More usage of root context, fixing the previous uses.
This commit is contained in:
Joshua Harlow
parent
48b96f81d7
commit
3fa50011ca
@ -62,10 +62,6 @@ DB_ACTIONS = {
|
||||
},
|
||||
}
|
||||
|
||||
#annoying adjustments
|
||||
RHEL_FIX_GRANTS = ['perl', '-p', '-i', '-e', "'s/^skip-grant-tables/#skip-grant-tables/g'", '/etc/my.cnf']
|
||||
UBUNTU_HOST_ADJUST = ['perl', '-p', '-i', '-e', "'s/127.0.0.1/0.0.0.0/g'", '/etc/mysql/my.cnf']
|
||||
|
||||
#need to reset pw to blank since this distributions don't seem to always reset it when u uninstall the db
|
||||
RESET_BASE_PW = ''
|
||||
|
||||
@ -147,10 +143,28 @@ class DBInstaller(comp.PkgInstallComponent):
|
||||
dbtype = self.cfg.get("db", "type")
|
||||
if self.distro == settings.RHEL6 and dbtype == MYSQL:
|
||||
LOG.info("Fixing up %s mysql configs." % (settings.RHEL6))
|
||||
sh.execute(*RHEL_FIX_GRANTS, run_as_root=True)
|
||||
fc = sh.load_file('/etc/my.cnf')
|
||||
lines = fc.splitlines()
|
||||
new_lines = list()
|
||||
for line in lines:
|
||||
if line.startswith('skip-grant-tables'):
|
||||
line = '#' + line
|
||||
new_lines.append(line)
|
||||
fc = utils.joinlinesep(*new_lines)
|
||||
with sh.Rooted(True):
|
||||
sh.write_file('/etc/my.cnf', fc)
|
||||
elif self.distro == settings.UBUNTU11 and dbtype == MYSQL:
|
||||
LOG.info("Fixing up %s mysql configs." % (settings.UBUNTU11))
|
||||
sh.execute(*UBUNTU_HOST_ADJUST, run_as_root=True)
|
||||
fc = sh.load_file('/etc/mysql/my.cnf')
|
||||
lines = fc.splitlines()
|
||||
new_lines = list()
|
||||
for line in lines:
|
||||
if line.startswith('bind-address'):
|
||||
line = 'bind-address = %s' % ('0.0.0.0')
|
||||
new_lines.append(line)
|
||||
fc = utils.joinlinesep(*new_lines)
|
||||
with sh.Rooted(True):
|
||||
sh.write_file('/etc/mysql/my.cnf', fc)
|
||||
|
||||
def _get_pkgs(self):
|
||||
return list(REQ_PKGS)
|
||||
|
||||
@ -82,6 +82,9 @@ BAD_APACHE_USERS = ['root']
|
||||
|
||||
LOG = logging.getLogger("devstack.components.horizon")
|
||||
|
||||
#apache logs will go here
|
||||
LOGS_DIR = "logs"
|
||||
|
||||
#the pkg json files horizon requires for installation
|
||||
REQ_PKGS = ['general.json', 'horizon.json']
|
||||
|
||||
@ -99,7 +102,7 @@ class HorizonInstaller(comp.PythonInstallComponent):
|
||||
comp.PythonInstallComponent.__init__(self, TYPE, *args, **kargs)
|
||||
self.horizon_dir = sh.joinpths(self.appdir, ROOT_HORIZON)
|
||||
self.dash_dir = sh.joinpths(self.appdir, ROOT_DASH)
|
||||
self.log_dir = sh.joinpths(self.component_root, "logs")
|
||||
self.log_dir = sh.joinpths(self.component_root, LOGS_DIR)
|
||||
self._check_ug()
|
||||
|
||||
def _get_download_locations(self):
|
||||
@ -124,6 +127,9 @@ class HorizonInstaller(comp.PythonInstallComponent):
|
||||
if not sh.group_exists(group):
|
||||
msg = "No group named %s exists on this system!" % (group)
|
||||
raise excp.ConfigException(msg)
|
||||
if user in BAD_APACHE_USERS:
|
||||
msg = "You may want to adjust your configuration, (user=%s, group=%s) will not work with apache!" % (user, group)
|
||||
raise excp.ConfigException(msg)
|
||||
|
||||
def _get_pkgs(self):
|
||||
return list(REQ_PKGS)
|
||||
@ -188,11 +194,9 @@ class HorizonInstaller(comp.PythonInstallComponent):
|
||||
|
||||
def _rhel_fixups(self):
|
||||
#it seems like to get this to work
|
||||
#we need to do some conf.d work which sort of sucks
|
||||
#we need to make a file with the following
|
||||
#we need to do some conf.d/conf work which sort of sucks
|
||||
(user, group) = self._get_apache_user_group()
|
||||
try:
|
||||
sh.root_mode()
|
||||
with sh.Rooted(True):
|
||||
#fix the socket prefix to someplace we can use
|
||||
fc = "WSGISocketPrefix %s" % (sh.joinpths(self.log_dir, "wsgi-socket"))
|
||||
sh.write_file(RHEL_SOCKET_CONF, fc)
|
||||
@ -208,8 +212,6 @@ class HorizonInstaller(comp.PythonInstallComponent):
|
||||
new_lines.append(line)
|
||||
fc = utils.joinlinesep(*new_lines)
|
||||
sh.write_file(RHEL_HTTPD_CONF, fc)
|
||||
finally:
|
||||
sh.user_mode()
|
||||
|
||||
def post_install(self):
|
||||
comp.PythonInstallComponent.post_install(self)
|
||||
@ -236,8 +238,6 @@ class HorizonInstaller(comp.PythonInstallComponent):
|
||||
mp = dict()
|
||||
if config_fn == HORIZON_APACHE_CONF:
|
||||
(user, group) = self._get_apache_user_group()
|
||||
if user in BAD_APACHE_USERS:
|
||||
LOG.warn("You may want to adjust your configuration, (user=%s, group=%s) will typically not work with apache!", user, group)
|
||||
mp['USER'] = user
|
||||
mp['GROUP'] = group
|
||||
mp['HORIZON_DIR'] = self.appdir
|
||||
|
||||
@ -71,10 +71,7 @@ class ForkRunner(object):
|
||||
return (killed, attempts)
|
||||
|
||||
def stop(self, name, *args, **kargs):
|
||||
root_mode = kargs.get("run_as_root", True)
|
||||
try:
|
||||
if root_mode:
|
||||
sh.root_mode()
|
||||
with sh.Rooted(kargs.get("run_as_root", True)):
|
||||
trace_dir = kargs.get("trace_dir")
|
||||
if not trace_dir or not sh.isdir(trace_dir):
|
||||
msg = "No trace directory found from which to stop %s" % (name)
|
||||
@ -102,9 +99,6 @@ class ForkRunner(object):
|
||||
else:
|
||||
msg = "No pid or trace file could be found to stop %s in directory %s" % (name, trace_dir)
|
||||
raise excp.StopException(msg)
|
||||
finally:
|
||||
if root_mode:
|
||||
sh.user_mode()
|
||||
|
||||
def _form_file_names(self, tracedir, file_name):
|
||||
pidfile = sh.joinpths(tracedir, file_name + ".pid")
|
||||
@ -165,7 +159,6 @@ class ForkRunner(object):
|
||||
def start(self, name, program, *args, **kargs):
|
||||
tracedir = kargs.get("trace_dir")
|
||||
appdir = kargs.get("app_dir")
|
||||
root_mode = kargs.get("run_as_root", True)
|
||||
fn_name = FORK_TEMPL % (name)
|
||||
(pidfile, stderrfn, stdoutfn) = self._form_file_names(tracedir, fn_name)
|
||||
tracefn = tr.touch_trace(tracedir, fn_name)
|
||||
@ -176,11 +169,6 @@ class ForkRunner(object):
|
||||
runtrace.trace(STDOUT_FN, stdoutfn)
|
||||
runtrace.trace(ARGS, json.dumps(args))
|
||||
LOG.info("Forking [%s] by running command [%s]" % (name, program))
|
||||
try:
|
||||
if root_mode:
|
||||
sh.root_mode()
|
||||
with sh.Rooted(kargs.get("run_as_root", True)):
|
||||
self._fork_start(program, appdir, pidfile, stdoutfn, stderrfn, *args)
|
||||
finally:
|
||||
if root_mode:
|
||||
sh.user_mode()
|
||||
return tracefn
|
||||
|
||||
@ -184,16 +184,6 @@ def _gen_password(pw_len):
|
||||
return stdout.strip()
|
||||
|
||||
|
||||
def write_file_su(fn, text, flush=True):
|
||||
with tempfile.NamedTemporaryFile() as fh:
|
||||
tmp_fn = fh.name
|
||||
fh.write(text)
|
||||
if flush:
|
||||
fh.flush()
|
||||
cmd = ['cp', tmp_fn, fn]
|
||||
execute(*cmd, run_as_root=True)
|
||||
|
||||
|
||||
def prompt_password(pw_prompt=None):
|
||||
if pw_prompt:
|
||||
rc = getpass.getpass(pw_prompt)
|
||||
@ -479,16 +469,17 @@ def got_root():
|
||||
|
||||
|
||||
def root_mode():
|
||||
uid_gid = (getuid(ROOT_USER), getgid(ROOT_USER))
|
||||
if uid_gid[0] is None or uid_gid[1] is None:
|
||||
root_uid = getuid(ROOT_USER)
|
||||
root_gid = getgid(ROOT_USER)
|
||||
if root_uid is None or root_gid is None:
|
||||
LOG.warn("Cannot escalate permissions to (user=%s) - does that user exist??" % (ROOT_USER))
|
||||
else:
|
||||
try:
|
||||
LOG.debug("Escalating permissions to (user=%s, group=%s)" % (uid_gid[0], uid_gid[1]))
|
||||
os.setreuid(0, uid_gid[0])
|
||||
os.setregid(0, uid_gid[1])
|
||||
LOG.debug("Escalating permissions to (user=%s, group=%s)" % (root_uid, root_gid))
|
||||
os.setreuid(0, root_uid)
|
||||
os.setregid(0, root_gid)
|
||||
except:
|
||||
LOG.warn("Cannot escalate permissions to (user=%s, group=%s)" % (uid_gid[0], uid_gid[1]))
|
||||
LOG.warn("Cannot escalate permissions to (user=%s, group=%s)" % (root_uid, root_gid))
|
||||
|
||||
|
||||
def user_mode():
|
||||
|
||||
@ -115,9 +115,7 @@ def load_json(fn):
|
||||
def get_host_ip(def_net_ifcs, def_ip_version):
|
||||
ip = None
|
||||
ifc = None
|
||||
|
||||
interfaces = get_interfaces()
|
||||
|
||||
for net_ifc in def_net_ifcs:
|
||||
def_info = interfaces.get(net_ifc)
|
||||
if def_info:
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user