From 4828a2f0b581bf52bf8bf1254ef4a2768dae4982 Mon Sep 17 00:00:00 2001
From: brl <bruce@subgraph.com>
Date: Fri, 5 Jun 2015 12:34:50 -0400
Subject: [PATCH] Pass user uid when launching oz-init

---
 oz-daemon/daemon.go |  8 +++++---
 oz-daemon/launch.go | 14 ++++++++++----
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/oz-daemon/daemon.go b/oz-daemon/daemon.go
index a857635..d20eba5 100644
--- a/oz-daemon/daemon.go
+++ b/oz-daemon/daemon.go
@@ -8,6 +8,7 @@ import (
 	"github.com/subgraph/oz/ipc"
 	"syscall"
 	"github.com/subgraph/oz/fs"
+	"os/user"
 )
 
 type daemonState struct {
@@ -95,8 +96,7 @@ func (d *daemonState) handleLaunch(msg *LaunchMsg, m *ipc.Message) error {
 		return m.Respond(&ErrorMsg{err.Error()})
 	}
 	d.Debug("Would launch %s", p.Name)
-
-	_,err = d.launch(p)
+	_,err = d.launch(p, m.Ucred.Uid)
 	if err != nil {
 		d.Warning("launch of %s failed: %v", p.Name, err)
 		return m.Respond(&ErrorMsg{err.Error()})
@@ -139,7 +139,9 @@ func (d *daemonState) handleClean(clean *CleanMsg, msg *ipc.Message) error {
 			return msg.Respond(&ErrorMsg{errmsg})
 		}
 	}
-	fs := fs.NewFromProfile(p, d.log)
+	// XXX
+	u,_ := user.Current()
+	fs := fs.NewFromProfile(p, u, d.log)
 	if err := fs.Cleanup(); err != nil {
 		return msg.Respond(&ErrorMsg{err.Error()})
 	}
diff --git a/oz-daemon/launch.go b/oz-daemon/launch.go
index 96c59c4..abefba7 100644
--- a/oz-daemon/launch.go
+++ b/oz-daemon/launch.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"io"
 	"bufio"
+	"os/user"
 )
 
 const initPath = "/usr/local/bin/oz-init"
@@ -35,7 +36,7 @@ func findSandbox(id int) *Sandbox {
 */
 const initCloneFlags = syscall.CLONE_NEWNS | syscall.CLONE_NEWIPC | syscall.CLONE_NEWPID | syscall.CLONE_NEWUTS
 
-func createInitCommand(addr, name, chroot string) *exec.Cmd {
+func createInitCommand(addr, name, chroot string, uid uint32) *exec.Cmd {
 	cmd := exec.Command(initPath)
 	cmd.Dir = "/"
 	cmd.SysProcAttr = &syscall.SysProcAttr{
@@ -45,12 +46,17 @@ func createInitCommand(addr, name, chroot string) *exec.Cmd {
 	cmd.Env = []string{
 		"INIT_ADDRESS="+addr,
 		"INIT_PROFILE="+name,
+		fmt.Sprintf("INIT_UID=%d", uid),
 	}
 	return cmd
 }
 
-func (d *daemonState) launch(p *oz.Profile) (*Sandbox, error) {
-	fs := fs.NewFromProfile(p, d.log)
+func (d *daemonState) launch(p *oz.Profile, uid uint32) (*Sandbox, error) {
+	u,err := user.LookupId(fmt.Sprintf("%d", uid))
+	if err != nil {
+		return nil, fmt.Errorf("failed to lookup user for uid=%d: %v", uid, err)
+	}
+	fs := fs.NewFromProfile(p, u, d.log)
 	if err := fs.Setup(); err != nil {
 		return nil, err
 	}
@@ -58,7 +64,7 @@ func (d *daemonState) launch(p *oz.Profile) (*Sandbox, error) {
 	if err != nil {
 		return nil, err
 	}
-	cmd := createInitCommand(addr, p.Name, fs.Root())
+	cmd := createInitCommand(addr, p.Name, fs.Root(), uid)
 	pp,err := cmd.StderrPipe()
 	if err != nil {
 		fs.Cleanup()