feat: assume the privileged user is the user that is running nucleus

Author: robcmann

src/main/java/com/aws/greengrass/util/platforms/unix/UnixPlatform.java

@@ -60,7 +60,6 @@ public class UnixPlatform extends Platform {
 
     public static final String LOADER_LOGS_FILE_NAME = "loader.log";
     public static final Pattern PS_PID_PATTERN = Pattern.compile("(\\d+)\\s+(\\d+)");
-    public static final String PRIVILEGED_USER = "root";
     public static final String STDOUT = "stdout";
     public static final String STDERR = "stderr";
     protected static final int SIGTERM = 15;
@@ -80,6 +79,9 @@ public class UnixPlatform extends Platform {
     private static final int MAX_IPC_SOCKET_CREATION_WAIT_TIME_SECONDS = 30;
     public static final int SOCKET_CREATE_POLL_INTERVAL_MS = 200;
 
+    @SuppressFBWarnings(value = "ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD",
+            justification = "Writing to static field in constructor is safe because Platform is a singleton.")
+    private static String PRIVILEGED_USER;
     private static UnixUserAttributes CURRENT_USER;
     private static UnixGroupAttributes CURRENT_USER_PRIMARY_GROUP;
     private static final Lock lock = LockFactory.newReentrantLock(UnixPlatform.class.getSimpleName());
@@ -93,11 +95,18 @@ public class UnixPlatform extends Platform {
     /**
      * Construct a new instance.
      */
+    @SuppressWarnings("PMD.AssignmentToNonFinalStatic")
     public UnixPlatform() {
         super();
         // avoid spamming DEBUG-level oshi logs when reading process stats
         LogManager.getLogger(oshi.util.FileUtil.class.getName()).setLevel("INFO");
         runWithGenerator = new UnixRunWithGenerator(this);
+        try {
+            PRIVILEGED_USER = loadCurrentUser().getPrincipalName();
+        } catch (IOException e) {
+            // This should not happen, but set the PRIVILEGED_USER to root if it fails
+            PRIVILEGED_USER = "root";
+        }
     }
 
     /**

src/test/java/com/aws/greengrass/util/platforms/unix/UnixPlatformTest.java

@@ -20,7 +20,10 @@
 import static org.hamcrest.Matchers.contains;
 import static org.hamcrest.Matchers.containsInAnyOrder;
 import static org.hamcrest.Matchers.empty;
+import static org.hamcrest.Matchers.equalTo;
 import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
+import static org.hamcrest.Matchers.notNullValue;
 
 @ExtendWith({GGExtension.class})
 @DisabledOnOs(OS.WINDOWS)
@@ -63,6 +66,16 @@ void GIVEN_user_WHEN_decorate_THEN_generate_sudo_without_group() {
                 is(arrayContaining("sudo", "-n", "-E", "-H", "-u", "foo", "--", "echo", "hello", "world")));
     }
 
+    @Test
+    void GIVEN_unix_platform_WHEN_get_privileged_user_THEN_returns_current_user() {
+        UnixPlatform platform = new UnixPlatform();
+        String privilegedUser = platform.getPrivilegedUser();
+
+        assertThat(privilegedUser, is(notNullValue()));
+        assertThat(privilegedUser, is(not(equalTo(""))));
+        assertThat(privilegedUser, is(equalTo(System.getProperty("user.name"))));
+    }
+
     @Test
     void GIVEN_file_system_permission_WHEN_convert_to_posix_THEN_succeed() {
         // Nothing