diff --git a/src/ahriman/core/utils.py b/src/ahriman/core/utils.py index 2922c8e7..065eebf4 100644 --- a/src/ahriman/core/utils.py +++ b/src/ahriman/core/utils.py @@ -192,7 +192,7 @@ def check_user(root: Path, *, unsafe: bool) -> None: if unsafe: return # unsafe flag is enabled, no check performed - current_uid = os.getuid() + current_uid = os.geteuid() root_uid, _ = owner(root) if current_uid != root_uid: diff --git a/src/ahriman/models/repository_paths.py b/src/ahriman/models/repository_paths.py index 45ced996..d0e48ce9 100644 --- a/src/ahriman/models/repository_paths.py +++ b/src/ahriman/models/repository_paths.py @@ -239,7 +239,7 @@ class RepositoryPaths(LazyLogging): # the reason we do this is that it only works if permissions can be actually changed. Hence, # non-privileged user (e.g. personal user or ahriman user) can't change permissions. # The only one who can do so is root, so if user is not root we just terminate function - current_uid, current_gid = os.getuid(), os.getgid() + current_uid, current_gid = os.geteuid(), os.getegid() if current_uid != 0: yield return diff --git a/tests/ahriman/core/test_utils.py b/tests/ahriman/core/test_utils.py index a178de42..b43e38c8 100644 --- a/tests/ahriman/core/test_utils.py +++ b/tests/ahriman/core/test_utils.py @@ -160,7 +160,7 @@ def test_check_user(repository_id: RepositoryId, mocker: MockerFixture) -> None: must check user correctly """ paths = RepositoryPaths(Path.cwd(), repository_id) - mocker.patch("os.getuid", return_value=paths.root_owner[0]) + mocker.patch("os.geteuid", return_value=paths.root_owner[0]) check_user(paths.root, unsafe=False) @@ -177,7 +177,7 @@ def test_check_user_exception(repository_id: RepositoryId, mocker: MockerFixture must raise exception if user differs """ paths = RepositoryPaths(Path.cwd(), repository_id) - mocker.patch("os.getuid", return_value=paths.root_owner[0] + 1) + mocker.patch("os.geteuid", return_value=paths.root_owner[0] + 1) with pytest.raises(UnsafeRunError): check_user(paths.root, unsafe=False) @@ -188,7 +188,7 @@ def test_check_user_unsafe(repository_id: RepositoryId, mocker: MockerFixture) - must skip check if unsafe flag is set """ paths = RepositoryPaths(Path.cwd(), repository_id) - mocker.patch("os.getuid", return_value=paths.root_owner[0] + 1) + mocker.patch("os.geteuid", return_value=paths.root_owner[0] + 1) check_user(paths.root, unsafe=True) diff --git a/tests/ahriman/models/test_repository_paths.py b/tests/ahriman/models/test_repository_paths.py index 0dca3156..3efed6b3 100644 --- a/tests/ahriman/models/test_repository_paths.py +++ b/tests/ahriman/models/test_repository_paths.py @@ -198,8 +198,8 @@ def test_preserve_owner(tmp_path: Path, repository_id: RepositoryId, mocker: Moc """ must preserve file owner during operations """ - mocker.patch("os.getuid", return_value=0) - mocker.patch("os.getgid", return_value=0) + mocker.patch("os.geteuid", return_value=0) + mocker.patch("os.getegid", return_value=0) seteuid_mock = mocker.patch("os.seteuid") setegid_mock = mocker.patch("os.setegid") @@ -214,8 +214,8 @@ def test_preserve_owner_exception(tmp_path: Path, repository_id: RepositoryId, m """ must return to original uid and gid even during exception """ - mocker.patch("os.getuid", return_value=0) - mocker.patch("os.getgid", return_value=0) + mocker.patch("os.geteuid", return_value=0) + mocker.patch("os.getegid", return_value=0) mocker.patch("pathlib.Path.mkdir", side_effect=Exception) seteuid_mock = mocker.patch("os.seteuid") setegid_mock = mocker.patch("os.setegid") @@ -232,8 +232,8 @@ def test_preserve_owner_non_root(tmp_path: Path, repository_id: RepositoryId, mo """ must skip processing if user is not root """ - mocker.patch("os.getuid", return_value=42) - mocker.patch("os.getgid", return_value=42) + mocker.patch("os.geteuid", return_value=42) + mocker.patch("os.getegid", return_value=42) repository_paths = RepositoryPaths(tmp_path, repository_id) seteuid_mock = mocker.patch("os.seteuid") setegid_mock = mocker.patch("os.setegid")