Revision 743b53d4
| b/lib/daemon.py | ||
|---|---|---|
| 24 | 24 |
|
| 25 | 25 |
import asyncore |
| 26 | 26 |
import asynchat |
| 27 |
import grp |
|
| 27 | 28 |
import os |
| 29 |
import pwd |
|
| 28 | 30 |
import signal |
| 29 | 31 |
import logging |
| 30 | 32 |
import sched |
| ... | ... | |
| 38 | 40 |
from ganeti import errors |
| 39 | 41 |
|
| 40 | 42 |
|
| 43 |
_DEFAULT_RUN_USER = "root" |
|
| 44 |
_DEFAULT_RUN_GROUP = "root" |
|
| 45 |
|
|
| 46 |
|
|
| 41 | 47 |
class SchedulerBreakout(Exception): |
| 42 | 48 |
"""Exception used to get out of the scheduler loop |
| 43 | 49 |
|
| ... | ... | |
| 434 | 440 |
|
| 435 | 441 |
def GenericMain(daemon_name, optionparser, dirs, check_fn, exec_fn, |
| 436 | 442 |
multithreaded=False, console_logging=False, |
| 437 |
default_ssl_cert=None, default_ssl_key=None): |
|
| 443 |
default_ssl_cert=None, default_ssl_key=None, |
|
| 444 |
user=_DEFAULT_RUN_USER, group=_DEFAULT_RUN_GROUP): |
|
| 438 | 445 |
"""Shared main function for daemons. |
| 439 | 446 |
|
| 440 | 447 |
@type daemon_name: string |
| ... | ... | |
| 460 | 467 |
@param default_ssl_cert: Default SSL certificate path |
| 461 | 468 |
@type default_ssl_key: string |
| 462 | 469 |
@param default_ssl_key: Default SSL key path |
| 470 |
@param user: Default user to run as |
|
| 471 |
@type user: string |
|
| 472 |
@param group: Default group to run as |
|
| 473 |
@type group: string |
|
| 463 | 474 |
|
| 464 | 475 |
""" |
| 465 | 476 |
optionparser.add_option("-f", "--foreground", dest="fork",
|
| ... | ... | |
| 529 | 540 |
utils.EnsureDirs(dirs) |
| 530 | 541 |
|
| 531 | 542 |
if options.fork: |
| 543 |
try: |
|
| 544 |
uid = pwd.getpwnam(user).pw_uid |
|
| 545 |
gid = grp.getgrnam(group).gr_gid |
|
| 546 |
except KeyError: |
|
| 547 |
raise errors.ConfigurationError("User or group not existing on system:"
|
|
| 548 |
" %s:%s" % (user, group)) |
|
| 532 | 549 |
utils.CloseFDs() |
| 533 |
utils.Daemonize(logfile=constants.DAEMONS_LOGFILES[daemon_name])
|
|
| 550 |
utils.Daemonize(constants.DAEMONS_LOGFILES[daemon_name], uid, gid)
|
|
| 534 | 551 |
|
| 535 | 552 |
utils.WritePidFile(daemon_name) |
| 536 | 553 |
try: |
| b/lib/utils.py | ||
|---|---|---|
| 2192 | 2192 |
logging.debug("Memory lock set")
|
| 2193 | 2193 |
|
| 2194 | 2194 |
|
| 2195 |
def Daemonize(logfile): |
|
| 2195 |
def Daemonize(logfile, run_uid, run_gid):
|
|
| 2196 | 2196 |
"""Daemonize the current process. |
| 2197 | 2197 |
|
| 2198 | 2198 |
This detaches the current process from the controlling terminal and |
| ... | ... | |
| 2200 | 2200 |
|
| 2201 | 2201 |
@type logfile: str |
| 2202 | 2202 |
@param logfile: the logfile to which we should redirect stdout/stderr |
| 2203 |
@type run_uid: int |
|
| 2204 |
@param run_uid: Run the child under this uid |
|
| 2205 |
@type run_gid: int |
|
| 2206 |
@param run_gid: Run the child under this gid |
|
| 2203 | 2207 |
@rtype: int |
| 2204 | 2208 |
@return: the value zero |
| 2205 | 2209 |
|
| ... | ... | |
| 2213 | 2217 |
pid = os.fork() |
| 2214 | 2218 |
if (pid == 0): # The first child. |
| 2215 | 2219 |
os.setsid() |
| 2220 |
# FIXME: When removing again and moving to start-stop-daemon privilege drop |
|
| 2221 |
# make sure to check for config permission and bail out when invoked |
|
| 2222 |
# with wrong user. |
|
| 2223 |
os.setgid(run_gid) |
|
| 2224 |
os.setuid(run_uid) |
|
| 2216 | 2225 |
# this might fail |
| 2217 | 2226 |
pid = os.fork() # Fork a second child. |
| 2218 | 2227 |
if (pid == 0): # The second child. |
Also available in: Unified diff