Fix command exec's `WithUid` (RunAsUser) when running as self

[Micah-Kolide]

I've been trying to test my new check that uses the kolide_brew_upgradeable table, when I kept hitting an issue in Live Query where all devices returned no results. I could easily get results locally, so I wasn't sure what was going on.

After more testing locally, I saw the error fork/exec /opt/homebrew/bin/brew: operation not permitted, and after some digging online I came to this post.

Basically the syscall SYS_SETGROUPS requires elevated permissions, so a non-root user attempting to set the groups causes an EPERM error. There is a fix inside the Credential structure: NoSetGroups, but I figured since we are already running as the user, we can just early exit instead of adding that flag.

Outside of this issue, I had thought that the queries in Live Query go through a sudoed instance of launcher, but perhaps I was mistaken on that?

[directionless]

Outside of this issue, I had thought that the queries in Live Query go through a sudoed instance of launcher, but perhaps I was mistaken on that?

Sorta, yes. Outside development, launcher runs with root permission. But dev instances are usually running with user credentials.

[Micah-Kolide]

Outside of this issue, I had thought that the queries in Live Query go through a sudoed instance of launcher, but perhaps I was mistaken on that?

Sorta, yes. Outside development, launcher runs with root permission. But dev instances are usually running with user credentials.

I saw this issue in both my dev env and when I tried a real Live Query in prod.