def sockets():
"""
Spawn a looper which loops over socket data and creates
the sockets.
It should only ever loop over a maximum of two - standard (std)
and SSL (ssl).
This way we're able to detect incoming connection vectors and
handle them accordingly.
A dictionary of sockets is then returned to later be added to
the IOLoop.
"""
socks = {}
for s in ports():
try:
port = options.ssl_port if s == "ssl" else options.port
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.setblocking(0)
sock.bind((options.host, port))
sock.listen(5)
socks[s] = sock
except socket.error as e:
if e.errno == 13:
log.error("Permission denied, could not bind to %s:%s" %
(options.host, port))
else:
log.error(e)
sys.exit(1)
return socks
def setuid():
"""
Change our existing user.
Used to drop from root privileges down to a less
privileged user
MUST be called AFTER setgid, not before.
"""
try:
os.setuid(pwd.getpwnam(options.user).pw_uid)
except KeyError:
log.error("User '%s' does not exist" % options.user)
sys.exit(1)
except OSError:
log.error("You do not have permission to switch to user '%s'"
% options.user)
sys.exit(1)
def setgid():
"""
Change our existing group.
Used to drop from root privileges down to a less
privileged group.
MUST be called BEFORE setuid, not after.
"""
try:
os.setgid(grp.getgrnam(options.group).gr_gid)
except KeyError:
log.error("Group '%s' does not exist" % options.group)
sys.exit(1)
except OSError:
log.error("You do not have permission to switch to group '%s'"
% options.group)
sys.exit(1)
