I was expecting the below init hook to be run as root based on the values of pkg_svc_user and pkg_svc_group in the plan.sh, but it was being run as hab resulting in a permission error reading /hab/sup/default/CTL_SECRET when calling hab file upload.
plan.sh
pkg_svc_user="root"
pkg_svc_group="root"
hooks/init
#!{{pkgPathFor "core/bash"}}/bin/bash
whoami
hab file upload {{bind.fluentd.first.service}}.{{bind.fluentd.first.group}} $(date +%s%N) {{pkg.svc_config_path}}/squid_fluent.conf
hab file upload {{bind.logrotator.first.service}}.{{bind.fluentd.first.group}} $(date +%s%N) {{pkg.svc_config_path}}/squid_logrotate.conf
Logs
outbound_proxy.default hook[init]:(HK): hab
outbound_proxy.default hook[init]:(HK): ✗✗✗
outbound_proxy.default hook[init]:(HK): ✗✗✗ [Err: 1] IoError while reading or writing ctl secret, /hab/sup/default/CTL_SECRET, Permission denied (os error 13)
When I moved the content out of the init and into the run hook, root user was logged and everything worked. Is it expected that early lifecycle hooks run as hab by default before the user/group defined in plan.sh is honoured in later hooks?