diff options
| author | Joas Schilling <213943+nickvergessen@users.noreply.github.com> | 2025-02-27 22:46:11 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-27 22:46:11 +0100 |
| commit | be8902cdb86938880147bf7fa0b9feefe95340d1 (patch) | |
| tree | 673b3b8781cfc55ed2fe54044b39f6d0f49a213c | |
| parent | 25268f2fdf60b228dfe8c7afbf212333173c4946 (diff) | |
| parent | d28eb731a84b1bf18b90cdc3e8331336d56ca6d6 (diff) | |
| download | nextcloud-server-be8902cdb86938880147bf7fa0b9feefe95340d1.tar.gz nextcloud-server-be8902cdb86938880147bf7fa0b9feefe95340d1.zip | |
Merge pull request #51118 from nextcloud/backport/33545/stable31
[stable31] make it possible to run occ as root
| -rwxr-xr-x | occ | 32 |
1 files changed, 27 insertions, 5 deletions
@@ -1,11 +1,33 @@ #!/usr/bin/env php <?php + +declare(strict_types=1); + +/** + * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors + * SPDX-License-Identifier: AGPL-3.0-or-later + */ + /** - * SPDX-FileCopyrightText: 2014 ownCloud, Inc. - * SPDX-FileCopyrightText: 2014 Olivier Paroz - * SPDX-FileCopyrightText: 2013 Thomas Müller <thomas.mueller@tmit.eu> - * SPDX-License-Identifier: AGPL-3.0-only + * Drop privileges when run as root */ +function dropPrivileges(): void { + if (posix_getuid() !== 0) { + return; + } + + $configPath = __DIR__ . '/config/config.php'; + $uid = fileowner($configPath); + if ($uid === false) { + return; + } + $info = posix_getpwuid($uid); + if ($info === false) { + return; + } + posix_setuid($uid); + posix_setgid($info['gid']); +} -//$argv = $_SERVER['argv']; +dropPrivileges(); require_once __DIR__ . '/console.php'; |