def add_file(self, fs_dir, f):
fn = os.path.join(fs_dir, f.name)
if f.ftype == fs.REGULAR:
dbf = self.body_db.file_db.files[f.file_id]
self.body_db.file_store.extract_file(fn, dbf.offset, dbf.zlength)
elif f.ftype == fs.SYMLINK:
os.symlink(f.target, fn)
elif f.ftype == fs.SOCKET:
s = socket.socket(socket.AF_UNIX)
s.bind(fn)
s.close()
elif f.ftype == fs.FIFO:
os.mkfifo(fn, f.mode)
else:
mode = f.mode | stat.S_IFBLK if f.ftype == fs.BLOCKDEV else stat.S_IFCHR
device = os.makedev(f.major, f.minor)
os.mknod(fn, mode, device)
try:
os.lchown(fn, f.uid, f.gid)
except:
pass
if not f.ftype == fs.SYMLINK:
os.chmod(fn, f.mode)
cwrap.set_nsec_mtime(fn, f.mtime_ns)
def chpath_inplace_symlink(filename, st, old, new): target = os.readlink(filename) if target.startswith(old): new_target = new + target[len(old):] os.unlink(filename) os.symlink(new_target, filename) os.lchown(filename, st.st_uid, st.st_gid)
def lchown(space, path, uid, gid):
"""Change the owner and group id of path to the numeric uid and gid.
This function will not follow symbolic links."""
try:
os.lchown(path, uid, gid)
except OSError as e:
raise wrap_oserror(space, e, path)
def setPermissions(self, root, target, journal=None, nameLookup=True):
# do the chmod after the chown because some versions of Linux
# remove setuid/gid flags when changing ownership to root
if journal:
journal.lchown(root, target, self.inode.owner(),
self.inode.group())
self.chmod(target)
return
global userCache, groupCache
uid = gid = 0
owner = self.inode.owner()
group = self.inode.group()
# not all file types have owners
if owner and nameLookup:
uid = userCache.lookupName(root, owner)
if group and nameLookup:
gid = groupCache.lookupName(root, group)
ruid = os.getuid()
mask = 0
if ruid == 0:
os.lchown(target, uid, gid)
else:
# do not ever make a file setuid or setgid the wrong user
rgid = os.getgid()
if uid != ruid:
mask |= 04000
if gid != rgid:
mask |= 02000
self.chmod(target, mask)
def copy(path):
global copied_files
source = os.path.join(source_dir, path)
target = os.path.join(target_dir, path)
if os.path.isdir(source):
os.mkdir(target, 0755)
os.chown(target, installation.system.uid, installation.system.gid)
created_dir.append(target)
return True
else:
copyfile(source, target)
created_file.append(target)
if not os.path.islink(target):
if path.startswith("hooks/"):
mode = 0755
else:
mode = 0644
os.chmod(target, mode)
os.lchown(target, installation.system.uid, installation.system.gid)
copied_files += 1
if not compile_file(path):
compilation_failed.append(path)
return False
def __restore_attributes(self, tar_info, path):
"""Restores all attributes of a restored file."""
if os.geteuid() == 0:
try:
try:
uid = utils.getpwnam(tar_info.uname)[2]
except KeyError:
uid = tar_info.uid
try:
gid = utils.getgrnam(tar_info.gname)[2]
except KeyError:
gid = tar_info.gid
os.lchown(path, uid, gid)
except Exception as e:
if not psys.is_errno(e, errno.ENOENT):
LOG.error("Failed to set owner of '%s': %s.", path, psys.e(e))
self.__ok = False
if not tar_info.issym():
try:
os.chmod(path, tar_info.mode)
except Exception as e:
if not psys.is_errno(e, errno.ENOENT):
LOG.error("Failed to change permissions of '%s': %s.", path, psys.e(e))
self.__ok = False
try:
os.utime(path, ( tar_info.mtime, tar_info.mtime ))
except Exception as e:
if not psys.is_errno(e, errno.ENOENT):
LOG.error("Failed to change access and modification time of '%s': %s.", path, psys.e(e))
self.__ok = False
def chown(self,user=None,group=None):
"""Change associated owner and group
'user' and 'group' must be supplied as UID/GID
numbers (or None to leave the current values
unchanged).
*** Note that chown will fail attempting to
change the owner if the current process is not
owned by root ***
This is actually a wrapper to the os.lchmod
function, so it doesn't follow symbolic links.
"""
if user is None and group is None:
# Nothing to do
return
if user is None:
user = -1
if group is None:
group = -1
# Convert to ints
user = int(user)
group = int(group)
# Do chown - note this will fail if the user
# performing the operation is not root
os.lchown(self.__path,user,group)
# Update the stat information
try:
self.__st = os.lstat(self.__path)
except OSError:
self.__st = None
def extract_tarball(tarball_full_path, destination_directory=None, progress_update_callback=None):
if destination_directory is None:
destination_directory = tarball_full_path[:-8]
log.debug("extracting %s\n to %s", tarball_full_path, destination_directory)
assert not lexists(destination_directory), destination_directory
with open(tarball_full_path, 'rb') as fileobj:
if progress_update_callback:
fileobj = ProgressFileWrapper(fileobj, progress_update_callback)
with tarfile.open(fileobj=fileobj) as tar_file:
try:
tar_file.extractall(path=destination_directory)
except EnvironmentError as e:
if e.errno == ELOOP:
raise CaseInsensitiveFileSystemError(
package_location=tarball_full_path,
extract_location=destination_directory,
caused_by=e,
)
else:
raise
if sys.platform.startswith('linux') and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(destination_directory):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
def extract(dist):
"""
Extract a package, i.e. make a package available for linkage. We assume
that the compressed package is located in the packages directory.
"""
rec = package_cache()[dist]
url = rec['urls'][0]
fname = rec['files'][0]
assert url and fname
pkgs_dir = dirname(fname)
with Locked(pkgs_dir):
path = fname[:-8]
rm_rf(path)
t = tarfile.open(fname)
t.extractall(path=path)
t.close()
if sys.platform.startswith('linux') and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(path):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
add_cached_package(pkgs_dir, url, overwrite=True)
def hostActionCopyConfig(_config):
global INITRD_ESX_CONF_CHECKSUM
globsToCopy = [
'/etc/hosts',
'/etc/resolv.conf',
'/etc/vmware/esx.conf',
'/etc/xinetd.d/vmware-authd', # Referenced when turning off ipv6
'/etc/modprobe.d/blacklist', # Referenced when turning off ipv6
'/etc/sysconfig/network',
'/etc/sysconfig/network-scripts/ifcfg-vswif*',
]
# TODO: remove this configcheck, it should be done on bootup. It's safe
# to run multiple times though.
rc = os.system(os.path.join(HOST_ROOT, "usr/sbin/esxcfg-configcheck"))
assert rc == 0
for globPath in globsToCopy:
for srcPath in glob.glob(globPath):
dstPath = os.path.join(HOST_ROOT, srcPath.lstrip('/'))
try:
clonePath(srcPath, dstPath)
if os.path.islink(srcPath):
os.lchown(dstPath, 0, 0)
else:
os.chown(dstPath, 0, 0)
# XXX Maybe we should turn the files in the initrd into soft
# links that point at the installed versions of the files...
except IOError, e:
log.error("cannot copy %s to %s -- %s" % (
srcPath, dstPath, str(e)))
def unpack_dir(self, target_dir, callback=None):
rmode = ""
self.tar = None
if self.type == 'tar':
rmode = 'r:'
elif self.type == 'targz':
rmode = 'r:gz'
elif self.type == 'tarbz2':
rmode = 'r:bz2'
elif self.type in ('tarlzma', 'tarxz'):
self.tar = TarFile.lzmaopen(self.file_path, fileobj=self.fileobj)
else:
raise UnknownArchiveType
if self.tar is None:
self.tar = tarfile.open(self.file_path, rmode,
fileobj=self.fileobj)
oldwd = None
try:
# Don't fail if CWD doesn't exist (#6748)
oldwd = os.getcwd()
except OSError:
pass
os.chdir(target_dir)
uid = os.getuid()
gid = os.getgid()
for tarinfo in self.tar:
if callback:
callback(tarinfo, extracted=False)
self.tar.extract(tarinfo)
# tarfile.extract does not honor umask. It must be honored
# explicitly. See --no-same-permissions option of tar(1),
# which is the deafult behaviour.
#
# Note: This is no good while installing a pisi package.
# Thats why this is optional.
if self.no_same_permissions and not os.path.islink(tarinfo.name):
os.chmod(tarinfo.name, tarinfo.mode & ~ctx.const.umask)
if self.no_same_owner:
if not os.path.islink(tarinfo.name):
os.chown(tarinfo.name, uid, gid)
else:
os.lchown(tarinfo.name, uid, gid)
if callback:
callback(tarinfo, extracted=True)
try:
if oldwd:
os.chdir(oldwd)
# Bug #6748
except OSError:
pass
self.close()
def migrate_tomcat_libraries(self, instance):
# remove old links
for filename in os.listdir(instance.lib_dir):
if not filename.endswith('.jar'):
continue
path = os.path.join(instance.lib_dir, filename)
if self.verbose:
print('Removing %s' % path)
os.remove(path)
tomcat_dir = '/usr/share/tomcat/lib'
# create new links
for filename in os.listdir(tomcat_dir):
if not filename.endswith('.jar'):
continue
source = os.path.join(tomcat_dir, filename)
dest = os.path.join(instance.lib_dir, filename)
if self.verbose:
print('Creating %s' % dest)
os.symlink(source, dest)
os.lchown(dest, instance.uid, instance.gid)
def extract(dist):
"""
Extract a package, i.e. make a package available for linkage. We assume
that the compressed package is located in the packages directory.
"""
rec = package_cache()[dist]
url = rec["urls"][0]
fname = rec["files"][0]
assert url and fname
pkgs_dir = dirname(fname)
path = fname[:-8]
with FileLock(path):
temp_path = path + ".tmp"
rm_rf(temp_path)
with tarfile.open(fname) as t:
t.extractall(path=temp_path)
rm_rf(path)
exp_backoff_fn(os.rename, temp_path, path)
if sys.platform.startswith("linux") and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(path):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
add_cached_package(pkgs_dir, url, overwrite=True)
def copyown(src, dst):
"""Copy ownership"""
st = os.lstat(src)
if DRYRUN:
print 'chown %d.%d %s' % (st.st_uid, st.st_gid, dst)
else:
os.lchown(dst, st.st_uid, st.st_gid)
def create_link(self, instance, source, dest):
if self.verbose:
print('Creating %s' % dest)
os.symlink(source, dest)
os.lchown(dest, instance.uid, instance.gid)
def LChown(path, owner, group):
error = None
try:
os.lchown(path, owner, group)
except OSError, error:
print("Exception changing ownership of file " + path + " Error Code: " + str(error.errno) + " Error: " + error.message + error.strerror, file=sys.stderr)
LG().Log('ERROR', "Exception changing ownership of file " + path + " Error Code: " + str(error.errno) + " Error: " + error.message + error.strerror)
def start(self):
self.path["spool"] = Config.spool
self.path["spool.real"] = Config.spool+".real"
if os.path.ismount(self.path["spool"]):
Logger.warn("Failed to start FS backend, %s is already mounted"%(self.path["spool"]))
return False
for p in self.path:
path = self.path[p]
try:
os.makedirs(path)
except OSError, err:
if err[0] is not errno.EEXIST:
Logger.exception("Failed to create spool directory: %s"%path)
return False
try:
os.lchown(path, Config.uid, Config.gid)
except OSError:
Logger.exception("Unable to change file owner for '%s'"%path)
return False
if not os.path.exists(path):
Logger.error("Spool directory %s do not exist"%(path))
return False
def chownTree(self, dirpath, uid, gid):
"""chown the given path and all files and directories under
it to the given uid/gid."""
for path, dirs, files in os.walk(dirpath):
os.lchown(path, uid, gid)
for filename in files:
os.lchown(os.path.join(path, filename), uid, gid)
def chown(path, uid, gid):
"""Attempt to change the owner/group of the given file/directory using
os.lchown(). If this fails due to insufficient permissions, display
an appropriate error message and exit. Otherwise, raise the error."""
try:
# Use lchown so we do not follow symbolic links, just change the
# target as specified by the caller.
os.lchown(path, uid, gid)
# Note that it is possible the destination volume was mounted with
# the MNT_IGNORE_OWNERSHIP flag, in which case everything we create
# there will be owned by the _unknown user and group, no matter what
# we might want it to be. This is built into the XNU kernel.
except OSError, e:
if e.errno == errno.EPERM:
# Strangely root has problems changing symlinks that point
# to non-existent entries, need to filter out and ignore
# (we are most likely copying to an external disk anyway,
# in which case all files are owned by the _unknown user).
mode = os.lstat(path)[stat.ST_MODE]
if not stat.S_ISLNK(mode):
# Sometimes mysteriously fails to chown directories.
# Try again in one second; if it fails again ignore
# the problem and move on.
time.sleep(1)
try:
os.chown(path, uid, gid)
except OSError:
pass
else:
raise e
def lchown(space, path, uid, gid):
check_uid_range(space, uid)
check_uid_range(space, gid)
try:
os.lchown(path, uid, gid)
except OSError, e:
raise wrap_oserror(space, e, path)
def _getFilename(self, name, expire = None, uid=None, gid=None, suffix=".png"):
old_mask = os.umask(0)
basename = base64.urlsafe_b64encode(name.encode("utf-8"))
pathname = os.path.join(siteconfig.htdocs_dir, "generated_images")
user = base64.urlsafe_b64encode(self._user.login.encode("utf-8"))
pathname = os.path.normpath(os.path.join(pathname, user))
try:
os.mkdir(pathname, 0755)
except: pass
if uid != None and gid != None:
os.lchown(pathname, uid, gid)
self._remove_old_chart_files(os.path.join(pathname, basename), expire)
fd, self._filename = tempfile.mkstemp(prefix = basename + "_", suffix = suffix, dir = pathname)
if uid != None and gid != None:
os.lchown(self._filename, uid, gid)
os.chmod(self._filename, 0644)
self._href = urllib.quote("confutatis/generated_images/%s" % (user or "") + "/" + os.path.basename(self._filename))
os.umask(old_mask)
return self._filename
def restore_attrs(self, path, item, symlink=False, fd=None):
xattrs = item.get(b'xattrs')
if xattrs:
for k, v in xattrs.items():
try:
xattr.setxattr(fd or path, k, v)
except OSError as e:
if e.errno != errno.ENOTSUP:
raise
uid = gid = None
if not self.numeric_owner:
uid = user2uid(item[b'user'])
gid = group2gid(item[b'group'])
uid = uid or item[b'uid']
gid = gid or item[b'gid']
# This code is a bit of a mess due to os specific differences
try:
if fd:
os.fchown(fd, uid, gid)
else:
os.lchown(path, uid, gid)
except OSError:
pass
if fd:
os.fchmod(fd, item[b'mode'])
elif not symlink:
os.chmod(path, item[b'mode'])
elif has_lchmod: # Not available on Linux
os.lchmod(path, item[b'mode'])
if fd and utime_supports_fd: # Python >= 3.3
os.utime(fd, None, ns=(item[b'mtime'], item[b'mtime']))
elif utime_supports_fd: # Python >= 3.3
os.utime(path, None, ns=(item[b'mtime'], item[b'mtime']), follow_symlinks=False)
elif not symlink:
os.utime(path, (item[b'mtime'] / 10**9, item[b'mtime'] / 10**9))
def link_system_python_packages():
packages = OPTS.system_packages.split()
python_paths = [x / 'site-packages' for x in OPTS.venv.joinpath("lib").glob('python3*')]
files_to_clean = []
files_to_link = []
uid = pwd.getpwnam(OPTS.user)[2]
gid = grp.getgrnam(OPTS.group)[2]
for package in packages:
try:
pkg = __import__(package, globals())
except ImportError:
exit_with_error(1, "Couldn't find python package %r from the system" % (package,))
pkg_src, _, _ = pkg.__file__.rpartition('/')
pkg_path, _, pkg_name = pkg_src.rpartition('/')
sources = Path(pkg_path).glob(pkg_name + '*')
for dst in python_paths:
files_to_clean.extend(dst.glob(pkg_name + '*'))
files_to_link.extend((dst / file_.name, file_) for file_ in sources)
for file_ in files_to_clean:
debug("removing file or dir '%s'" % (file_,))
try:
file_.unlink()
except OSError:
rmtree(str(file_))
for dst, src in files_to_link:
debug("creating symlink '%s' -> '%s'" % (dst, src))
dst.symlink_to(src)
lchown(str(dst), uid, gid)
def LChown(path, owner, group):
error = None
try:
os.lchown(path, owner, group)
except OSError, error:
Print("Exception changing ownership of file " + path + " Error: " + str(error), file=sys.stderr)
LG().Log('ERROR', "Exception changing ownership of file " + path + " Error: " + str(error))
def process_file(self, source, destination, root, link=False, **options):
dry_run = options.get('dry_run', False)
interactive = options.get('interactive', False)
destination = os.path.abspath(os.path.join(root, destination))
if not dry_run:
# Get permission bits and ownership of `root`.
try:
root_stat = os.stat(root)
except os.error:
mode = 0777 # Default for `os.makedirs` anyway.
uid = gid = None
else:
mode = root_stat.st_mode
uid, gid = root_stat.st_uid, root_stat.st_gid
destination_dir = os.path.dirname(destination)
try:
# Recursively create all the required directories, attempting
# to use the same mode as `root`.
os.makedirs(destination_dir, mode)
except os.error:
# This probably just means the leaf directory already exists,
# but if not, we'll find out when copying or linking anyway.
pass
else:
if None not in (uid, gid) and hasattr(os, 'lchown'):
os.lchown(destination_dir, uid, gid)
if link:
success = self.link_file(source, destination, interactive, dry_run)
else:
success = self.copy_file(source, destination, interactive, dry_run)
if success and None not in (uid, gid) and hasattr(os, 'lchown'):
# Try to use the same ownership as `root`.
os.lchown(destination, uid, gid)
def extract_tarball(tarball_full_path, destination_directory=None, progress_update_callback=None):
if destination_directory is None:
if tarball_full_path.endswith('.tar.bz2'):
destination_directory = tarball_full_path[:-8]
else:
destination_directory = tarball_full_path.splitext()[0]
log.debug("extracting %s\n to %s", tarball_full_path, destination_directory)
# the most common reason this happens is due to hard-links, windows thinks
# files in the package cache are in-use. rm_rf should have moved them to
# have a .conda_trash extension though, so it's ok to just write into
# the same existing folder.
if not path_is_clean(destination_directory):
log.debug("package folder {} was not empty, but we're writing there."
.format(destination_directory))
conda_package_handling.api.extract(tarball_full_path, dest_dir=destination_directory)
if sys.platform.startswith('linux') and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(destination_directory):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
def addFileToAlbum(self, photo):
"""
add a file to an album, the albumid must be previously stored in the LycheePhoto parameter
Parameters:
- photo: a valid LycheePhoto object
Returns True if everything went ok
"""
res = False
try:
# copy photo
if self.conf['link']:
os.symlink(photo.srcfullpath, photo.destfullpath)
else:
shutil.copy(photo.srcfullpath, photo.destfullpath)
# adjust right (chmod/chown)
os.lchown(photo.destfullpath, self.conf['uid'], self.conf['gid'])
if not(self.conf['link']):
st = os.stat(photo.destfullpath)
os.chmod(photo.destfullpath, st.st_mode | stat.S_IRWXU | stat.S_IRWXG)
else:
st = os.stat(photo.srcfullpath)
os.chmod(photo.srcfullpath, st.st_mode | stat.S_IROTH)
res = self.dao.addFileToAlbum(photo)
except Exception:
print "addFileToAlbum", Exception
traceback.print_exc()
res = False
return res
def initialize_home_directory():
"""
initialize_home_directory
If the home folder is not found, initialize it.
"""
if os.path.exists(HOME):
return
os.mkdir(HOME, 0770)
# some sudo calls change the euid, uid and ruid to 0, which might not be
# accessible later when running as a user process. This, for some reason
# happens on certain MacOS systems
if "SUDO_UID" in os.environ:
uid = int(os.environ["SUDO_UID"])
gid = int(os.environ["SUDO_GID"])
os.lchown(HOME, uid, gid)
settings_file = os.path.join(HOME, "settings.json")
initialize_default_settings(settings_file)
return
def unpack_dir(self, target_dir):
rmode = ""
if self.type == 'tar':
rmode = 'r:'
elif self.type == 'targz':
rmode = 'r:gz'
elif self.type == 'tarbz2':
rmode = 'r:bz2'
elif self.type == 'tarlzma':
rmode = 'r:'
self.file_path = self.file_path.rstrip(ctx.const.lzma_suffix)
ret, out, err = util.run_batch("lzma d %s %s" % (self.file_path + ctx.const.lzma_suffix,
self.file_path))
if ret != 0:
raise LZMAError(err)
else:
raise ArchiveError(_("Archive type not recognized"))
self.tar = tarfile.open(self.file_path, rmode)
oldwd = os.getcwd()
os.chdir(target_dir)
uid = os.getuid()
gid = os.getgid()
install_tar_path = util.join_path(ctx.config.tmp_dir(), ctx.const.install_tar)
for tarinfo in self.tar:
# Installing packages (especially shared libraries) is a
# bit tricky. You should also change the inode if you
# change the file, cause the file is opened allready and
# accessed. Removing and creating the file will also
# change the inode and will do the trick (in fact, old
# file will be deleted only when its closed).
#
# Also, tar.extract() doesn't write on symlinks... Not any
# more :).
if self.file_path == install_tar_path:
if os.path.isfile(tarinfo.name) or os.path.islink(tarinfo.name):
try:
os.unlink(tarinfo.name)
except OSError, e:
ctx.ui.warning(e)
self.tar.extract(tarinfo)
# tarfile.extract does not honor umask. It must be honored explicitly.
# see --no-same-permissions option of tar(1), which is the deafult
# behaviour.
#
# Note: This is no good while installing a pisi package. Thats why
# this is optional.
if self.no_same_permissions and not os.path.islink(tarinfo.name):
os.chmod(tarinfo.name, tarinfo.mode & ~ctx.const.umask)
if self.no_same_owner:
if not os.path.islink(tarinfo.name):
os.chown(tarinfo.name, uid, gid)
else:
os.lchown(tarinfo.name, uid, gid)
def _create(data):
for path, attr in sorted(data.files.iteritems()):
_mk_file(data, path, attr['source'], attr['content'], attr['target'])
for path in reversed(data.created):
attr = data.files[path]
if not attr.get('target', None):
os.chmod(path, attr['mode'])
os.lchown(path, attr['uid'], attr['gid'])
def _set_attributes(opts, path):
"""Set file attributes on a given path.
Args:
path: file/directory path
"""
try:
if opts.owner != -1 or opts.group != -1:
os.lchown(path, opts.owner, opts.group)
if opts.mode is not None and not os.path.islink(path):
os.chmod(path, opts.mode)
except OSError as e:
raise IpcCommandError(
f'failed setting file attributes: {path!r}: {e.strerror}')
def restore_attrs(self, path, item, symlink=False, fd=None):
xattrs = item.get(b'xattrs', {})
for k, v in xattrs.items():
try:
xattr.setxattr(fd or path, k, v, follow_symlinks=False)
except OSError as e:
if e.errno not in (errno.ENOTSUP, errno.EACCES, ):
# only raise if the errno is not on our ignore list:
# ENOTSUP == xattrs not supported here
# EACCES == permission denied to set this specific xattr
# (this may happen related to security.* keys)
raise
uid = gid = None
if not self.numeric_owner:
uid = user2uid(item[b'user'])
gid = group2gid(item[b'group'])
uid = item[b'uid'] if uid is None else uid
gid = item[b'gid'] if gid is None else gid
# This code is a bit of a mess due to os specific differences
try:
if fd:
os.fchown(fd, uid, gid)
else:
os.lchown(path, uid, gid)
except OSError:
pass
if fd:
os.fchmod(fd, item[b'mode'])
elif not symlink:
os.chmod(path, item[b'mode'])
elif has_lchmod: # Not available on Linux
os.lchmod(path, item[b'mode'])
mtime = bigint_to_int(item[b'mtime'])
if b'atime' in item:
atime = bigint_to_int(item[b'atime'])
else:
# old archives only had mtime in item metadata
atime = mtime
if fd:
os.utime(fd, None, ns=(atime, mtime))
else:
os.utime(path, None, ns=(atime, mtime), follow_symlinks=False)
acl_set(path, item, self.numeric_owner)
# Only available on OS X and FreeBSD
if has_lchflags and b'bsdflags' in item:
try:
os.lchflags(path, item[b'bsdflags'])
except OSError:
pass
def default_ensure_perms(d1, d2=None):
"""Enforce a fs objects attributes on the livefs.
Attributes enforced are permissions, mtime, uid, gid.
:param d2: if not None, an fs object for what's on the livefs now
:return: True on success, else an exception is thrown
:raise EnvironmentError: if fs object attributes can't be enforced
"""
m, o, g, t = d1.mode, d1.uid, d1.gid, d1.mtime
if o is None:
o = -1
if g is None:
g = -1
if d2 is None:
do_mode, do_chown, do_mtime = True, True, True
else:
do_mode = False
try:
if fs.isdir(d1) and fs.isdir(d2):
# if it's preexisting, keep it's perms.
do_mode = False
else:
do_mode = (m is not None and m != d2.mode)
except AttributeError:
# yes. this _is_ stupid. vdb's don't always store all attributes
do_mode = False
do_chown = False
try:
do_chown = (o != d2.uid or g != d2.gid)
except AttributeError:
do_chown = True
try:
do_mtime = (t != d2.mtime)
except AttributeError:
do_mtime = True
if do_chown and (o != -1 or g != -1):
os.lchown(d1.location, o, g)
if not fs.issym(d1):
if do_mode and m is not None:
os.chmod(d1.location, m)
if do_mtime and t is not None:
os.utime(d1.location, (t, t))
return True
def remap_gid(self, src, dest):
group = self.group[src]
del self.group[src]
group.change_gid(dest)
self.group[group.gid] = group
for passwd in self.passwd.values():
if passwd.gid == src:
passwd.change_gid(dest)
for root, dirs, files in os.walk(self.basedir):
for item in dirs + files:
stat = os.lstat(os.path.join(root, item))
if stat.st_gid == src:
os.lchown(os.path.join(root, item), stat.st_uid, dest)
if not os.path.islink(os.path.join(root, item)):
os.chmod(os.path.join(root, item), stat.st_mode)
def recovery_stat(self, object_path, lstat):
#os.lchmod(object_path, lstat.st_mode) AttributeError: 'module' object has no attribute 'lchmod'
try :
time = lstat.st_atime, lstat.st_mtime
os.utime(object_path, time)
except OSError:
pass
try:
os.chmod(object_path, S_IMODE(lstat.st_mode))
except OSError:
pass
try:
os.lchown(object_path, lstat.st_uid, lstat.st_gid)
except OSError:
pass # doplnit printy / handle exceptetion
def move(src, dst):
st = os.lstat(src)
is_symlink = stat.S_ISLNK(st.st_mode)
if os.path.isdir(dst):
dst = os.path.join(dst, os.path.basename(os.path.abspath(src)))
if is_symlink:
linkto = os.readlink(src)
os.symlink(linkto, dst)
os.unlink(src)
else:
shutil.move(src, dst)
os.lchown(dst, st.st_uid, st.st_gid)
def update_container_ids(self, container_name):
"""
By default, the container are checked out as root. This method sets the uid and
gid of all the container related files to 1000 (UID) and 1000 (GID).
Parameters:
container_name (str): the name of the container
"""
self.logger.info("Update the UID and GID of the rootfs")
os.chown(PATH_APPS + '/' + container_name, CONTAINER_UID, CONTAINER_GID)
for dirpath, dirnames, filenames in os.walk(PATH_APPS + '/' + container_name):
for dname in dirnames:
os.lchown(os.path.join(dirpath, dname), CONTAINER_UID, CONTAINER_GID)
for fname in filenames:
os.lchown(os.path.join(dirpath, fname), CONTAINER_UID, CONTAINER_GID)
def _set_attributes(options, path): """Sets attributes the file/dir at given |path|. Args: options: object which has |owner|, |group| and |mode| fields. |owner| is int value representing uid. Similary |group| represents gid. If -1 is set, just unchanged. |mode| is the bits of permissions. path: File/directory path. """ if options.owner != -1 or options.group != -1: os.lchown(path, options.owner, options.group) if options.mode is not None: os.chmod(path, options.mode)
def editor_save_view(request, site_id):
site = get_object_or_404(Site, id=site_id)
if not request.user.is_superuser and not site.group.users.filter(
id=request.user.id).exists():
raise PermissionDenied
requested_path = request.GET.get("name", "")
path = os.path.abspath(os.path.join(site.path, requested_path))
if not path.startswith(site.path):
return JsonResponse({
"error": "Invalid or nonexistent file!",
"path": path
})
set_perms = False
if not os.path.isfile(path):
if os.path.exists(path):
return JsonResponse({
"error": "Invalid or nonexistent file!",
"path": path
})
if not request.POST.get("force", False):
return JsonResponse({
"error": "The file you are editing does not exist anymore!",
"path": path,
"force": True
})
else:
set_perms = True
if (path.rstrip("/") + "/").startswith(site.logs_path + "/"):
return JsonResponse({
"error": "You cannot edit your site's log file.",
"path": path
})
with switch_to_site_user(site):
with open(path, "w", encoding="utf-8") as f:
f.write(request.POST.get("contents"))
if set_perms:
st = os.lstat(path)
os.lchown(path, site.user.id, site.group.id)
os.chmod(path, st.st_mode | stat.S_IRGRP | stat.S_IWGRP)
return JsonResponse({"success": True})
def _set_perms(self, entry, path=None):
""" set permissions on the given entry, or on the given path
according to the given entry """
if path is None:
path = entry.get("name")
rv = True
if os.geteuid() == 0:
if entry.get("owner") and entry.get("group"):
try:
self.logger.debug(
"POSIX: Setting ownership of %s to %s:%s" %
(path, self._norm_entry_uid(entry),
self._norm_entry_gid(entry)))
os.lchown(path, self._norm_entry_uid(entry),
self._norm_entry_gid(entry))
except (OSError, KeyError):
self.logger.error(
'POSIX: Failed to change ownership of %s' % path)
rv = False
if sys.exc_info()[0] == KeyError:
os.lchown(path, 0, 0)
else:
self.logger.debug("POSIX: Run as non-root, not setting ownership")
if entry.get("mode"):
wanted_mode = int(entry.get('mode'), 8)
if entry.get('dev_type'):
wanted_mode |= device_map[entry.get('dev_type')]
try:
self.logger.debug("POSIX: Setting mode on %s to %s" %
(path, oct_mode(wanted_mode)))
os.chmod(path, wanted_mode)
except (OSError, KeyError):
self.logger.error('POSIX: Failed to change mode on %s' % path)
rv = False
if entry.get('mtime'):
try:
os.utime(entry.get('name'),
(int(entry.get('mtime')), int(entry.get('mtime'))))
except OSError:
self.logger.error("POSIX: Failed to set mtime of %s" % path)
rv = False
rv &= self._set_secontext(entry, path=path)
rv &= self._set_acls(entry, path=path)
return rv
def setup_service_account(irods_config, irods_user, irods_group):
l = logging.getLogger(__name__)
l.info(irods.lib.get_header('Setting up the service account'))
if irods_group not in [g.gr_name for g in grp.getgrall()]:
l.info('Creating Service Group: %s', irods_group)
irods.lib.execute_command(['groupadd', '-r', irods_group])
else:
l.info('Existing Group Detected: %s', irods_group)
if irods.lib.execute_command_permissive(['id', irods_user])[2] != 0:
l.info('Creating Service Account: %s', irods_group)
irods.lib.execute_command([
'useradd', '-r', '-d', irods_config.irods_directory, '-M', '-s',
'/bin/bash', '-g', irods_group, '-c', 'iRODS Administrator', '-p',
'!', irods_user
])
else:
l.info('Existing Account Detected: %s', irods_user)
with open(irods_config.service_account_file_path, 'wt') as f:
print('IRODS_SERVICE_ACCOUNT_NAME=%s' % (irods_user), file=f)
print('IRODS_SERVICE_GROUP_NAME=%s' % (irods_group), file=f)
l.info('Setting owner of %s to %s:%s', irods_config.irods_directory,
irods_user, irods_group)
for (root, _, files) in os.walk(irods_config.irods_directory):
os.lchown(root,
pwd.getpwnam(irods_user).pw_uid,
grp.getgrnam(irods_group).gr_gid)
for filename in files:
os.lchown(os.path.join(root, filename),
pwd.getpwnam(irods_user).pw_uid,
grp.getgrnam(irods_group).gr_gid)
l.info('Setting owner of %s to %s:%s', irods_config.config_directory,
irods_user, irods_group)
for (root, _, files) in os.walk(irods_config.config_directory):
os.lchown(root,
pwd.getpwnam(irods_user).pw_uid,
grp.getgrnam(irods_group).gr_gid)
for filename in files:
os.lchown(os.path.join(root, filename),
pwd.getpwnam(irods_user).pw_uid,
grp.getgrnam(irods_group).gr_gid)
l.debug('Setting uid bit on %s', irods.paths.genosauth_path())
os.chmod(
irods.paths.genosauth_path(), stat.S_ISUID
| stat.S_IRUSR
| stat.S_IXUSR
| stat.S_IRGRP
| stat.S_IXGRP
| stat.S_IROTH
| stat.S_IXOTH)
#owner of top-level directory changed, clear the cache
irods_config.clear_cache()
def extract_tarball(tarball_full_path,
destination_directory=None,
progress_update_callback=None):
if destination_directory is None:
destination_directory = tarball_full_path[:-8]
log.debug("extracting %s\n to %s", tarball_full_path,
destination_directory)
# the most common reason this happens is due to hard-links, windows thinks
# files in the package cache are in-use. rm_rf should have moved them to
# have a .conda_trash extension though, so it's ok to just write into
# the same existing folder.
if not path_is_clean(destination_directory):
log.debug(
"package folder {} was not empty, but we're writing there.".format(
destination_directory))
with open(tarball_full_path, 'rb') as fileobj:
if progress_update_callback:
fileobj = ProgressFileWrapper(fileobj, progress_update_callback)
with tarfile.open(fileobj=fileobj) as tar_file:
if context.safety_checks:
for member in tar_file.getmembers():
if (os.path.isabs(member.name) or not os.path.realpath(
member.name).startswith(os.getcwd())):
raise CondaFileIOError(
tarball_full_path,
"contains unsafe path: {}".format(member.name))
try:
tar_file.extractall(path=destination_directory)
except EnvironmentError as e:
if e.errno == ELOOP:
raise CaseInsensitiveFileSystemError(
package_location=tarball_full_path,
extract_location=destination_directory,
caused_by=e,
)
else:
raise
if sys.platform.startswith('linux') and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(destination_directory):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
def _retry_request(self, rsrc_id):
"""Force re-evaluation of a request.
"""
# XXX(boysson): Duplicate of _base_service.clt_update_request
request_lnk = os.path.join(self._service_rsrc_dir, rsrc_id)
_LOGGER.debug('Updating %r', rsrc_id)
# NOTE(boysson): This does the equivalent of a touch on the symlink
try:
os.lchown(
request_lnk,
os.getuid(),
os.getgid()
)
except OSError as err:
if err.errno != errno.ENOENT:
raise
def clt_update_request(self, req_id):
"""Update an existing request.
This should only be called by the client instance.
"""
svc_req_lnk = os.path.join(self._rsrc_dir, req_id)
_LOGGER.debug('Updating %r: %r', req_id, svc_req_lnk)
# Remove any reply if it exists
fs.rm_safe(os.path.join(svc_req_lnk, _REP_FILE))
# NOTE(boysson): This does the equivalent of a touch on the symlink
try:
os.lchown(svc_req_lnk, os.getuid(), os.getgid())
except OSError as err:
if err.errno != errno.ENOENT:
raise
def SetPosix(path, meta):
amroot = os.geteuid() == 0
try:
os.lchown(path, meta[TAR_UID_KEY], meta[TAR_GID_KEY])
except os.error as e:
# If we're not root, we can't do the chown
if e[0] != errno.EPERM and amroot:
raise e
os.lchmod(path, meta[TAR_MODE_KEY])
if meta[TAR_FLAGS_KEY] != 0:
try:
os.lchflags(path, meta[TAR_FLAGS_KEY])
except os.error as e:
# If we're not root, we can't do some of this, either
if e[0] != errno.EPERM and amroot:
raise e
def setattr(cls, path, adct):
"""set file attributes
@adct is a dict, where 'own', 'mode' and 'times'
keys are looked for and values used to perform
chown, chmod or utimes on @path.
"""
own = adct.get('own')
if own:
os.lchown(path, *own)
mode = adct.get('mode')
if mode:
os.chmod(path, stat.S_IMODE(mode))
times = adct.get('times')
if times:
os.utime(path, times)
def _replaceDirUidGidImpl(dirname, uidDict, gidDict, ignoreAbsList):
for fb in os.listdir(dirname):
f = os.path.join(dirname, fb)
if any(x for x in ignoreAbsList if fnmatch.fnmatch(f, x)):
continue
if VccUtil.isTrivalDir(f):
VccUtil._replaceDirUidGidImpl(f, uidDict, gidDict, ignoreAbsList)
elif VccUtil.isTrivalFile(f):
pass
else:
assert False
userId = os.lstat(f).st_uid
groupId = os.lstat(f).st_gid
userId = uidDict.get(userId, userId)
groupId = gidDict.get(groupId, groupId)
os.lchown(f, userId, groupId)
def chown(path, uid, gid):
"""
Change ownership of a file, link, or folder recursively.
"""
if os.path.islink(path):
os.lchown(path, uid, gid)
else:
os.chown(path, uid, gid)
if not os.path.isdir(path):
return
for item in os.listdir(path):
itempath = os.path.join(path, item)
chown(itempath, uid, gid)
def preparePersistDir(dirname, uid, gid, mode):
if not os.path.exists(dirname):
os.makedirs(dirname, mode)
if os.getuid() != uid or os.getpid() != gid:
os.chown(dirname, uid, gid)
else:
st = os.stat(dirname)
if stat.S_IMODE(st.st_mode) != mode:
os.chmod(dirname, mode)
if st.st_uid != uid or st.st_gid != gid:
os.chown(dirname, uid, gid)
for root, dirs, files in os.walk(dirname):
for d in dirs:
os.lchown(os.path.join(root, d), uid, gid)
for f in files:
os.lchown(os.path.join(root, f), uid, gid)
def lchown(path, user=-1, group=-1):
"""
Change the owner/group of a path, raises an OSError if the
ownership change fails.
:param user: user to change
:type user: int or str
:param group: group to change
:type group: int or str
"""
if isinstance(user, str):
import pwd
entry = pwd.getpwnam(user)
if not entry:
raise OSError("Unknown user %r" % user)
user = entry[2]
if isinstance(group, str):
import grp
entry = grp.getgrnam(group)
if not entry:
raise OSError("Unknown group %r" % group)
group = entry[2]
return os.lchown(path, user, group)
def _link_fetch(fh, changed, opts):
linkpath = os.path.join(opts.dest_dir, fh.fpath)
if not os.path.exists(linkpath):
log.debug("Creating symlink '%s'->'%s'", linkpath, fh.link_target)
if not opts.quiet:
print("L: (create) %s -> %s" % (linkpath, fh.link_target))
os.symlink(fh.link_target, linkpath)
opts.stats.link_contents_differed += 1
else:
log.debug("Path '%s' exists in the filesystem", linkpath)
if not os.path.islink(linkpath):
raise NonLinkFoundAtLinkLocationError(
"Non-symlink found where we want a symlink ('%s')" % linkpath)
else:
# Symlink found. Check it.
curtgt = os.readlink(linkpath)
# Create or move the symlink.
if curtgt != fh.link_target:
changed.contents = True
log.debug("Moving symlink '%s'->'%s'", linkpath,
fh.link_target)
if not opts.quiet:
print("L: (move) %s -> %s" % (linkpath, fh.link_target))
os.symlink(fh.link_target, linkpath)
opts.stats.link_contents_differed += 1
expect_uid = fh.uid
expect_gid = fh.gid
lstat = os.lstat(linkpath)
if lstat.st_uid != expect_uid or lstat.st_gid != expect_gid:
changed.uidgid = True
log.debug("Changing link '%s' ownership to %s/%s", linkpath,
expect_uid, expect_gid)
os.lchown(linkpath, expect_uid, expect_gid)
if lstat.st_mode != fh.mode:
changed.mode = True
log.debug("Changing link '%s' mode to %06o", linkpath, fh.mode)
os.lchmod(linkpath, fh.mode)
if changed.mode or changed.uidgid:
opts.stats.link_metadata_differed += 1
def fix_permissions(site):
for root, dirs, files in os.walk(site.path):
dirs[:] = [d for d in dirs if not d == ".ssh"]
for f in files + dirs:
path = os.path.join(root, f)
try:
st = os.lstat(path)
except:
client.captureException()
continue
os.lchown(path, site.user.id, site.group.id)
if stat.S_ISLNK(st.st_mode):
pass
elif stat.S_ISDIR(st.st_mode):
os.chmod(path, st.st_mode | stat.S_IRGRP | stat.S_IWGRP | stat.S_IXGRP)
else:
os.chmod(path, st.st_mode | stat.S_IRGRP | stat.S_IWGRP)
def shift_path(path,
uid_mappings,
gid_mappings,
nobody,
uid_memo,
gid_memo,
dry_run=False,
verbose=False):
stat = os.lstat(path)
uid = stat.st_uid
gid = stat.st_gid
target_uid = find_target_id(uid, uid_mappings, nobody, uid_memo)
target_gid = find_target_id(gid, gid_mappings, nobody, gid_memo)
if verbose:
print_chown(path, uid, gid, target_uid, target_gid)
if not dry_run:
os.lchown(path, target_uid, target_gid)
def copy_file(basedir, filepath, dstdir, uid=None, gid=None):
import shutil
subdir = os.path.relpath(os.path.dirname(filepath), basedir)
if subdir is not '.':
dstdir = os.path.join(dstdir, subdir)
mkdir_p(dstdir)
dstfilepath = os.path.join(dstdir, os.path.basename(filepath))
if os.path.exists(dstfilepath):
dstfilepath = make_up_filename(dstfilepath)
shutil.copyfile(filepath, dstfilepath)
else:
shutil.copy(filepath, dstdir)
print('copying: {} --> {}'.format(filepath, dstdir))
if uid and gid:
os.lchown(dstdir, uid, gid)
os.lchown(dstfilepath, uid, gid)
def regen_ss_file():
# this is only used for Kerberos auth at the moment.
# it identifies XMLRPC requests from Apache that have already
# been cleared by Kerberos.
ssfile = "/var/lib/cobbler/web.ss"
fd = open("/dev/urandom", 'rb')
data = fd.read(512)
fd.close()
fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o600)
os.write(fd, binascii.hexlify(data))
os.close(fd)
http_user = utils.get_http_user()
os.lchown("/var/lib/cobbler/web.ss", pwd.getpwnam(http_user)[2], -1)
return 1
def replace_with_link(self, instance, filename, target):
source = os.path.join(instance.conf_dir, filename)
# if source is already a link, skip
if os.path.islink(source):
return
self.backup(source)
# if source already exists, remove it
if os.path.exists(source):
os.remove(source)
# link source to target
os.symlink(target, source)
os.lchown(source, instance.uid, instance.gid)
def extract_tarball(tarball_full_path, destination_directory=None):
if destination_directory is None:
destination_directory = tarball_full_path[:-8]
log.debug("extracting %s\n to %s", tarball_full_path, destination_directory)
assert not lexists(destination_directory), destination_directory
with tarfile.open(tarball_full_path) as t:
t.extractall(path=destination_directory)
if sys.platform.startswith('linux') and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(destination_directory):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
def create_home(self, user_info):
group = user_info["profile"]
if group == "admin":
group = "admins"
uid = user_info["uid"]
nethome = os.path.join(self.nethome_path, group, uid)
if not os.path.exists(nethome):
userid = int(user_info["uidNumber"])
nobody_id = int(pwd.getpwnam("nobody").pw_uid)
usergid = int(grp.getgrnam("nogroup").gr_gid)
#fix umask for fix correct permission
prevmask = os.umask(0)
os.mkdir(nethome, 0o2770)
#shutils.copytree("/etc/skel/UserFiles",nethome,symlinks=True)
#p1=subprocess.Popen(["rsync","-rltgD","/etc/skel-net/",pipes.quote(nethome)])
command = 'rsync -rltgD /etc/skel-net/ "%s"' % nethome
p1 = os.system(command)
#out = p1.communicate()
'''
#chown -R user:guser
#chmod 770 for all directories
#chmod 660 for all files
'''
os.lchown(nethome, nobody_id, usergid)
for base, directories, files in os.walk(nethome):
for directori in directories:
auxpath = os.path.join(base, directori)
os.lchown(auxpath, userid, usergid)
os.chmod(auxpath, 0o2770)
for auxfile in files:
auxpath = os.path.join(base, auxfile)
os.chown(auxpath, userid, usergid)
os.chmod(auxpath, 0o660)
# for
# restore old umask
os.chmod(nethome, 0o2770)
os.umask(prevmask)
for acl in self.home_acls:
#command='setfacl %s "%s"'%(acl%str(userid),pipes.quote(nethome))
command = 'setfacl %s "%s"' % (acl % str(userid), nethome)
os.system(command)
return nethome
def oscheck():
try:
pwd.getpwnam("mysql")
except:
os.system("groupadd mysql")
os.system("useradd -g mysql -d /opt/mysql -s /sbin/nologin mysql")
print "create mysql user ok"
user = pwd.getpwnam("mysql")
if ((os.path.isdir("/opt/mysql") == False)):
os.mkdir("/opt/mysql")
os.chown("/opt/mysql", user[3], user[2])
print "create dir /opt/mysql"
if ((os.path.isdir("/opt/mysql/mysql-5.5.37-linux2.6-x86_64")) == False):
os.chdir("/tmp")
if (os.path.exists("daosen-mysql-5.5.37-linux2.6-x86_64.tar.gz") ==
False):
os.system(
"wget http://192.168.199.75/mysql/daosen-mysql-5.5.37-linux2.6-x86_64.tar.gz -o /tmp/down.log"
)
print "Download Ok /tmp/daosen-mysql-5.5.37-linux2.6-x86_64.tar.gz"
print "tar zxf daosen-mysql-5.5.37-linux2.6-x86_64.tar.gz -C /opt/mysql"
os.system(
"tar zxf daosen-mysql-5.5.37-linux2.6-x86_64.tar.gz -C /opt/mysql")
os.chown("/opt/mysql", user[3], user[2])
print "create /opt/mysql/mysql-5.5.37-linux2.6-x86_64 ok!"
if ((os.path.islink("/usr/local/mysql")) == False):
os.symlink("/opt/mysql/mysql-5.5.37-linux2.6-x86_64",
"/usr/local/mysql")
os.lchown("/usr/local/mysql", user[3], user[2])
print "create link ok"
if ((os.path.isdir("/data/mysql")) == False):
os.mkdir("/data/mysql")
os.chown("/data/mysql", user[3], user[2])
cmd = "grep 'mysql' /etc/profile|grep -v grep|wc -l"
mpNum = os.popen(cmd).read()
if (int(mpNum) <= 0):
print "export PATH=$PATH:/usr/local/mysql/bin >> /etc/profile"
line = "export PATH=$PATH:/usr/local/mysql/bin"
os.system("echo %s >>/etc/profile; source /etc/profile" % line)
print "oscheck ok"
def extract(pkgs_dir, dist):
"""
Extract a package, i.e. make a package available for linkage. We assume
that the compressed packages is located in the packages directory.
"""
with Locked(pkgs_dir):
path = join(pkgs_dir, dist)
t = tarfile.open(path + '.tar.bz2')
t.extractall(path=path)
t.close()
if sys.platform.startswith('linux') and os.getuid() == 0:
# When extracting as root, tarfile will by restore ownership
# of extracted files. However, we want root to be the owner
# (our implementation of --no-same-owner).
for root, dirs, files in os.walk(path):
for fn in files:
p = join(root, fn)
os.lchown(p, 0, 0)
