diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/Client/Tools/POSIX.py | 34 | ||||
-rw-r--r-- | src/lib/Server/Plugins/Account.py | 8 | ||||
-rw-r--r-- | src/lib/Server/Plugins/Cfg.py | 2 | ||||
-rw-r--r-- | src/lib/Server/Plugins/Hostbase.py | 2 | ||||
-rw-r--r-- | src/lib/Server/Plugins/SSHbase.py | 4 | ||||
-rw-r--r-- | src/lib/Server/Plugins/TCheetah.py | 2 | ||||
-rw-r--r-- | src/lib/Server/Plugins/Vhost.py | 4 |
7 files changed, 36 insertions, 20 deletions
diff --git a/src/lib/Client/Tools/POSIX.py b/src/lib/Client/Tools/POSIX.py index 1cc448782..6dcece8e2 100644 --- a/src/lib/Client/Tools/POSIX.py +++ b/src/lib/Client/Tools/POSIX.py @@ -22,6 +22,28 @@ def calcPerms(initial, perms): tempperms |= perm return tempperms +def normUid(entry): + '''This takes a user name or uid and returns the corrisponding uid or False''' + try: + try: + return int(entry.get('owner')) + except: + return int(pwd.getpwnam(entry.get('owner'))[2]) + except (OSError, KeyError): + self.logger.error('UID normalization failed for %s' % (entry.get('name'))) + return False + +def normGid(entry): + '''This takes a group name or gid and returns the corrisponding gid or False''' + try: + try: + return int(entry.get('group')) + except: + return int(grp.getgrnam(entry.get('group'))[2]) + except (OSError, KeyError): + self.logger.error('GID normalization failed for %s' % (entry.get('name'))) + return False + class POSIX(Bcfg2.Client.Tools.Tool): '''POSIX File support code''' __name__ = 'POSIX' @@ -95,11 +117,7 @@ class POSIX(Bcfg2.Client.Tools.Tool): except (OSError, KeyError): self.logger.error('User/Group resolution failed for path %s' % (entry.get('name'))) owner = 'root' - try: - grp.getgrnam('root') - group = 'root' - except KeyError: - group = 'system' + group = '0' finfo = os.stat(entry.get('name')) perms = oct(finfo[ST_MODE])[-4:] if entry.get('mtime', '-1') != '-1': @@ -205,8 +223,7 @@ class POSIX(Bcfg2.Client.Tools.Tool): def InstallPermissions(self, entry): '''Install POSIX Permissions''' try: - os.chown(entry.get('name'), - pwd.getpwnam(entry.get('owner'))[2], grp.getgrnam(entry.get('group'))[2]) + os.chown(entry.get('name'), normUid(entry), normGid(entry)) os.chmod(entry.get('name'), calcPerms(S_IFDIR, entry.get('perms'))) return True except (OSError, KeyError): @@ -304,8 +321,7 @@ class POSIX(Bcfg2.Client.Tools.Tool): newfile.write(filedata) newfile.close() try: - os.chown(newfile.name, pwd.getpwnam(entry.get('owner'))[2], - grp.getgrnam(entry.get('group'))[2]) + os.chown(newfile.name, normUid(entry), normGid(entry)) except KeyError: self.logger.error("Failed to chown %s to %s:%s" % \ (entry.get('name'), entry.get('owner'), diff --git a/src/lib/Server/Plugins/Account.py b/src/lib/Server/Plugins/Account.py index bf530af4d..96d242100 100644 --- a/src/lib/Server/Plugins/Account.py +++ b/src/lib/Server/Plugins/Account.py @@ -34,7 +34,7 @@ class Account(Bcfg2.Server.Plugin.Plugin): fname = entry.attrib['name'].split('/')[-1] entry.text = self.repository.entries["static.%s" % (fname)].data entry.text += self.repository.entries["dyn.%s" % (fname)].data - perms = {'owner':'root', 'group':'root', 'perms':'0644'} + perms = {'owner':'root', 'group':'0', 'perms':'0644'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] def gen_limits_cb(self, entry, metadata): @@ -43,7 +43,7 @@ class Account(Bcfg2.Server.Plugin.Plugin): superusers = self.repository.entries["superusers"].data.split() useraccess = [line.split(':') for line in self.repository.entries["useraccess"].data.split()] users = [user for (user, host) in useraccess if host == metadata.hostname.split('.')[0]] - perms = {'owner':'root', 'group':'root', 'perms':'0600'} + perms = {'owner':'root', 'group':'0', 'perms':'0600'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] entry.text += "".join(["%s hard maxlogins 1024\n" % uname for uname in superusers + users]) if "*" not in users: @@ -56,7 +56,7 @@ class Account(Bcfg2.Server.Plugin.Plugin): superusers += [user for (user, host) in rootlike if host == metadata.hostname.split('.')[0]] rdata = self.repository.entries entry.text = "".join([rdata["%s.key" % user].data for user in superusers if rdata.has_key("%s.key" % user)]) - perms = {'owner':'root', 'group':'root', 'perms':'0600'} + perms = {'owner':'root', 'group':'0', 'perms':'0600'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] def gen_sudoers(self, entry, metadata): @@ -66,5 +66,5 @@ class Account(Bcfg2.Server.Plugin.Plugin): superusers += [user for (user, host) in rootlike if host == metadata.hostname.split('.')[0]] rdata = self.repository.entries entry.text = self.repository.entries['static.sudoers'].data%",".join(superusers) - perms = {'owner':'root', 'group':'root', 'perms':'0400'} + perms = {'owner':'root', 'group':'0', 'perms':'0400'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] diff --git a/src/lib/Server/Plugins/Cfg.py b/src/lib/Server/Plugins/Cfg.py index 084a14b3c..ad1711d01 100644 --- a/src/lib/Server/Plugins/Cfg.py +++ b/src/lib/Server/Plugins/Cfg.py @@ -88,7 +88,7 @@ class ConfigFileEntry(object): self.path = path self.repopath = repopath self.fragments = [] - self.metadata = {'encoding': 'ascii', 'owner':'root', 'group':'root', 'perms':'0644'} + self.metadata = {'encoding': 'ascii', 'owner':'root', 'group':'0', 'perms':'0644'} self.paranoid = False self.interpolate = False diff --git a/src/lib/Server/Plugins/Hostbase.py b/src/lib/Server/Plugins/Hostbase.py index dcd77f16a..83ec6d0b0 100644 --- a/src/lib/Server/Plugins/Hostbase.py +++ b/src/lib/Server/Plugins/Hostbase.py @@ -80,7 +80,7 @@ class Hostbase(Plugin): fname = entry.get('name').split('/')[-1] if not self.filedata.has_key(fname): raise PluginExecutionError - perms = {'owner':'root', 'group':'root', 'perms':'644'} + perms = {'owner':'root', 'group':'0', 'perms':'644'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] entry.text = self.filedata[fname] diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py index 0d9cd1c82..0e473e29b 100644 --- a/src/lib/Server/Plugins/SSHbase.py +++ b/src/lib/Server/Plugins/SSHbase.py @@ -123,7 +123,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin): for hostkey in hostkeys: entry.text += "localhost,localhost.localdomain,127.0.0.1 %s" % ( self.repository.entries[hostkey].data) - permdata = {'owner':'root', 'group':'root', 'perms':'0644'} + permdata = {'owner':'root', 'group':'0', 'perms':'0644'} [entry.attrib.__setitem__(key, permdata[key]) for key in permdata] def build_hk(self, entry, metadata): @@ -138,7 +138,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin): self.logger.error("%s still not registered" % filename) raise Bcfg2.Server.Plugin.PluginExecutionError keydata = self.repository.entries[filename].data - permdata = {'owner':'root', 'group':'root'} + permdata = {'owner':'root', 'group':'0'} permdata['perms'] = '0600' if entry.get('name')[-4:] == '.pub': permdata['perms'] = '0644' diff --git a/src/lib/Server/Plugins/TCheetah.py b/src/lib/Server/Plugins/TCheetah.py index 790218147..748d4cd14 100644 --- a/src/lib/Server/Plugins/TCheetah.py +++ b/src/lib/Server/Plugins/TCheetah.py @@ -14,7 +14,7 @@ class TemplateFile: self.name = name self.properties = properties self.states = {'template': False, 'info': False} - self.metadata = {'owner': 'root', 'group': 'root', 'perms': '644'} + self.metadata = {'owner': 'root', 'group': '0', 'perms': '644'} def HandleEvent(self, event): '''Handle all fs events for this template''' diff --git a/src/lib/Server/Plugins/Vhost.py b/src/lib/Server/Plugins/Vhost.py index 5c38cd19e..56b012aa4 100644 --- a/src/lib/Server/Plugins/Vhost.py +++ b/src/lib/Server/Plugins/Vhost.py @@ -69,7 +69,7 @@ class VhostFile(SingleXMLFileBacked): entry.text = 'NO_START=0\n' else: entry.text = 'NO_START=1\n' - perms = {'owner':'root', 'group':'root', 'perms':'0644'} + perms = {'owner':'root', 'group':'0', 'perms':'0644'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] def generateApacheSvc(self, entry, metadata): @@ -99,7 +99,7 @@ class VhostFile(SingleXMLFileBacked): line = line.replace("XXchoiceXX", choice) config += line entry.text = base64.encodestring(config) - perms = {'owner':'root', 'group':'root', 'perms':'0644', 'encoding':'base64'} + perms = {'owner':'root', 'group':'0', 'perms':'0644', 'encoding':'base64'} [entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()] class Vhost(Plugin): |