From: Ansgar Burchardt Date: Sun, 6 Jan 2013 12:44:51 +0000 (+0100) Subject: show-new: run lintian as unprivileged user X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a7f77393881783e65423f1f36778c67c52e5213d;p=dak show-new: run lintian as unprivileged user As dak/examine_package.py is also used by process-new we cannot run lintian unconditionally as the unprivileged user. Therefore move the Unpriv{User,Group} setting from the database to a (group-specific) dak.conf. --- diff --git a/config/debian/dak.conf b/config/debian/dak.conf index 593960c6..6eef7119 100644 --- a/config/debian/dak.conf +++ b/config/debian/dak.conf @@ -379,6 +379,7 @@ Generate-Releases } ByGroup { + dak "/srv/ftp-master.debian.org/dak/config/debian/dak.conf-dak"; ftpteam ""; backports "/srv/ftp-master.debian.org/dak/config/debian/dak.conf-backports"; }; diff --git a/config/debian/dak.conf-dak b/config/debian/dak.conf-dak new file mode 100644 index 00000000..c46b0a2a --- /dev/null +++ b/config/debian/dak.conf-dak @@ -0,0 +1,4 @@ +Dinstall { + UnprivUser "dak-unpriv"; + UnprivGroup "dak-unpriv"; +}; diff --git a/dak/examine_package.py b/dak/examine_package.py index fe83919e..7c005783 100755 --- a/dak/examine_package.py +++ b/dak/examine_package.py @@ -60,6 +60,7 @@ import commands import threading from daklib import utils +from daklib.config import Config from daklib.dbconn import DBConn, get_component_by_package_suite from daklib.gpg import SignedFile from daklib.regexes import html_escaping, re_html_escaping, re_version, re_spacestrip, \ @@ -77,7 +78,7 @@ printed.copyrights = {} package_relations = {} #: Store relations of packages for later output # default is to not output html. -use_html = 0 +use_html = False ################################################################################ @@ -446,7 +447,7 @@ def output_deb_info(suite, filename, packagename, session = None): to_print += " "+format_field(key,field_value)+'\n' return to_print -def do_command (command, filename, escaped=0): +def do_command (command, filename, escaped=False): o = os.popen("%s %s" % (command, filename)) if escaped: return escaped_text(o.read()) @@ -454,10 +455,20 @@ def do_command (command, filename, escaped=0): return formatted_text(o.read()) def do_lintian (filename): + cnf = Config() + cmd = [] + + user = cnf.get('Dinstall::UnprivUser') or None + if user is not None: + cmd.extend(['sudo', '-H', '-u', user]) + + color = 'always' if use_html: - return do_command("lintian --show-overrides --color html", filename, 1) - else: - return do_command("lintian --show-overrides --color always", filename, 1) + color = 'html' + + cmd.extend(['lintian', '--show-overrides', '--color', color]) + + return do_command(' '.join(cmd), filename, escaped=True) def get_copyright (deb_filename): global printed @@ -604,7 +615,7 @@ def main (): if Options["Html-Output"]: global use_html - use_html = 1 + use_html = True stdout_fd = sys.stdout diff --git a/dak/process_new.py b/dak/process_new.py index 61eb8ec9..d1e58021 100755 --- a/dak/process_new.py +++ b/dak/process_new.py @@ -662,6 +662,8 @@ def do_pkg(upload, session): dsc = upload.source cnf = Config() + group = cnf.get('Dinstall::UnprivGroup') or None + #bcc = "X-DAK: dak process-new" #if cnf.has_key("Dinstall::Bcc"): # u.Subst["__BCC__"] = bcc + "\nBcc: %s" % (cnf["Dinstall::Bcc"]) @@ -670,7 +672,7 @@ def do_pkg(upload, session): try: with lock_package(upload.changes.source): - with UploadCopy(upload) as upload_copy: + with UploadCopy(upload, group=group) as upload_copy: handler = PolicyQueueUploadHandler(upload, session) if handler.get_action() is not None: print "PENDING %s\n" % handler.get_action() diff --git a/dak/show_new.py b/dak/show_new.py index f45ffe9d..89d2e82c 100755 --- a/dak/show_new.py +++ b/dak/show_new.py @@ -153,6 +153,8 @@ def html_footer(): def do_pkg(upload_id): + cnf = Config() + session = DBConn().session() upload = session.query(PolicyQueueUpload).filter_by(id=upload_id).one() @@ -178,8 +180,10 @@ def do_pkg(upload_id): htmlfiles_to_process.append(htmlfile) sources.append(htmlname) + group = cnf.get('Dinstall::UnprivGroup') or None + with open(htmlfile, 'w') as outfile: - with policy.UploadCopy(upload) as upload_copy: + with policy.UploadCopy(upload, group=group) as upload_copy: handler = policy.PolicyQueueUploadHandler(upload, session) missing = [ (o['type'], o['package']) for o in handler.missing_overrides() ] distribution = changes.distribution diff --git a/daklib/archive.py b/daklib/archive.py index bb9b051a..6d3d334e 100644 --- a/daklib/archive.py +++ b/daklib/archive.py @@ -636,8 +636,9 @@ class ArchiveUpload(object): cnf = Config() session = self.transaction.session + group = cnf.get('Dinstall::UnprivGroup') or None self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'), - mode=0o2750, group=cnf.unprivgroup) + mode=0o2750, group=group) with FilesystemTransaction() as fs: src = os.path.join(self.original_directory, self.original_changes.filename) dst = os.path.join(self.directory, self.original_changes.filename) diff --git a/daklib/checks.py b/daklib/checks.py index 3a6c7824..664bca3e 100644 --- a/daklib/checks.py +++ b/daklib/checks.py @@ -638,11 +638,14 @@ class LintianCheck(Check): changespath = os.path.join(upload.directory, changes.filename) try: - if cnf.unprivgroup: - cmd = "sudo -H -u {0} -- /usr/bin/lintian --show-overrides --tags-from-file {1} {2}".format(cnf.unprivgroup, temp_filename, changespath) - else: - cmd = "/usr/bin/lintian --show-overrides --tags-from-file {0} {1}".format(temp_filename, changespath) - result, output = commands.getstatusoutput(cmd) + cmd = [] + + user = cnf.get('Dinstall::UnprivUser') or None + if user is not None: + cmd.extend(['sudo', '-H', '-u', user]) + + cmd.extend(['/usr/bin/lintian', '--show-overrides', '--tags-from-file', temp_filename, changespath]) + result, output = commands.getstatusoutput(" ".join(cmd)) finally: os.unlink(temp_filename) diff --git a/daklib/config.py b/daklib/config.py index 339604a1..8eb45e20 100755 --- a/daklib/config.py +++ b/daklib/config.py @@ -134,7 +134,6 @@ class Config(object): for field in [('db_revision', None, int), ('defaultsuitename', 'unstable', str), ('exportpath', '', str), - ('unprivgroup', None, str), ('use_extfiles', None, int) ]: setattr(self, 'get_%s' % field[0], lambda s=None, x=field[0], y=field[1], z=field[2]: self.get_db_value(x, y, z)) diff --git a/daklib/policy.py b/daklib/policy.py index 41c9c1fe..cdff56a7 100644 --- a/daklib/policy.py +++ b/daklib/policy.py @@ -39,7 +39,7 @@ class UploadCopy(object): given by the C{directory} attribute. The copy will be removed on leaving the with-block. """ - def __init__(self, upload): + def __init__(self, upload, group=None): """initializer @type upload: L{daklib.dbconn.PolicyQueueUpload} @@ -48,6 +48,7 @@ class UploadCopy(object): self.directory = None self.upload = upload + self.group = group def export(self, directory, mode=None, symlink=True, ignore_existing=False): """export a copy of the upload @@ -97,9 +98,17 @@ class UploadCopy(object): def __enter__(self): assert self.directory is None + mode = 0o0700 + symlink = True + if self.group is not None: + mode = 0o2750 + symlink = False + cnf = Config() - self.directory = tempfile.mkdtemp(dir=cnf.get('Dir::TempPath')) - self.export(self.directory, symlink=True) + self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'), + mode=mode, + group=self.group) + self.export(self.directory, symlink=symlink) return self def __exit__(self, *args):