diff options
| author | Michael Elkins <melkins@tislabs.com> | 2010-11-11 01:40:05 +0000 |
|---|---|---|
| committer | Michael Elkins <melkins@tislabs.com> | 2010-11-11 01:40:05 +0000 |
| commit | bae959994e1a943ab76257bfa7bb65a2efe3299a (patch) | |
| tree | 73b771c91f7e36c87c3a6d0ab5019db2d554fe44 /portal-gui/scripts/adduser.py | |
| parent | a005b458fece9b8a3b7b86e38fb477f9b7592b65 (diff) | |
move docs on configuring apache to README.apache
update README to detail use of the build.sh for installation instead of using
the configure script directly.
added USER= configuration variable to specify the user that the apache web server is running as.
make install target sets file permissions so that apache user can read/write them
adduser.py sets file permissions so that apacher user can read/write them
svn path=/portal-gui/Makefile.in; revision=3548
Diffstat (limited to 'portal-gui/scripts/adduser.py')
| -rwxr-xr-x | portal-gui/scripts/adduser.py | 34 |
1 files changed, 24 insertions, 10 deletions
diff --git a/portal-gui/scripts/adduser.py b/portal-gui/scripts/adduser.py index c7fc2a55..bd0596a7 100755 --- a/portal-gui/scripts/adduser.py +++ b/portal-gui/scripts/adduser.py @@ -26,16 +26,20 @@ import os import sys import hashlib import getpass +import pwd + +apache_uid = pwd.getpwnam(settings.APACHE_USER)[2] # FIXME: hardcoded for now realm = 'myrpki' def user_has_password(passfile, username): 'returns True if username is found in the specified password file' - with open(passfile,'r') as f: - for line in f: - if line.split(':')[0] == username: - return True + if os.path.exists(passfile): + with open(passfile,'r') as f: + for line in f: + if line.split(':')[0] == username: + return True return False def update_apache_auth_file(passfile, username, realm, password): @@ -48,6 +52,10 @@ if __name__ == '__main__': print >>sys.stderr, 'usage: adduser <username> <user\'s email> <host handle>' sys.exit(1) + if os.getuid() != 0: + print >>sys.stderr, 'error: this script must be run as roon so it can set file permissions.' + sys.exit(1) + username = sys.argv[1] email = sys.argv[2] host = sys.argv[3] @@ -70,18 +78,23 @@ if __name__ == '__main__': conf = Conf.objects.create(handle=username) conf.owner.add(user) - host_set = Conf.objects.filter(handle=host) - if not host_set: - print >>sys.stderr, 'error: Conf object for host %s does not exist!' % host + if host != username: + host_set = Conf.objects.filter(handle=host) + if not host_set: + print >>sys.stderr, 'error: Conf object for host %s does not exist!' % host + sys.exit(1) - conf.host = host_set[0] - conf.save() + conf.host = host_set[0] + conf.save() + else: + print >>sys.stderr, '%s is self-hosted' % username myrpki_dir = '%s/%s' % (settings.MYRPKI_DATA_DIR, username) print 'myrpki_dir=', myrpki_dir if not os.path.exists(myrpki_dir): print 'creating ', myrpki_dir os.mkdir(myrpki_dir) + os.chown(myrpki_dir, apache_uid, -1) # create stuf myrpki.conf enough to fool portal-gui myrpki_conf = myrpki_dir + '/myrpki.conf' @@ -101,7 +114,8 @@ prefix_csv=%(path)s/prefixes.csv""" % { 'path': myrpki_dir } if not os.path.exists(fname): print 'creating ', fname with open(fname, 'w') as f: - pass # just create an empty file + # just create an empty file + os.fchown(f, apache_uid, -1) # add a password for this user to the apache passwd file if not present |