SF.net SVN: safekeep: [444] safekeep/trunk

[<di...@us...>]

Revision: 444
          http://safekeep.svn.sourceforge.net/safekeep/?rev=444&view=rev
Author:   dimi
Date:     2007-03-08 12:27:15 -0800 (Thu, 08 Mar 2007)

Log Message:
-----------
Instrument the --keys mode to work with a different backup user.
Rename the property to 'backup.user' instead of just 'user'.

Modified Paths:
--------------
    safekeep/trunk/doc/safekeep.conf.txt
    safekeep/trunk/safekeep
    safekeep/trunk/sample.conf

Modified: safekeep/trunk/doc/safekeep.conf.txt
===================================================================
--- safekeep/trunk/doc/safekeep.conf.txt	2007-03-08 03:44:20 UTC (rev 443)
+++ safekeep/trunk/doc/safekeep.conf.txt	2007-03-08 20:27:15 UTC (rev 444)
@@ -20,6 +20,12 @@
 
 PARAMETERS
 ----------
+
+backup.user::
+	The Unix user under which the server will run.
+	If not specified, `safekeep` will just run under the
+	current user.
+
 email.to::
 	In addition to writing the session logs
 	on the standard output, `safekeep` can also send the
@@ -34,11 +40,6 @@
 	If not specified, `safekeep` will just use
 	`/usr/sbin/sendmail` to deliver the mail.
 
-user::
-	The Unix user under which the server will run.
-	If not specified, `safekeep` will just run under the
-	current user.
-
 FILES
 -----
     /etc/safekeep/safekeep.conf

Modified: safekeep/trunk/safekeep
===================================================================
--- safekeep/trunk/safekeep	2007-03-08 03:44:20 UTC (rev 443)
+++ safekeep/trunk/safekeep	2007-03-08 20:27:15 UTC (rev 444)
@@ -2,7 +2,7 @@
 
 import getopt, os, os.path, popen2, re, sys
 import commands, tempfile, time, traceback
-import xml.dom.minidom
+import getpass, pwd, xml.dom.minidom
 import socket, smtplib
 
 config_dir = '/etc/safekeep'
@@ -10,6 +10,9 @@
 logbuf = []
 is_client = False
 verbosity_level = 1
+work_user = getpass.getuser()
+backup_user = None
+home_dir = None
 
 PROTOCOL = "1.0"
 VERSION = "0.9.1"
@@ -186,11 +189,10 @@
         host = user = key_ctrl = key_data = None
     if host and not user:
         user = 'root'
-    home = os.getenv('HOME', '/root')
     if host and not key_ctrl:
-        key_ctrl = os.path.join(home, '.ssh', 'safekeep-server-ctrl-key')
+        key_ctrl = os.path.join(home_dir, '.ssh', 'safekeep-server-ctrl-key')
     if host and not key_data:
-        key_data = os.path.join(home, '.ssh', 'safekeep-server-data-key')
+        key_data = os.path.join(home_dir, '.ssh', 'safekeep-server-data-key')
 
     repo_el = backup_el.getElementsByTagName('repo')
     dir = None
@@ -648,8 +650,9 @@
                     break
                 if deploy:
                     info('%s: Key do not exist, generating it now: %s' % (id, privatekeyfile))
-                    gencmd = 'ssh-keygen -q -b 1024 -t dsa -N "" -C "SafeKeep auto generated key at %s@%s" -f %s' % \
-                          (os.getenv('LOGNAME', 'root'), os.uname()[1], privatekeyfile)
+                    gencmd = 'ssh-keygen -q -b 1024 -t dsa -N "" -C "SafeKeep auto generated key at %s@%s" -f %s' % (backup_user, os.uname()[1], privatekeyfile)
+                    if backup_user is not work_user:
+                        gencmd = 'su -c %s - %s' % (commands.mkarg(gencmd), backup_user)
                     debug(gencmd)
                     if os.system(gencmd):
                         error('%s: Failed to generate key %s. Skipping client.' % (id, privatekeyfile))
@@ -676,7 +679,6 @@
         if identity: basessh += ' -i %s' % (commands.mkarg(identity))
 
         if status or deploy:
-            if identity: cmd = "ssh -i %s" % (commands.mkarg(identity))
             cmd = '%s %s@%s "if test -f .ssh/authorized_keys; then cat .ssh/authorized_keys; fi"' % (basessh, cfg['user'], cfg['host'])
             debug(cmd)
             out = os.popen(cmd, 'r')
@@ -798,8 +800,8 @@
     except getopt.GetoptError:
         usage(2)
 
+    global backup_user, home_dir
     mode = None
-    user = None
     email = []
     smtp = None
     cfgfile = None
@@ -875,8 +877,8 @@
             props = parse_prop_file(cfgfile)
         else:
             props = {}
-        if 'user' in props:
-            user = props['user']
+        if 'backup.user' in props:
+            backup_user = props['backup.user']
         if 'email.smtp.server' in props:
             smtp = props['email.smtp.server']
         if 'email.to' in props:
@@ -884,7 +886,21 @@
         if len(cfglocs) == 0: 
             locs = os.path.join(config_dir, 'clients.d')
             if os.path.isdir(locs): cfglocs.append(locs)
+
+    if backup_user and backup_user != work_user:
+        (user, pswd, uid, gid, gecos, home_dir, shell) = pwd.getpwnam(backup_user)
+        if mode is not 'keys':
+            os.setregid(gid, gid)
+            os.setreuid(uid, uid)
+            os.env['HOME'] = home_dir
+    else:
+        backup_user = work_user
+        home_dir = os.getenv('HOME', '/')
+
+    if len(cfglocs) > 0:
         cfgs = parse_locs(cfglocs)
+    else:
+        cfgs = {}
 
     if mode is 'client':
         if len(args) > 0: usage(2)
@@ -898,13 +914,6 @@
             ok = False
         if not ok: sys.exit(2)
 
-    if user and mode is not 'keys':
-        import pwd
-        (name, passwd, uid, gid, gecos, dir, shell) = pwd.getpwnam(user)
-        os.setregid(gid, gid)
-        os.setreuid(uid, uid)
-        os.env['HOME'] = dir
-
     try:
         global is_client, verbosity_level
         if mode is 'server':

Modified: safekeep/trunk/sample.conf
===================================================================
--- safekeep/trunk/sample.conf	2007-03-08 03:44:20 UTC (rev 443)
+++ safekeep/trunk/sample.conf	2007-03-08 20:27:15 UTC (rev 444)
@@ -5,7 +5,7 @@
 #   - leading and trailing blanks are ignored
 
 # the user under which the server will run
-# user = safekeep
+# backup.user = safekeep
 
 # a comma separated list of emails to receive the logs
 # ema...@co...,ro...@co...


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.