Home Explore Help
Register Sign In
VendorSoftware
/
supervisor
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Changes after testing sockchown, sockchmod.

Chris McDonough 19 years ago
parent
6d385e2709
commit
d7763ef994
4 changed files with 29 additions and 9 deletions
Split View Show Diff Stats
  1. 2 2
      TODO.txt
  2. 5 5
      sample.conf
  3. 19 1
      src/supervisor/http.py
  4. 3 1
      src/supervisor/supervisord.py

+ 2 - 2
TODO.txt
View File 

@@ -1,5 +1,3 @@
 
-- Manually test UNIX domain socket setgid, setuid, chmod.
 
-
 
 - Figure out why supervisord sends SIGKILL to processes at shutdown time
 
   so quickly (and why they report they got SIGINT).
 
 
@@ -41,3 +39,5 @@
 
 - Option to include/disinclude stderr in child logs.
 
 
 - Unit test the http_client package.
 
+
 
+- Per-process exit code specifications.

+ 5 - 5
sample.conf
View File 

@@ -1,11 +1,11 @@
 
 [supervisord]
 
 xmlrpc_port=supervisor.sock ; (default is to run a UNIX domain socket server)
 
 ;xmlrpc_port=127.0.0.1:9001  ; (alternately, ip_address:port specifies AF_INET)
 
-sockchmod=0700              ; AF_UNIX socket creation mode (AF_INET ignores)
 
-;sockchown=chrism.chrism     ; AF_UNIX socket uid.gid owner (AF_INET ignores)
 
+;sockchmod=0700              ; AF_UNIX socketmode (AF_INET ignore, default 0700)
 
+;sockchown=nobody.nogroup     ; AF_UNIX socket uid.gid owner (AF_INET ignores)
 
+;umask=022                   ; (process file creation umask;default 022)
 
 exitcodes=0,2               ; ('expected' exit codes;default 0,2)
 
-umask=022                   ; (process umask;default 022)
 
-logfile=supervisord.log     ; (main log file;default $CWD/supervisord.log)
 
+logfile=/tmp/supervisord.log     ; (main log file;default $CWD/supervisord.log)
 
 logfile_maxbytes=50MB       ; (max main logfile bytes b4 rotation;default 50MB)
 
 logfile_backups=10          ; (num of main logfile rotation backups;default 10)
 
 loglevel=info               ; (logging level;default info; others: debug,warn)
 
@@ -25,7 +25,7 @@ backofflimit=3              ; (child process restart seconds;default 3)
 
 ;directory=/tmp              ; (default is not to cd during start)
 
 
 [supervisorctl]
 
-serverurl=unix://supervisor.sock ; use a unix:// URL to specify a domain socket
 
+serverurl=unix:///tmp/supervisor.sock ; use a unix:// URL to specify a domain socket
 
 ;serverurl=http://127.0.0.1:9001 ; use an http:// url to specify an inet socket
 
 ;username=chris              ; should be same as xmlrpc_username if set
 
 ;password=123                ; should be same as xmlrpc_password if set

+ 19 - 1
src/supervisor/http.py
View File 

@@ -9,6 +9,7 @@ import sys
 
 import string
 
 import socket
 
 import errno
 
+import pwd
 
 
 NOT_DONE_YET = []
 
 
@@ -461,6 +462,7 @@ class supervisor_af_unix_http_server(supervisor_http_server):
 
                 sock.bind(tempname)
 
                 os.chmod(tempname, sockchmod)
 
                 try:
 
+                    # hard link
 
                     os.link(tempname, socketname)
 
                 except os.error:
 
                     # Lock contention, or stale socket.
 
@@ -480,7 +482,23 @@ class supervisor_af_unix_http_server(supervisor_http_server):
 
                     time.sleep(.3)
 
                     continue
 
                 else:
 
-                    os.chown(socketname, sockchown[0], sockchown[1])
 
+                    try:
 
+                        print sockchown[0], sockchown[1]
 
+                        os.chown(socketname, sockchown[0], sockchown[1])
 
+                    except os.error, why:
 
+                        if why[0] == errno.EPERM:
 
+                            msg = ('Not permitted to chown %s to uid/gid %s; '
 
+                                   'adjust "sockchown" value in config file or '
 
+                                   'on command line to values that the '
 
+                                   'current user (%s) can successfully chown')
 
+                            raise ValueError(msg % (socketname,
 
+                                                    repr(sockchown),
 
+                                                    pwd.getpwuid(
 
+                                                        os.geteuid())[0],
 
+                                                    ),
 
+                                             )
 
+                        else:
 
+                            raise
 
                     self.prebind(sock, logger_object)
 
                     break

+ 3 - 1
src/supervisor/supervisord.py
View File 

@@ -641,8 +641,8 @@ class Supervisor:
 
         for program in self.options.programs:
 
             name = program.name
 
             self.processes[name] = Subprocess(self.options, program)
 
-        self.openhttpserver()
 
         try:
 
+            self.openhttpserver()
 
             self.setsignals()
 
             if not self.options.nodaemon:
 
                 self.daemonize()
 
@@ -676,6 +676,8 @@ class Supervisor:
 
                                    'configured to use (%s).  Shut this program '
 
                                    'down first before starting supervisord. ' %
 
                                    port)
 
+        except ValueError, why:
 
+            self.options.usage(why[0])
 
 
     def setsignals(self):
 
         signal.signal(signal.SIGTERM, self.sigexit)