]> err.no Git - dak/commitdiff
* dak/edit_transitions.py (edit_transitions): Use sudo to copy the
authorJoerg Jaspert <joerg@debian.org>
Fri, 21 Mar 2008 15:39:38 +0000 (16:39 +0100)
committerJoerg Jaspert <joerg@debian.org>
Fri, 21 Mar 2008 15:39:38 +0000 (16:39 +0100)
   edited file back in place
   (check_transitions): Use proper locking and also use sudo to copy
   the new file in place

ChangeLog
dak/edit_transitions.py

index d269ff65f98bf8ff157b0578bd87f57d0e681f17..8766c80f35906c88722ebd9ac7b7bff4d04c1094 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2008-03-21  Joerg Jaspert  <joerg@debian.org>
+
+       * dak/edit_transitions.py (edit_transitions): Use sudo to copy the
+       edited file back in place
+       (check_transitions): Use proper locking and also use sudo to copy
+       the new file in place
+
 2008-03-21  Anthony Towns <ajt@debian.org>
 
        * config/debian/extensions.py: Add infrastructure for replacing
index 15cc8dc4d2a34f2cc5d0ce71c914fd67fd19dcb4..1b8376ab455924d496181fd7d47c0cb8d361d118 100755 (executable)
@@ -104,7 +104,7 @@ def edit_transitions():
 
     tempfile = "./%s.transition.tmp" % (os.getpid() )
 
-    lockfile="%s.lock" % (tempfile)
+    lockfile="/tmp/transitions.lock"
     lock_file(lockfile)
 
     daklib.utils.copy(trans_file, tempfile)
@@ -144,7 +144,11 @@ def edit_transitions():
             break
 
     # We seem to be done and also have a working file. Copy over.
-    daklib.utils.copy(tempfile, trans_file, True)
+    # We are not using daklib.utils.copy here, as we use sudo to get this file copied, to
+    # limit the rights needed to edit transitions
+    os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H", 
+              "cp", tempfile, trans_file)
+
     os.unlink(tempfile)
     os.unlink(lockfile)
 
@@ -230,7 +234,6 @@ def check_transitions(transitions):
             print "Transition source %s not in testing, transition still ongoing." % (source)
         else:
             compare = apt_pkg.VersionCompare(current, expected)
-            print "Apt compare says: %s" % (compare)
             if compare < 0:
                 # This is still valid, the current version in database is older than
                 # the new version we wait for
@@ -266,14 +269,25 @@ def check_transitions(transitions):
             print "Committing"
             for remove in to_remove:
                 del transitions[remove]
-            destfile = file(Cnf["Dinstall::Reject::ReleaseTransitions"], 'w')
+
+            lockfile="/tmp/transitions.lock"
+            lock_file(lockfile)
+            tempfile = "./%s.transition.tmp" % (os.getpid() )
+
+            destfile = file(tempfile, 'w')
             syck.dump(transitions, destfile)
+            destfile.close()
+
+            os.spawnl(os.P_WAIT, "/usr/bin/sudo", "/usr/bin/sudo", "-u", "dak", "-H", 
+                      "cp", tempfile, Cnf["Dinstall::Reject::ReleaseTransitions"])
+
+            os.unlink(tempfile)
+            os.unlink(lockfile)
             print "Done"
         else:
             print "WTF are you typing?"
             sys.exit(0)
 
-
 ################################################################################
 
 def main():