more install hardening - toctou

Author: tstromberg

cmd/agent/install.go

@@ -524,20 +524,30 @@ func installCron(agentPath, _, _ string) error {
 
 	// Get the directory where the agent is installed
 	agentDir := filepath.Dir(agentPath)
-	agentBinary := filepath.Base(agentPath)
 
-	// Use nohup with shell to properly background the process
-	// Change to the agent directory first so PID file and logs are created in the right place
-	// The & is crucial for detaching from the parent process
-	shellCmd := fmt.Sprintf("cd %s && %s ./%s > /dev/null 2>&1 &", agentDir, nohupPath, agentBinary)
-	cmd = exec.Command("sh", "-c", shellCmd) //nolint:noctx // agent spawns its own context
+	// Start the agent directly with nohup, avoiding shell interpretation
+	cmd = exec.Command(nohupPath, agentPath) //nolint:noctx // agent spawns its own context
+	cmd.Dir = agentDir                       // Set working directory for PID file and logs
 
-	if err := cmd.Run(); err != nil {
+	// Redirect output to /dev/null
+	devNull, err := os.Open("/dev/null")
+	if err == nil {
+		cmd.Stdout = devNull
+		cmd.Stderr = devNull
+		defer func() { _ = devNull.Close() }() //nolint:errcheck // defer close
+	}
+
+	if err := cmd.Start(); err != nil {
 		log.Printf("[WARN] Failed to start agent with nohup: %v (will start via cron in 15 minutes)", err)
 		return nil
 	}
 
-	log.Print("[INFO] Agent started successfully in background using nohup")
+	// Detach from the process
+	if err := cmd.Process.Release(); err != nil {
+		log.Printf("[WARN] Failed to release process: %v", err)
+	}
+
+	log.Printf("[INFO] Agent started successfully in background using nohup (PID: %d)", cmd.Process.Pid)
 
 	// Give it a moment to start
 	time.Sleep(500 * time.Millisecond)

cmd/agent/main.go

@@ -312,13 +312,30 @@ func checkAndCreatePIDFile() (exists bool, cleanup func()) {
 		}
 	}
 
-	// Write our PID
+	// Write our PID atomically using O_EXCL to prevent race conditions
 	pid := os.Getpid()
-	if err := os.WriteFile(pidPath, []byte(strconv.Itoa(pid)), 0o600); err != nil {
+	pidFile, err := os.OpenFile(pidPath, os.O_CREATE|os.O_EXCL|os.O_WRONLY, 0o600)
+	if err != nil {
+		if os.IsExist(err) {
+			// Another process created the file between our check and now
+			log.Print("[WARN] PID file was created by another process, exiting")
+			return false, func() {}
+		}
+		log.Printf("[WARN] Failed to create PID file: %v", err)
+		return true, func() {} // Continue without PID file
+	}
+
+	if _, err := pidFile.WriteString(strconv.Itoa(pid)); err != nil {
+		_ = pidFile.Close()    //nolint:errcheck // best effort cleanup
+		_ = os.Remove(pidPath) //nolint:errcheck // best effort cleanup
 		log.Printf("[WARN] Failed to write PID file: %v", err)
 		return true, func() {} // Continue without PID file
 	}
 
+	if err := pidFile.Close(); err != nil {
+		log.Printf("[WARN] Failed to close PID file: %v", err)
+	}
+
 	log.Printf("[INFO] Created PID file with PID %d", pid)
 
 	// Return cleanup function