dev/features: improve enter_service
Read uid/gid directly from the service pid. This makes this fn work with arbitrary services, and with `bitcoind`, where, for historical reasons, the service user name (`bitcoin`) doesn't equal the service name.
This commit is contained in:
parent
479e21a122
commit
2c3fa63baa
@ -56,9 +56,10 @@ ls -al /var/lib/containers/nb-test
|
|||||||
# Start a shell in the context of a service process.
|
# Start a shell in the context of a service process.
|
||||||
# Must be run inside the container (enter with cmd `c`).
|
# Must be run inside the container (enter with cmd `c`).
|
||||||
enter_service() {
|
enter_service() {
|
||||||
local name=$1
|
name=$1
|
||||||
nsenter --all -t "$(systemctl show -p MainPID --value "$name")" \
|
pid=$(systemctl show -p MainPID --value "$name")
|
||||||
--setuid "$(id -u "$name")" --setgid "$(id -g "$name")" bash
|
IFS=- read -r uid gid < <(stat -c "%u-%g" "/proc/$pid")
|
||||||
|
nsenter --all -t "$pid" --setuid "$uid" --setgid "$gid" bash
|
||||||
}
|
}
|
||||||
enter_service clightning
|
enter_service clightning
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user