diff options
| author | bnewbold <bnewbold@robocracy.org> | 2012-07-24 12:15:56 -0700 |
|---|---|---|
| committer | bnewbold <bnewbold@robocracy.org> | 2012-07-24 12:15:56 -0700 |
| commit | 9f2871ebd77e3d862ffd0e940747d684ddc7e1f9 (patch) | |
| tree | 61acedc0e91a1e321f0ec0e48e3e1816001f3f90 | |
| parent | 0e36e75866cccf6e4ec5350713aeb47ef87844af (diff) | |
| download | exmachina-9f2871ebd77e3d862ffd0e940747d684ddc7e1f9.tar.gz exmachina-9f2871ebd77e3d862ffd0e940747d684ddc7e1f9.zip | |
add group flag
| -rw-r--r-- | README | 1 | ||||
| -rwxr-xr-x | exmachina.py | 19 | ||||
| -rwxr-xr-x | init_test.sh | 2 |
3 files changed, 16 insertions, 6 deletions
@@ -17,7 +17,6 @@ Features: * call init.d service scripts: status, start, stop, restart TODO: -* add --group argument, chgrp, and 0660 permissions on socket file * add apt-get package installation/removal methods * add/handle one or two common non-augeas configuration methods (eg, timezone?) * use /var/lib/exmachina/<something> as socket instead of /tmp/exmachina.sock? diff --git a/exmachina.py b/exmachina.py index 6803f5d..ab8ceee 100755 --- a/exmachina.py +++ b/exmachina.py @@ -30,6 +30,7 @@ client in the same way. The init_test.sh script demonstrates this mechanism. import os import sys +import grp import argparse import logging import socket @@ -214,7 +215,7 @@ class ExMachinaClient(): self.sock.close() -def run_server(socket_path, secret_key=None): +def run_server(socket_path, secret_key=None, socket_group=None): if not 0 == os.geteuid(): log.warn("Expected to be running as root!") @@ -225,8 +226,13 @@ def run_server(socket_path, secret_key=None): sock.bind(socket_path) sock.listen(1) - # TODO: www-data group permissions only? - os.chmod(socket_path, 0666) + if socket_group is not None: + socket_uid = os.stat(socket_path).st_uid + socket_gid = grp.getgrnam(socket_group).gr_gid + os.chmod(socket_path, 0660) + os.chown(socket_path, socket_uid, socket_gid) + else: + os.chmod(socket_path, 0666) if secret_key: ExMachinaHandler.secret_key = secret_key @@ -311,6 +317,9 @@ def main(): default=None, help="Daemonize and write pid to this file", metavar="FILE") + parser.add_argument("-g", "--group", + default=None, + help="chgrp socket file to this group and set 0660 permissions") args = parser.parse_args() @@ -351,7 +360,9 @@ def main(): pfile.write("%s" % pid) log.info("Daemonized, pid is %s" % pid) - run_server(secret_key=secret_key, socket_path=args.socket_path) + run_server(secret_key=secret_key, + socket_path=args.socket_path, + socket_group=args.group) if __name__ == '__main__': main() diff --git a/init_test.sh b/init_test.sh index c53d76b..941285d 100755 --- a/init_test.sh +++ b/init_test.sh @@ -4,7 +4,7 @@ export key=`./exmachina.py --random-key` -echo $key | ./exmachina.py -vk --pidfile /tmp/exmachina_test.pid +echo $key | ./exmachina.py -vk --pidfile /tmp/exmachina_test.pid -g www-data sleep 1 echo $key | sudo -u www-data -g www-data ./test_exmachina.py -k |