1 files changed, 43 insertions, 10 deletions

diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py
index 03ab40343..a1ee24e18 100644
--- a/src/lib/Bcfg2/Server/Core.py
+++ b/src/lib/Bcfg2/Server/Core.py
@@ -11,6 +11,7 @@ import threading
 import time
 import inspect
 import lxml.etree
+import daemon
 import Bcfg2.Server
 import Bcfg2.Logger
 import Bcfg2.Options
@@ -26,6 +27,7 @@ from Bcfg2.Server.Statistics import track_statistics
 
 try:
     from django.core.exceptions import ImproperlyConfigured
+    import django
     import django.conf
     HAS_DJANGO = True
 except ImportError:
@@ -82,10 +84,14 @@ def close_db_connection(func):
         """ The decorated function """
         rv = func(self, *args, **kwargs)
         if self._database_available:  # pylint: disable=W0212
-            from django import db
             self.logger.debug("%s: Closing database connection" %
                               threading.current_thread().getName())
-            db.close_connection()
+
+            if django.VERSION[0] == 1 and django.VERSION[1] >= 7:
+                for connection in django.db.connections.all():
+                    connection.close()
+            else:
+                django.db.close_connection()  # pylint: disable=E1101
         return rv
 
     return inner
@@ -113,7 +119,8 @@ class DefaultACL(Plugin, ClientACLs):
     def check_acl_ip(self, address, rmi):
         return (("." not in rmi and
                  not rmi.endswith("_debug") and
-                 rmi != 'get_statistics') or
+                 rmi != 'get_statistics' and
+                 rmi != 'expire_metadata_cache') or
                 address[0] == "127.0.0.1")
 
 # in core we frequently want to catch all exceptions, regardless of
@@ -324,6 +331,10 @@ class Core(object):
                 select.select([famfd], [], [], 2)
             elif not self.fam.pending():
                 terminate.wait(15)
+
+            if self.terminate.isSet():
+                break
+
             if self.fam.pending():
                 try:
                     self._update_vcs_revision()
@@ -429,6 +440,7 @@ class Core(object):
             self.logger.error("Unexpected instantiation failure for plugin %s"
                               % plugin, exc_info=1)
 
+    @close_db_connection
     def shutdown(self):
         """ Perform plugin and FAM shutdown tasks. """
         if not self._running:
@@ -443,10 +455,6 @@ class Core(object):
         for plugin in list(self.plugins.values()):
             plugin.shutdown()
         self.logger.info("%s: All plugins shut down" % self.name)
-        if self._database_available:
-            from django import db
-            self.logger.info("%s: Closing database connection" % self.name)
-            db.close_connection()
 
     @property
     def metadata_cache_mode(self):
@@ -681,7 +689,7 @@ class Core(object):
         self.logger.debug("Building configuration for %s" % client)
         start = time.time()
         config = lxml.etree.Element("Configuration", version='2.0',
-                                    revision=self.revision)
+                                    revision=str(self.revision))
         try:
             meta = self.build_metadata(client)
         except MetadataConsistencyError:
@@ -1365,6 +1373,21 @@ class Core(object):
         return "This method is deprecated and will be removed in a future " + \
             "release\n%s" % self.fam.set_debug(debug)
 
+    @exposed
+    def expire_metadata_cache(self, _, hostnames=None):
+        """ Expire the metadata cache for one or all clients
+
+        :param hostnames: A list of hostnames to expire the metadata
+                          cache for or None. If None the cache of
+                          all clients will be expired.
+        :type hostnames: None or list of strings
+        """
+        if hostnames is not None:
+            for hostname in hostnames:
+                self.metadata_cache.expire(hostname)
+        else:
+            self.metadata_cache.expire()
+
 
 class NetworkCore(Core):
     """ A server core that actually listens on the network, can be
@@ -1424,9 +1447,9 @@ class NetworkCore(Core):
         "\n.. automethod:: _daemonize\n"
 
     def __str__(self):
-        if hasattr(Bcfg2.Options.setup, "location"):
+        if hasattr(Bcfg2.Options.setup, "server"):
             return "%s(%s)" % (self.__class__.__name__,
-                               Bcfg2.Options.setup.location)
+                               Bcfg2.Options.setup.server)
         else:
             return Core.__str__(self)
 
@@ -1486,3 +1509,13 @@ class NetworkCore(Core):
         """ Daemonize the server and write the pidfile.  This must be
         overridden by a core implementation. """
         raise NotImplementedError
+
+    def _drop_privileges(self):
+        """ This is called if not daemonized and running as root to
+        drop the privileges to the configured daemon_uid and daemon_gid.
+        """
+        daemon.daemon.change_process_owner(
+            Bcfg2.Options.setup.daemon_uid,
+            Bcfg2.Options.setup.daemon_gid)
+        self.logger.debug("Dropped privileges to %s:%s." %
+                          (os.getuid(), os.getgid()))