From a56991d081471a5886c276747477d5c9f189a2db Mon Sep 17 00:00:00 2001
From: James Shubin <james@shubin.ca>
Date: Tue, 5 Mar 2019 12:06:13 -0500
Subject: [PATCH] engine: resources: Remove possible panic from within file res

Not sure how I let this in, but we should never do this. Hopefully the
Validate should catch this issue in advance, and if not, at least we'll
only error.
---
 engine/resources/file.go | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/engine/resources/file.go b/engine/resources/file.go
index b4668407..8e1d37b7 100644
--- a/engine/resources/file.go
+++ b/engine/resources/file.go
@@ -123,6 +123,16 @@ func (obj *FileRes) Validate() error {
 		}
 	}
 
+	if obj.Owner != "" || obj.Group != "" {
+		fileInfo, err := os.Stat("/") // pick root just to do this test
+		if err != nil {
+			return fmt.Errorf("can't stat root to get system information")
+		}
+		_, ok := fileInfo.Sys().(*syscall.Stat_t)
+		if !ok {
+			return fmt.Errorf("can't set Owner or Group on this platform")
+		}
+	}
 	if _, err := engineUtil.GetUID(obj.Owner); obj.Owner != "" && err != nil {
 		return err
 	}
@@ -754,9 +764,9 @@ func (obj *FileRes) chownCheckApply(apply bool) (bool, error) {
 	}
 
 	stUnix, ok := fileInfo.Sys().(*syscall.Stat_t)
-	if !ok {
-		// Not unix
-		panic("No support for your platform")
+	if !ok { // this check is done in Validate, but it's done here again...
+		// not unix
+		return false, fmt.Errorf("can't set Owner or Group on this platform")
 	}
 
 	if obj.Owner != "" {