[CalendarServer-changes] [3268] CalendarServer/trunk/twistedcaldav/tap.py
source_changes at macosforge.org
source_changes at macosforge.org
Wed Oct 29 17:37:50 PDT 2008
Revision: 3268
http://trac.macosforge.org/projects/calendarserver/changeset/3268
Author: wsanchez at apple.com
Date: 2008-10-29 17:37:50 -0700 (Wed, 29 Oct 2008)
Log Message:
-----------
Have to be root to drop privileges; group doesn't matter.
Modified Paths:
--------------
CalendarServer/trunk/twistedcaldav/tap.py
Modified: CalendarServer/trunk/twistedcaldav/tap.py
===================================================================
--- CalendarServer/trunk/twistedcaldav/tap.py 2008-10-30 00:32:31 UTC (rev 3267)
+++ CalendarServer/trunk/twistedcaldav/tap.py 2008-10-30 00:37:50 UTC (rev 3268)
@@ -146,7 +146,6 @@
one option may be given for each --option flag, however multiple
--option flags may be specified.
"""
-
if "=" in option:
path, value = option.split("=")
self.setOverride(
@@ -173,23 +172,21 @@
uid, gid = None, None
if self.parent["uid"] or self.parent["gid"]:
- uid, gid = getid(self.parent["uid"],
- self.parent["gid"])
+ uid, gid = getid(self.parent["uid"], self.parent["gid"])
- if uid:
- if uid != os.getuid() and os.getuid() != 0:
+ def gottaBeRoot():
+ if os.getuid() != 0:
import pwd
username = pwd.getpwuid(os.getuid())[0]
- raise UsageError("Only root can drop privileges you are: %r"
+ raise UsageError("Only root can drop privileges. You are: %r"
% (username,))
- if gid:
- if gid != os.getgid() and os.getgid() != 0:
- import grp
- groupname = grp.getgrgid(os.getgid())[0]
- raise UsageError("Only root can drop privileges, you are: %s"
- % (groupname,))
+ if uid and uid != os.getuid():
+ gottaBeRoot()
+ if gid and gid != os.getgid():
+ gottaBeRoot()
+
# Ignore the logfile parameter if not daemonized and log to stdout.
if self.parent["nodaemon"]:
self.parent["logfile"] = None
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/calendarserver-changes/attachments/20081029/eabdf9c0/attachment.html>
More information about the calendarserver-changes
mailing list