revpi/revpipyload
1
0
Fork 0
mirror of https://github.com/naruxde/revpipyload.git synced 2025-11-08 23:23:52 +01:00
Code Issues Packages Releases Wiki Activity

Fix problem with extended unix user groups

Browse Source 
PLC program got only uid and gid, but not the other group ids of user.
Set gid to work directory, too.
Set uid and gid to uploaded files.
This commit is contained in:
Sven Sager
2020-11-04 23:18:52 +01:00
parent 7b242865e4
commit c393b9fb05
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
revpipyload/plcsystem.py
View File

@@ -6,6 +6,7 @@ __license__ = "GPLv3"
import os import os
import shlex import shlex
import subprocess import subprocess
from pwd import getpwuid
from sys import stdout as sysstdout from sys import stdout as sysstdout
from threading import Event, Thread from threading import Event, Thread
from time import sleep, asctime from time import sleep, asctime
@@ -95,6 +96,15 @@ class RevPiPlc(Thread):
"set uid {0} and gid {1} for plc program".format( "set uid {0} and gid {1} for plc program".format(
self.uid, self.gid) self.uid, self.gid)
) )
# Set user last to hold root right to do the group things
try:
name = getpwuid(self.uid).pw_name
os.initgroups(name, self.gid)
except Exception:
proginit.logger.warning(
"could not initialize the group access list with all groups"
)
os.setgid(self.gid) os.setgid(self.gid)
os.setuid(self.uid) os.setuid(self.uid)

8
revpipyload/revpipyload.py
View File

@@ -343,9 +343,9 @@ class RevPiPyLoad:
# Workdirectory owner setzen # Workdirectory owner setzen
try: try:
if self.plcworkdir_set_uid: if self.plcworkdir_set_uid:
os.chown(self.plcworkdir, self.plcuid, -1) os.chown(self.plcworkdir, self.plcuid, self.plcgid)
else: else:
os.chown(self.plcworkdir, 0, -1) os.chown(self.plcworkdir, 0, 0)
except Exception: except Exception:
proginit.logger.warning( proginit.logger.warning(
"could not set user id on working directory" "could not set user id on working directory"
@@ -1207,6 +1207,10 @@ class RevPiPyLoad:
try: try:
with open(filename, "wb") as fh: with open(filename, "wb") as fh:
fh.write(gzip.decompress(filedata.data)) fh.write(gzip.decompress(filedata.data))
if self.plcworkdir_set_uid:
os.chown(self.plcworkdir, self.plcuid, self.plcgid)
else:
os.chown(self.plcworkdir, 0, 0)
return True return True
except Exception: except Exception:
return False return False

2
setup.py
View File

@@ -27,7 +27,7 @@ setup(
license="LGPLv3", license="LGPLv3",
name="revpipyload", name="revpipyload",
version="0.9.2c", version="0.9.2d",
scripts=[ scripts=[
"data/revpipyload", "data/revpipyload",