From 242d54ce150fb13aeab87bd691ed0ba4af1de093 Mon Sep 17 00:00:00 2001
From: Andrey Shitov <sai@arenadata.io>
Date: Wed, 3 Jul 2024 11:55:34 +0300
Subject: [PATCH] ADS-1703

---
 nifi-registry/nifi-registry-assembly/pom.xml    |  5 -----
 .../src/main/resources/bin/nifi-registry.sh     | 17 ++++++++++++++++-
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/nifi-registry/nifi-registry-assembly/pom.xml b/nifi-registry/nifi-registry-assembly/pom.xml
index 458205d7f884..40bc8e689660 100644
--- a/nifi-registry/nifi-registry-assembly/pom.xml
+++ b/nifi-registry/nifi-registry-assembly/pom.xml
@@ -164,11 +164,6 @@
             <groupId>org.apache.nifi.registry</groupId>
             <artifactId>nifi-registry-properties-loader</artifactId>
         </dependency>
-        <dependency>
-            <groupId>javax.el</groupId>
-            <artifactId>javax.el-api</artifactId>
-            <version>3.0.1-b06</version>
-        </dependency>
     </dependencies>
 
     <properties>
diff --git a/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/bin/nifi-registry.sh b/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/bin/nifi-registry.sh
index ef7619926c7b..e7a1e5a817d7 100644
--- a/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/bin/nifi-registry.sh
+++ b/nifi-registry/nifi-registry-core/nifi-registry-resources/src/main/resources/bin/nifi-registry.sh
@@ -310,8 +310,23 @@ run() {
     run_nifi_registry_cmd="'${JAVA}' -cp '${BOOTSTRAP_CLASSPATH}' -Xms12m -Xmx24m ${BOOTSTRAP_DIR_PARAMS} org.apache.nifi.registry.bootstrap.RunNiFiRegistry $@"
 
     if [ -n "${run_as_user}" ]; then
+      preserve_environment=$(grep '^\s*preserve.environment' "${BOOTSTRAP_CONF}" | cut -d'=' -f2 | tr '[:upper:]' '[:lower:]')
+      use_su=$(grep '^\s*use.su' "${BOOTSTRAP_CONF}" | cut -d'=' -f2 | tr '[:upper:]' '[:lower:]')
+
+      if [ "$use_su" = "true" ]; then
+        SUDO="/bin/su"
+        if [ "$preserve_environment" = "true" ]; then
+          echo "The use.su option is not supported with preserve.environment enabled for compatibility reasons. Exiting."
+          exit 1
+        fi
+      else
+        SUDO="sudo -u"
+        if [ "$preserve_environment" = "true" ]; then
+          SUDO="sudo -E -u"
+        fi
+      fi
       # Provide SCRIPT_DIR and execute nifi-env for the run.as user command
-      run_nifi_registry_cmd="sudo -u ${run_as_user} sh -c \"SCRIPT_DIR='${SCRIPT_DIR}' && . '${SCRIPT_DIR}/nifi-registry-env.sh' && ${run_nifi_registry_cmd}\""
+      run_nifi_registry_cmd="${SUDO} ${run_as_user} -s /bin/sh -c \"SCRIPT_DIR='${SCRIPT_DIR}' && . '${SCRIPT_DIR}/nifi-registry-env.sh' && ${run_nifi_registry_cmd}\""
     fi
 
     if [ "$1" = "run" ]; then