From: Simo Sorce Date: Fri, 18 Apr 2014 03:59:35 +0000 (-0400) Subject: Move fixing files functionality to tools X-Git-Tag: v0.2.2~14 X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=commitdiff_plain;h=a20178b055e783b4146925596e815a05d82b0ac6 Move fixing files functionality to tools Signed-off-by: Simo Sorce --- diff --git a/ipsilon/install/ipsilon-client-install b/ipsilon/install/ipsilon-client-install index 8802ea1..f49e351 100755 --- a/ipsilon/install/ipsilon-client-install +++ b/ipsilon/install/ipsilon-client-install @@ -133,16 +133,7 @@ def saml2(): with open(SAML2_CONFFILE, 'w+') as f: f.write(hunk) - pw = pwd.getpwnam(args['httpd_user']) - for root, dirs, files in os.walk(SAML2_HTTPDIR): - for name in dirs: - target = os.path.join(root, name) - os.chown(target, pw.pw_uid, pw.pw_gid) - os.chmod(target, 0700) - for name in files: - target = os.path.join(root, name) - os.chown(target, pw.pw_uid, pw.pw_gid) - os.chmod(target, 0600) + files.fix_user_dirs(SAML2_HTTPDIR, args['httpd_user']) logger.info('SAML Service Provider configured.') logger.info('You should be able to restart the HTTPD server and' + diff --git a/ipsilon/providers/saml2idp.py b/ipsilon/providers/saml2idp.py index 507bba2..0ac2a72 100755 --- a/ipsilon/providers/saml2idp.py +++ b/ipsilon/providers/saml2idp.py @@ -24,11 +24,11 @@ from ipsilon.providers.saml2.admin import AdminPage from ipsilon.providers.saml2.provider import IdentityProvider from ipsilon.tools.certs import Certificate from ipsilon.tools import saml2metadata as metadata +from ipsilon.tools import files from ipsilon.util.user import UserSession from ipsilon.util.plugin import PluginObject import cherrypy import lasso -import pwd import os @@ -299,13 +299,4 @@ class Installer(object): po.save_plugin_config(FACILITY) # Fixup permissions so only the ipsilon user can read these files - pw = pwd.getpwnam(opts['system_user']) - for root, dirs, files in os.walk(path): - for name in dirs: - target = os.path.join(root, name) - os.chown(target, pw.pw_uid, pw.pw_gid) - os.chmod(target, 0700) - for name in files: - target = os.path.join(root, name) - os.chown(target, pw.pw_uid, pw.pw_gid) - os.chmod(target, 0600) + files.fix_user_dirs(path, opts['system_user']) diff --git a/ipsilon/tools/files.py b/ipsilon/tools/files.py new file mode 100755 index 0000000..7f3bf7f --- /dev/null +++ b/ipsilon/tools/files.py @@ -0,0 +1,37 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Simo Sorce +# +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +import os +import pwd + + +def fix_user_dirs(path, user=None, mode=0700): + pw = None + if user: + pw = pwd.getpwnam(user) + for t in os.walk(path, topdown=False): + root, files = t[0], t[2] + for name in files: + target = os.path.join(root, name) + if pw: + os.chown(target, pw.pw_uid, pw.pw_gid) + os.chmod(target, mode & 0666) + if pw: + os.chown(root, pw.pw_uid, pw.pw_gid) + os.chmod(root, mode)