fix: Apply environment variables to startup script (#2099)

kylecarbs · web-flow · commit 66cf59bbe17e · 2022-06-06T14:20:25.000-05:00
This was stopping `coder` from being in the path, and allowed
applications started in the script to bypass injected environmnet
variables like `GIT_SSH_COMMAND`.
diff --git a/agent/agent.go b/agent/agent.go
@@ -155,20 +155,10 @@ func (a *agent) run(ctx context.Context) {
 	}
 }
 
-func (*agent) runStartupScript(ctx context.Context, script string) error {
+func (a *agent) runStartupScript(ctx context.Context, script string) error {
 	if script == "" {
 		return nil
 	}
-	currentUser, err := user.Current()
-	if err != nil {
-		return xerrors.Errorf("get current user: %w", err)
-	}
-	username := currentUser.Username
-
-	shell, err := usershell.Get(username)
-	if err != nil {
-		return xerrors.Errorf("get user shell: %w", err)
-	}
 
 	writer, err := os.OpenFile(filepath.Join(os.TempDir(), "coder-startup-script.log"), os.O_CREATE|os.O_RDWR, 0600)
 	if err != nil {
@@ -178,12 +168,10 @@ func (*agent) runStartupScript(ctx context.Context, script string) error {
 		_ = writer.Close()
 	}()
 
-	caller := "-c"
-	if runtime.GOOS == "windows" {
-		caller = "/c"
+	cmd, err := a.createCommand(ctx, script, nil)
+	if err != nil {
+		return xerrors.Errorf("create command: %w", err)
 	}
-
-	cmd := exec.CommandContext(ctx, shell, caller, script)
 	cmd.Stdout = writer
 	cmd.Stderr = writer
 	err = cmd.Run()
