verify that owner of config.php and updater process user are the same

Signed-off-by: Morris Jobke <[email protected]>
nextcloud · Nov 28, 2016 · 0c5204c · 0c5204c
1 parent 418e9c4
commit 0c5204c
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 0 deletions.
diff --git a/Changelog.md b/Changelog.md
@@ -1,3 +1,7 @@
+# 1.0.2 - 2016-11-28
+
+- CLI: verify that owner of config.php and updater process user are the same
+
 # 1.0.1 - 2016-11-25
 
 - CLI: if the instance is not installed the updater exits properly with a exit code of 0

diff --git a/Makefile b/Makefile
@@ -1,3 +1,5 @@
+.PHONY: updater.phar
+
 box:
 	curl -L https://github.com/box-project/box2/releases/download/2.7.4/box-2.7.4.phar -o box
 	chmod +x box

diff --git a/lib/UpdateCommand.php b/lib/UpdateCommand.php
@@ -84,6 +84,26 @@ protected function execute(InputInterface $input, OutputInterface $output) {
 			return -1;
 		}
 
+		if (!function_exists('posix_getuid')) {
+			$output->writeln("The posix extensions are required - see http://php.net/manual/en/book.posix.php");
+			return -1;
+		}
+
+		if($dir = getenv('NEXTCLOUD_CONFIG_DIR')) {
+			$configFileName = rtrim($dir, '/') . '/config.php';
+		} else {
+			$configFileName = $path . '/../config/config.php';
+		}
+		$user = posix_getpwuid(posix_getuid());
+		$configUser = posix_getpwuid(fileowner($configFileName));
+		if ($user['name'] !== $configUser['name']) {
+			$output->writeln("Console has to be executed with the user that owns the file config/config.php");
+			$output->writeln("Current user: " . $user['name']);
+			$output->writeln("Owner of config.php: " . $configUser['name']);
+			$output->writeln("Try adding 'sudo -u " . $configUser['name'] . " ' to the beginning of the command (without the single quotes)");
+			return -1;
+		}
+
 		// Check if the updater.log can be written to
 		try {
 			$this->updater->log('[info] updater cli is executed');