From 9f2871ebd77e3d862ffd0e940747d684ddc7e1f9 Mon Sep 17 00:00:00 2001
From: bnewbold <bnewbold@robocracy.org>
Date: Tue, 24 Jul 2012 12:15:56 -0700
Subject: add group flag

---
 README       |  1 -
 exmachina.py | 19 +++++++++++++++----
 init_test.sh |  2 +-
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/README b/README
index a32c938..518cfa6 100644
--- a/README
+++ b/README
@@ -17,7 +17,6 @@ Features:
 * call init.d service scripts: status, start, stop, restart
 
 TODO:
-* add --group argument, chgrp, and 0660 permissions on socket file
 * add apt-get package installation/removal methods
 * add/handle one or two common non-augeas configuration methods (eg, timezone?)
 * use /var/lib/exmachina/<something> as socket instead of /tmp/exmachina.sock?
diff --git a/exmachina.py b/exmachina.py
index 6803f5d..ab8ceee 100755
--- a/exmachina.py
+++ b/exmachina.py
@@ -30,6 +30,7 @@ client in the same way. The init_test.sh script demonstrates this mechanism.
 
 import os
 import sys
+import grp
 import argparse
 import logging
 import socket
@@ -214,7 +215,7 @@ class ExMachinaClient():
         self.sock.close()
 
 
-def run_server(socket_path, secret_key=None):
+def run_server(socket_path, secret_key=None, socket_group=None):
 
     if not 0 == os.geteuid():
         log.warn("Expected to be running as root!")
@@ -225,8 +226,13 @@ def run_server(socket_path, secret_key=None):
     sock.bind(socket_path)
     sock.listen(1)
 
-    # TODO: www-data group permissions only?
-    os.chmod(socket_path, 0666)
+    if socket_group is not None:
+        socket_uid = os.stat(socket_path).st_uid
+        socket_gid = grp.getgrnam(socket_group).gr_gid
+        os.chmod(socket_path, 0660)
+        os.chown(socket_path, socket_uid, socket_gid)
+    else:
+        os.chmod(socket_path, 0666)
     if secret_key:
         ExMachinaHandler.secret_key = secret_key
 
@@ -311,6 +317,9 @@ def main():
         default=None,
         help="Daemonize and write pid to this file",
         metavar="FILE")
+    parser.add_argument("-g", "--group",
+        default=None,
+        help="chgrp socket file to this group and set 0660 permissions")
 
     args = parser.parse_args()
 
@@ -351,7 +360,9 @@ def main():
             pfile.write("%s" % pid)
         log.info("Daemonized, pid is %s" % pid)
 
-    run_server(secret_key=secret_key, socket_path=args.socket_path)
+    run_server(secret_key=secret_key,
+               socket_path=args.socket_path,
+               socket_group=args.group)
 
 if __name__ == '__main__':
     main()
diff --git a/init_test.sh b/init_test.sh
index c53d76b..941285d 100755
--- a/init_test.sh
+++ b/init_test.sh
@@ -4,7 +4,7 @@
 
 export key=`./exmachina.py --random-key`
 
-echo $key | ./exmachina.py -vk --pidfile /tmp/exmachina_test.pid
+echo $key | ./exmachina.py -vk --pidfile /tmp/exmachina_test.pid -g www-data
 sleep 1
 echo $key | sudo -u www-data -g www-data ./test_exmachina.py -k
 
-- 
cgit v1.2.3