Add privilege check to render-template script

[jdeanwallace]

Resolves https://github.com/tiny-pilot/tinypilot-pro/issues/1190

Please refer to https://github.com/tiny-pilot/tinypilot-pro/issues/1190#issue-2094765706 for PR rationale.

Executing the render-template script with root privileges with now fail. For example, as part of the TinyPilot installation:

$ apt-get install -y ./tinypilot_20240128105411_armhf.deb
...
Preparing to unpack .../tinypilot_20240128105411_armhf.deb ...
Unpacking tinypilot (20240128105411) over (20240128094116) ...
Setting up tinypilot (20240128105411) ...
Warning: The home dir /home/tinypilot you specified already exists.
The system user `tinypilot' already exists. Exiting.
/opt/tinypilot /

This script doesn't require root privileges.
Please re-run as tinypilot:
  runuser tinypilot --command './scripts/render-template'

dpkg: error processing package tinypilot (--configure):
 installed tinypilot package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
 tinypilot
E: Sub-process /usr/bin/dpkg returned an error code (1)
+ clean_up
+ umount --lazy /mnt/tinypilot-installer
+ rm -rf /opt/tinypilot-updater /mnt/tinypilot-installer

Notes

1. We had to expand the previously used render-template command into multiple independent commands because the exit code was being ignored/swallowed.

2. To execute render-template as the tinypilot user, we use the runuser command instead of su. Based on the runuser manual, runuser can only be used by root users which is currently the only way we use render-template:

   The difference between the commands runuser and su is that runuser does not ask
   for a password (because it may be executed by the root user only)
   and it uses a different PAM configuration.

[jotaen4tinypilot]

Fyi, the e2e tests are green again on master.

[jdeanwallace]

Automated comment from CodeApprove ➜

⏳ @jotaen4tinypilot please review this Pull Request

[jotaen4tinypilot]

Automated comment from CodeApprove ➜

⏳ Approval Pending (2 unresolved comments)
Approval will be granted automatically when all comments are resolved

---

In: scripts/render-template:
Shall we put a comment here for future reference? I’m thinking, we could just add the link to https://github.com/tiny-pilot/tinypilot-pro/issues/1190.

---

In: scripts/render-template:

> Line 30
if os.geteuid() == 0:

Question: I’m wondering what the difference is between putting this check here (at file top level) vs. putting it into main? Intuitively, I might have put it into main (although it probably also doesn’t matter that much, though).

---

👀 @jdeanwallace it's your turn please take a look

[jdeanwallace]

Automated comment from CodeApprove ➜

---

In: scripts/render-template:
Oh that's an interesting thought 🤔 Like you said, it probably doesn't matter because the program is always only run as the main program, but then technically it should then be in the main function. Furthermore, the main function doesn't deal with parsing args, so perhaps it should rather be within the if __name__ == '__main__' block where we parse the other (non-existent) args? I went for the latter for now.

---

In: scripts/render-template:
Ah yes, done.

[jotaen4tinypilot]

Automated comment from CodeApprove ➜

Approved: I have approved this change on CodeApprove and all of my comments have been resolved.

Review approved on CodeApprove