diff --git a/src/pylorax/api/config.py b/src/pylorax/api/config.py index c15e0e6e..e5f35152 100644 --- a/src/pylorax/api/config.py +++ b/src/pylorax/api/config.py @@ -15,6 +15,7 @@ # along with this program. If not, see . # import ConfigParser +import grp import os from pylorax.sysutils import joinpaths @@ -41,7 +42,7 @@ def configure(conf_file="/etc/lorax/composer.conf", root_dir="/", test_config=Fa # set defaults conf.add_section("composer") - conf.set("composer", "share_dir", os.path.realpath(joinpaths(root_dir, "/usr/share/lorax/composer/"))) + conf.set("composer", "share_dir", os.path.realpath(joinpaths(root_dir, "/usr/share/lorax/"))) conf.set("composer", "lib_dir", os.path.realpath(joinpaths(root_dir, "/var/lib/lorax/composer/"))) conf.set("composer", "yum_conf", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/yum.conf"))) conf.set("composer", "repo_dir", os.path.realpath(joinpaths(root_dir, "/var/tmp/composer/repos.d/"))) @@ -73,3 +74,33 @@ def make_yum_dirs(conf): p_dir = os.path.dirname(conf.get("composer", p)) if not os.path.exists(p_dir): os.makedirs(p_dir) + +def make_queue_dirs(conf, gid): + """Make any missing queue directories + + :param conf: The configuration to use + :type conf: ComposerConfig + :param gid: Group ID that has access to the queue directories + :type gid: int + :returns: list of errors + :rtype: list of str + """ + errors = [] + lib_dir = conf.get("composer", "lib_dir") + for p in ["queue/run", "queue/new", "results"]: + p_dir = joinpaths(lib_dir, p) + if not os.path.exists(p_dir): + orig_umask = os.umask(0) + os.makedirs(p_dir, 0o771) + os.chown(p_dir, 0, gid) + os.umask(orig_umask) + else: + p_stat = os.stat(p_dir) + if p_stat.st_mode & 0o006 != 0: + errors.append("Incorrect permissions on %s, no o+rw permissions are allowed." % p_dir) + + if p_stat.st_gid != gid or p_stat.st_uid != 0: + gr_name = grp.getgrgid(gid).gr_name + errors.append("%s should be owned by root:%s" % (p_dir, gr_name)) + + return errors diff --git a/src/sbin/lorax-composer b/src/sbin/lorax-composer index f644574b..72e65379 100755 --- a/src/sbin/lorax-composer +++ b/src/sbin/lorax-composer @@ -35,13 +35,12 @@ from gevent import socket from gevent.wsgi import WSGIServer from pylorax import vernum -from pylorax.api.config import configure, make_yum_dirs +from pylorax.api.config import configure, make_yum_dirs, make_queue_dirs from pylorax.api.queue import monitor from pylorax.api.recipes import open_or_create_repo, commit_recipe_directory from pylorax.api.server import server, GitLock, YumLock from pylorax.api.yumbase import get_base_object from pylorax.base import DataHolder -from pylorax.sysutils import joinpaths VERSION = "{0}-{1}".format(os.path.basename(sys.argv[0]), vernum) @@ -189,23 +188,12 @@ if __name__ == '__main__': if opts.sharedir: server.config["COMPOSER_CFG"].set("composer", "share_dir", opts.sharedir) - # Make sure the queue paths are setup correctly - lib_dir = server.config["COMPOSER_CFG"].get("composer", "lib_dir") - for p in ["queue/run", "queue/new", "results"]: - p_dir = joinpaths(lib_dir, p) - if not os.path.exists(p_dir): - log.info("%s does not exist, creating it.", p_dir) - orig_umask = os.umask(0) - os.makedirs(p_dir, 0o771) - os.chown(p_dir, 0, gid) - os.umask(orig_umask) - else: - p_stat = os.stat(p_dir) - if p_stat.st_mode & 0o006 != 0: - errors.append("Incorrect permissions on %s, no o+rw permissions are allowed." % p_dir) - - if p_stat.st_gid != gid or p_stat.st_uid != 0: - errors.append("%s should be owned by root:%s" % (p_dir, opts.group)) + # Make sure the queue paths are setup correctly, exit on errors + errors = make_queue_dirs(server.config["COMPOSER_CFG"], gid) + if errors: + for e in errors: + log.error(e) + sys.exit(1) # Setup the Unix Domain Socket, remove old one, set ownership and permissions if os.path.exists(opts.socket): @@ -217,6 +205,7 @@ if __name__ == '__main__': listener.listen(1) # Start queue monitor thread as root + lib_dir = server.config["COMPOSER_CFG"].get("composer", "lib_dir") cfg = DataHolder(composer_dir=lib_dir, uid=uid, gid=gid) p = mp.Process(target=monitor, args=(cfg,)) p.daemon = True