From a9c5489121c68e9905dfdfc4d9a19bacb7ae47c9 Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Thu, 10 Aug 2017 10:37:42 +0200 Subject: [PATCH] Adding check of all necessary directories --- pp_lib/config_named_app.py | 102 +++++++++++++++++++++++++++++++++++-- 1 file changed, 99 insertions(+), 3 deletions(-) diff --git a/pp_lib/config_named_app.py b/pp_lib/config_named_app.py index 2cba079..828cfad 100644 --- a/pp_lib/config_named_app.py +++ b/pp_lib/config_named_app.py @@ -25,6 +25,7 @@ import time import datetime import textwrap import ipaddress +import stat # Third party modules import six @@ -39,7 +40,7 @@ from .cfg_app import PpCfgAppError, PpConfigApplication from .pidfile import PidFileError, InvalidPidFileError, PidFileInUseError, PidFile -__version__ = '0.6.3' +__version__ = '0.6.4' LOG = logging.getLogger(__name__) @@ -800,8 +801,8 @@ class PpConfigNamedApp(PpConfigApplication): LOG.debug("You are a member of the groups:\n{}".format(group_ids)) if self.named_group in group_ids: LOG.warn(( - "But hey - this is simulation mode, " - "and you are a member of group {!r} ...").format( + "But hey - this is simulation mode, and and so it's " + "sufficient to be a member of group {!r} ...").format( self.named_group)) else: LOG.error(( @@ -826,6 +827,7 @@ class PpConfigNamedApp(PpConfigApplication): self.init_temp_objects() self.create_temp_files() self.compare_files() + self.check_directories() finally: if self.tempdir: @@ -1490,6 +1492,100 @@ class PpConfigNamedApp(PpConfigApplication): return True + # ------------------------------------------------------------------------- + def check_directories(self): + + LOG.info("Checking all necessary directories for existence and ownership.") + all_ok = True + + self.check_directory(self.named_conf_dir) + self.check_directory(self.named_basedir, None, self.named_gid, 0o750) + self.check_directory(self.named_datadir_abs, self.named_uid, self.named_gid, 0o770) + self.check_directory(self.named_dump_dir, self.named_uid, self.named_gid, 0o770) + self.check_directory(self.named_stats_dir, self.named_uid, self.named_gid, 0o770) + self.check_directory(self.named_slavedir_abs, self.named_uid, self.named_gid, 0o770) + self.check_directory(self.named_managed_keysdir, self.named_uid, self.named_gid, 0o770) + self.check_directory(self.named_logdir, self.named_uid, self.named_gid, 0o755) + + # ------------------------------------------------------------------------- + def check_directory(self, dirname, owner_id=None, group_id=None, mode=None): + + LOG.debug("Checking directory {!r} ...".format(dirname)) + + if not os.path.exists(dirname): + LOG.info("Creating directory {!r} ...".format(dirname)) + if not self.simulate: + os.makedirs(dirname, mode=0o755) + elif not os.path.isdir(dirname): + LOG.error("Path {!r} exists, but is not a directory.".format(dirname)) + return False + else: + LOG.debug("Directory {!r} already exists.".format(dirname)) + + fstat = None + if os.path.exists(dirname): + fstat = os.lstat(dirname) + else: + fstat = os.lstat('/etc') + + uid_set = -1 + gid_set = -1 + if owner_id is not None: + if fstat.st_uid != owner_id: + uid_set = owner_id + if group_id is not None: + if fstat.st_gid != group_id: + gid_set = group_id + + if owner_id is not None and group_id is not None: + cur_user = fstat.st_uid + cur_group = fstat.st_gid + try: + cur_user = '{!r}'.format(pwd.getpwuid(fstat.st_uid).pw_name) + except KeyError as e: + LOG.warn("User id {} not known: {}".format(fstat.st_uid, e)) + try: + cur_group = '{!r}'.format(grp.getgrgid(fstat.st_gid).gr_name) + except KeyError as e: + LOG.warn("Group id {} not known: {}".format(fstat.st_gid, e)) + LOG.debug("Current owners of {!r} are {}:{} ({}:{}).".format( + dirname, fstat.st_uid, fstat.st_gid, cur_user, cur_group)) + + if uid_set != -1 or gid_set != -1: + LOG.info("Setting ownership of {!r} to {}:{} ...".format( + dirname, uid_set, gid_set)) + if not self.simulate: + os.chown(dirname, uid_set, gid_set) + + if mode is not None: + current_permissions = stat.S_IMODE(fstat.st_mode) + LOG.debug("Current permissions of {!r} are {:04o}.".format( + dirname, current_permissions)) + new_mode = mode + + if new_mode & stat.S_IWUSR: + new_mode |= stat.S_IRUSR + if new_mode & stat.S_IRUSR: + new_mode |= stat.S_IXUSR + + if new_mode & stat.S_IWGRP: + new_mode |= stat.S_IRGRP + if new_mode & stat.S_IRGRP: + new_mode |= stat.S_IXGRP + + if new_mode & stat.S_IWOTH: + new_mode |= stat.S_IROTH + if new_mode & stat.S_IROTH: + new_mode |= stat.S_IXOTH + + if new_mode != current_permissions: + LOG.info("Setting permissions of {!r} to {:04o} ...".format( + dirname, new_mode)) + if not self.simulate: + os.chmod(dirname, new_mode) + + return True + # ============================================================================= if __name__ == "__main__": -- 2.39.5