diff options
Diffstat (limited to 'exmachina.py')
-rwxr-xr-x | exmachina.py | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/exmachina.py b/exmachina.py index 6803f5d..ab8ceee 100755 --- a/exmachina.py +++ b/exmachina.py @@ -30,6 +30,7 @@ client in the same way. The init_test.sh script demonstrates this mechanism. import os import sys +import grp import argparse import logging import socket @@ -214,7 +215,7 @@ class ExMachinaClient(): self.sock.close() -def run_server(socket_path, secret_key=None): +def run_server(socket_path, secret_key=None, socket_group=None): if not 0 == os.geteuid(): log.warn("Expected to be running as root!") @@ -225,8 +226,13 @@ def run_server(socket_path, secret_key=None): sock.bind(socket_path) sock.listen(1) - # TODO: www-data group permissions only? - os.chmod(socket_path, 0666) + if socket_group is not None: + socket_uid = os.stat(socket_path).st_uid + socket_gid = grp.getgrnam(socket_group).gr_gid + os.chmod(socket_path, 0660) + os.chown(socket_path, socket_uid, socket_gid) + else: + os.chmod(socket_path, 0666) if secret_key: ExMachinaHandler.secret_key = secret_key @@ -311,6 +317,9 @@ def main(): default=None, help="Daemonize and write pid to this file", metavar="FILE") + parser.add_argument("-g", "--group", + default=None, + help="chgrp socket file to this group and set 0660 permissions") args = parser.parse_args() @@ -351,7 +360,9 @@ def main(): pfile.write("%s" % pid) log.info("Daemonized, pid is %s" % pid) - run_server(secret_key=secret_key, socket_path=args.socket_path) + run_server(secret_key=secret_key, + socket_path=args.socket_path, + socket_group=args.group) if __name__ == '__main__': main() |