From 2c3fa63baaeb66847df983120700e702f749bc46 Mon Sep 17 00:00:00 2001 From: Erik Arvstedt Date: Sat, 4 Feb 2023 13:21:40 +0100 Subject: [PATCH] dev/features: improve `enter_service` Read uid/gid directly from the service pid. This makes this fn work with arbitrary services, and with `bitcoind`, where, for historical reasons, the service user name (`bitcoin`) doesn't equal the service name. --- dev/dev-features.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/dev/dev-features.sh b/dev/dev-features.sh index b06ce4f..76b3f6e 100644 --- a/dev/dev-features.sh +++ b/dev/dev-features.sh @@ -56,9 +56,10 @@ ls -al /var/lib/containers/nb-test # Start a shell in the context of a service process. # Must be run inside the container (enter with cmd `c`). enter_service() { - local name=$1 - nsenter --all -t "$(systemctl show -p MainPID --value "$name")" \ - --setuid "$(id -u "$name")" --setgid "$(id -g "$name")" bash + name=$1 + pid=$(systemctl show -p MainPID --value "$name") + IFS=- read -r uid gid < <(stat -c "%u-%g" "/proc/$pid") + nsenter --all -t "$pid" --setuid "$uid" --setgid "$gid" bash } enter_service clightning