- if run with root privileges, the debuginfo install script is not suided to abrt, but the installed debuginfo files has to be owned by abrt:abrt, so they can be removed by abrt (e.d. when trimming old files) and that is done using the ensure_abrt_uid decorator
Signed-off-by: Jiri Moskovcak <jmosk...@redhat.com> --- src/client-python/debuginfo.py | 59 +++++++++++++++++++++++++++++++++--------- 1 file changed, 47 insertions(+), 12 deletions(-) diff --git a/src/client-python/debuginfo.py b/src/client-python/debuginfo.py index 98dbec6..4908845 100644 --- a/src/client-python/debuginfo.py +++ b/src/client-python/debuginfo.py @@ -22,9 +22,32 @@ def unmute_stdout(): else: print "ERR: unmute called without mute?" +def ensure_abrt_uid(fn): + import pwd + current_uid = os.getuid() + current_gid = os.getgid() + abrt = pwd.getpwnam("abrt") + + # if we're are already running as abrt, don't do anything + if abrt.pw_uid == current_uid and abrt.pw_gid == current_gid: + return fn + + def wrapped(*args, **kwargs): + # switch to abrt + os.setegid(abrt.pw_gid) + os.seteuid(abrt.pw_uid) + # extract the files as abrt:abrt + fn(*args, **kwargs) + # switch back to whatever we were + os.seteuid(current_uid) + os.setegid(current_gid) + + return wrapped + # TODO: unpack just required debuginfo and not entire rpm? # ..that can lead to: foo.c No such file and directory # files is not used... +@ensure_abrt_uid def unpack_rpm(package_file_name, files, tmp_dir, destdir, keeprpm, exact_files=False): package_full_path = tmp_dir + "/" + package_file_name log1("Extracting %s to %s", package_full_path, destdir) @@ -36,8 +59,10 @@ def unpack_rpm(package_file_name, files, tmp_dir, destdir, keeprpm, exact_files= except IOError, ex: print _("Can't write to '{0}': {1}").format(unpacked_cpio_path, ex) return RETURN_FAILURE + rpm2cpio = Popen(["rpm2cpio", package_full_path], stdout = unpacked_cpio, bufsize = -1) + error_out.close() retcode = rpm2cpio.wait() if retcode == 0: @@ -164,6 +189,23 @@ class DebugInfoDownload(YumBase): exit(1) unmute_stdout() + @ensure_abrt_uid + def setup_tmp_dirs(self): + if not os.path.exists(self.tmpdir): + try: + os.makedirs(self.tmpdir) + except OSError, ex: + print "Can't create tmpdir: %s" % ex + return RETURN_FAILURE + if not os.path.exists(self.cachedir): + try: + os.makedirs(self.cachedir) + except OSError, ex: + print "Can't create cachedir: %s" % ex + return RETURN_FAILURE + + return RETURN_OK + # return value will be used as exitcode. So 0 = ok, !0 - error def download(self, files, download_exact_files=False): """ @files - """ @@ -288,18 +330,11 @@ class DebugInfoDownload(YumBase): repo.cache = 0 remote = pkg.returnSimple('relativepath') local = os.path.basename(remote) - if not os.path.exists(self.tmpdir): - try: - os.makedirs(self.tmpdir) - except OSError, ex: - print "Can't create tmpdir: %s" % ex - return RETURN_FAILURE - if not os.path.exists(self.cachedir): - try: - os.makedirs(self.cachedir) - except OSError, ex: - print "Can't create cachedir: %s" % ex - return RETURN_FAILURE + retval = self.setup_tmp_dirs() + # continue only if the tmp dirs are ok + if retval != RETURN_OK: + return retval + local = os.path.join(self.tmpdir, local) pkg.localpath = local # Hack: to set the localpath we want err = self.downloadPkgs(pkglist=[pkg]) -- 1.8.1.4