diff --git a/devstack/components/db.py b/devstack/components/db.py index 4951bdb0..ea56a509 100644 --- a/devstack/components/db.py +++ b/devstack/components/db.py @@ -62,10 +62,6 @@ DB_ACTIONS = { }, } -#annoying adjustments -RHEL_FIX_GRANTS = ['perl', '-p', '-i', '-e', "'s/^skip-grant-tables/#skip-grant-tables/g'", '/etc/my.cnf'] -UBUNTU_HOST_ADJUST = ['perl', '-p', '-i', '-e', "'s/127.0.0.1/0.0.0.0/g'", '/etc/mysql/my.cnf'] - #need to reset pw to blank since this distributions don't seem to always reset it when u uninstall the db RESET_BASE_PW = '' @@ -147,10 +143,28 @@ class DBInstaller(comp.PkgInstallComponent): dbtype = self.cfg.get("db", "type") if self.distro == settings.RHEL6 and dbtype == MYSQL: LOG.info("Fixing up %s mysql configs." % (settings.RHEL6)) - sh.execute(*RHEL_FIX_GRANTS, run_as_root=True) + fc = sh.load_file('/etc/my.cnf') + lines = fc.splitlines() + new_lines = list() + for line in lines: + if line.startswith('skip-grant-tables'): + line = '#' + line + new_lines.append(line) + fc = utils.joinlinesep(*new_lines) + with sh.Rooted(True): + sh.write_file('/etc/my.cnf', fc) elif self.distro == settings.UBUNTU11 and dbtype == MYSQL: LOG.info("Fixing up %s mysql configs." % (settings.UBUNTU11)) - sh.execute(*UBUNTU_HOST_ADJUST, run_as_root=True) + fc = sh.load_file('/etc/mysql/my.cnf') + lines = fc.splitlines() + new_lines = list() + for line in lines: + if line.startswith('bind-address'): + line = 'bind-address = %s' % ('0.0.0.0') + new_lines.append(line) + fc = utils.joinlinesep(*new_lines) + with sh.Rooted(True): + sh.write_file('/etc/mysql/my.cnf', fc) def _get_pkgs(self): return list(REQ_PKGS) diff --git a/devstack/components/horizon.py b/devstack/components/horizon.py index 0f7541e2..e50211dc 100644 --- a/devstack/components/horizon.py +++ b/devstack/components/horizon.py @@ -82,6 +82,9 @@ BAD_APACHE_USERS = ['root'] LOG = logging.getLogger("devstack.components.horizon") +#apache logs will go here +LOGS_DIR = "logs" + #the pkg json files horizon requires for installation REQ_PKGS = ['general.json', 'horizon.json'] @@ -99,7 +102,7 @@ class HorizonInstaller(comp.PythonInstallComponent): comp.PythonInstallComponent.__init__(self, TYPE, *args, **kargs) self.horizon_dir = sh.joinpths(self.appdir, ROOT_HORIZON) self.dash_dir = sh.joinpths(self.appdir, ROOT_DASH) - self.log_dir = sh.joinpths(self.component_root, "logs") + self.log_dir = sh.joinpths(self.component_root, LOGS_DIR) self._check_ug() def _get_download_locations(self): @@ -124,6 +127,9 @@ class HorizonInstaller(comp.PythonInstallComponent): if not sh.group_exists(group): msg = "No group named %s exists on this system!" % (group) raise excp.ConfigException(msg) + if user in BAD_APACHE_USERS: + msg = "You may want to adjust your configuration, (user=%s, group=%s) will not work with apache!" % (user, group) + raise excp.ConfigException(msg) def _get_pkgs(self): return list(REQ_PKGS) @@ -188,11 +194,9 @@ class HorizonInstaller(comp.PythonInstallComponent): def _rhel_fixups(self): #it seems like to get this to work - #we need to do some conf.d work which sort of sucks - #we need to make a file with the following + #we need to do some conf.d/conf work which sort of sucks (user, group) = self._get_apache_user_group() - try: - sh.root_mode() + with sh.Rooted(True): #fix the socket prefix to someplace we can use fc = "WSGISocketPrefix %s" % (sh.joinpths(self.log_dir, "wsgi-socket")) sh.write_file(RHEL_SOCKET_CONF, fc) @@ -208,8 +212,6 @@ class HorizonInstaller(comp.PythonInstallComponent): new_lines.append(line) fc = utils.joinlinesep(*new_lines) sh.write_file(RHEL_HTTPD_CONF, fc) - finally: - sh.user_mode() def post_install(self): comp.PythonInstallComponent.post_install(self) @@ -236,8 +238,6 @@ class HorizonInstaller(comp.PythonInstallComponent): mp = dict() if config_fn == HORIZON_APACHE_CONF: (user, group) = self._get_apache_user_group() - if user in BAD_APACHE_USERS: - LOG.warn("You may want to adjust your configuration, (user=%s, group=%s) will typically not work with apache!", user, group) mp['USER'] = user mp['GROUP'] = group mp['HORIZON_DIR'] = self.appdir diff --git a/devstack/runners/fork.py b/devstack/runners/fork.py index d61b704c..a8204cb1 100644 --- a/devstack/runners/fork.py +++ b/devstack/runners/fork.py @@ -71,10 +71,7 @@ class ForkRunner(object): return (killed, attempts) def stop(self, name, *args, **kargs): - root_mode = kargs.get("run_as_root", True) - try: - if root_mode: - sh.root_mode() + with sh.Rooted(kargs.get("run_as_root", True)): trace_dir = kargs.get("trace_dir") if not trace_dir or not sh.isdir(trace_dir): msg = "No trace directory found from which to stop %s" % (name) @@ -102,9 +99,6 @@ class ForkRunner(object): else: msg = "No pid or trace file could be found to stop %s in directory %s" % (name, trace_dir) raise excp.StopException(msg) - finally: - if root_mode: - sh.user_mode() def _form_file_names(self, tracedir, file_name): pidfile = sh.joinpths(tracedir, file_name + ".pid") @@ -165,7 +159,6 @@ class ForkRunner(object): def start(self, name, program, *args, **kargs): tracedir = kargs.get("trace_dir") appdir = kargs.get("app_dir") - root_mode = kargs.get("run_as_root", True) fn_name = FORK_TEMPL % (name) (pidfile, stderrfn, stdoutfn) = self._form_file_names(tracedir, fn_name) tracefn = tr.touch_trace(tracedir, fn_name) @@ -176,11 +169,6 @@ class ForkRunner(object): runtrace.trace(STDOUT_FN, stdoutfn) runtrace.trace(ARGS, json.dumps(args)) LOG.info("Forking [%s] by running command [%s]" % (name, program)) - try: - if root_mode: - sh.root_mode() + with sh.Rooted(kargs.get("run_as_root", True)): self._fork_start(program, appdir, pidfile, stdoutfn, stderrfn, *args) - finally: - if root_mode: - sh.user_mode() return tracefn diff --git a/devstack/shell.py b/devstack/shell.py index 92c99ed3..d4a14332 100644 --- a/devstack/shell.py +++ b/devstack/shell.py @@ -184,16 +184,6 @@ def _gen_password(pw_len): return stdout.strip() -def write_file_su(fn, text, flush=True): - with tempfile.NamedTemporaryFile() as fh: - tmp_fn = fh.name - fh.write(text) - if flush: - fh.flush() - cmd = ['cp', tmp_fn, fn] - execute(*cmd, run_as_root=True) - - def prompt_password(pw_prompt=None): if pw_prompt: rc = getpass.getpass(pw_prompt) @@ -479,16 +469,17 @@ def got_root(): def root_mode(): - uid_gid = (getuid(ROOT_USER), getgid(ROOT_USER)) - if uid_gid[0] is None or uid_gid[1] is None: + root_uid = getuid(ROOT_USER) + root_gid = getgid(ROOT_USER) + if root_uid is None or root_gid is None: LOG.warn("Cannot escalate permissions to (user=%s) - does that user exist??" % (ROOT_USER)) else: try: - LOG.debug("Escalating permissions to (user=%s, group=%s)" % (uid_gid[0], uid_gid[1])) - os.setreuid(0, uid_gid[0]) - os.setregid(0, uid_gid[1]) + LOG.debug("Escalating permissions to (user=%s, group=%s)" % (root_uid, root_gid)) + os.setreuid(0, root_uid) + os.setregid(0, root_gid) except: - LOG.warn("Cannot escalate permissions to (user=%s, group=%s)" % (uid_gid[0], uid_gid[1])) + LOG.warn("Cannot escalate permissions to (user=%s, group=%s)" % (root_uid, root_gid)) def user_mode(): diff --git a/devstack/utils.py b/devstack/utils.py index 5d5b35e2..f249fb90 100644 --- a/devstack/utils.py +++ b/devstack/utils.py @@ -115,9 +115,7 @@ def load_json(fn): def get_host_ip(def_net_ifcs, def_ip_version): ip = None ifc = None - interfaces = get_interfaces() - for net_ifc in def_net_ifcs: def_info = interfaces.get(net_ifc) if def_info: