[Zope-Checkins] CVS: Zope/lib/python/Zope/Startup -
zopectl.py:1.3.2.8 zopeschema.xml:1.7.2.12
Chris McDonough
chrism at plope.com
Fri May 21 03:08:26 EDT 2004
Update of /cvs-repository/Zope/lib/python/Zope/Startup
In directory cvs.zope.org:/tmp/cvs-serv28332
Modified Files:
Tag: Zope-2_7-branch
zopectl.py zopeschema.xml
Log Message:
Collector 1304: zopectl doesn't allow specification of zdrun effective user.
=== Zope/lib/python/Zope/Startup/zopectl.py 1.3.2.7 => 1.3.2.8 ===
--- Zope/lib/python/Zope/Startup/zopectl.py:1.3.2.7 Tue Feb 24 00:43:59 2004
+++ Zope/lib/python/Zope/Startup/zopectl.py Fri May 21 03:08:20 2004
@@ -24,6 +24,8 @@
-h/--help -- print this usage message and exit
-i/--interactive -- start an interactive shell after executing commands
-l/--logfile -- log file to be read by logtail command
+-u/--user -- run the daemon manager program as this user (or numeric id)
+
action [arguments] -- see below
Actions are commands like "start", "stop" and "status". If -i is
@@ -60,6 +62,7 @@
program = "zopectl"
schemadir = os.path.dirname(Zope.Startup.__file__)
schemafile = "zopeschema.xml"
+ uid = gid = None
# XXX Suppress using Zope's <eventlog> section to avoid using the
# same logging for zdctl as for the Zope appserver. There still
@@ -80,10 +83,31 @@
self.add("default_to_interactive", "runner.default_to_interactive",
default=1)
self.add("logfile", None, "l:", "logfile=")
+ self.add("user", "runner.user", "u:", "user=")
self.add("prompt", "runner.prompt", default="zopectl>")
def realize(self, *args, **kw):
ZDOptions.realize(self, *args, **kw)
+ # Additional checking of user option; set uid and gid
+ if self.user is not None:
+ import pwd
+ try:
+ uid = int(self.user)
+ except ValueError:
+ try:
+ pwrec = pwd.getpwnam(self.user)
+ except KeyError:
+ self.usage("username %r not found" % self.user)
+ uid = pwrec[2]
+ else:
+ try:
+ pwrec = pwd.getpwuid(uid)
+ except KeyError:
+ self.usage("uid %r not found" % self.user)
+ gid = pwrec[3]
+ self.uid = uid
+ self.gid = gid
+
config = self.configroot
self.directory = config.instancehome
self.clienthome = config.clienthome
@@ -92,7 +116,6 @@
else:
self.program = [os.path.join(self.directory, "bin", "runzope")]
self.sockname = os.path.join(self.clienthome, "zopectlsock")
- self.user = None
self.python = sys.executable
self.zdrun = os.path.join(os.path.dirname(zdaemon.__file__),
"zdrun.py")
=== Zope/lib/python/Zope/Startup/zopeschema.xml 1.7.2.11 => 1.7.2.12 ===
--- Zope/lib/python/Zope/Startup/zopeschema.xml:1.7.2.11 Thu May 13 12:19:49 2004
+++ Zope/lib/python/Zope/Startup/zopeschema.xml Fri May 21 03:08:20 2004
@@ -121,6 +121,27 @@
</description>
</key>
+ <key name="user" datatype="string"
+ required="no">
+ <description>
+ Command-line option: -u or --user.
+
+ When zdrun.py is started by root, this option specifies the
+ user as who the the zdrun.py process (and hence the daemon
+ subprocess) will run. This can be a user name or a numeric
+ user id. Both the user and the group are set from the
+ corresponding password entry, using setuid() and setgid().
+ This is done before zdrun.py does anything else besides
+ parsing its command line arguments.
+
+ NOTE: when zdrun.py is not started by root, specifying this
+ option is an error. (XXX This may be a mistake.)
+
+ XXX The zdrun.py event log file may be opened *before*
+ setuid() is called. Is this good or bad?
+ </description>
+ </key>
+
<key name="hang-around" datatype="boolean"
required="no" default="false">
<description>
More information about the Zope-Checkins
mailing list