def sockets(): """ Spawn a looper which loops over socket data and creates the sockets. It should only ever loop over a maximum of two - standard (std) and SSL (ssl). This way we're able to detect incoming connection vectors and handle them accordingly. A dictionary of sockets is then returned to later be added to the IOLoop. """ socks = {} for s in ports(): try: port = options.ssl_port if s == "ssl" else options.port sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) sock.setblocking(0) sock.bind((options.host, port)) sock.listen(5) socks[s] = sock except socket.error as e: if e.errno == 13: log.error("Permission denied, could not bind to %s:%s" % (options.host, port)) else: log.error(e) sys.exit(1) return socks
def setuid(): """ Change our existing user. Used to drop from root privileges down to a less privileged user MUST be called AFTER setgid, not before. """ try: os.setuid(pwd.getpwnam(options.user).pw_uid) except KeyError: log.error("User '%s' does not exist" % options.user) sys.exit(1) except OSError: log.error("You do not have permission to switch to user '%s'" % options.user) sys.exit(1)
def setgid(): """ Change our existing group. Used to drop from root privileges down to a less privileged group. MUST be called BEFORE setuid, not after. """ try: os.setgid(grp.getgrnam(options.group).gr_gid) except KeyError: log.error("Group '%s' does not exist" % options.group) sys.exit(1) except OSError: log.error("You do not have permission to switch to group '%s'" % options.group) sys.exit(1)