mirror of
https://github.com/fleetdm/fleet
synced 2026-05-15 04:58:25 +00:00
c97a0e2363
For https://github.com/fleetdm/fleet/issues/9943 This will help us avoid issues like this where the log message never worked right: https://github.com/fleetdm/fleet/pull/28296#discussion_r2047505191 Most of the changes are no-op type changes like removing unneeded typecast or disabling gosec on reviewed lines of code # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Input data is properly validated, `SELECT *` is avoided, SQL injection is prevented (using placeholders for values in statements) - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality - For Orbit and Fleet Desktop changes: - [x] Make sure fleetd is compatible with the latest released version of Fleet (see [Must rule](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/fleetd-development-and-release-strategy.md)). - [x] Orbit runs on macOS, Linux and Windows. Check if the orbit feature/bugfix should only apply to one platform (`runtime.GOOS`). - [x] Manual QA must be performed in the three main OSs, macOS, Windows and Linux. - [x] Auto-update manual QA, from released version of component to new version (see [tools/tuf/test](../tools/tuf/test/README.md)).
121 lines
3.2 KiB
Go
121 lines
3.2 KiB
Go
//go:build !windows
|
|
// +build !windows
|
|
|
|
package platform
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"os"
|
|
"strings"
|
|
|
|
"github.com/fleetdm/fleet/v4/orbit/pkg/constant"
|
|
gopsutil_process "github.com/shirou/gopsutil/v3/process"
|
|
)
|
|
|
|
// ChmodRestrictFile sets the appropriate permissions on a file so it can not be read by everyone
|
|
// On POSIX this is a normal chmod call.
|
|
func ChmodRestrictFile(path string) error {
|
|
if err := os.Chmod(path, constant.DefaultFileMode); err != nil {
|
|
return fmt.Errorf("chmod restrict file: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ChmodExecutableDirectory sets the appropriate permissions on an executable
|
|
// file. On POSIX this is a normal chmod call.
|
|
func ChmodExecutableDirectory(path string) error {
|
|
if err := os.Chmod(path, constant.DefaultDirMode); err != nil {
|
|
return fmt.Errorf("chmod executable directory: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// ChmodExecutable sets the appropriate permissions on the parent directory of
|
|
// an executable file. On POSIX this is a regular chmod call.
|
|
func ChmodExecutable(path string) error {
|
|
if err := os.Chmod(path, constant.DefaultExecutableMode); err != nil {
|
|
return fmt.Errorf("chmod executable: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SignalProcessBeforeTerminate just force terminate the target process
|
|
// Signaling the child process before termination is not supported on non-windows OSes
|
|
func SignalProcessBeforeTerminate(processName string) error {
|
|
if processName == "" {
|
|
return errors.New("processName should not be empty")
|
|
}
|
|
|
|
if err := killProcessByName(constant.DesktopAppExecName); err != nil && !errors.Is(err, ErrProcessNotFound) {
|
|
return fmt.Errorf("There was an error kill target process %s: %w", processName, err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// GetProcessesByName gets all running processes by its name.
|
|
// Returns ErrProcessNotFound if the process was not found running.
|
|
func GetProcessesByName(name string) ([]*gopsutil_process.Process, error) {
|
|
if name == "" {
|
|
return nil, errors.New("process name should not be empty")
|
|
}
|
|
|
|
processes, err := gopsutil_process.Processes()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var foundProcesses []*gopsutil_process.Process
|
|
for _, process := range processes {
|
|
processName, err := process.Name()
|
|
if err != nil {
|
|
// No need to print errors here as this method might file for system processes
|
|
continue
|
|
}
|
|
|
|
if strings.HasPrefix(processName, name) {
|
|
foundProcesses = append(foundProcesses, process)
|
|
break
|
|
}
|
|
}
|
|
|
|
if len(foundProcesses) == 0 {
|
|
return nil, ErrProcessNotFound
|
|
}
|
|
|
|
return foundProcesses, nil
|
|
}
|
|
|
|
func GetSMBiosUUID() (string, UUIDSource, error) {
|
|
return "", UUIDSourceInvalid, errors.New("not implemented.")
|
|
}
|
|
|
|
// RunUpdateQuirks is a no-op on non-windows platforms
|
|
func PreUpdateQuirks() {
|
|
}
|
|
|
|
// IsInvalidReparsePoint is a no-op on non-windows platforms
|
|
func IsInvalidReparsePoint(err error) bool {
|
|
return false
|
|
}
|
|
|
|
// killProcessByName kills a single process by its name.
|
|
func killProcessByName(name string) error {
|
|
if name == "" {
|
|
return errors.New("process name should not be empty")
|
|
}
|
|
|
|
foundProcesses, err := GetProcessesByName(name)
|
|
if err != nil {
|
|
return fmt.Errorf("get process: %w", err)
|
|
}
|
|
|
|
for _, foundProcess := range foundProcesses {
|
|
if err := foundProcess.Kill(); err != nil {
|
|
return fmt.Errorf("kill process %d: %w", foundProcess.Pid, err)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|