From 9bb083be57f006f2a4e2aed2eb62698b57a80ca0 Mon Sep 17 00:00:00 2001
From: "stuart.warren" <stuart.warren@ocado.com>
Date: Thu, 18 Jul 2024 19:30:51 +0100
Subject: [PATCH] client/allocdir: chown directories as _daemon_ user if
 avaliable

running within a snap (https://snapcraft.io/) means code is unable to chown to nobody user unfortunately

chown to _daemon_ user instead if available https://snapcraft.io/docs/system-usernames

ref #23619
---
 client/allocdir/fs_unix.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/client/allocdir/fs_unix.go b/client/allocdir/fs_unix.go
index b393837be0d..74add85f610 100644
--- a/client/allocdir/fs_unix.go
+++ b/client/allocdir/fs_unix.go
@@ -48,6 +48,14 @@ func dropDirPermissions(path string, desired os.FileMode) error {
 		return fmt.Errorf("Unable to find nobody user: %w", err)
 	}
 
+	// Within a snap we can't chown to `nobody`, so we use `_daemon_` instead
+	// requires snap configured to use `system-usernames`
+	// https://snapcraft.io/docs/system-usernames
+	snapu, err := users.Lookup("_daemon_")
+	if err == nil {
+		u = snapu
+	}
+
 	uid, err := getUid(u)
 	if err != nil {
 		return err