Skip to content
Snippets Groups Projects

Issue #3432476 add ConsoleUserValidator

Merged Issue #3432476 add ConsoleUserValidator
issue/automatic_updates-3432476:3432476-warn-root into 3.0.x
1 unresolved thread
Merged Ted Bowman requested to merge issue/automatic_updates-3432476:3432476-warn-root into 3.0.x
1 unresolved thread

Closes #3432476

Merge request reports

Merged results pipeline #130709 skipped

Merged results pipeline skipped for dd1e40a1

Merged by Ted BowmanTed Bowman 11 months ago (Mar 27, 2024 3:47pm UTC)

Loading

Pipeline #130710 passed with warnings

Stage: build
Stage: validate
Stage: test

Pipeline passed with warnings for 73009dfd on 3.0.x

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
src/Validator/ConsoleUserValidator.php 0 → 100644
1 <?php
2
3 namespace Drupal\automatic_updates\Validator;
4
5 use Drupal\automatic_updates\ConsoleUpdateStage;
6 use Drupal\package_manager\Event\PreCreateEvent;
7 use Drupal\package_manager\Event\StatusCheckEvent;
8 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
9
10 /**
11 * Validates that the `auto-update` script is not run as the root user.
12 *
13 * @todo Remove this validator in favor of exiting the `auto-update` script as
14 * early as possible if run as root in https://www.drupal.org/i/3432496.
15 */
16 class ConsoleUserValidator implements EventSubscriberInterface {
  • Adam G-H
    Adam G-H @phenaproxima ·
    Maintainer

    Should this really be a validator? I don't think so. Why can't we just change the command itself to detect if it's running as root, and output a warning directly? (It could also log a warning to watchdog.)

    IMHO that's perfectly appropriate, compared to adding a validator for this.

  • Ted Bowman
    Ted Bowman @tedbow ·
    Author Maintainer

    The main benefit is that if it is validator then this would flag an error on status report page because it works on the StatusCheckEvent.

    So if someone goes to status report page there is one location where they can see all the errors related to Automatic Updates, especially why unattended updates might not work now in or in the future. If we just log a warning to watchdog then on the status report page you would see all the errors that will affect unattended updates, except this problem with root user.

    I do agree that 3.1.x when don't allow root to run at all this should not be a validator, thats I created the todo to https://www.drupal.org/i/3432496. But that is mainly because we are stopping the script because running as root is dangerous. So in that case we want to stop as early as possible.

    Since until 3.1.x we are not stopping the update from running so there is not benefit from logging the error so early. It would be simpler obviously but think the benefit for getting the errors on the status report page with all the other StatusCheckEvent warnings and errors outweighs this, especially because the warning we are giving them is that with their current setup as soon as they update to 3.1.0 there unattended updates will stop working. So we really don't want them to miss this.

  • Please register or sign in to reply
  • Ted Bowman added 1 commit

    added 1 commit

    Compare with previous version

  • Ted Bowman added 1 commit

    added 1 commit

    Compare with previous version

  • Ted Bowman added 5 commits

    added 5 commits

    Compare with previous version

    Toggle commit list
  • Ted Bowman merged

    merged

    • Please register or sign in to reply