summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/Client/Tools/POSIX.py34
-rw-r--r--src/lib/Server/Plugins/Account.py8
-rw-r--r--src/lib/Server/Plugins/Cfg.py2
-rw-r--r--src/lib/Server/Plugins/Hostbase.py2
-rw-r--r--src/lib/Server/Plugins/SSHbase.py4
-rw-r--r--src/lib/Server/Plugins/TCheetah.py2
-rw-r--r--src/lib/Server/Plugins/Vhost.py4
7 files changed, 36 insertions, 20 deletions
diff --git a/src/lib/Client/Tools/POSIX.py b/src/lib/Client/Tools/POSIX.py
index 1cc448782..6dcece8e2 100644
--- a/src/lib/Client/Tools/POSIX.py
+++ b/src/lib/Client/Tools/POSIX.py
@@ -22,6 +22,28 @@ def calcPerms(initial, perms):
tempperms |= perm
return tempperms
+def normUid(entry):
+ '''This takes a user name or uid and returns the corrisponding uid or False'''
+ try:
+ try:
+ return int(entry.get('owner'))
+ except:
+ return int(pwd.getpwnam(entry.get('owner'))[2])
+ except (OSError, KeyError):
+ self.logger.error('UID normalization failed for %s' % (entry.get('name')))
+ return False
+
+def normGid(entry):
+ '''This takes a group name or gid and returns the corrisponding gid or False'''
+ try:
+ try:
+ return int(entry.get('group'))
+ except:
+ return int(grp.getgrnam(entry.get('group'))[2])
+ except (OSError, KeyError):
+ self.logger.error('GID normalization failed for %s' % (entry.get('name')))
+ return False
+
class POSIX(Bcfg2.Client.Tools.Tool):
'''POSIX File support code'''
__name__ = 'POSIX'
@@ -95,11 +117,7 @@ class POSIX(Bcfg2.Client.Tools.Tool):
except (OSError, KeyError):
self.logger.error('User/Group resolution failed for path %s' % (entry.get('name')))
owner = 'root'
- try:
- grp.getgrnam('root')
- group = 'root'
- except KeyError:
- group = 'system'
+ group = '0'
finfo = os.stat(entry.get('name'))
perms = oct(finfo[ST_MODE])[-4:]
if entry.get('mtime', '-1') != '-1':
@@ -205,8 +223,7 @@ class POSIX(Bcfg2.Client.Tools.Tool):
def InstallPermissions(self, entry):
'''Install POSIX Permissions'''
try:
- os.chown(entry.get('name'),
- pwd.getpwnam(entry.get('owner'))[2], grp.getgrnam(entry.get('group'))[2])
+ os.chown(entry.get('name'), normUid(entry), normGid(entry))
os.chmod(entry.get('name'), calcPerms(S_IFDIR, entry.get('perms')))
return True
except (OSError, KeyError):
@@ -304,8 +321,7 @@ class POSIX(Bcfg2.Client.Tools.Tool):
newfile.write(filedata)
newfile.close()
try:
- os.chown(newfile.name, pwd.getpwnam(entry.get('owner'))[2],
- grp.getgrnam(entry.get('group'))[2])
+ os.chown(newfile.name, normUid(entry), normGid(entry))
except KeyError:
self.logger.error("Failed to chown %s to %s:%s" % \
(entry.get('name'), entry.get('owner'),
diff --git a/src/lib/Server/Plugins/Account.py b/src/lib/Server/Plugins/Account.py
index bf530af4d..96d242100 100644
--- a/src/lib/Server/Plugins/Account.py
+++ b/src/lib/Server/Plugins/Account.py
@@ -34,7 +34,7 @@ class Account(Bcfg2.Server.Plugin.Plugin):
fname = entry.attrib['name'].split('/')[-1]
entry.text = self.repository.entries["static.%s" % (fname)].data
entry.text += self.repository.entries["dyn.%s" % (fname)].data
- perms = {'owner':'root', 'group':'root', 'perms':'0644'}
+ perms = {'owner':'root', 'group':'0', 'perms':'0644'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
def gen_limits_cb(self, entry, metadata):
@@ -43,7 +43,7 @@ class Account(Bcfg2.Server.Plugin.Plugin):
superusers = self.repository.entries["superusers"].data.split()
useraccess = [line.split(':') for line in self.repository.entries["useraccess"].data.split()]
users = [user for (user, host) in useraccess if host == metadata.hostname.split('.')[0]]
- perms = {'owner':'root', 'group':'root', 'perms':'0600'}
+ perms = {'owner':'root', 'group':'0', 'perms':'0600'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
entry.text += "".join(["%s hard maxlogins 1024\n" % uname for uname in superusers + users])
if "*" not in users:
@@ -56,7 +56,7 @@ class Account(Bcfg2.Server.Plugin.Plugin):
superusers += [user for (user, host) in rootlike if host == metadata.hostname.split('.')[0]]
rdata = self.repository.entries
entry.text = "".join([rdata["%s.key" % user].data for user in superusers if rdata.has_key("%s.key" % user)])
- perms = {'owner':'root', 'group':'root', 'perms':'0600'}
+ perms = {'owner':'root', 'group':'0', 'perms':'0600'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
def gen_sudoers(self, entry, metadata):
@@ -66,5 +66,5 @@ class Account(Bcfg2.Server.Plugin.Plugin):
superusers += [user for (user, host) in rootlike if host == metadata.hostname.split('.')[0]]
rdata = self.repository.entries
entry.text = self.repository.entries['static.sudoers'].data%",".join(superusers)
- perms = {'owner':'root', 'group':'root', 'perms':'0400'}
+ perms = {'owner':'root', 'group':'0', 'perms':'0400'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
diff --git a/src/lib/Server/Plugins/Cfg.py b/src/lib/Server/Plugins/Cfg.py
index 084a14b3c..ad1711d01 100644
--- a/src/lib/Server/Plugins/Cfg.py
+++ b/src/lib/Server/Plugins/Cfg.py
@@ -88,7 +88,7 @@ class ConfigFileEntry(object):
self.path = path
self.repopath = repopath
self.fragments = []
- self.metadata = {'encoding': 'ascii', 'owner':'root', 'group':'root', 'perms':'0644'}
+ self.metadata = {'encoding': 'ascii', 'owner':'root', 'group':'0', 'perms':'0644'}
self.paranoid = False
self.interpolate = False
diff --git a/src/lib/Server/Plugins/Hostbase.py b/src/lib/Server/Plugins/Hostbase.py
index dcd77f16a..83ec6d0b0 100644
--- a/src/lib/Server/Plugins/Hostbase.py
+++ b/src/lib/Server/Plugins/Hostbase.py
@@ -80,7 +80,7 @@ class Hostbase(Plugin):
fname = entry.get('name').split('/')[-1]
if not self.filedata.has_key(fname):
raise PluginExecutionError
- perms = {'owner':'root', 'group':'root', 'perms':'644'}
+ perms = {'owner':'root', 'group':'0', 'perms':'644'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
entry.text = self.filedata[fname]
diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py
index 0d9cd1c82..0e473e29b 100644
--- a/src/lib/Server/Plugins/SSHbase.py
+++ b/src/lib/Server/Plugins/SSHbase.py
@@ -123,7 +123,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin):
for hostkey in hostkeys:
entry.text += "localhost,localhost.localdomain,127.0.0.1 %s" % (
self.repository.entries[hostkey].data)
- permdata = {'owner':'root', 'group':'root', 'perms':'0644'}
+ permdata = {'owner':'root', 'group':'0', 'perms':'0644'}
[entry.attrib.__setitem__(key, permdata[key]) for key in permdata]
def build_hk(self, entry, metadata):
@@ -138,7 +138,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin):
self.logger.error("%s still not registered" % filename)
raise Bcfg2.Server.Plugin.PluginExecutionError
keydata = self.repository.entries[filename].data
- permdata = {'owner':'root', 'group':'root'}
+ permdata = {'owner':'root', 'group':'0'}
permdata['perms'] = '0600'
if entry.get('name')[-4:] == '.pub':
permdata['perms'] = '0644'
diff --git a/src/lib/Server/Plugins/TCheetah.py b/src/lib/Server/Plugins/TCheetah.py
index 790218147..748d4cd14 100644
--- a/src/lib/Server/Plugins/TCheetah.py
+++ b/src/lib/Server/Plugins/TCheetah.py
@@ -14,7 +14,7 @@ class TemplateFile:
self.name = name
self.properties = properties
self.states = {'template': False, 'info': False}
- self.metadata = {'owner': 'root', 'group': 'root', 'perms': '644'}
+ self.metadata = {'owner': 'root', 'group': '0', 'perms': '644'}
def HandleEvent(self, event):
'''Handle all fs events for this template'''
diff --git a/src/lib/Server/Plugins/Vhost.py b/src/lib/Server/Plugins/Vhost.py
index 5c38cd19e..56b012aa4 100644
--- a/src/lib/Server/Plugins/Vhost.py
+++ b/src/lib/Server/Plugins/Vhost.py
@@ -69,7 +69,7 @@ class VhostFile(SingleXMLFileBacked):
entry.text = 'NO_START=0\n'
else:
entry.text = 'NO_START=1\n'
- perms = {'owner':'root', 'group':'root', 'perms':'0644'}
+ perms = {'owner':'root', 'group':'0', 'perms':'0644'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
def generateApacheSvc(self, entry, metadata):
@@ -99,7 +99,7 @@ class VhostFile(SingleXMLFileBacked):
line = line.replace("XXchoiceXX", choice)
config += line
entry.text = base64.encodestring(config)
- perms = {'owner':'root', 'group':'root', 'perms':'0644', 'encoding':'base64'}
+ perms = {'owner':'root', 'group':'0', 'perms':'0644', 'encoding':'base64'}
[entry.attrib.__setitem__(key, value) for (key, value) in perms.iteritems()]
class Vhost(Plugin):