From 841f3c9d146ed2f8e4eb2b0bc62797c64813248f Mon Sep 17 00:00:00 2001
From: Andreas Ntaflos <andreas.ntaflos@rise-world.com>
Date: Wed, 20 Dec 2017 16:27:58 +0100
Subject: [PATCH] Change to safe working directory in external_node_v2.rb

Change working directory to the determined home directory of
`puppetuser` before continuing to ensure we don't reside in /root or
anywhere else we don't have permissions.

Fixes issue #611.
---
 files/external_node_v2.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/files/external_node_v2.rb b/files/external_node_v2.rb
index 3aec3ce85..7614bc5ea 100644
--- a/files/external_node_v2.rb
+++ b/files/external_node_v2.rb
@@ -338,6 +338,10 @@ def watch_and_send_facts(parallel)
     Process::UID.change_privilege(Etc.getpwnam(puppetuser).uid) unless Etc.getpwuid.name == puppetuser
     # Facter (in thread_count) tries to read from $HOME, which is still /root after the UID change
     ENV['HOME'] = Etc.getpwnam(puppetuser).dir
+    # Change CWD to the determined home directory before continuing to make
+    # sure we don't reside in /root or anywhere else we don't have access
+    # permissions
+    Dir.chdir ENV['HOME']
   rescue
     $stderr.puts "cannot switch to user #{puppetuser}, continuing as '#{Etc.getpwuid.name}'"
   end