diff options
author | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-06-19 14:59:50 -0400 |
---|---|---|
committer | Chris St. Pierre <chris.a.st.pierre@gmail.com> | 2013-06-19 14:59:50 -0400 |
commit | 7d53dd1afe826fc6537d3a747fb3737cd011dec6 (patch) | |
tree | c3a91681d6afccd718bcd5870cb39581019d5543 | |
parent | ead3723f443f37d97cb45d26fddaaaa013f5edfa (diff) | |
download | bcfg2-7d53dd1afe826fc6537d3a747fb3737cd011dec6.tar.gz bcfg2-7d53dd1afe826fc6537d3a747fb3737cd011dec6.tar.bz2 bcfg2-7d53dd1afe826fc6537d3a747fb3737cd011dec6.zip |
Core: rewrite $HOME after dropping privs
-rw-r--r-- | src/lib/Bcfg2/Server/Core.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py index 6e0d38418..f44634d35 100644 --- a/src/lib/Bcfg2/Server/Core.py +++ b/src/lib/Bcfg2/Server/Core.py @@ -3,6 +3,7 @@ implementations inherit from. """ import os import sys +import pwd import time import atexit import select @@ -758,6 +759,11 @@ class BaseCore(object): os.chmod(piddir, 493) # 0775 if not self._daemonize(): return False + + # rewrite $HOME. pulp stores its auth creds in ~/.pulp, so + # this is necessary to make that work when privileges are + # dropped + os.environ['HOME'] = pwd.getpwuid(self.setup['daemon_uid'])[5] else: os.umask(int(self.setup['umask'], 8)) |