Revision 0070a462
b/lib/daemon.py | ||
---|---|---|
25 | 25 |
import asyncore |
26 | 26 |
import asynchat |
27 | 27 |
import collections |
28 |
import grp |
|
29 | 28 |
import os |
30 |
import pwd |
|
31 | 29 |
import signal |
32 | 30 |
import logging |
33 | 31 |
import sched |
... | ... | |
43 | 41 |
from ganeti import ssconf |
44 | 42 |
|
45 | 43 |
|
46 |
_DEFAULT_RUN_USER = "root" |
|
47 |
_DEFAULT_RUN_GROUP = "root" |
|
48 |
|
|
49 |
|
|
50 | 44 |
class SchedulerBreakout(Exception): |
51 | 45 |
"""Exception used to get out of the scheduler loop |
52 | 46 |
|
... | ... | |
495 | 489 |
|
496 | 490 |
def GenericMain(daemon_name, optionparser, dirs, check_fn, exec_fn, |
497 | 491 |
multithreaded=False, console_logging=False, |
498 |
default_ssl_cert=None, default_ssl_key=None, |
|
499 |
user=_DEFAULT_RUN_USER, group=_DEFAULT_RUN_GROUP): |
|
492 |
default_ssl_cert=None, default_ssl_key=None): |
|
500 | 493 |
"""Shared main function for daemons. |
501 | 494 |
|
502 | 495 |
@type daemon_name: string |
... | ... | |
522 | 515 |
@param default_ssl_cert: Default SSL certificate path |
523 | 516 |
@type default_ssl_key: string |
524 | 517 |
@param default_ssl_key: Default SSL key path |
525 |
@param user: Default user to run as |
|
526 |
@type user: string |
|
527 |
@param group: Default group to run as |
|
528 |
@type group: string |
|
529 | 518 |
|
530 | 519 |
""" |
531 | 520 |
optionparser.add_option("-f", "--foreground", dest="fork", |
... | ... | |
602 | 591 |
utils.EnsureDirs(dirs) |
603 | 592 |
|
604 | 593 |
if options.fork: |
605 |
try: |
|
606 |
uid = pwd.getpwnam(user).pw_uid |
|
607 |
gid = grp.getgrnam(group).gr_gid |
|
608 |
except KeyError: |
|
609 |
raise errors.ConfigurationError("User or group not existing on system:" |
|
610 |
" %s:%s" % (user, group)) |
|
611 | 594 |
utils.CloseFDs() |
612 |
utils.Daemonize(constants.DAEMONS_LOGFILES[daemon_name], uid, gid)
|
|
595 |
utils.Daemonize(logfile=constants.DAEMONS_LOGFILES[daemon_name])
|
|
613 | 596 |
|
614 | 597 |
utils.WritePidFile(daemon_name) |
615 | 598 |
try: |
b/lib/utils.py | ||
---|---|---|
2113 | 2113 |
logging.debug("Memory lock set") |
2114 | 2114 |
|
2115 | 2115 |
|
2116 |
def Daemonize(logfile, run_uid, run_gid):
|
|
2116 |
def Daemonize(logfile): |
|
2117 | 2117 |
"""Daemonize the current process. |
2118 | 2118 |
|
2119 | 2119 |
This detaches the current process from the controlling terminal and |
... | ... | |
2121 | 2121 |
|
2122 | 2122 |
@type logfile: str |
2123 | 2123 |
@param logfile: the logfile to which we should redirect stdout/stderr |
2124 |
@type run_uid: int |
|
2125 |
@param run_uid: Run the child under this uid |
|
2126 |
@type run_gid: int |
|
2127 |
@param run_gid: Run the child under this gid |
|
2128 | 2124 |
@rtype: int |
2129 | 2125 |
@return: the value zero |
2130 | 2126 |
|
... | ... | |
2138 | 2134 |
pid = os.fork() |
2139 | 2135 |
if (pid == 0): # The first child. |
2140 | 2136 |
os.setsid() |
2141 |
# FIXME: When removing again and moving to start-stop-daemon privilege drop |
|
2142 |
# make sure to check for config permission and bail out when invoked |
|
2143 |
# with wrong user. |
|
2144 |
os.setgid(run_gid) |
|
2145 |
os.setuid(run_uid) |
|
2146 | 2137 |
# this might fail |
2147 | 2138 |
pid = os.fork() # Fork a second child. |
2148 | 2139 |
if (pid == 0): # The second child. |
Also available in: Unified diff