Merge pull request #1 from SebastianKrupinski/fix/use-sudo

fix: use sudo
2026-04-11 20:55:01 +00:00 · 2026-02-23 20:37:06 -05:00
parent f64999c8a2 fd6196def2
commit 39fbd2e14e
3 changed files with 23 additions and 6 deletions
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -345,6 +345,11 @@ jobs:
      - name: Checkout repository
        uses: actions/checkout@v4
      
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -y jq curl
+      
      - name: Test invalid JSON (domains)
        id: test_invalid_domains
        continue-on-error: true
--- a/action.yml
+++ b/action.yml
@@ -25,10 +25,13 @@ runs:
      run: |
        echo "::group::Checking prerequisites"
        
-        # Check if running as root
+        # Check if running as root or if sudo is available
        if [ "$(id -u)" -ne 0 ]; then
-          echo "::error::This action must run as root. Use 'sudo' or run in a container with root privileges."
-          exit 1
+          if ! command -v sudo &> /dev/null; then
+            echo "::error::This action must run as root or 'sudo' must be available."
+            exit 1
+          fi
+          echo "ℹ Running as non-root user — will use sudo for privileged steps."
        fi
        
        # Check for required commands
@@ -49,7 +52,9 @@ runs:
      run: |
        echo "::group::Installing Stalwart Mail Server"
        chmod +x "${{ github.action_path }}/scripts/install.sh"
-        "${{ github.action_path }}/scripts/install.sh"
+        SUDO=""
+        if [ "$(id -u)" -ne 0 ]; then SUDO="sudo -E"; fi
+        $SUDO "${{ github.action_path }}/scripts/install.sh"
        echo "::endgroup::"
    
    - name: Configure Stalwart
@@ -72,7 +77,9 @@ runs:
        
        echo "::group::Configuring Stalwart"
        chmod +x "${{ github.action_path }}/scripts/configure.sh"
-        "${{ github.action_path }}/scripts/configure.sh"
+        SUDO=""
+        if [ "$(id -u)" -ne 0 ]; then SUDO="sudo -E"; fi
+        $SUDO "${{ github.action_path }}/scripts/configure.sh"
        echo "::endgroup::"
    
    - name: Display completion message
--- a/scripts/configure.sh
+++ b/scripts/configure.sh
@@ -58,7 +58,12 @@ main() {
    
    # Save admin password to temp file for testing/debugging (remove in production)
    echo "$current_password" > /tmp/stalwart_admin_password
-    chmod 600 /tmp/stalwart_admin_password
+    # Use 644 so the invoking (non-root) runner user can read the file
+    chmod 644 /tmp/stalwart_admin_password
+    # If invoked via sudo, transfer ownership back to the calling user
+    if [ -n "${SUDO_USER:-}" ]; then
+        chown "$SUDO_USER" /tmp/stalwart_admin_password
+    fi
    
    # Create domains if provided
    if [ -n "$DOMAINS_JSON" ]; then