[Zope-Checkins] SVN: Zope/trunk/lib/python/Zope/Startup/zope Merge
from 2.7 branch:
Chris McDonough
chrism at plope.com
Sat May 22 22:41:28 EDT 2004
Log message for revision 24888:
Merge from 2.7 branch:
Collector 1304: zopectl doesn't allow specification of zdrun effective user.
-=-
Modified: Zope/trunk/lib/python/Zope/Startup/zopectl.py
===================================================================
--- Zope/trunk/lib/python/Zope/Startup/zopectl.py 2004-05-23 01:14:43 UTC (rev 24887)
+++ Zope/trunk/lib/python/Zope/Startup/zopectl.py 2004-05-23 02:41:28 UTC (rev 24888)
@@ -24,6 +24,7 @@
-h/--help -- print this usage message and exit
-i/--interactive -- start an interactive shell after executing commands
-l/--logfile -- log file to be read by logtail command
+-u/--user -- run the daemon manager program as this user (or numeric id)
-m/--umask -- provide octal umask for files created by the managed process
action [arguments] -- see below
@@ -61,6 +62,7 @@
program = "zopectl"
schemadir = os.path.dirname(Zope.Startup.__file__)
schemafile = "zopeschema.xml"
+ uid = gid = None
# XXX Suppress using Zope's <eventlog> section to avoid using the
# same logging for zdctl as for the Zope appserver. There still
@@ -81,11 +83,32 @@
self.add("default_to_interactive", "runner.default_to_interactive",
default=1)
self.add("logfile", None, "l:", "logfile=")
+ self.add("user", "runner.user", "u:", "user=")
self.add("prompt", "runner.prompt", default="zopectl>")
self.add("umask", "runner.umask", "m:", "umask=")
def realize(self, *args, **kw):
ZDOptions.realize(self, *args, **kw)
+ # Additional checking of user option; set uid and gid
+ if self.user is not None:
+ import pwd
+ try:
+ uid = int(self.user)
+ except ValueError:
+ try:
+ pwrec = pwd.getpwnam(self.user)
+ except KeyError:
+ self.usage("username %r not found" % self.user)
+ uid = pwrec[2]
+ else:
+ try:
+ pwrec = pwd.getpwuid(uid)
+ except KeyError:
+ self.usage("uid %r not found" % self.user)
+ gid = pwrec[3]
+ self.uid = uid
+ self.gid = gid
+
config = self.configroot
self.directory = config.instancehome
self.clienthome = config.clienthome
@@ -94,7 +117,6 @@
else:
self.program = [os.path.join(self.directory, "bin", "runzope")]
self.sockname = os.path.join(self.clienthome, "zopectlsock")
- self.user = None
self.python = sys.executable
self.zdrun = os.path.join(os.path.dirname(zdaemon.__file__),
"zdrun.py")
Modified: Zope/trunk/lib/python/Zope/Startup/zopeschema.xml
===================================================================
--- Zope/trunk/lib/python/Zope/Startup/zopeschema.xml 2004-05-23 01:14:43 UTC (rev 24887)
+++ Zope/trunk/lib/python/Zope/Startup/zopeschema.xml 2004-05-23 02:41:28 UTC (rev 24888)
@@ -127,6 +127,27 @@
</description>
</key>
+ <key name="user" datatype="string"
+ required="no">
+ <description>
+ Command-line option: -u or --user.
+
+ When zdrun.py is started by root, this option specifies the
+ user as who the the zdrun.py process (and hence the daemon
+ subprocess) will run. This can be a user name or a numeric
+ user id. Both the user and the group are set from the
+ corresponding password entry, using setuid() and setgid().
+ This is done before zdrun.py does anything else besides
+ parsing its command line arguments.
+
+ NOTE: when zdrun.py is not started by root, specifying this
+ option is an error. (XXX This may be a mistake.)
+
+ XXX The zdrun.py event log file may be opened *before*
+ setuid() is called. Is this good or bad?
+ </description>
+ </key>
+
<key name="hang-around" datatype="boolean"
required="no" default="false">
<description>
More information about the Zope-Checkins
mailing list