fix: only allow setting custom hostname if running as root

This is match access level to `/etc/hostname` of `0644`. If only root can change system hostname, then only root should be able to change the hostname of the inventory that is used to enroll in the configuration management system.
tjhop · Jul 1, 2023 · 46c8d5c · 46c8d5c
1 parent bc1e2f3
commit 46c8d5c
Showing 1 changed file with 11 additions and 4 deletions.
diff --git a/cmd/mango/mango.go b/cmd/mango/mango.go
@@ -327,10 +327,17 @@ func main() {
 		log.Fatal("Inventory not defined, please set `inventory.path` flag or config variable to the path to the inventory")
 	}
 
-	// run mango daemon
-	me := viper.GetString("hostname")
-	if me == "" {
-		me = self.GetHostname()
+	// get hostname for inventory
+	me := self.GetHostname()
+
+	// only allow setting custom hostname if running as root
+	if os.Geteuid() == 0 {
+		customHostname := viper.GetString("hostname")
+		if customHostname != "" {
+			me = customHostname
+		}
 	}
+
+	// run mango daemon
 	mango(inventoryPath, me)
 }