From fa4c807e822d9c3a8c186c05cdf629ef6581ac20 Mon Sep 17 00:00:00 2001
From: Joseph Nuthalapati <njoseph@thoughtworks.com>
Date: Fri, 29 Mar 2019 19:34:04 +0530
Subject: [PATCH] vagrant: Run plinth as user plinth in development environment

Running plinth as root is causing preventable permission errors in production.
This commit makes the necessary changes to run plinth as the user plinth so that
permission errors can be caught early and prevented.

- Give ownership of all files in the mounted directory to plinth
- Add permissions in sudoers file so that plinth can run scripts in
  /vagrant/actions as superuser
- Move scripts that run on vagrant triggers to a separate directory

Signed-off-by: Joseph Nuthalapati <njoseph@thoughtworks.com>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
---
 HACKING.md                                    |  2 +-
 Vagrantfile                                   | 11 +++++-
 vagrant-scripts/plinth-user-permissions.py    | 39 +++++++++++++++++++
 .../post-box-destroy.py                       |  0
 4 files changed, 49 insertions(+), 3 deletions(-)
 create mode 100755 vagrant-scripts/plinth-user-permissions.py
 rename post-box-destroy.py => vagrant-scripts/post-box-destroy.py (100%)

diff --git a/HACKING.md b/HACKING.md
index 414d79c43..c8d95b3c5 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -34,7 +34,7 @@ and requires about 4.5 GB of disk space.
    cycle during development.
 
     ```
-    $ sudo /vagrant/run --develop
+    $ sudo -u plinth /vagrant/run --develop
     ```
 
 Note: This virtual machine has automatic upgrades disabled by default.
diff --git a/Vagrantfile b/Vagrantfile
index 441d9cc89..3b1baacd8 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -19,6 +19,7 @@
 Vagrant.configure(2) do |config|
   config.vm.box = "freedombox/plinth-dev"
   config.vm.network "forwarded_port", guest: 443, host: 4430
+  config.vm.synced_folder ".", "/vagrant", owner: "plinth", group: "plinth"
   config.vm.provider "virtualbox" do |vb|
     vb.cpus = 2
     vb.memory = 2048
@@ -47,15 +48,21 @@ Vagrant.configure(2) do |config|
 for development. You can run the development version of Plinth using
 the following command.
 $ vagrant ssh
-$ sudo /vagrant/run --develop
+$ sudo -u plinth /vagrant/run --develop
 Plinth will be available at https://localhost:4430/plinth (with
 an invalid SSL certificate).
 "
 
+  config.trigger.after [:up, :resume, :reload] do |trigger|
+    trigger.info = "Set plinth user permissions for development environment"
+    trigger.run_remote = {
+      path: "vagrant-scripts/plinth-user-permissions.py"
+    }
+  end
   config.trigger.before :destroy do |trigger|
     trigger.warn = "Performing cleanup steps"
     trigger.run = {
-      path: "post-box-destroy.py"
+      path: "vagrant-scripts/post-box-destroy.py"
     }
   end
   config.vm.boot_timeout=1200
diff --git a/vagrant-scripts/plinth-user-permissions.py b/vagrant-scripts/plinth-user-permissions.py
new file mode 100755
index 000000000..4fe8991fc
--- /dev/null
+++ b/vagrant-scripts/plinth-user-permissions.py
@@ -0,0 +1,39 @@
+#!/usr/bin/python3
+# -*- mode: python -*-
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+Set required permissions for user "plinth" to run plinth in the development
+environment.
+"""
+
+import augeas
+
+sudoers_file = '/etc/sudoers.d/plinth'
+aug = augeas.Augeas(
+    flags=augeas.Augeas.NO_LOAD + augeas.Augeas.NO_MODL_AUTOLOAD)
+
+# lens for shell-script config file
+aug.set('/augeas/load/Shellvars/lens', 'Sudoers.lns')
+aug.set('/augeas/load/Shellvars/incl[last() + 1]', sudoers_file)
+aug.load()
+
+aug.set('/files{}/spec[1]/host_group/command[2]'.format(sudoers_file),
+        '/vagrant/actions/*')
+aug.set('/files{}/spec[1]/host_group/command[1]/tag[2]'.format(sudoers_file),
+        'SETENV')
+aug.save()
diff --git a/post-box-destroy.py b/vagrant-scripts/post-box-destroy.py
similarity index 100%
rename from post-box-destroy.py
rename to vagrant-scripts/post-box-destroy.py