Use uzers crate to retrieve uid and gid

karencfv · Apr 18, 2024 · ed87a35 · ed87a35
1 parent f2ffd52
commit ed87a35
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 7 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -443,6 +443,7 @@ update-common = { path = "update-common" }
 update-engine = { path = "update-engine" }
 usdt = "0.5.0"
 uuid = { version = "1.7.0", features = ["serde", "v4"] }
+uzers = "0.11"
 walkdir = "2.4"
 whoami = "1.5"
 wicket = { path = "wicket" }

diff --git a/zone-setup/Cargo.toml b/zone-setup/Cargo.toml
@@ -14,3 +14,4 @@ dropshot.workspace = true
 tokio.workspace = true
 omicron-workspace-hack.workspace = true
 zone.workspace = true
+uzers.workspace = true
diff --git a/zone-setup/src/bin/zone-setup.rs b/zone-setup/src/bin/zone-setup.rs
@@ -17,10 +17,13 @@ use std::io::Write;
 use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
 use std::os::unix::fs::chown;
 use std::path::Path;
+use uzers::{get_group_by_name, get_user_by_name};
 
 pub const HOSTS_FILE: &str = "/etc/inet/hosts";
 pub const CHRONY_CONFIG_FILE: &str = "/etc/inet/chrony.conf";
 pub const LOGADM_CONFIG_FILE: &str = "/etc/logadm.d/chrony.logadm.conf";
+pub const ROOT: &str = "root";
+pub const SYS: &str = "sys";
 
 pub const COMMON_NW_CMD: &str = "common-networking";
 pub const OPTE_INTERFACE_CMD: &str = "opte-interface";
@@ -238,13 +241,35 @@ fn set_permissions_for_logadm_config() -> Result<(), CmdError> {
             ))
         })?;
 
-    chown(LOGADM_CONFIG_FILE, Some(0), Some(3)).map_err(|err| {
-        CmdError::Failure(anyhow!(
-            "Could not set ownership of logadm configuration file {}: {}",
-            LOGADM_CONFIG_FILE,
-            err
-        ))
-    })?;
+    let root_uid = match get_user_by_name(ROOT) {
+        Some(user) => user.uid(),
+        None => {
+            return Err(CmdError::Failure(anyhow!(format!(
+                "Could not retrieve ID from user: {}",
+                ROOT
+            ))))
+        }
+    };
+
+    let sys_gid = match get_group_by_name(SYS) {
+        Some(group) => group.gid(),
+        None => {
+            return Err(CmdError::Failure(anyhow!(format!(
+                "Could not retrieve ID from group: {}",
+                SYS
+            ))))
+        }
+    };
+
+    chown(LOGADM_CONFIG_FILE, Some(root_uid), Some(sys_gid)).map_err(
+        |err| {
+            CmdError::Failure(anyhow!(
+                "Could not set ownership of logadm configuration file {}: {}",
+                LOGADM_CONFIG_FILE,
+                err
+            ))
+        },
+    )?;
 
     Ok(())
 }