Move fixing files functionality to tools

Signed-off-by: Simo Sorce <simo@redhat.com>

diff --git a/ipsilon/install/ipsilon-client-install b/ipsilon/install/ipsilon-client-install
index 8802ea1..f49e351 100755 (executable)
--- a/ipsilon/install/ipsilon-client-install
+++ b/ipsilon/install/ipsilon-client-install
@@ -133,16 +133,7 @@ def saml2():
         with open(SAML2_CONFFILE, 'w+') as f:
             f.write(hunk)
 
         with open(SAML2_CONFFILE, 'w+') as f:
             f.write(hunk)
 

-        pw = pwd.getpwnam(args['httpd_user'])
-        for root, dirs, files in os.walk(SAML2_HTTPDIR):
-            for name in dirs:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0700)
-            for name in files:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0600)
+        files.fix_user_dirs(SAML2_HTTPDIR, args['httpd_user'])

 
         logger.info('SAML Service Provider configured.')
         logger.info('You should be able to restart the HTTPD server and' +
 
         logger.info('SAML Service Provider configured.')
         logger.info('You should be able to restart the HTTPD server and' +

diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py
index 507bba2..0ac2a72 100755 (executable)
--- a/ipsilon/providers/saml2idp.py
+++ b/ipsilon/providers/saml2idp.py
@@ -24,11 +24,11 @@ from ipsilon.providers.saml2.admin import AdminPage
 from ipsilon.providers.saml2.provider import IdentityProvider
 from ipsilon.tools.certs import Certificate
 from ipsilon.tools import saml2metadata as metadata
 from ipsilon.providers.saml2.provider import IdentityProvider
 from ipsilon.tools.certs import Certificate
 from ipsilon.tools import saml2metadata as metadata

+from ipsilon.tools import files

 from ipsilon.util.user import UserSession
 from ipsilon.util.plugin import PluginObject
 import cherrypy
 import lasso
 from ipsilon.util.user import UserSession
 from ipsilon.util.plugin import PluginObject
 import cherrypy
 import lasso

-import pwd

 import os
 
 
 import os
 
 


@@ -299,13 +299,4 @@ class Installer(object):
         po.save_plugin_config(FACILITY)
 
         # Fixup permissions so only the ipsilon user can read these files
         po.save_plugin_config(FACILITY)
 
         # Fixup permissions so only the ipsilon user can read these files

-        pw = pwd.getpwnam(opts['system_user'])
-        for root, dirs, files in os.walk(path):
-            for name in dirs:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0700)
-            for name in files:
-                target = os.path.join(root, name)
-                os.chown(target, pw.pw_uid, pw.pw_gid)
-                os.chmod(target, 0600)
+        files.fix_user_dirs(path, opts['system_user'])

diff --git a/ipsilon/tools/files.py b/ipsilon/tools/files.py
new file mode 100755 (executable)
index 0000000..7f3bf7f
--- /dev/null
+++ b/ipsilon/tools/files.py
@@ -0,0 +1,37 @@
+#!/usr/bin/python
+#
+# Copyright (C) 2014  Simo Sorce <simo@redhat.com>
+#
+# see file 'COPYING' for use and warranty information
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import os
+import pwd
+
+
+def fix_user_dirs(path, user=None, mode=0700):
+    pw = None
+    if user:
+        pw = pwd.getpwnam(user)
+    for t in os.walk(path, topdown=False):
+        root, files = t[0], t[2]
+        for name in files:
+            target = os.path.join(root, name)
+            if pw:
+                os.chown(target, pw.pw_uid, pw.pw_gid)
+            os.chmod(target, mode & 0666)
+        if pw:
+            os.chown(root, pw.pw_uid, pw.pw_gid)
+        os.chmod(root, mode)