVersion, distVersion) + log.Infof("auto-update executable from '%s' to '%s' has been successful", c.BinaryVersion, distVersion) // Restart the service. err = restartSystemdService() diff --git a/internal/packaging/bootstrap/bootstrap.go b/internal/packaging/bootstrap/bootstrap.go index eab469c1..b64cdbc6 100644 --- a/internal/packaging/bootstrap/bootstrap.go +++ b/internal/packaging/bootstrap/bootstrap.go @@ -78,7 +78,9 @@ type Config struct { func (c *Config) Validate() error { log.Infoln("Validate bootstrap configuration") - if c.RunAsUser == "" { + if c.RunAsUser == "" && c.AutoUpdate != "" { + c.RunAsUser = "root" + } else if c.RunAsUser == "" { c.RunAsUser = "postgres" } diff --git a/internal/pgscv/pgscv.go b/internal/pgscv/pgscv.go index 80fd57e8..e5eaa4bb 100644 --- a/internal/pgscv/pgscv.go +++ b/internal/pgscv/pgscv.go @@ -299,7 +299,7 @@ func (s *sendClient) sendMetrics(buf []byte) error { // addDelay increments passed delay to random value between 1 and 10 seconds. func addDelay(d time.Duration) time.Duration { sec := int(math.Max(float64(d/time.Second), 1)) - sec = int(math.Min(float64(sec+rand.New(rand.NewSource(time.Now().Unix())).Intn(9))+1, 60)) // #nosec G404 + sec = int(math.Min(float64(sec+rand.Intn(9))+1, 60)) // #nosec G404 return time.Duration(sec) * time.Second }