From 68e9746830026c9ad6f6e9c972097c2436055629 Mon Sep 17 00:00:00 2001
From: "Chris St. Pierre" <chris.a.st.pierre@gmail.com>
Date: Mon, 26 Nov 2012 12:28:48 -0500
Subject: when a new sqlite database is created for reporting, set appropriate
 permissions

---
 src/lib/Bcfg2/Server/Core.py | 35 ++++++++++++++++++++++++++++-------
 1 file changed, 28 insertions(+), 7 deletions(-)

(limited to 'src/lib/Bcfg2/Server/Core.py')

diff --git a/src/lib/Bcfg2/Server/Core.py b/src/lib/Bcfg2/Server/Core.py
index 400470dc3..76fdbc4af 100644
--- a/src/lib/Bcfg2/Server/Core.py
+++ b/src/lib/Bcfg2/Server/Core.py
@@ -10,7 +10,6 @@ import threading
 import time
 import inspect
 import lxml.etree
-from traceback import format_exc
 import Bcfg2.settings
 import Bcfg2.Server
 import Bcfg2.Logger
@@ -181,6 +180,18 @@ class BaseCore(object):
         #: backend for plugins that have that capability
         self._database_available = False
         if Bcfg2.settings.HAS_DJANGO:
+            db = Bcfg2.settings.DATABASES['default']
+            if (self.setup['daemon'] and self.setup['daemon_uid'] and
+                db['ENGINE'].endswith(".sqlite3") and
+                not os.path.exists(db['NAME'])):
+                # syncdb will create the sqlite database, and we're
+                # going to daemonize, dropping privs to a non-root
+                # user, so we need to chown the database after
+                # creating it
+                do_chown = True
+            else:
+                do_chown = False
+
             from django.core.exceptions import ImproperlyConfigured
             from django.core import management
             try:
@@ -188,11 +199,21 @@ class BaseCore(object):
                                         verbosity=0)
                 self._database_available = True
             except ImproperlyConfigured:
-                self.logger.error("Django configuration problem: %s" %
-                                  format_exc().splitlines()[-1])
+                err = sys.exc_info()[1]
+                self.logger.error("Django configuration problem: %s" % err)
             except:
-                self.logger.error("Database update failed: %s" %
-                                  format_exc().splitlines()[-1])
+                err = sys.exc_info()[1]
+                self.logger.error("Database update failed: %s" % err)
+
+            if do_chown and self._database_available:
+                try:
+                    os.chown(db['NAME'],
+                             self.setup['daemon_uid'],
+                             self.setup['daemon_gid'])
+                except OSError:
+                    err = sys.exc_info()[1]
+                    self.logger.error("Failed to set ownership of database "
+                                      "at %s: %s" % (db['NAME'], err))
 
         if '' in setup['plugins']:
             setup['plugins'].remove('')
@@ -522,7 +543,7 @@ class BaseCore(object):
             except Exception:
                 exc = sys.exc_info()[1]
                 if 'failure' not in entry.attrib:
-                    entry.set('failure', 'bind error: %s' % format_exc())
+                    entry.set('failure', 'bind error: %s' % exc)
                 self.logger.error("Unexpected failure in BindStructure: %s %s"
                                   % (entry.tag, entry.get('name')), exc_info=1)
 
@@ -599,7 +620,7 @@ class BaseCore(object):
         try:
             structures = self.GetStructures(meta)
         except:
-            self.logger.error("error in GetStructures", exc_info=1)
+            self.logger.error("Error in GetStructures", exc_info=1)
             return lxml.etree.Element("error", type='structure error')
 
         self.validate_structures(meta, structures)
-- 
cgit v1.2.3-1-g7c22