[FileBackend] Allow enforcing POSIX file owner names.

Change-Id: I9c703bc497f5d6983ef812d105357877c154e17b

diff --git a/includes/filebackend/FSFileBackend.php b/includes/filebackend/FSFileBackend.php
index c953d77..a0befd6 100644 (file)
--- a/includes/filebackend/FSFileBackend.php
+++ b/includes/filebackend/FSFileBackend.php
@@ -43,6 +43,8 @@ class FSFileBackend extends FileBackendStore {
        /** @var Array Map of container names to root paths */
        protected $containerPaths = array(); // for custom container paths
        protected $fileMode; // integer; file permission mode
+       protected $fileOwner; // string; required OS username to own files
+       protected $currentUser; // string; OS username running this script
 
        protected $hadWarningErrors = array();
 
@@ -71,9 +73,12 @@ class FSFileBackend extends FileBackendStore {
                        }
                }
 
-               $this->fileMode = isset( $config['fileMode'] )
-                       ? $config['fileMode']
-                       : 0644;
+               $this->fileMode = isset( $config['fileMode'] ) ? $config['fileMode'] : 0644;
+               if ( isset( $config['fileOwner'] ) && function_exists( 'posix_getuid' ) ) {
+                       $this->fileOwner = $config['fileOwner'];
+                       $info = posix_getpwuid( posix_getuid() );
+                       $this->currentUser = $info['name']; // cache this, assuming it doesn't change
+               }
        }
 
        /**
@@ -164,6 +169,11 @@ class FSFileBackend extends FileBackendStore {
                        $ok = is_dir( $parentDir ) && is_writable( $parentDir );
                }
 
+               if ( $this->fileOwner !== null && $this->currentUser !== $this->fileOwner ) {
+                       $ok = false;
+                       trigger_error( __METHOD__ . ": PHP process owner is not '{$this->fileOwner}'." );
+               }
+
                return $ok;
        }