[Zope-Checkins] CVS: ZODB3/zdaemon - zdaemon.py:1.19

Guido van Rossum guido@python.org
Tue, 19 Nov 2002 13:44:00 -0500


Update of /cvs-repository/ZODB3/zdaemon
In directory cvs.zope.org:/tmp/cvs-serv20621

Modified Files:
	zdaemon.py 
Log Message:
Add -u USER option to call setuid() and setgid() right at the start.

When run as __main__, append parent dir to sys.path.


=== ZODB3/zdaemon/zdaemon.py 1.18 => 1.19 ===
--- ZODB3/zdaemon/zdaemon.py:1.18	Thu Nov 14 17:03:46 2002
+++ ZODB3/zdaemon/zdaemon.py	Tue Nov 19 13:44:00 2002
@@ -13,6 +13,7 @@
   -f -- run forever (by default, exit when the backoff limit is exceeded)
   -h -- print usage message and exit
   -s SOCKET -- Unix socket name for client communication (default "zdsock")
+  -u USER -- run as this user (or numeric uid)
   -x LIST -- list of fatal exit codes (default "0,2"; use "" to disable)
   -z DIRECTORY -- directory to chdir into when using -d; default "/"
   program [program-arguments] -- an arbitrary application to run
@@ -77,6 +78,11 @@
 import signal
 from stat import ST_MODE
 
+if __name__ == "__main__":
+    # Add the parent of the script directory to the module search path
+    from os.path import dirname, abspath, normpath
+    sys.path.append(dirname(dirname(normpath(abspath(sys.argv[0])))))
+
 import zLOG
 
 class Options:
@@ -99,6 +105,7 @@
     forever = 0                         # -f
     sockname = "zdsock"                 # -s SOCKET
     exitcodes = [0, 2]                  # -x LIST
+    user = None                         # -u USER
     zdirectory = "/"                    # -z DIRECTORY
 
     args = []                           # Positional arguments
@@ -119,7 +126,7 @@
         if progname:
             self.progname = progname
         try:
-            self.opts, self.args = getopt.getopt(args, "b:cdfhs:x:z:")
+            self.opts, self.args = getopt.getopt(args, "b:cdfhs:u:x:z:")
         except getopt.error, msg:
             self.usage(str(msg))
         self._interpret_options()
@@ -149,6 +156,8 @@
                 sys.exit(0)
             if o == "-s":
                 self.sockname = a
+            if o == "-u":
+                self.user = a
             if o == "-x":
                 if a == "":
                     self.exitcodes = []
@@ -317,11 +326,37 @@
 
     def main(self, args=None):
         self.opts = Options(args)
+        self.set_uid()
         if self.opts.isclient:
             clt = Client(self.opts)
             clt.doit()
         else:
             self.run()
+
+    def set_uid(self):
+        if self.opts.user is None:
+            return
+        if os.name != "posix":
+            self.opts.usage("-u USER only supported on Unix")
+        if os.geteuid() != 0:
+            self.opts.usage("only root can use -u USER")
+        import pwd
+        try:
+            uid = int(self.opts.user)
+        except: # int() can raise all sorts of errors
+            try:
+                pwrec = pwd.getpwnam(self.opts.user)
+            except KeyError:
+                self.opts.usage("username %r not found" % self.opts.user)
+            uid = pwrec[2]
+        else:
+            try:
+                pwrec = pwd.getpwuid(uid)
+            except KeyError:
+                self.opts.usage("uid %r not found" % self.opts.user)
+        gid = pwrec[3]
+        os.setgid(gid)
+        os.setuid(uid)
 
     def run(self):
         self.proc = Subprocess(self.opts)