Commit 0070a462 authored by René Nussbaumer's avatar René Nussbaumer
Browse files

Revert "Make it possible to call utils.Daemonize with uid and gid to run as"

This reverts commit 743b53d4

.

Conflicts:

	lib/daemon.py

Trivial conflict resolved. This patch reverts changes from earlier permissions
separation stage. This is not needed anymore as start-stop-daemon takes care
of user switching
Signed-off-by: default avatarRené Nussbaumer <rn@google.com>
Reviewed-by: default avatarMichael Hanselmann <hansmi@google.com>
parent 69d89cb5
......@@ -25,9 +25,7 @@
import asyncore
import asynchat
import collections
import grp
import os
import pwd
import signal
import logging
import sched
......@@ -43,10 +41,6 @@ from ganeti import netutils
from ganeti import ssconf
_DEFAULT_RUN_USER = "root"
_DEFAULT_RUN_GROUP = "root"
class SchedulerBreakout(Exception):
"""Exception used to get out of the scheduler loop
......@@ -495,8 +489,7 @@ class Mainloop(object):
def GenericMain(daemon_name, optionparser, dirs, check_fn, exec_fn,
multithreaded=False, console_logging=False,
default_ssl_cert=None, default_ssl_key=None,
user=_DEFAULT_RUN_USER, group=_DEFAULT_RUN_GROUP):
default_ssl_cert=None, default_ssl_key=None):
"""Shared main function for daemons.
@type daemon_name: string
......@@ -522,10 +515,6 @@ def GenericMain(daemon_name, optionparser, dirs, check_fn, exec_fn,
@param default_ssl_cert: Default SSL certificate path
@type default_ssl_key: string
@param default_ssl_key: Default SSL key path
@param user: Default user to run as
@type user: string
@param group: Default group to run as
@type group: string
"""
optionparser.add_option("-f", "--foreground", dest="fork",
......@@ -602,14 +591,8 @@ def GenericMain(daemon_name, optionparser, dirs, check_fn, exec_fn,
utils.EnsureDirs(dirs)
if options.fork:
try:
uid = pwd.getpwnam(user).pw_uid
gid = grp.getgrnam(group).gr_gid
except KeyError:
raise errors.ConfigurationError("User or group not existing on system:"
" %s:%s" % (user, group))
utils.CloseFDs()
utils.Daemonize(constants.DAEMONS_LOGFILES[daemon_name], uid, gid)
utils.Daemonize(logfile=constants.DAEMONS_LOGFILES[daemon_name])
utils.WritePidFile(daemon_name)
try:
......
......@@ -2113,7 +2113,7 @@ def Mlockall(_ctypes=ctypes):
logging.debug("Memory lock set")
def Daemonize(logfile, run_uid, run_gid):
def Daemonize(logfile):
"""Daemonize the current process.
This detaches the current process from the controlling terminal and
......@@ -2121,10 +2121,6 @@ def Daemonize(logfile, run_uid, run_gid):
@type logfile: str
@param logfile: the logfile to which we should redirect stdout/stderr
@type run_uid: int
@param run_uid: Run the child under this uid
@type run_gid: int
@param run_gid: Run the child under this gid
@rtype: int
@return: the value zero
......@@ -2138,11 +2134,6 @@ def Daemonize(logfile, run_uid, run_gid):
pid = os.fork()
if (pid == 0): # The first child.
os.setsid()
# FIXME: When removing again and moving to start-stop-daemon privilege drop
# make sure to check for config permission and bail out when invoked
# with wrong user.
os.setgid(run_gid)
os.setuid(run_uid)
# this might fail
pid = os.fork() # Fork a second child.
if (pid == 0): # The second child.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment