From 73009dfd3f4bf32535697435e970209ffb7bae71 Mon Sep 17 00:00:00 2001
From: Ted Bowman <41201-tedbow@users.noreply.drupalcode.org>
Date: Wed, 27 Mar 2024 15:47:55 +0000
Subject: [PATCH] Issue #3432476: Warn if auto-update script is running as root

---
 scripts/src/ConverterCommand.php       |  2 ++
 src/Validator/ConsoleUserValidator.php | 44 ++++++++++++++++++++++++++
 2 files changed, 46 insertions(+)
 create mode 100644 src/Validator/ConsoleUserValidator.php

diff --git a/scripts/src/ConverterCommand.php b/scripts/src/ConverterCommand.php
index 0dc93f2e32..eb00fe9915 100644
--- a/scripts/src/ConverterCommand.php
+++ b/scripts/src/ConverterCommand.php
@@ -311,6 +311,8 @@ class ConverterCommand extends Command {
       //   https://drupal.org/i/3347937.
       'scripts',
       'dictionary.txt',
+      // @todo Remove in https://www.drupal.org/i/3432496.
+      'src/Validator/ConsoleUserValidator.php',
     ];
     $removals = array_map(function ($path) use ($core_module_path) {
       return "$core_module_path/$path";
diff --git a/src/Validator/ConsoleUserValidator.php b/src/Validator/ConsoleUserValidator.php
new file mode 100644
index 0000000000..34a17248c3
--- /dev/null
+++ b/src/Validator/ConsoleUserValidator.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace Drupal\automatic_updates\Validator;
+
+use Drupal\automatic_updates\ConsoleUpdateStage;
+use Drupal\package_manager\Event\PreCreateEvent;
+use Drupal\package_manager\Event\StatusCheckEvent;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+
+/**
+ * Validates that the `auto-update` script is not run as the root user.
+ *
+ * We add this warning to the StatusCheckEvent and PreCreateEvent events
+ * instead of directly in the `auto-update` script to ensure that the warning
+ * is surfaced to the status report page along with other warnings and errors.
+ *
+ * @todo Remove this validator in favor of exiting the `auto-update` script as
+ *   early as possible if run as root in https://www.drupal.org/i/3432496.
+ */
+class ConsoleUserValidator implements EventSubscriberInterface {
+
+  /**
+   * {@inheritdoc}
+   */
+  public static function getSubscribedEvents(): array {
+    return [
+      StatusCheckEvent::class => ['validateConsoleUser'],
+      PreCreateEvent::class => ['validateConsoleUser'],
+    ];
+  }
+
+  /**
+   * Adds a warning if the `auto-update` script is run as the root user.
+   *
+   * @param \Drupal\package_manager\Event\StatusCheckEvent|\Drupal\package_manager\Event\PreCreateEvent $event
+   *   The stage event.
+   */
+  public function validateConsoleUser(StatusCheckEvent|PreCreateEvent $event) {
+    if (PHP_SAPI === 'cli' && $event->stage instanceof ConsoleUpdateStage && function_exists('posix_getuid') && posix_getuid() === 0) {
+      $event->addWarning([t('The `auto-update` script should not be run as the root user. Please run it as a less privileged user. In 3.1.0 if this script is run as the root user updates will not be preformed.')]);
+    }
+  }
+
+}
-- 
GitLab