def main() -> int:
parser = create_parser()
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd: pwd.struct_passwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd, (db.radacct, db.radpostauth))
portal_pwd: pwd.struct_passwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd: pwd.struct_passwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def main():
parser = ArgumentParser(parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd.pw_name,
(db.radacct, db.radpostauth))
portal_pwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd.pw_name,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd.pw_name,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def __init__(self, bus: Bus, config: Config):
self.bus = bus
self.config = config
self.engine = db.create_engine(config, poolclass=StaticPool)
original_creator = self.engine.pool._creator
def creator(connection_record=None):
"""Create a connection as the database user"""
with dropped_privileges(database_pwd):
connection = original_creator(connection_record)
return connection
self.engine.pool._creator = creator
def __init__(self, bus: Bus, config: Config):
self.bus = bus
self.config = config
self.engine = db.create_engine(config, poolclass=StaticPool)
original_creator = self.engine.pool._creator
def creator(connection_record=None):
"""Create a connection as the database user"""
with dropped_privileges(database_pwd):
connection = original_creator(connection_record)
return connection
self.engine.pool._creator = creator
def __init__(self, bus: Bus, config: Config):
"""
:param bus: The bus (typically the system bus)
:param config: The configuration object
"""
self.bus = bus
self.config = config
self.engine = db.create_engine(config, poolclass=StaticPool)
database_pwd = pwd.getpwnam(constants.DATABASE_USER)
original_creator = self.engine.pool._creator
def creator(connection_record=None):
"""Create a connection as the database user"""
with dropped_privileges(database_pwd):
connection = original_creator(connection_record)
return connection
self.engine.pool._creator = creator
def main():
parser = ArgumentParser(parents=[common_parser])
args = parser.parse_args()
setup_cli_logging(parser.prog, args)
config = load_config(args.config, runtime_checks=True)
try:
engine = db.create_engine(config, poolclass=NullPool)
agent_pwd = pwd.getpwnam(constants.AGENT_USER)
with dropped_privileges(agent_pwd):
check_database(engine, agent_pwd.pw_name,
(db.radacct, db.radpostauth))
portal_pwd = pwd.getpwnam(constants.PORTAL_USER)
with dropped_privileges(portal_pwd):
check_database(engine, portal_pwd.pw_name,
(db.radacct, db.radpostauth, db.radusergroup))
radius_pwd = pwd.getpwnam(constants.RADIUS_USER)
with dropped_privileges(radius_pwd):
check_database(engine, radius_pwd.pw_name,
(db.radacct, db.radgroupcheck, db.radgroupreply,
db.radpostauth, db.radreply, db.radusergroup))
except DBAPIError:
return os.EX_TEMPFAIL
return os.EX_OK
def import_modules(sender, *args, **kwargs):
global engine
config = get_config()
engine = create_engine(config)
def import_modules(sender, *args, **kwargs):
global engine
config = get_config()
engine = create_engine(config)
def init_engine():
global engine
config = get_config(runtime_checks=True)
engine = create_engine(config)
def main():
parser = ArgumentParser(
description="Listens for commands as output by `hades-dhcp-script`.",
epilog=f"""\
This server listens on a socket for commands communicating lease events.
For detailed information about the functionality see `hades-dhcp-script --help`.
It is the server component for what could have been a single python program,
however because of performance reasons, it was necessary to circumvent the need
for a complete python interpreter startup every time such a notification happens.\
""",
parents=[common_parser],
)
parser.add_argument(
'--socket',
nargs='?',
default=constants.AUTH_DHCP_SCRIPT_SOCKET,
help=
f"Socket to listen on. Default: {constants.AUTH_DHCP_SCRIPT_SOCKET}")
args = parser.parse_args()
SCRIPT_SOCKET = args.socket
setup_cli_logging(parser.prog, args)
try:
config = load_config(args.config)
except ConfigError as e:
print_config_error(e)
return os.EX_CONFIG
fds = listen_fds()
if len(fds) == 0:
logger.info(
"Opening UNIX socket at %s.",
SCRIPT_SOCKET,
)
sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM, 0)
try:
os.unlink(SCRIPT_SOCKET)
except FileNotFoundError:
pass
sock.bind(SCRIPT_SOCKET)
sock.listen(Server.request_queue_size)
elif len(fds) == 1:
logger.info("Using systemd activation socket")
sock = fds[0]
if not is_socket_unix(sock, socket.SOCK_STREAM):
logger.critical(
"Passed socket is not an AF_UNIX SOCK_STREAM socket")
return os.EX_USAGE
else:
logger.critical(
"More than one (%d) socket passed via socket activation",
len(fds),
)
return os.EX_USAGE
engine = db.create_engine(
config,
pool_size=1,
max_overflow=2,
pool_pre_ping=True,
pool_reset_on_return='rollback',
)
try:
engine.connect()
except DBAPIError as e:
logger.critical("Could not connect to database", exc_info=e)
return os.EX_TEMPFAIL
server = Server(sock, engine)
server.serve_forever()
return os.EX_OK
def setup_engine(sender, *args, **kwargs):
global engine
config = get_config()
engine = create_engine(config)
def engine_from_config(filename: str) -> Engine:
config = load_config(filename)
engine = create_engine(config, isolation_level="SERIALIZABLE")
return engine