def __init__(self, logger, config):
self.logger = logger
self.config = config
self._shutdown = threading.Event()
config.event_manager = EventManager(logger, config)
sm = SensorManager(logger, config)
sm.start()
self.threads.append(sm)
#dbweb = DispatchBuddyWebUI(logger, config)
#th = threading.Thread(target=dbweb.run_app, name='DB WebUI')
#th.start()
#self.threads.append((th,dbweb))
for p in ('/var/db/DispatchBuddy',
'/var/db/DispatchBuddy/celery.results',
'/var/db/DispatchBuddy/evdata',
'/var/db/DispatchBuddy/pcap',
'/var/db/DispatchBuddy/tmp',
):
try:
os.stat(p)
except FileNotFoundError:
os.mkdir(p, 0o700)
shutil.chown(p,
user=config.get('main', 'run as user'),
group=config.get('main', 'run as group')
)
except:
traceback.print_exc()
def set_mode(path, mode):
if mode is None:
# Keep mode unchanged
return
if (mode.perms_s or mode.owner or mode.group) is None:
# Nothing to set
return
# No chown() on Windows, and must set one of owner/group
if not is_windows() and (mode.owner or mode.group) is not None:
try:
shutil.chown(path, mode.owner, mode.group)
except PermissionError as e:
msg = '{!r}: Unable to set owner {!r} and group {!r}: {}, ignoring...'
print(msg.format(path, mode.owner, mode.group, e.strerror))
except LookupError:
msg = '{!r}: Non-existent owner {!r} or group {!r}: ignoring...'
print(msg.format(path, mode.owner, mode.group))
except OSError as e:
if e.errno == errno.EINVAL:
msg = '{!r}: Non-existent numeric owner {!r} or group {!r}: ignoring...'
print(msg.format(path, mode.owner, mode.group))
else:
raise
# Must set permissions *after* setting owner/group otherwise the
# setuid/setgid bits will get wiped by chmod
# NOTE: On Windows you can set read/write perms; the rest are ignored
if mode.perms_s is not None:
try:
os.chmod(path, mode.perms)
except PermissionError as e:
msg = '{!r}: Unable to set permissions {!r}: {}, ignoring...'
print(msg.format(path, mode.perms_s, e.strerror))
def chown_dir(directory, username):
"""Set owner and group of directory to username."""
shutil.chown(directory, username, username)
for root, dirs, files in os.walk(directory):
for child in dirs + files:
shutil.chown(os.path.join(root, child), username, username)
logger.info("{} chown'd to {}".format(directory, username))
def add_user(username, home_base='/home', clean_user=True):
user_folder=home_base+"/"+username
try:
user_check=pwd.getpwnam(username)
if clean_user==True:
return False
else:
return True
except KeyError:
if not os.path.isdir(home_base):
os.mkdir(home_base, 0o755)
if not os.path.isdir(user_folder):
os.mkdir(user_folder, 0o755)
if subprocess.call("sudo useradd -M -d "+user_folder+" -s /usr/sbin/nologin "+username, shell=True) > 0:
return False
else:
shutil.chown(user_folder, username, username)
return True
def merge_overlay(self,path,overlay_path):
for f in os.listdir(overlay_path):
original_file = os.path.join(path,f)
final_file = os.path.join(overlay_path,f)
status = os.lstat(final_file)
# if it is a character device with 0 as major number, the original file/folder must be deleted
if (stat.S_ISCHR(status.st_mode) is True) and (os.major(status.st_rdev) == 0):
self.full_delete(original_file)
continue
# if it is a newly created file or folder, we just move it. That way it is faster and everything is preserved
if os.path.exists(original_file) is False:
self.run_external_program('mv "{:s}" "{:s}"'.format(final_file,original_file), False)
continue
ostatus = os.lstat(original_file)
# if it is a file, just copy it and overwrite
if (stat.S_ISDIR(status.st_mode) is False):
self.full_delete(original_file)
self.run_external_program('cp -a "{:s}" "{:s}"'.format(final_file,original_file), False)
continue
# if the new element is a folder, but the old is a file, delete the file and move the folder
if (stat.S_ISDIR(ostatus.st_mode) is False):
self.full_delete(original_file)
self.run_external_program('mv "{:s}" "{:s}"'.format(final_file,original_file), False)
continue
# if we reach here, both elements are folders, so let's check them recursively
shutil.copystat(final_file,original_file) # set permission bits
if (status.st_uid != ostatus.st_uid) or (status.st_gid != ostatus.st_gid):
shutil.chown(original_file,status.st_uid,status.st_gid)
self.merge_overlay(original_file,final_file)
def post():
username = request.forms.get('username')
pubkey = request.forms.get('pubkey')
authorized_keys = "/etc/ssh/authorized_keys/" + username
print(username)
# TODO: Actual input validation and error handling
if len(username) < 2:
return "Username must be at least two characters long."
if not len(pubkey):
return "You should really include a public key."
if username == "root":
return "Nice try."
useradd = run(["useradd", "--shell", shell, "-g", groupname,
"-d", home, username])
if useradd.returncode == 9:
return HTTPResponse(status=409,
body="Sorry, but that user already exists.")
with open(authorized_keys, 'a+') as f:
f.write(pubkey)
chown(authorized_keys, username, groupname)
chmod(authorized_keys, 0o600)
return "Registered " + username
def add_directory():
add_group()
if not os.path.isdir(WEBPLEASE_PATH):
os.mkdir(WEBPLEASE_PATH)
shutil.chown(WEBPLEASE_PATH, user=WEBPLEASE_OWNER, group=WEBPLEASE_GROUP)
os.chmod(WEBPLEASE_PATH, mode=(stat.S_IRUSR | stat.S_IWUSR | stat.S_IXUSR
| stat.S_IRGRP | stat.S_IXGRP | stat.S_ISVTX))
def save_data(self, data):
# Age data
if hasattr(data, '__len__') and len(data) > self.GROOM_THRESHOLD:
for i, e in enumerate(data):
data[i] = ZEntry(e.path, int(e.rank * self.GROOM_LEVEL), e.time)
# Use a temporary file to minimize time the file is open and minimize clobbering
# Use delete=False so the file can be closed without removing it. On Windows
# you can not copy an open file.
from tempfile import NamedTemporaryFile
with NamedTemporaryFile('wt', encoding=sys.getfilesystemencoding(),
delete=False) as f:
for e in data:
f.write("{}|{}|{}\n".format(e.path, int(e.rank), int(e.time.timestamp())))
f.flush()
if self.Z_OWNER:
shutil.chown(f.name, user=self.Z_OWNER)
# On POSIX, rename() is atomic and will clobber
# On Windows, neither of these is true, so remove first.
from xonsh.platform import ON_WINDOWS
if ON_WINDOWS and os.path.exists(self.Z_DATA):
os.remove(self.Z_DATA)
shutil.copy(f.name, self.Z_DATA)
os.remove(f.name)
def handle_manual(torrent):
auto_processed = False
def handle_media(path, move):
nonlocal auto_processed
guess = guessit.guessit(path)
if guess['type'] == 'episode':
move_episode(path, guess, move)
auto_processed = True
elif guess['type'] == 'movie':
move_movie(path, guess, move)
auto_processed = True
part_regex = re.compile('.*part(\d+).rar', re.IGNORECASE)
for index, file in torrent.files().items():
file_path = os.path.join(torrent.downloadDir, file['name'])
if check_extension(file_path) and 'sample' not in file_path.lower():
# Log and ignore mkv files of less than ~92MiB
try:
if os.path.getsize(file_path) >= 96811278:
handle_media(file_path, False)
else:
syslog.syslog(
syslog.LOG_ERR, 'Detected false media file, skipping'
)
except FileNotFoundError:
syslog.syslog(syslog.LOG_ERR, 'Torrent file missing, skipping')
elif file_path.endswith('rar'):
# Ignore parts beyond the first in a rar series
match = part_regex.match(file_path)
if match and int(match.group(1)) > 1:
continue
with tempfile.TemporaryDirectory() as temp_dir:
paths = extract(file_path, temp_dir)
if paths:
for path in paths:
shutil.chown(path, group=plex_group)
os.chmod(path, 0o664)
handle_media(path, True)
if auto_processed:
pb_notify(
textwrap.dedent(
'''
Manually added torrent {0} finished downloading
and was auto-processed
'''.format(torrent.name)
).strip()
)
else:
pb_notify(
'Manually added torrent {0} finished downloading'.format(
torrent.name
)
)
def upgrade_charm():
apt_install(filter_installed_packages(determine_packages()),
fatal=True)
# NOTE: ensure psutil install for hugepages configuration
status_set('maintenance', 'Installing apt packages')
apt_install(filter_installed_packages(['python-psutil']))
packages_removed = remove_old_packages()
if packages_removed and not is_unit_paused_set():
log("Package purge detected, restarting services", "INFO")
for s in services():
service_restart(s)
for r_id in relation_ids('amqp'):
amqp_joined(relation_id=r_id)
if is_relation_made('nrpe-external-master'):
update_nrpe_config()
# Fix previously wrongly created path permissions
# LP: https://bugs.launchpad.net/charm-cinder-ceph/+bug/1779676
asok_path = '/var/run/ceph/'
gid = grp.getgrnam("kvm").gr_gid
if gid and os.path.isdir(asok_path) and gid != os.stat(asok_path).st_gid:
log("{} not owned by group 'kvm', fixing permissions."
.format(asok_path))
shutil.chown(asok_path, group='kvm')
def makedirs(path, mode=0o750, user='******', group='root'):
if os.path.exists(path):
assert os.path.isdir(path), '{} is not a directory'
else:
# Don't specify mode here, to ensure parent dirs are traversable.
os.makedirs(path)
shutil.chown(path, user, group)
os.chmod(path, mode)
def create_folder(folder):
if not os.path.isdir(folder):
os.makedirs(folder, mode=0o770)
os.chdir(folder)
os.system('git init --bare --shared')
for root, dirs, files in os.walk(folder):
for entry in files + dirs:
shutil.chown(os.path.join(root, entry), group=DAEMONCGI_GROUP)
def create(self, *args, **kwargs):
""" create the virtualenv if it doesn't exist """
if not os.path.exists(self.venv_path):
os.makedirs(self.venv_path, mode=0o755, exist_ok=True)
shutil.chown(self.venv_path, self.usr, self.usr)
return subprocess.call(self.init_cmd)
else:
return 0
def _create_conf_dir(username):
conf_dir = '/home/{}/.openvpn_tunneler'.format(username)
# Use the following mode: u=rwx, g=rx, o-rwx
mode = stat.S_IRWXU | stat.S_IRGRP + stat.S_IXGRP | 00
if not os.path.exists(conf_dir):
os.mkdir(conf_dir, mode)
shutil.chown(conf_dir, user=username, group=username)
def fixperms(dirpath, user=None, group=None, umask=22):
for dirpath, dirnames, filenames in os.walk(dirpath):
shutil.chown(dirpath, user, group)
os.chmod(dirpath, 0o777 - umask)
for filename in filenames:
filepath = join(dirpath, filename)
shutil.chown(filepath, user, group)
os.chmod(filepath, 0o666 - umask)
def run(self, distro, image):
# from now on we always cleanup ourselves after finishing
signal.signal(signal.SIGINT, sig_handler)
setup_device(image)
wipe_device()
self.create_partitions()
self.mount_partitions()
d = next(d for d in self.DISTROS if d.name == distro)
# set rootfs location and start installing
d.rootfs = self.part_mount['root']
log.info('Updating distro database')
d.update_database()
log.info('Bootstrap distro \'{}\''.format(d.long_name))
d.bootstrap()
log.info('Mounting kernel partitions')
self.mount_kernel_partitions()
log.info('Bootstrap distro (phase 2) \'{}\''.format(d.long_name))
d.bootstrap_phase2()
log.info('Setting up locale')
d.setup_locale()
log.info('Installing bootloader')
d.install_bootloader()
log.info('Installing kernel')
d.install_kernel()
log.info('Customizing image')
d.customize_image()
log.info('Setting up network')
d.setup_network()
# finish installation
log.info('Finishing installation')
os.sync()
uid = os.getenv('SUDO_UID', '')
guid = os.getenv('SUDO_GUID', '')
if os.path.isfile(image) and uid != '':
uid = int(uid)
if guid == '':
guid = None
else:
guid = int(guid)
shutil.chown(image, uid, guid)
return 0
def changeOwnerAndGrpToLoggedInUser(directory, raiseEx=False):
loggedInUser = getLoggedInUser()
try:
shutil.chown(directory, loggedInUser, loggedInUser)
except Exception as e:
if raiseEx:
raise e
else:
pass
def main():
""" Falk service launch """
cmd = argparse.ArgumentParser(
description="Kevin CI Falk - VM provider")
cmd.add_argument("-c", "--config", default="/etc/kevin/falk.conf",
help="file name of the configuration to use.")
args = cmd.parse_args()
CFG.load(args.config)
try:
os.unlink(CFG.control_socket)
except OSError:
if os.path.exists(CFG.control_socket):
raise
else:
sockdir = os.path.dirname(CFG.control_socket)
if not os.path.exists(sockdir):
try:
print("creating socket directory '%s'" % sockdir)
os.makedirs(sockdir, exist_ok=True)
except PermissionError as exc:
raise exc from None
loop = asyncio.get_event_loop()
# state storage
falk = Falk()
print("listening on '%s'..." % CFG.control_socket)
proto = lambda: FalkProto(falk)
srv_coro = loop.create_unix_server(proto, CFG.control_socket)
server = loop.run_until_complete(srv_coro)
if CFG.control_socket_group:
# this only works if the current user is a member of the
# target group!
shutil.chown(CFG.control_socket, None, CFG.control_socket_group)
if CFG.control_socket_permissions:
mode = int(CFG.control_socket_permissions, 8)
os.chmod(CFG.control_socket, mode)
try:
loop.run_forever()
except KeyboardInterrupt:
print("exiting...")
pass
server.close()
loop.run_until_complete(server.wait_closed())
loop.close()
print("cya!")
def copy_client_configs_to_home(clients):
for client in clients:
source = "/etc/openvpn/{}/download-configs/{}.ovpn".format(SERVERNAME,
client)
dest = "/home/ubuntu/{}.ovpn".format(client)
shutil.copy(source, dest)
shutil.chown(dest, user="******", group="ubuntu")
os.chmod(dest,
stat.S_IRUSR | stat.S_IRGRP | stat.S_IROTH | stat.S_IWUSR)
def up(config):
jobs_dir = Path(config.submitty['submitty_data_dir'], 'daemon_job_queue')
os.makedirs(str(jobs_dir), exist_ok=True)
daemon_user = config.submitty_users['daemon_user']
daemonphp_group = config.submitty_users['daemonphp_group']
shutil.chown(str(jobs_dir), daemon_user, daemonphp_group)
# sticky bit is the leading 2.
# equivalent to u+rwx,g+rws,o-rwx
os.chmod(str(jobs_dir),0o2770)
pass
def recursive_chown(directory):
"""makepkg cannot be run as root.
This function changes the owner and group owner of a directory tree
rooted at directory to "tuscan".
"""
shutil.chown(directory, "tuscan", "tuscan")
for path, subdirs, files in os.walk(directory):
for f in subdirs + files:
shutil.chown(os.path.join(path, f), "tuscan", "tuscan")
def up(config):
vcs_dir = Path(config.submitty['submitty_data_dir'], 'vcs')
git_dir = vcs_dir / 'git'
if not git_dir.is_dir():
os.makedirs(str(git_dir), exist_ok=True)
shutil.chown(str(git_dir), 'www-data', 'www-data')
for entry in vcs_dir.iterdir():
if entry.name == 'git':
pass
shutil.move(str(entry), str(git_dir))
def copy_file(self, source, destination, owner='root', group='root', mode='640'):
'''
:param source: location of file relative to repo root
:param destination: full path to destination on local fs
:return: 0 if success else exception
'''
path = '{}/files/{}'.format(self.roles_dir, source)
shutil.copyfile(path, destination)
shutil.chown(destination, user=owner, group=group)
os.chmod(destination, mode)
return '<- Copied {} to {}'.format(source, destination)
def _save_flag_file(path, data):
'''
Saves local state about plugin or manager to specified file.
'''
# Wonder if we can move away from this now?
if data is None:
return
with open(path, 'wt') as out:
out.write(data)
os.chmod(path, 0o640)
shutil.chown(path, 'root', 'nova')
def _create_model(username):
append = 'w+'
# Use the following mode: u=rwx, g=rx, o-rwx
permission_mode = stat.S_IRWXU | stat.S_IRGRP + stat.S_IXGRP | 00
if not os.path.exists(model_file):
_create_conf_dir(username)
with open(model_file, append) as f:
f.write('{\n')
f.write('}\n')
os.chmod(model_file, permission_mode)
shutil.chown(model_file, user=username, group=username)
def handle_sonarr(torrent):
for index, file in torrent.files().items():
file_path = os.path.join(torrent.downloadDir, file['name'])
if file_path.endswith('rar'):
with tempfile.TemporaryDirectory() as temp_dir:
paths = extract(file_path, temp_dir)
if paths:
# Move extracted files to sonarr drone factory
for path in paths:
shutil.chown(path, group=plex_group)
os.chmod(path, 0o664)
shutil.move(path, drone_factory)
def gravity_resetpermissions():
"""If we have been running as root, we may need to chown files in /var/lib/pyhole to pyhole:pyhole."""
path = os.path.join(var_dir, "*")
for file in glob.glob(path):
# If we are running as root then these commands should work fine.
# If not then they will fail, but in that case we are almost certainly
# running as pyhole, in which case the files will already have correct
# owner and group owner, so failure doesn't matter.
try:
shutil.chown(file, user = '******', group = 'pyhole')
except:
pass
def move_directory(directory, ide_directory):
directory = re.sub('/', '', directory)
try:
print("Removing the old directory...")
shutil.rmtree(ide_directory)
print("Moving the archive contents...")
shutil.move(directory, ide_directory)
print("Operation Complete...")
user = getpass.getuser()
shutil.chown(ide_directory, user, user)
except shutil.Error as err:
print(err)
def write(path, content, mode=0o640, user='******', group='root'):
'''Write a file atomically.'''
open_mode = 'wb' if isinstance(content, bytes) else 'w'
with tempfile.NamedTemporaryFile(mode=open_mode, delete=False) as f:
try:
f.write(content)
f.flush()
shutil.chown(f.name, user, group)
os.chmod(f.name, mode)
shutil.move(f.name, path)
finally:
if os.path.exists(f.name):
os.unlink(f.name)
def copy_ssh_keys():
user_name = ADMIN_USER_NAME
uid, gid, user_dir = get_user_info(user_name)
ssh_dir = os.path.join(user_dir, '.ssh')
if not os.path.exists(ssh_dir):
os.mkdir(ssh_dir, 0o700)
shutil.chown(ssh_dir, uid, gid)
for file_ in ['id_rsa', 'id_rsa.pub']:
src = os.path.join('/root/.ssh', file_)
dest = os.path.join(ssh_dir, file_)
shutil.copy(src, dest)
shutil.chown(dest, uid, gid)
def compress_provision_dir(self, chdir=None):
date = datetime.now()
today = date.strftime("%Y-%m-%d")
if chdir:
p = pathlib.Path(chdir)
if not p.exists():
p.mkdir(mode=0o775, parents=True, exist_ok=True)
shutil.chown(chdir, 'kusanagi', 'www')
tarname = chdir + self.provi + '.' + today
else:
tarname = '/home/kusanagi/backup/' + self.provi + '.' + today
source_dir = '/home/kusanagi/' + self.provi
shutil.make_archive(tarname, "gztar", source_dir)
shutil.chown('%s.tar.gz' % tarname, 'kusanagi', 'www')
return tarname
def initialize_ownership(config_directory_parameter, dir_path):
"""Change the ownership of the directories to the pattoo user and group.
Args:
config_directory_parameter: The name of the directory
dir_path: The path to the directory
Returns:
None
"""
print('Setting ownership of the {} directory to pattoo'.format(
config_directory_parameter))
if getpass.getuser() != 'travis':
# Set ownership of file specified at dir_path
shutil.chown(dir_path, 'pattoo', 'pattoo')
def write(self, data):
"""
Write out the averaged TOD to a Level2 continuum file with an external link to the original level 1 data
"""
if not os.path.exists(self.output_dir):
os.makedirs(self.output_dir)
# We will store these in a separate file and link them to the level2s
fname = data.filename.split('/')[-1]
if os.path.exists(self.outfile):
output = h5py.File(self.outfile, 'a')
else:
output = h5py.File(self.outfile, 'w')
# Set permissions and group
if self.set_permissions:
os.chmod(self.outfile, 0o664)
shutil.chown(self.outfile, group=self.permissions_group)
# Store datasets in root
dnames = ['tod', 'weights', 'cal_factors', 'frequency']
dsets = [
self.all_tod, self.all_weights, self.cal_factors,
self.all_frequency
]
for (dname, dset) in zip(dnames, dsets):
if dname in output:
del output[dname]
output.create_dataset(dname, data=dset)
output.attrs['version'] = __level3_version__
output['cal_factors'].attrs['source'] = self.cal_source
output.close()
if self.level3 in data.keys():
del data[self.level3]
data[self.level3] = h5py.ExternalLink(self.outfile, '/')
stats = data['level2/Statistics']
if 'correlation_matrix' in stats:
del stats['correlation_matrix']
dset = stats.create_dataset('correlation_matrix',
data=self.correlation_matrix)
dset.attrs['level3'] = f'{self.level3}'
dset.attrs['BW'] = 1
def write(self, file_data, can_overwrite=False):
try:
mode = "{write_mode}{binary_mode}".format(
write_mode="w" if can_overwrite else "x",
binary_mode="b" if self.metadata.is_binary else "",
)
# It seems pylint cannot process constructing the mode variable and
# gives a false positive.
# pylint: disable=bad-open-mode
with open(self.metadata.path, mode) as my_file:
# the lock is released when the file gets closed on leaving the
# with statement
fcntl.flock(my_file.fileno(), fcntl.LOCK_EX)
# Set the ownership and permissions to cover the case when we
# just created the file. If the file already existed, make sure
# the ownership and permissions are correct before writing any
# data into it.
if (self.metadata.owner_user_name is not None
or self.metadata.owner_group_name is not None):
try:
shutil.chown(
self.metadata.path,
self.metadata.owner_user_name,
self.metadata.owner_group_name,
)
except LookupError as e:
raise RawFileError(self.metadata,
RawFileError.ACTION_CHOWN, str(e))
except OSError as e:
raise RawFileError(self.metadata,
RawFileError.ACTION_CHOWN,
format_os_error(e))
if self.metadata.permissions is not None:
try:
os.chmod(my_file.fileno(), self.metadata.permissions)
except OSError as e:
raise RawFileError(self.metadata,
RawFileError.ACTION_CHMOD,
format_os_error(e))
# Write file data
my_file.write(file_data if self.metadata.
is_binary else file_data.decode("utf-8"))
except FileExistsError as e:
raise FileAlreadyExists(self.metadata)
except OSError as e:
raise RawFileError(self.metadata, RawFileError.ACTION_WRITE,
format_os_error(e))
def create_home(username):
try:
user_home = config.Config.USER_HOME
key = rsa.generate_private_key(backend=crypto_default_backend(),
public_exponent=65537,
key_size=2048)
private_key = key.private_bytes(
crypto_serialization.Encoding.PEM,
crypto_serialization.PrivateFormat.TraditionalOpenSSL,
crypto_serialization.NoEncryption())
public_key = key.public_key().public_bytes(
crypto_serialization.Encoding.OpenSSH,
crypto_serialization.PublicFormat.OpenSSH)
private_key_str = private_key.decode('utf-8')
public_key_str = public_key.decode('utf-8')
# Create user directory structure and permissions
user_path = user_home + '/' + username + '/.ssh'
os.makedirs(user_path)
shutil.copy('/etc/skel/.bashrc', user_path[:-4])
shutil.copy('/etc/skel/.bash_profile', user_path[:-4])
shutil.copy('/etc/skel/.bash_logout', user_path[:-4])
print(private_key_str, file=open(user_path + '/id_rsa', 'w'))
print(public_key_str, file=open(user_path + '/id_rsa.pub', 'w'))
print(public_key_str, file=open(user_path + '/authorized_keys', 'w'))
shutil.chown(user_home + '/' + username, user=username, group=username)
shutil.chown(user_home + '/' + username + '/.ssh',
user=username,
group=username)
shutil.chown(user_home + '/' + username + '/.ssh/authorized_keys',
user=username,
group=username)
shutil.chown(user_home + '/' + username + '/.ssh/id_rsa',
user=username,
group=username)
shutil.chown(user_home + '/' + username + '/.ssh/id_rsa.pub',
user=username,
group=username)
os.chmod(user_home + '/' + username, 0o700)
os.chmod(user_home + '/' + username + '/.ssh', 0o700)
os.chmod(user_home + '/' + username + '/.ssh/id_rsa', 0o600)
os.chmod(user_home + '/' + username + '/.ssh/authorized_keys', 0o600)
return True
except Exception as e:
exc_type, exc_obj, exc_tb = sys.exc_info()
fname = os.path.split(exc_tb.tb_frame.f_code.co_filename)[1]
print(exc_type, fname, exc_tb.tb_lineno)
return e
def setup(username, dest_dir, password):
""" Encrypt user's home folder """
# encfs and pam_mount packages are needed
# and pam_encfs from AUR, too.
# Reference: https://wiki.debian.org/TransparentEncryptionForHomeFolder
try:
backup_conf_files(dest_dir)
setup_conf_files(dest_dir)
except Exception as general_error:
logging.error("Can't create and modify encfs configuration files.")
logging.error(general_error)
logging.error("Home directory won't be encrypted.")
return False
# Move user home dir out of the way
mount_dir = os.path.join(dest_dir, "home/", username)
backup_dir = os.path.join(dest_dir, "var/tmp/", username)
shutil.move(mount_dir, backup_dir)
# Create necessary dirs, encrypted and mounted(unencrypted)
encrypted_dir = os.path.join(dest_dir, "home/.encfs/", username)
os.makedirs(encrypted_dir, mode=0o755)
os.makedirs(mount_dir, mode=0o755)
# Set owner
shutil.chown(encrypted_dir, username, "users")
shutil.chown(mount_dir, username, "users")
# Create encrypted directory
try:
p1 = subprocess.Popen(["/bin/echo", "-e", '"p\n%s\n"'.format(password)],
stdout=subprocess.PIPE)
p2 = subprocess.Popen(['encfs', '-S', encrypted_dir, mount_dir, "--public"],
stdin=p1.stdout, stdout=subprocess.PIPE)
p2.communicate()
if p2.poll() != 0:
logging.error("Can't run encfs. Bad password?")
except subprocess.CalledProcessError as process_error:
logging.error(process_error)
# Restore user home files
for name in os.listdir(backup_dir):
shutil.move(os.path.join(backup_dir, name),
os.path.join(mount_dir, name))
# Delete home backup
os.rmdir(backup_dir)
def configure_logger(args):
"""
Get the argument list from command line and configure the logger
:param args: arguments retrieved from command line
:type args: dict
:return: Logger object
:rtype Logger: Logger object
"""
# Set the logfile
if not args.log:
args.log = ParamDefaults.LOG_FILE.value
# Set the log verbosity, Defaults to error
args.verbose = get_verbosity_level(args.verbose)
# Create the Logger
logger = logging.getLogger(__name__)
logger.setLevel(args.verbose)
if args.console:
# Create the Handler for logging data to stdout
logger_handler = logging.StreamHandler(sys.stdout)
else:
# Create the log file if not exists
# First try in the /var/log/rciam_probes path. This is the path used when
# installing with rpm. If the path is not available then create it under
# current user home directory
log_path = Path('/').joinpath('var').joinpath('log').joinpath('rciam_probes')
if not log_path.is_dir():
log_path = Path.home().joinpath('var').joinpath('log').joinpath('rciam_probes')
log_path.mkdir(0o755, parents=True, exist_ok=True)
log_file = log_path.joinpath('rciam_probes.log')
log_file.touch(exist_ok=True)
args.log = str(log_file)
chown(args.log, user=args.logowner, group=args.logowner)
# Create the Handler for logging data to a file
logger_handler = logging.FileHandler(args.log)
logger_handler.setLevel(args.verbose)
# Create a Formatter for formatting the log messages
logger_formatter = logging.Formatter(ParamDefaults.LOG_FORMATTER.value)
# Add the Formatter to the Handler
logger_handler.setFormatter(logger_formatter)
# Add the Handler to the Logger
logger.addHandler(logger_handler)
return logger
def create_disk_snapshot(source_img, destination_img):
try:
shutil.chown(source_img, getpass.getuser())
except PermissionError:
# log.msg('Should have root to create snapshot')
pass
# could use `capture_output=True` instead of `stdout` and `stderr` args in Python 3.7
out = subprocess.run(
[
"qemu-img", "create", "-f", "qcow2", "-b", source_img,
destination_img
],
capture_output=True,
)
return out.returncode == 0
def backup_db(self):
db_name = self.dbinfo.db_name
try:
sqldir = '/home/kusanagi/%s/sql_backup/' % self.provi
p = pathlib.Path(sqldir)
if not p.exists():
p.mkdir(mode=0o775, parents=True, exist_ok=True)
shutil.chown(sqldir, 'kusanagi', 'www')
except BaseException as error:
print(error)
mess = 'Back up database ' + db_name
self.append_log(self.log, mess)
cmd = 'mysqldump --single-transaction -p' + self.pwrd + ' --databases ' + db_name + ' | gzip > ' + sqldir + db_name + '.sql.gz'
execute_outputfile(cmd, self.log)
def chown_r(path: str, user: str, group: str) -> None:
"""
Performs a recursive ``chown``.
Args:
path: path to walk down
user: user name or ID
group: group name or ID
As per http://stackoverflow.com/questions/2853723
"""
for root, dirs, files in os.walk(path):
for x in dirs:
shutil.chown(os.path.join(root, x), user, group)
for x in files:
shutil.chown(os.path.join(root, x), user, group)
def ping_server_service_erstellen(ip_pingziel):
inhalt = """[Unit]
Description=serverctl.service: Waiting for Network or Server to be up
After=network.target
[Service]
Type=oneshot
TimeoutStartSec=95
ExecStart=/usr/local/sbin/ping_server.py {}
[Install]
WantedBy=multi-user.target""".format(ip_pingziel)
with open(PFAD_PING_SERVER_SERVICE, "w") as file:
file.write(inhalt)
shutil.chown(PFAD_PING_SERVER_SERVICE, "root", "root")
os.chmod(PFAD_PING_SERVER_SERVICE, 644)
print("Datei {} erstellt".format(PFAD_PING_SERVER_SERVICE))
def restore_from_tarball(tarball, database):
if not tarball.endswith("tar.gz"):
raise Exception("Can only extract from tar.gz tarballs...")
with tempfile.TemporaryDirectory() as tmp_dir:
os.chdir(tmp_dir)
print("Extracting data to {}".format(tmp_dir))
with tarfile.open(tarball, "r:gz") as tar:
tar.extractall()
bundles = os.path.join(tmp_dir, 'weebl_data/bundles')
shutil.chown(path=bundles, user=os.environ.get('USER'))
subdir = os.path.join(tmp_dir, "weebl_data")
[dump_file] = [file for file in os.listdir(subdir) if 'dump' in file]
dump_file_path = os.path.join(subdir, dump_file)
tmp_path = shutil.copy(dump_file_path, "/tmp")
restore_from_dump(database, tmp_path)
os.remove(tmp_path)
def _set_terraform_binary_permissions(binary_path):
"""
Sets the new terraform binary to be executable.
"""
try:
os.chmod(binary_path, 0o755)
try:
shutil.chown(binary_path, user='******', group='apache')
except:
set_progress(
f'Unable to set permissions to apache:apache on {binary_path}. This may cause problems!'
)
pass
return True
except OSError:
return False
def install_httpd_waf_modules(self):
e = fLib.yum_install('kusanagi-httpd-waf')
fLib.yum_install('mod_security')
fLib.yum_install('mod_security_crs')
crs_conf = '/etc/httpd/modsecurity.d/modsecurity_crs_10_config.conf'
if os.path.isfile(crs_conf):
pat = r"HTTP/0.9 HTTP/1.0 HTTP/1.1'"
repl = r"HTTP/0.9 HTTP/1.0 HTTP/1.1 HTTP/2.0'"
self.replace_in_file(pat, repl, crs_conf)
if pathlib.Path('/var/lib/mod_security').exists():
shutil.chown('/var/lib/mod_security', 'httpd', 'www')
if not os.path.isfile('/var/lib/mod_security/global'):
pathlib.Path('/var/lib/mod_security/global').touch()
if not os.path.isfile('/var/lib/mod_security/ip'):
pathlib.Path('/var/lib/mod_security/ip').touch()
return e
def prepare_volumes():
"""Create necessary folders and set permissions.
Prepare a folder LOCATION_SUBPATH inside processing volume and set the
applicable owner and permissions.
"""
check_for_previous_data()
for volume in [constants.PROCESSING_VOLUME, constants.INPUTS_VOLUME]:
if volume.is_dir():
logger.debug("Preparing %s.", volume)
directory = volume / global_settings.LOCATION_SUBPATH
directory_mode = global_settings.SETTINGS.get(
"FLOW_EXECUTOR", {}).get("DATA_DIR_MODE", 0o755)
directory.mkdir(mode=directory_mode, exist_ok=True)
with suppress(PermissionError):
shutil.chown(directory, GENIALIS_UID, GENIALIS_GID)
def ssl_dir(cls):
"""Postfix SSL Directory
:return: str
"""
paths = {1: '/etc/postfix/ssl/'}
try:
cls.validate_path(paths.get(cls.value()))
except serializers.ValidationError:
os.makedirs(paths.get(cls.value()), 0o755)
shutil.chown(paths.get(cls.value()), user='******', group='root')
return paths[cls.value()]
def configure_dirs():
for p in dirs.values():
p.mkdirp()
shutil.chown(dirs.slurm, user='******', group='slurm')
shutil.chown(dirs.scripts, user='******', group='slurm')
for p in slurmdirs.values():
p.mkdirp()
shutil.chown(p, user='******', group='slurm')
(dirs.scripts / 'etc').symlink_to(slurmdirs.etc)
shutil.chown(dirs.scripts / 'etc', user='******', group='slurm')
(dirs.scripts / 'log').symlink_to(slurmdirs.log)
shutil.chown(dirs.scripts / 'log', user='******', group='slurm')
def copy_file(self,
source,
destination,
owner='root',
group='root',
mode='640'):
'''
:param source: location of file relative to repo root
:param destination: full path to destination on local fs
:return: 0 if success else exception
'''
path = '{}/files/{}'.format(self.roles_dir, source)
shutil.copyfile(path, destination)
shutil.chown(destination, user=owner, group=group)
os.chmod(destination, mode)
return '<- Copied {} to {}'.format(source, destination)
def ensure_dir_permissions(path):
path = pathlib.Path(path)
if not path.parent.exists():
ensure_dir_permissions(path=path.parent.absolute())
if not path.is_dir():
print('creating with permissions:')
path.mkdir()
try:
shutil.chown(str(path), group='lab')
os.chmod(str(path), stat.S_IRWXU | stat.S_IRWXG)
except PermissionError:
print(
"WARNING: It was not possible to change the permission to the following files: \n"
+ path + "\n")
print('made outpath: {p}'.format(p=path))
def set_chown(path, user=None, group=None, dir_fd=None, follow_symlinks=True):
# shutil.chown will call os.chown without passing all the parameters
# and particularly follow_symlinks, thus we replace it temporary
# with a lambda with all the parameters so that follow_symlinks will
# be actually passed properly.
# Not nice, but better than actually rewriting shutil.chown until
# this python bug is fixed: https://bugs.python.org/issue18108
real_os_chown = os.chown
try:
os.chown = lambda p, u, g: real_os_chown(
p, u, g, dir_fd=dir_fd, follow_symlinks=follow_symlinks)
shutil.chown(path, user, group)
except Exception:
raise
finally:
os.chown = real_os_chown
async def serve(loop, settings):
app = await trackers.web_app.make_aio_app(settings)
runner = AppRunner(
app,
debug=settings.get('aioserver_debug', False),
access_log_format='%l %u %t "%r" %s %b "%{Referrer}i" "%{User-Agent}i"'
)
await runner.setup()
if settings['server_type'] == 'inet':
site = TCPSiteSocketName(runner, settings['inet_host'],
settings['inet_port'])
elif settings['server_type'] == 'unix':
unix_path = settings['unix_path']
if os.path.exists(unix_path):
try:
os.unlink(unix_path)
except OSError:
logging.exception(
"Could not unlink socket '{}'".format(unix_path))
site = UnixSite(runner, unix_path)
await site.start()
if settings['server_type'] == 'unix':
if 'unix_chmod' in settings:
os.chmod(unix_path, settings['unix_chmod'])
if 'unix_chown' in settings:
shutil.chown(unix_path, **settings['unix_chown'])
logging.info(f'Serving on {site.name}')
try:
# Run forever (or we get interupt)
run_fut = asyncio.Future()
for signame in ('SIGINT', 'SIGTERM'):
loop.add_signal_handler(getattr(signal, signame),
run_fut.set_result, None)
try:
await run_fut
finally:
for signame in ('SIGINT', 'SIGTERM'):
loop.remove_signal_handler(getattr(signal, signame))
finally:
await site.stop()
await runner.cleanup()
def write(self,data):
"""
Write out the averaged TOD to a Level2 RRL file with an external link to the original level 1 data
"""
if os.path.exists(self.outfilename):
self.outfile = h5py.File(self.outfilename,'a')
else:
self.outfile = h5py.File(self.outfilename,'w')
# Set permissions and group
if self.set_permissions:
os.chmod(self.outfilename,0o664)
shutil.chown(self.outfilename, group=self.permissions_group)
if 'tod' in self.outfile:
del self.outfile['tod']
tod_dset = self.outfile.create_dataset('tod',data=self.spectra, dtype=self.spectra.dtype)
tod_dset.attrs['Unit'] = 'K'
tod_dset.attrs['Calibration'] = '{self.cal_mode}:{self.cal_prefix}'
if 'velocity' in self.outfile:
del self.outfile['velocity']
tod_dset = self.outfile.create_dataset('velocity',data=self.velocity, dtype=self.velocity.dtype)
tod_dset.attrs['Unit'] = 'km/s'
if 'frequency' in self.outfile:
del self.outfile['frequency']
freq_dset = self.outfile.create_dataset('frequency',data=self.rrl_frequencies, dtype=self.rrl_frequencies.dtype)
if 'feeds' in self.outfile:
del self.outfile['feeds']
freq_dset = self.outfile.create_dataset('feeds',data=np.array(self.feeds), dtype=np.array(self.feeds).dtype)
self.outfile.attrs['version'] = __level2_version__
# Add version info
self.outfile.attrs['pipeline-version'] = comancpipeline.__version__
# Link the rrl data to level2
data_filename = data.filename
fname = data.filename.split('/')[-1]
# Link to the level2 continuum file
if self.level2 in data.keys():
del data[self.level2]
data[self.level2] = h5py.ExternalLink(self.outfilename,'/')
def up(config, database, semester, course):
"""
Run up migration.
:param config: Object holding configuration details about Submitty
:type config: migrator.config.Config
"""
course_dir = Path(config.submitty['submitty_data_dir'], 'courses',
semester, course, 'uploads')
polls_dir = Path(course_dir, 'polls')
polls_dir.mkdir(mode=0o750, exist_ok=True)
php_user = config.submitty_users['php_user']
# get course group
course_group_id = course_dir.stat().st_gid
# set the owner/group/permissions
shutil.chown(polls_dir, php_user, course_group_id)
def _run(self, force_refresh):
regenerate, new_hash = self.write_input(force_refresh)
if not regenerate:
return True
with open(self.logging_file, "w") as f:
subprocess.run(["sim_SNmix.pl", self.config_path],
stdout=f,
stderr=subprocess.STDOUT,
cwd=self.output_dir)
shutil.chown(self.logging_file,
group=self.global_config["SNANA"]["group"])
self.logger.info(
f"Sim running and logging outputting to {self.logging_file}")
return True
def clone_repo(uid, username, git_url, repo_dir):
git.Repo.clone_from(git_url, repo_dir)
# shutil.copytree(repo_dir,'home/jupyter-{username}')
try:
getpwnam(username)
except KeyError:
subprocess.check_call(['useradd', '-ms', '/bin/bash', username])
uid = getpwnam(username).pw_uid
gid = getpwnam(username).pw_gid
for root, dirs, files in os.walk(repo_dir):
for d in dirs:
shutil.chown(os.path.join(root, d), user=uid, group=gid)
# subprocess.call(['chmod', '777', d])
for f in files:
shutil.chown(os.path.join(root, f), user=uid, group=gid)
def create_upload_location(self):
geom.scan()
klass_label = geom.class_by_name('LABEL')
prov = klass_label.xml.find(
f'.//provider[name = "label/{UPLOAD_LABEL}"]/../consumer/provider')
if prov is None:
cp = subprocess.run(
['mdconfig', '-a', '-t', 'swap', '-s', '2800m'],
text=True,
capture_output=True,
check=False,
)
if cp.returncode != 0:
raise CallError(f'Could not create memory device: {cp.stderr}')
mddev = cp.stdout.strip()
subprocess.run(['glabel', 'create', UPLOAD_LABEL, mddev],
capture_output=True,
check=False)
cp = subprocess.run(
['newfs', f'/dev/label/{UPLOAD_LABEL}'],
text=True,
capture_output=True,
check=False,
)
if cp.returncode != 0:
raise CallError(
f'Could not create temporary filesystem: {cp.stderr}')
shutil.rmtree(UPLOAD_LOCATION, ignore_errors=True)
os.makedirs(UPLOAD_LOCATION)
cp = subprocess.run(
['mount', f'/dev/label/{UPLOAD_LABEL}', UPLOAD_LOCATION],
text=True,
capture_output=True,
check=False,
)
if cp.returncode != 0:
raise CallError(
f'Could not mount temporary filesystem: {cp.stderr}')
shutil.chown(UPLOAD_LOCATION, 'www', 'www')
os.chmod(UPLOAD_LOCATION, 0o755)
return UPLOAD_LOCATION
async def _chmod_and_chown(self, path, mode, chown, logger=None):
logger = (logger or self._log)
if mode is not None:
logger.debug(f"chmod {oct(mode)}")
os.chmod(path, mode)
if chown is not None:
changes = ""
if chown[0] is not None:
changes = chown[0]
if chown[1] is not None:
changes = f"{changes}:{chown[1]}"
logger.debug(f"chown {changes}")
shutil.chown(path, *chown)
def run(self):
_install.run(self)
# load my own config file
from cantatadyn import Config
conf = Config(_conf_fn)
shutil.copy(_conf_fn, f'/etc/opt/')
# create folders
for folder in (conf.filesDir, conf.logDir):
if not os.path.exists(folder):
os.makedirs(folder)
shutil.chown(folder, 'mpd', 'audio')
os.chmod(folder, 0o766)
shutil.copy('cantatadyn.service', '/lib/systemd/system/')
subprocess.call("systemctl enable cantatadyn.service", shell=True)
def copyx(srcrb = 'filex.txt',dstwb = 'filecopy.txt'):
start = time.time()
with open(srcrb) as src_fobj:
with open(dstwb,'w') as dst_fobj:
shutil.copyfileobj(src_fobj,dst_fobj)
#注意"类似文件的对象"和"文件"的区别.copyfile(src_f,dst_f)
end = time.time()
print("\033[32;40;1m The runningtime green-is %f seconds\033[0m" % (end - start))
src_f = 'filey.txt'
dst_f = 'filey2.txt'
#注意"类似文件的对象"和"文件"的区别.copyfile(src_f,dst_f)
shutil.copyfile(src_f,dst_f)
#将权限位从'filex.txt'复制到'filemode.txt'。
#文件内容,所有者和组不受影响。windows 不支持
# shutil.copymode('filex.txt','filemode.txt')
#将权限位,最后访问时间,上次修改时间和标志
#从src 复制到 dst。
# shutil.copystat('filex.txt','filestat.txt')
#将文件src复制到文件或目录dst
#src和dst应为字符串。
#如果dst指定目录,
#则文件将使用src的基本文件名复制到dst中。
#返回新创建的文件的路径。
#注意与 shutil.copyfile(src_f,dst_f) 的区别
# shutil.copy('filex.txt','newdir/')
# shutil.copy('filex.txt','newdir/fx.txt')
#相当于 cp -p
# shutil.copy2('filey.txt','newdir')
#递归地复制以src为根的整个目录树,返回目标目录。
#由dst命名的目标目录不能已经存在。
# shutil.copytree('newdir/', '/root/zidyidir')
#删除整个目录树
# shutil.rmtree('/root/zidyidir')
#递归地 将 文件 或 目录 (src) 移动到
#另一个位置(dst),并返回目标。
# shutil.move('filestat.txt', 'newdir/')
#更改给定路径的所有者用户 和/或 组
shutil.chown('newdir/fx.txt','lisi','lisi')
def upgrade(self):
user = self.meta['user']
group = self.meta['group']
objects = self.meta['objects_to_be_replaced']
for o in objects:
path = os.path.join(self.root, o)
if os.path.isdir(path):
shutil.rmtree(path)
else:
os.remove(path)
shutil.unpack_archive(self.archive, self.root)
shutil.chown(self.root, user, group)
print('Finished')
return True