From a48ac0ec151bd78eeee1fb54c53716612f75e772 Mon Sep 17 00:00:00 2001
From: lhdamiani <leonardo.hax@psi.ch>
Date: Tue, 15 Mar 2022 12:56:36 +0100
Subject: [PATCH] added setgid and setuid to the writer

---
 std-det-writer/src/main.cpp | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/std-det-writer/src/main.cpp b/std-det-writer/src/main.cpp
index 9a4a7ca..f0966b6 100644
--- a/std-det-writer/src/main.cpp
+++ b/std-det-writer/src/main.cpp
@@ -2,6 +2,9 @@
 #include <string>
 #include <zmq.h>
 #include <mpi.h>
+#include <unistd.h>
+#include <sstream>
+#include <chrono>
 
 #include "RamBuffer.hpp"
 #include "BufferUtils.hpp"
@@ -11,6 +14,7 @@
 #include "DetWriterConfig.hpp"
 
 #include "rapidjson/document.h"
+#include "date.h"
 
 using namespace std;
 using namespace buffer_config;
@@ -63,6 +67,7 @@ int main (int argc, char *argv[])
         const int run_id = document["run_id"].GetInt();
         const int i_image = document["i_image"].GetInt();
         const int n_images = document["n_images"].GetInt();
+        const int user_id = document["user_id"].GetInt();
         // i_image == n_images -> end of run.
         if (i_image == n_images) {
             writer.close_run();
@@ -72,6 +77,30 @@ int main (int argc, char *argv[])
 
         // i_image == 0 -> we have a new run.
         if (i_image == 0) {
+            // TODO Improve changing GID and UID of the writer processes 
+            // to be part of the deployment via the ansible deployment.
+            #ifdef DEBUG_OUTPUT
+                 using namespace date;
+                 cout << "[" << std::chrono::system_clock::now() << "]";
+                 cout << "[std_daq_det_writer] Setting process uid to " << user_id << endl;
+            #endif
+            
+            if (setgid(user_id)) {
+                stringstream error_message;
+                using namespace date;
+                error_message << "[" << std::chrono::system_clock::now() << "]";
+                error_message << "[std_daq_det_writer] Cannot set group_id to " << user_id << endl;
+                throw runtime_error(error_message.str());
+            }
+
+            if (setuid(user_id)) {
+                stringstream error_message;
+                using namespace date;
+                error_message << "[" << std::chrono::system_clock::now() << "]";
+                error_message << "[std_daq_det_writer] Cannot set user_id to " << user_id << endl;
+                throw runtime_error(error_message.str());
+            }
+
             auto image_meta = (ImageMetadata*)
                 image_buffer.get_slot_meta(image_id);