Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
beat.backend.python
Project overview
Project overview
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
beat
beat.backend.python
Commits
fc952b78
Commit
fc952b78
authored
Apr 24, 2017
by
Philip ABBET
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allows to use a directory with restricted access for the datasets
parent
139df4c9
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
42 additions
and
0 deletions
+42
-0
beat/backend/python/scripts/databases_provider.py
beat/backend/python/scripts/databases_provider.py
+42
-0
No files found.
beat/backend/python/scripts/databases_provider.py
100644 → 100755
View file @
fc952b78
...
...
@@ -51,6 +51,7 @@ import logging
import
os
import
sys
import
docopt
import
simplejson
import
zmq
...
...
@@ -104,6 +105,7 @@ def main():
args
=
docopt
.
docopt
(
__doc__
%
dict
(
prog
=
prog
,
version
=
version
),
version
=
version
)
# Sets up the logging system
if
args
[
'--debug'
]:
logging
.
basicConfig
(
format
=
'[remote|
%(name)
s]
%(levelname)
s:
%(message)
s'
,
...
...
@@ -114,6 +116,44 @@ def main():
logger
=
logging
.
getLogger
(
__name__
)
# If necessary, change to another user (with less privileges, but has access
# to the databases)
with
open
(
os
.
path
.
join
(
args
[
'<dir>'
],
'configuration.json'
),
'r'
)
as
f
:
cfg
=
simplejson
.
load
(
f
)
if
cfg
.
has_key
(
'datasets_uid'
):
# First create the user (if it doesn't exists)
try
:
user
=
pwd
.
getpwuid
(
cfg
[
'datasets_uid'
])
except
:
import
subprocess
retcode
=
subprocess
.
call
([
'adduser'
,
'--uid'
,
str
(
cfg
[
'datasets_uid'
]),
'--no-create-home'
,
'--disabled-password'
,
'--disabled-login'
,
'--gecos'
,
'""'
,
'-q'
,
'beat-nobody'
])
if
retcode
!=
0
:
send_error
(
logger
,
socket
,
'sys'
,
'Failed to create an user with the UID
%
s'
%
args
[
'uid'
])
return
1
# Next, ensure that the needed files are readable by this user
access
=
stat
.
S_IRUSR
|
stat
.
S_IWUSR
|
stat
.
S_IXUSR
|
stat
.
S_IRGRP
|
stat
.
S_IXGRP
|
stat
.
S_IROTH
|
stat
.
S_IXOTH
os
.
chmod
(
args
[
'<dir>'
],
access
)
for
root
,
dirs
,
files
in
os
.
walk
(
args
[
'<dir>'
]):
for
d
in
dirs
:
os
.
chmod
(
os
.
path
.
join
(
root
,
d
),
access
)
for
f
in
files
:
os
.
chmod
(
os
.
path
.
join
(
root
,
f
),
access
)
# Change the current user
try
:
os
.
setuid
(
cfg
[
'datasets_uid'
])
except
:
import
traceback
send_error
(
logger
,
socket
,
'sys'
,
traceback
.
format_exc
())
return
1
# Creates the 0MQ socket for communication with BEAT
context
=
zmq
.
Context
()
socket
=
context
.
socket
(
zmq
.
PAIR
)
...
...
@@ -121,6 +161,7 @@ def main():
socket
.
connect
(
address
)
logger
.
debug
(
"zmq client connected to `
%
s'"
,
address
)
try
:
# Check the dir
...
...
@@ -188,5 +229,6 @@ def main():
return
0
if
__name__
==
'__main__'
:
sys
.
exit
(
main
())
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
