23
23
# This is a command-line application, for use by the administrator.
24
# This program configures, builds and installs IVLE in three separate steps.
24
# This program is a frontend for the modules in the setup packages that
25
# configure, build and install IVLE in three separate steps.
25
26
# It is called with at least one argument, which specifies which operation to
28
# setup.py listmake (for developer use only)
29
# Recurses through the source tree and builds a list of all files which should
30
# be copied upon installation. This should be run by the developer before
31
# cutting a distribution, and the listfile it generates should be included in
32
# the distribution, avoiding the administrator having to run it.
34
# setup.py config [args]
35
# Configures IVLE with machine-specific details, most notably, various paths.
36
# Either prompts the administrator for these details or accepts them as
38
# Creates lib/conf/conf.py and trampoline/conf.h.
41
# Compiles all files and sets up a jail template in the source directory.
43
# Compiles (GCC) trampoline/trampoline.c to trampoline/trampoline.
45
# Creates standard subdirs inside the jail, eg bin, opt, home, tmp.
46
# Copies console/ to a location within the jail.
47
# Copies OS programs and files to corresponding locations within the jail
48
# (eg. python and Python libs, ld.so, etc).
49
# Generates .pyc files for all the IVLE .py files.
51
# setup.py install [--nojail] [--dry|n]
53
# Create target install directory ($target).
55
# Copy trampoline/trampoline to $target/bin.
56
# chown and chmod the installed trampoline.
57
# Copy www/ to $target.
58
# Copy jail/ to jails template directory (unless --nojail specified).
73
# Import modules from the website is tricky since they're in the www
75
sys.path.append(os.path.join(os.getcwd(), 'lib'))
77
import common.makeuser
79
# Determine which Python version (2.4 or 2.5, for example) we are running,
80
# and use that as the filename to the Python directory.
81
# Just get the first 3 characters of sys.version.
82
PYTHON_VERSION = sys.version[0:3]
84
# Operating system files to copy over into the jail.
85
# These will be copied from the given place on the OS file system into the
86
# same place within the jail.
89
'/lib/tls/i686/cmov/libc.so.6',
90
'/lib/tls/i686/cmov/libdl.so.2',
91
'/lib/tls/i686/cmov/libm.so.6',
92
'/lib/tls/i686/cmov/libpthread.so.0',
93
'/lib/tls/i686/cmov/libutil.so.1',
96
# These 2 files do not exist in Ubuntu
97
#'/etc/ld.so.preload',
98
#'/etc/ld.so.nohwcap',
104
'/usr/bin/python%s' % PYTHON_VERSION,
105
# Needed by fileservice
106
'/lib/libcom_err.so.2',
107
'/lib/libcrypt.so.1',
108
'/lib/libkeyutils.so.1',
109
'/lib/libresolv.so.2',
112
'/usr/lib/libapr-1.so.0',
113
'/usr/lib/libaprutil-1.so.0',
114
'/usr/lib/libdb-4.4.so',
115
'/usr/lib/libexpat.so.1',
116
'/usr/lib/libgcrypt.so.11',
117
'/usr/lib/libgnutls.so.13',
118
'/usr/lib/libgpg-error.so.0',
119
'/usr/lib/libgssapi_krb5.so.2',
120
'/usr/lib/libk5crypto.so.3',
121
'/usr/lib/libkrb5.so.3',
122
'/usr/lib/libkrb5support.so.0',
123
'/usr/lib/liblber.so.2',
124
'/usr/lib/libldap_r.so.2',
125
'/usr/lib/libneon.so.26',
126
'/usr/lib/libpq.so.5',
127
'/usr/lib/libsasl2.so.2',
128
'/usr/lib/libsqlite3.so.0',
129
'/usr/lib/libsvn_client-1.so.1',
130
'/usr/lib/libsvn_delta-1.so.1',
131
'/usr/lib/libsvn_diff-1.so.1',
132
'/usr/lib/libsvn_fs-1.so.1',
133
'/usr/lib/libsvn_fs_base-1.so.1',
134
'/usr/lib/libsvn_fs_fs-1.so.1',
135
'/usr/lib/libsvn_ra-1.so.1',
136
'/usr/lib/libsvn_ra_dav-1.so.1',
137
'/usr/lib/libsvn_ra_local-1.so.1',
138
'/usr/lib/libsvn_ra_svn-1.so.1',
139
'/usr/lib/libsvn_repos-1.so.1',
140
'/usr/lib/libsvn_subr-1.so.1',
141
'/usr/lib/libsvn_wc-1.so.1',
142
'/usr/lib/libtasn1.so.3',
143
'/usr/lib/libxml2.so.2',
144
# Needed by matplotlib
145
'/usr/lib/i686/cmov/libssl.so.0.9.8',
146
'/usr/lib/i686/cmov/libcrypto.so.0.9.8',
147
'/lib/tls/i686/cmov/libnsl.so.1',
148
'/usr/lib/libz.so.1',
149
'/usr/lib/atlas/liblapack.so.3',
150
'/usr/lib/atlas/libblas.so.3',
151
'/usr/lib/libg2c.so.0',
152
'/usr/lib/libstdc++.so.6',
153
'/usr/lib/libfreetype.so.6',
154
'/usr/lib/libpng12.so.0',
155
'/usr/lib/libBLT.2.4.so.8.4',
156
'/usr/lib/libtk8.4.so.0',
157
'/usr/lib/libtcl8.4.so.0',
158
'/usr/lib/tcl8.4/init.tcl',
159
'/usr/lib/libX11.so.6',
160
'/usr/lib/libXau.so.6',
161
'/usr/lib/libXdmcp.so.6',
162
'/lib/libgcc_s.so.1',
165
'/lib/libnss_dns.so.2',
166
'/lib/libnss_mdns4_minimal.so.2',
171
'/etc/nsswitch.conf',
172
'/lib/libnss_files.so.2',
174
# Symlinks to make within the jail. Src mapped to dst.
176
'python%s' % PYTHON_VERSION: 'jail/usr/bin/python',
178
# Trees to copy. Src mapped to dst (these will be passed to action_copytree).
180
'/usr/lib/python%s' % PYTHON_VERSION:
181
'jail/usr/lib/python%s' % PYTHON_VERSION,
182
'/usr/share/matplotlib': 'jail/usr/share/matplotlib',
183
'/etc/ld.so.conf.d': 'jail/etc/ld.so.conf.d',
184
'/usr/share/nltk': 'jail/usr/share/nltk',
188
"""A configuration option; one of the things written to conf.py."""
189
def __init__(self, option_name, default, prompt, comment):
190
"""Creates a configuration option.
191
option_name: Name of the variable in conf.py. Also name of the
192
command-line argument to setup.py conf.
193
default: Default value for this variable.
194
prompt: (Short) string presented during the interactive prompt in
196
comment: (Long) comment string stored in conf.py. Each line of this
197
string should begin with a '#'.
199
self.option_name = option_name
200
self.default = default
202
self.comment = comment
204
# Configuration options, defaults and descriptions
206
config_options.append(ConfigOption("root_dir", "/",
207
"""Root directory where IVLE is located (in URL space):""",
209
# In URL space, where in the site is IVLE located. (All URLs will be prefixed
211
# eg. "/" or "/ivle"."""))
212
config_options.append(ConfigOption("ivle_install_dir", "/opt/ivle",
213
'Root directory where IVLE will be installed (on the local file '
216
# In the local file system, where IVLE is actually installed.
217
# This directory should contain the "www" and "bin" directories."""))
218
config_options.append(ConfigOption("jail_base", "/home/informatics/jails",
219
"""Location of Directories
220
=======================
221
Root directory where the jails (containing user files) are stored
222
(on the local file system):""",
224
# In the local file system, where are the student/user file spaces located.
225
# The user jails are expected to be located immediately in subdirectories of
226
# this location."""))
227
config_options.append(ConfigOption("subjects_base",
228
"/home/informatics/subjects",
229
"""Root directory where the subject directories (containing worksheets
230
and other per-subject files) are stored (on the local file system):""",
232
# In the local file system, where are the per-subject file spaces located.
233
# The individual subject directories are expected to be located immediately
234
# in subdirectories of this location."""))
235
config_options.append(ConfigOption("exercises_base",
236
"/home/informatics/exercises",
237
"""Root directory where the exercise directories (containing
238
subject-independent exercise sheets) are stored (on the local file
241
# In the local file system, where are the subject-independent exercise sheet
242
# file spaces located."""))
243
config_options.append(ConfigOption("tos_path",
244
"/home/informatics/tos.html",
245
"""Location where the Terms of Service document is stored (on the local
248
# In the local file system, where is the Terms of Service document located."""))
249
config_options.append(ConfigOption("public_host", "public.localhost",
250
"""Hostname which will cause the server to go into "public mode",
251
providing login-free access to student's published work:""",
253
# The server goes into "public mode" if the browser sends a request with this
254
# host. This is for security reasons - we only serve public student files on a
255
# separate domain to the main IVLE site.
256
# Public mode does not use cookies, and serves only public content.
257
# Private mode (normal mode) requires login, and only serves files relevant to
258
# the logged-in user."""))
259
config_options.append(ConfigOption("allowed_uids", "33",
260
"""UID of the web server process which will run IVLE.
261
Only this user may execute the trampoline. May specify multiple users as
262
a comma-separated list.
265
# The User-ID of the web server process which will run IVLE, and any other
266
# users who are allowed to run the trampoline. This is stores as a string of
267
# comma-separated integers, simply because it is not used within Python, only
268
# used by the setup program to write to conf.h (see setup.py config)."""))
269
config_options.append(ConfigOption("db_host", "localhost",
270
"""PostgreSQL Database config
271
==========================
272
Hostname of the DB server:""",
274
### PostgreSQL Database config ###
275
# Database server hostname"""))
276
config_options.append(ConfigOption("db_port", "5432",
277
"""Port of the DB server:""",
279
# Database server port"""))
280
config_options.append(ConfigOption("db_dbname", "ivle",
281
"""Database name:""",
284
config_options.append(ConfigOption("db_forumdbname", "ivle_forum",
285
"""Forum Database name:""",
287
# Forum Database name"""))
288
config_options.append(ConfigOption("db_user", "postgres",
289
"""Username for DB server login:""",
291
# Database username"""))
292
config_options.append(ConfigOption("db_password", "",
293
"""Password for DB server login:
294
(Caution: This password is stored in plaintext in lib/conf/conf.py)""",
296
# Database password"""))
297
config_options.append(ConfigOption("auth_modules", "ldap_auth",
298
"""Authentication config
299
=====================
300
Comma-separated list of authentication modules. Only "ldap" is available
303
# Comma-separated list of authentication modules.
304
# These refer to importable Python modules in the www/auth directory.
305
# Modules "ldap" and "guest" are available in the source tree, but
306
# other modules may be plugged in to auth against organisation-specific
307
# auth backends."""))
308
config_options.append(ConfigOption("ldap_url", "ldaps://www.example.com",
309
"""(LDAP options are only relevant if "ldap" is included in the list of
311
URL for LDAP authentication server:""",
313
# URL for LDAP authentication server"""))
314
config_options.append(ConfigOption("ldap_format_string",
315
"uid=%s,ou=users,o=example",
316
"""Format string for LDAP auth request:
317
(Must contain a single "%s" for the user's login name)""",
319
# Format string for LDAP auth request
320
# (Must contain a single "%s" for the user's login name)"""))
321
config_options.append(ConfigOption("svn_addr", "http://svn.localhost/",
324
The base url for accessing subversion repositories:""",
326
# The base url for accessing subversion repositories."""))
327
config_options.append(ConfigOption("svn_conf", "/opt/ivle/svn/svn.conf",
328
"""The location of the subversion configuration file used by apache
329
to host the user repositories:""",
331
# The location of the subversion configuration file used by
332
# apache to host the user repositories."""))
333
config_options.append(ConfigOption("svn_repo_path", "/home/informatics/repositories",
334
"""The root directory for the subversion repositories:""",
336
# The root directory for the subversion repositories."""))
337
config_options.append(ConfigOption("svn_auth_ivle", "/opt/ivle/svn/ivle.auth",
338
"""The location of the password file used to authenticate users
339
of the subversion repository from the ivle server:""",
341
# The location of the password file used to authenticate users
342
# of the subversion repository from the ivle server."""))
343
config_options.append(ConfigOption("svn_auth_local", "/opt/ivle/svn/local.auth",
344
"""The location of the password file used to authenticate local users
345
of the subversion repository:""",
347
# The location of the password file used to authenticate local users
348
# of the subversion repository."""))
349
config_options.append(ConfigOption("usrmgt_host", "localhost",
350
"""User Management Server config
351
============================
352
The hostname where the usrmgt-server runs:""",
354
# The hostname where the usrmgt-server runs."""))
355
config_options.append(ConfigOption("usrmgt_port", "2178",
356
"""The port where the usrmgt-server runs:""",
358
# The port where the usrmgt-server runs."""))
359
config_options.append(ConfigOption("usrmgt_magic", "",
360
"""The password for the usrmgt-server:""",
362
# The password for the usrmgt-server."""))
364
# Try importing existing conf, but if we can't just set up defaults
365
# The reason for this is that these settings are used by other phases
366
# of setup besides conf, so we need to know them.
367
# Also this allows you to hit Return to accept the existing value.
369
confmodule = __import__("lib/conf/conf")
370
for opt in config_options:
372
globals()[opt.option_name] = confmodule.__dict__[opt.option_name]
374
globals()[opt.option_name] = opt.default
376
# Just set reasonable defaults
377
for opt in config_options:
378
globals()[opt.option_name] = opt.default
380
# Try importing install_list, but don't fail if we can't, because listmake can
381
# function without it.
387
# Mime types which will automatically be placed in the list by listmake.
388
# Note that listmake is not intended to be run by the final user (the system
389
# administrator who installs this), so the developers can customize the list
390
# as necessary, and include it in the distribution.
391
listmake_mimetypes = ['text/x-python', 'text/html',
392
'application/x-javascript', 'application/javascript',
393
'text/css', 'image/png', 'image/gif', 'application/xml']
395
# Main function skeleton from Guido van Rossum
396
# http://www.artima.com/weblogs/viewpost.jsp?thread=4829
30
import setup.configure
398
35
def main(argv=None):
421
# Disallow run as root unless installing
422
if (operation != 'install' and operation != 'updatejails'
423
and os.geteuid() == 0):
424
print >>sys.stderr, "I do not want to run this stage as root."
425
print >>sys.stderr, "Please run as a normal user."
58
oper_func = call_operator(operation)
59
return oper_func(argv[2:])
63
print """Usage: python setup.py operation [options]
70
For help and options for a specific operation use 'help [operation]'."""
73
oper_func = call_operator(operator)
74
oper_func(['operator','--help'])
76
def call_operator(operation):
427
77
# Call the requested operation's function
433
'listmake' : listmake,
435
'updatejails' : updatejails,
81
'config' : setup.configure.configure,
82
'build' : setup.build.build,
83
'install' : setup.install.install,
84
#'updatejails' : None,
438
87
print >>sys.stderr, (
439
88
"""Invalid operation '%s'. Try python setup.py help."""
442
return oper_func(argv[2:])
444
# Operation functions
448
print """Usage: python setup.py operation [args]
449
Operation (and args) can be:
451
listmake (developer use only)
454
install [--nojail] [--nosubjects] [-n|--dry]
458
print """Usage: python setup.py help [operation]"""
463
if operation == 'help':
464
print """python setup.py help [operation]
465
Prints the usage message or detailed help on an operation, then exits."""
466
elif operation == 'listmake':
467
print """python setup.py listmake
468
(For developer use only)
469
Recurses through the source tree and builds a list of all files which should
470
be copied upon installation. This should be run by the developer before
471
cutting a distribution, and the listfile it generates should be included in
472
the distribution, avoiding the administrator having to run it."""
473
elif operation == 'config':
474
print """python setup.py config [args]
475
Configures IVLE with machine-specific details, most notably, various paths.
476
Either prompts the administrator for these details or accepts them as
477
command-line args. Will be interactive only if there are no arguments given.
478
Takes defaults from existing conf file if it exists.
480
To run IVLE out of the source directory (allowing development without having
481
to rebuild/install), just provide ivle_install_dir as the IVLE trunk
482
directory, and run build/install one time.
484
Creates lib/conf/conf.py and trampoline/conf.h.
487
for opt in config_options:
488
print " --" + opt.option_name
489
print """As explained in the interactive prompt or conf.py.
491
elif operation == 'build':
492
print """python -O setup.py build [--dry|-n]
493
Compiles all files and sets up a jail template in the source directory.
494
-O is recommended to cause compilation to be optimised.
496
Compiles (GCC) trampoline/trampoline.c to trampoline/trampoline.
498
Creates standard subdirs inside the jail, eg bin, opt, home, tmp.
499
Copies console/ to a location within the jail.
500
Copies OS programs and files to corresponding locations within the jail
501
(eg. python and Python libs, ld.so, etc).
502
Generates .pyc or .pyo files for all the IVLE .py files.
504
--dry | -n Print out the actions but don't do anything."""
505
elif operation == 'install':
506
print """sudo python setup.py install [--nojail] [--nosubjects][--dry|-n]
508
Create target install directory ($target).
510
Copy trampoline/trampoline to $target/bin.
511
chown and chmod the installed trampoline.
512
Copy www/ to $target.
513
Copy jail/ to jails template directory (unless --nojail specified).
514
Copy subjects/ to subjects directory (unless --nosubjects specified).
516
--nojail Do not copy the jail.
517
--nosubjects Do not copy the subjects and exercises directories.
518
--dry | -n Print out the actions but don't do anything."""
519
elif operation == 'updatejails':
520
print """sudo python setup.py updatejails [--dry|-n]
522
Copy jail/ to each subdirectory in jails directory.
524
--dry | -n Print out the actions but don't do anything."""
526
print >>sys.stderr, (
527
"""Invalid operation '%s'. Try python setup.py help."""
532
# We build two separate lists, by walking www and console
533
list_www = build_list_py_files('www')
534
list_lib = build_list_py_files('lib')
535
list_subjects = build_list_py_files('subjects', no_top_level=True)
536
list_exercises = build_list_py_files('exercises', no_top_level=True)
538
"scripts/python-console",
539
"scripts/fileservice",
540
"scripts/serveservice",
541
"scripts/usrmgt-server",
542
"scripts/diffservice",
544
# Make sure that the files generated by conf are in the list
545
# (since listmake is typically run before conf)
546
if "lib/conf/conf.py" not in list_lib:
547
list_lib.append("lib/conf/conf.py")
548
# Write these out to a file
550
# the files that will be created/overwritten
551
listfile = os.path.join(cwd, "install_list.py")
554
file = open(listfile, "w")
556
file.write("""# IVLE Configuration File
558
# Provides lists of all files to be installed by `setup.py install' from
559
# certain directories.
560
# Note that any files with the given filename plus 'c' or 'o' (that is,
561
# compiled .pyc or .pyo files) will be copied as well.
563
# List of all installable files in www directory.
565
writelist_pretty(file, list_www)
567
# List of all installable files in lib directory.
569
writelist_pretty(file, list_lib)
571
# List of all installable files in scripts directory.
573
writelist_pretty(file, list_scripts)
575
# List of all installable files in subjects directory.
576
# This is to install sample subjects and material.
578
writelist_pretty(file, list_subjects)
580
# List of all installable files in exercises directory.
581
# This is to install sample exercise material.
582
list_exercises = """)
583
writelist_pretty(file, list_exercises)
586
except IOError, (errno, strerror):
587
print "IO error(%s): %s" % (errno, strerror)
590
print "Successfully wrote install_list.py"
593
print ("You may modify the set of installable files before cutting the "
600
def build_list_py_files(dir, no_top_level=False):
601
"""Builds a list of all py files found in a directory and its
602
subdirectories. Returns this as a list of strings.
603
no_top_level=True means the file paths will not include the top-level
607
for (dirpath, dirnames, filenames) in os.walk(dir):
608
# Exclude directories beginning with a '.' (such as '.svn')
609
filter_mutate(lambda x: x[0] != '.', dirnames)
610
# All *.py files are added to the list
611
pylist += [os.path.join(dirpath, item) for item in filenames
612
if mimetypes.guess_type(item)[0] in listmake_mimetypes]
614
for i in range(0, len(pylist)):
615
_, pylist[i] = pylist[i].split(os.sep, 1)
618
def writelist_pretty(file, list):
619
"""Writes a list one element per line, to a file."""
625
file.write(' %s,\n' % repr(elem))
629
global db_port, usrmgt_port
630
# Set up some variables
633
# the files that will be created/overwritten
634
conffile = os.path.join(cwd, "lib/conf/conf.py")
635
jailconffile = os.path.join(cwd, "lib/conf/jailconf.py")
636
conf_hfile = os.path.join(cwd, "trampoline/conf.h")
637
phpBBconffile = os.path.join(cwd, "www/php/phpBB3/config.php")
638
usrmgtserver_initdfile = os.path.join(cwd, "doc/setup/usrmgt-server.init")
640
# Get command-line arguments to avoid asking questions.
643
for opt in config_options:
644
optnames.append(opt.option_name + "=")
645
(opts, args) = getopt.gnu_getopt(args, "", optnames)
648
print >>sys.stderr, "Invalid arguments:", string.join(args, ' ')
652
# Interactive mode. Prompt the user for all the values.
654
print """This tool will create the following files:
660
prompting you for details about your configuration. The file will be
661
overwritten if it already exists. It will *not* install or deploy IVLE.
663
Please hit Ctrl+C now if you do not wish to do this.
664
""" % (conffile, jailconffile, conf_hfile, phpBBconffile, usrmgtserver_initdfile)
666
# Get information from the administrator
667
# If EOF is encountered at any time during the questioning, just exit
670
for opt in config_options:
671
globals()[opt.option_name] = \
672
query_user(globals()[opt.option_name], opt.prompt)
675
# Non-interactive mode. Parse the options.
676
for opt in config_options:
677
if '--' + opt.option_name in opts:
678
globals()[opt.option_name] = opts['--' + opt.option_name]
680
# Error handling on input values
682
allowed_uids_list = map(int, allowed_uids.split(','))
684
print >>sys.stderr, (
685
"Invalid UID list (%s).\n"
686
"Must be a comma-separated list of integers." % allowed_uids)
689
db_port = int(db_port)
690
if db_port < 0 or db_port >= 65536: raise ValueError()
692
print >>sys.stderr, (
693
"Invalid DB port (%s).\n"
694
"Must be an integer between 0 and 65535." % repr(db_port))
697
usrmgt_port = int(usrmgt_port)
698
if usrmgt_port < 0 or usrmgt_port >= 65536: raise ValueError()
700
print >>sys.stderr, (
701
"Invalid user management port (%s).\n"
702
"Must be an integer between 0 and 65535." % repr(usrmgt_port))
705
# Generate the forum secret
706
forum_secret = hashlib.md5(uuid.uuid4().bytes).hexdigest()
708
# Write lib/conf/conf.py
711
conf = open(conffile, "w")
713
conf.write("""# IVLE Configuration File
715
# Miscellaneous application settings
718
for opt in config_options:
719
conf.write('%s\n%s = %s\n' % (opt.comment, opt.option_name,
720
repr(globals()[opt.option_name])))
722
# Add the forum secret to the config file (regenerated each config)
723
conf.write('forum_secret = "%s"\n' % (forum_secret))
726
except IOError, (errno, strerror):
727
print "IO error(%s): %s" % (errno, strerror)
730
print "Successfully wrote lib/conf/conf.py"
732
# Write conf/jailconf.py
735
conf = open(jailconffile, "w")
737
# In the "in-jail" version of conf, we don't need MOST of the details
738
# (it would be a security risk to have them here).
739
# So we just write root_dir, and jail_base is "/".
740
# (jail_base being "/" means "jail-relative" paths are relative to "/"
741
# when inside the jail.)
742
conf.write("""# IVLE Configuration File
744
# Miscellaneous application settings
745
# (User jail version)
748
# In URL space, where in the site is IVLE located. (All URLs will be prefixed
750
# eg. "/" or "/ivle".
753
# In the local file system, where are the student/user file spaces located.
754
# The user jails are expected to be located immediately in subdirectories of
758
# The hostname for serving publicly accessible pages
760
""" % (repr(root_dir),repr(public_host)))
763
except IOError, (errno, strerror):
764
print "IO error(%s): %s" % (errno, strerror)
767
print "Successfully wrote lib/conf/jailconf.py"
769
# Write trampoline/conf.h
772
conf = open(conf_hfile, "w")
774
conf.write("""/* IVLE Configuration File
776
* Administrator settings required by trampoline.
777
* Note: trampoline will have to be rebuilt in order for changes to this file
781
/* In the local file system, where are the jails located.
782
* The trampoline does not allow the creation of a jail anywhere besides
783
* jail_base or a subdirectory of jail_base.
785
static const char* jail_base = "%s";
787
/* Which user IDs are allowed to run the trampoline.
788
* This list should be limited to the web server user.
789
* (Note that root is an implicit member of this list).
791
static const int allowed_uids[] = { %s };
792
""" % (repr(jail_base)[1:-1], repr(allowed_uids_list)[1:-1]))
793
# Note: The above uses PYTHON reprs, not C reprs
794
# However they should be the same with the exception of the outer
795
# characters, which are stripped off and replaced
798
except IOError, (errno, strerror):
799
print "IO error(%s): %s" % (errno, strerror)
802
print "Successfully wrote trampoline/conf.h"
804
# Write www/php/phpBB3/config.php
807
conf = open(phpBBconffile, "w")
810
if db_host == 'localhost':
811
forumdb_host = '127.0.0.1'
813
forumdb_host = db_host
816
// phpBB 3.0.x auto-generated configuration file
817
// Do not change anything in this file!
819
$dbhost = '""" + forumdb_host + """';
820
$dbport = '""" + str(db_port) + """';
821
$dbname = '""" + db_forumdbname + """';
822
$dbuser = '""" + db_user + """';
823
$dbpasswd = '""" + db_password + """';
825
$table_prefix = 'phpbb_';
827
$load_extensions = '';
828
@define('PHPBB_INSTALLED', true);
829
// @define('DEBUG', true);
830
//@define('DEBUG_EXTRA', true);
832
$forum_secret = '""" + forum_secret +"""';
836
except IOError, (errno, strerror):
837
print "IO error(%s): %s" % (errno, strerror)
840
print "Successfully wrote www/php/phpBB3/config.php"
842
# Write lib/conf/usrmgt-server.init
845
conf = open(usrmgtserver_initdfile, "w")
847
conf.write( '''#! /bin/sh
849
# Works for Ubuntu. Check before using on other distributions
852
# Provides: usrmgt-server
853
# Required-Start: $syslog $networking $urandom
854
# Required-Stop: $syslog
855
# Default-Start: 2 3 4 5
857
# Short-Description: IVLE user management server
858
# Description: Daemon connecting to the IVLE user management database.
861
PATH=/sbin:/bin:/usr/sbin:/usr/bin
862
DESC="IVLE user management server"
864
DAEMON=/opt/ivle/scripts/$NAME
865
DAEMON_ARGS="''' + str(usrmgt_port) + ''' ''' + usrmgt_magic + '''"
866
PIDFILE=/var/run/$NAME.pid
867
SCRIPTNAME=/etc/init.d/usrmgt-server
869
# Exit if the daemon does not exist
870
test -f $DAEMON || exit 0
872
# Load the VERBOSE setting and other rcS variables
873
[ -f /etc/default/rcS ] && . /etc/default/rcS
875
# Define LSB log_* functions.
876
# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
877
. /lib/lsb/init-functions
880
# Function that starts the daemon/service
885
# 0 if daemon has been started
886
# 1 if daemon was already running
887
# 2 if daemon could not be started
888
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
890
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
893
# Add code here, if necessary, that waits for the process to be ready
894
# to handle requests from services started subsequently which depend
895
# on this one. As a last resort, sleep for some time.
899
# Function that stops the daemon/service
904
# 0 if daemon has been stopped
905
# 1 if daemon was already stopped
906
# 2 if daemon could not be stopped
907
# other if a failure occurred
908
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
910
[ "$RETVAL" = 2 ] && return 2
911
# Wait for children to finish too if this is a daemon that forks
912
# and if the daemon is only ever run from this initscript.
913
# If the above conditions are not satisfied then add some other code
914
# that waits for the process to drop all resources that could be
915
# needed by services started subsequently. A last resort is to
916
# sleep for some time.
917
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
918
[ "$?" = 2 ] && return 2
919
# Many daemons don't delete their pidfiles when they exit.
925
# Function that sends a SIGHUP to the daemon/service
929
# If the daemon can reload its configuration without
930
# restarting (for example, when it is sent a SIGHUP),
931
# then implement that here.
933
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
939
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
942
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
943
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
947
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
950
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
951
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
954
#reload|force-reload)
956
# If do_reload() is not implemented then leave this commented out
957
# and leave 'force-reload' as an alias for 'restart'.
959
#log_daemon_msg "Reloading $DESC" "$NAME"
963
restart|force-reload)
965
# If the "reload" option is implemented then remove the
966
# 'force-reload' alias
968
log_daemon_msg "Restarting $DESC" "$NAME"
975
1) log_end_msg 1 ;; # Old process is still running
976
*) log_end_msg 1 ;; # Failed to start
986
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
987
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
996
except IOError, (errno, strerror):
997
print "IO error(%s): %s" % (errno, strerror)
1000
# fix permissions as the file contains the database password
1002
os.chmod('doc/setup/usrmgt-server.init', 0600)
1003
except OSError, (errno, strerror):
1004
print "WARNING: Couldn't chmod doc/setup/usrmgt-server.init:"
1005
print "OS error(%s): %s" % (errno, strerror)
1007
print "Successfully wrote lib/conf/usrmgt-server.init"
1010
print "You may modify the configuration at any time by editing"
1015
print usrmgtserver_initdfile
1020
# Get "dry" variable from command line
1021
(opts, args) = getopt.gnu_getopt(args, "n", ['dry'])
1023
dry = '-n' in opts or '--dry' in opts
1026
print "Dry run (no actions will be executed\n"
1028
# Compile the trampoline
1029
curdir = os.getcwd()
1030
os.chdir('trampoline')
1031
action_runprog('make', [], dry)
1034
# Create the jail and its subdirectories
1035
# Note: Other subdirs will be made by copying files
1036
action_mkdir('jail', dry)
1037
action_mkdir('jail/home', dry)
1038
action_mkdir('jail/tmp', dry)
1040
# Chmod the tmp directory to world writable
1041
action_chmod_w('jail/tmp', dry)
1043
# Copy all console and operating system files into the jail
1044
action_copylist(install_list.list_scripts, 'jail/opt/ivle', dry)
1045
copy_os_files_jail(dry)
1046
# Chmod the python console
1047
action_chmod_x('jail/opt/ivle/scripts/python-console', dry)
1048
action_chmod_x('jail/opt/ivle/scripts/fileservice', dry)
1049
action_chmod_x('jail/opt/ivle/scripts/serveservice', dry)
1051
# Also copy the IVLE lib directory into the jail
1052
# This is necessary for running certain scripts
1053
action_copylist(install_list.list_lib, 'jail/opt/ivle', dry)
1054
# IMPORTANT: The file jail/opt/ivle/lib/conf/conf.py contains details
1055
# which could compromise security if left in the jail (such as the DB
1057
# The "safe" version is in jailconf.py. Delete conf.py and replace it with
1059
action_copyfile('lib/conf/jailconf.py',
1060
'jail/opt/ivle/lib/conf/conf.py', dry)
1062
# Compile .py files into .pyc or .pyo files
1063
compileall.compile_dir('www', quiet=True)
1064
compileall.compile_dir('lib', quiet=True)
1065
compileall.compile_dir('scripts', quiet=True)
1066
compileall.compile_dir('jail/opt/ivle/lib', quiet=True)
1068
# Set up ivle.pth inside the jail
1069
# Need to set /opt/ivle/lib to be on the import path
1071
"jail/usr/lib/python%s/site-packages/ivle.pth" % PYTHON_VERSION
1072
f = open(ivle_pth, 'w')
1073
f.write('/opt/ivle/lib\n')
1078
def copy_os_files_jail(dry):
1079
"""Copies necessary Operating System files from their usual locations
1080
into the jail/ directory of the cwd."""
1081
# Currently source paths are configured for Ubuntu.
1082
for filename in JAIL_FILES:
1083
copy_file_to_jail(filename, dry)
1084
for src, dst in JAIL_LINKS.items():
1085
action_symlink(src, dst, dry)
1086
for src, dst in JAIL_COPYTREES.items():
1087
action_copytree(src, dst, dry)
1089
def copy_file_to_jail(src, dry):
1090
"""Copies a single file from an absolute location into the same location
1091
within the jail. src must begin with a '/'. The jail will be located
1092
in a 'jail' subdirectory of the current path."""
1093
action_copyfile(src, 'jail' + src, dry)
1096
# Get "dry" and "nojail" variables from command line
1097
(opts, args) = getopt.gnu_getopt(args, "n",
1098
['dry', 'nojail', 'nosubjects'])
1100
dry = '-n' in opts or '--dry' in opts
1101
nojail = '--nojail' in opts
1102
nosubjects = '--nosubjects' in opts
1105
print "Dry run (no actions will be executed\n"
1107
if not dry and os.geteuid() != 0:
1108
print >>sys.stderr, "Must be root to run install"
1109
print >>sys.stderr, "(I need to chown some files)."
1112
# Create the target (install) directory
1113
action_mkdir(ivle_install_dir, dry)
1115
# Create bin and copy the compiled files there
1116
action_mkdir(os.path.join(ivle_install_dir, 'bin'), dry)
1117
tramppath = os.path.join(ivle_install_dir, 'bin/trampoline')
1118
action_copyfile('trampoline/trampoline', tramppath, dry)
1119
# chown trampoline to root and set setuid bit
1120
action_chown_setuid(tramppath, dry)
1122
# Create a scripts directory to put the usrmgt-server in.
1123
action_mkdir(os.path.join(ivle_install_dir, 'scripts'), dry)
1124
usrmgtpath = os.path.join(ivle_install_dir, 'scripts/usrmgt-server')
1125
action_copyfile('scripts/usrmgt-server', usrmgtpath, dry)
1126
action_chmod_x(usrmgtpath, dry)
1128
# Copy the www and lib directories using the list
1129
action_copylist(install_list.list_www, ivle_install_dir, dry)
1130
action_copylist(install_list.list_lib, ivle_install_dir, dry)
1132
# Copy the php directory
1133
forum_dir = "www/php/phpBB3"
1134
forum_path = os.path.join(ivle_install_dir, forum_dir)
1135
action_copytree(forum_dir, forum_path, dry)
1136
print "chown -R www-data:www-data %s" % forum_path
1138
os.system("chown -R www-data:www-data %s" % forum_path)
1141
# Copy the local jail directory built by the build action
1142
# to the jails template directory (it will be used as a template
1143
# for all the students' jails).
1144
action_copytree('jail', os.path.join(jail_base, 'template'), dry)
1146
# Copy the subjects and exercises directories across
1147
action_copylist(install_list.list_subjects, subjects_base, dry,
1148
srcdir="./subjects")
1149
action_copylist(install_list.list_exercises, exercises_base, dry,
1150
srcdir="./exercises")
1152
# Append IVLE path to ivle.pth in python site packages
1153
# (Unless it's already there)
1154
ivle_pth = os.path.join(sys.prefix,
1155
"lib/python%s/site-packages/ivle.pth" % PYTHON_VERSION)
1156
ivle_www = os.path.join(ivle_install_dir, "www")
1157
ivle_lib = os.path.join(ivle_install_dir, "lib")
1158
write_ivle_pth = True
1159
write_ivle_lib_pth = True
1161
file = open(ivle_pth, 'r')
1163
if line.strip() == ivle_www:
1164
write_ivle_pth = False
1165
elif line.strip() == ivle_lib:
1166
write_ivle_lib_pth = False
1168
except (IOError, OSError):
1171
action_append(ivle_pth, ivle_www)
1172
if write_ivle_lib_pth:
1173
action_append(ivle_pth, ivle_lib)
1177
def updatejails(args):
1178
# Get "dry" variable from command line
1179
(opts, args) = getopt.gnu_getopt(args, "n", ['dry'])
1181
dry = '-n' in opts or '--dry' in opts
1184
print "Dry run (no actions will be executed\n"
1186
if not dry and os.geteuid() != 0:
1187
print >>sys.stderr, "Must be root to run install"
1188
print >>sys.stderr, "(I need to chown some files)."
1191
# Update the template jail directory in case it hasn't been installed
1193
action_copytree('jail', os.path.join(jail_base, 'template'), dry)
1195
# Re-link all the files in all students jails.
1196
for dir in os.listdir(jail_base):
1197
if dir == 'template': continue
1198
# First back up the student's home directory
1199
temp_home = os.tmpnam()
1200
action_rename(os.path.join(jail_base, dir, 'home'), temp_home, dry)
1201
# Delete the student's jail and relink the jail files
1202
action_linktree(os.path.join(jail_base, 'template'),
1203
os.path.join(jail_base, dir), dry)
1204
# Restore the student's home directory
1205
action_rename(temp_home, os.path.join(jail_base, dir, 'home'), dry)
1206
# Set up the user's home directory just in case they don't have a
1207
# directory for this yet
1208
action_mkdir(os.path.join(jail_base, dir, 'home', dir), dry)
1212
# The actions call Python os functions but print actions and handle dryness.
1213
# May still throw os exceptions if errors occur.
1216
"""Represents an error when running a program (nonzero return)."""
1217
def __init__(self, prog, retcode):
1219
self.retcode = retcode
1221
return str(self.prog) + " returned " + repr(self.retcode)
1223
def action_runprog(prog, args, dry):
1224
"""Runs a unix program. Searches in $PATH. Synchronous (waits for the
1225
program to return). Runs in the current environment. First prints the
1226
action as a "bash" line.
1228
Throws a RunError with a retcode of the return value of the program,
1229
if the program did not return 0.
1231
prog: String. Name of the program. (No path required, if in $PATH).
1232
args: [String]. Arguments to the program.
1233
dry: Bool. If True, prints but does not execute.
1235
print prog, string.join(args, ' ')
1237
ret = os.spawnvp(os.P_WAIT, prog, args)
1239
raise RunError(prog, ret)
1241
def action_remove(path, dry):
1242
"""Calls rmtree, deleting the target file if it exists."""
1246
shutil.rmtree(path, True)
1247
except OSError, (err, msg):
1248
if err != errno.EEXIST:
1250
# Otherwise, didn't exist, so we don't care
1252
def action_rename(src, dst, dry):
1253
"""Calls rename. Deletes the target if it already exists."""
1254
action_remove(dst, dry)
1255
print "mv ", src, dst
1259
except OSError, (err, msg):
1260
if err != errno.EEXIST:
1263
def action_mkdir(path, dry):
1264
"""Calls mkdir. Silently ignored if the directory already exists.
1265
Creates all parent directories as necessary."""
1266
print "mkdir -p", path
1270
except OSError, (err, msg):
1271
if err != errno.EEXIST:
1274
def action_copytree(src, dst, dry):
1275
"""Copies an entire directory tree. Symlinks are seen as normal files and
1276
copies of the entire file (not the link) are made. Creates all parent
1277
directories as necessary.
1279
See shutil.copytree."""
1280
# Allow copying over itself
1281
if (os.path.normpath(os.path.join(os.getcwd(),src)) ==
1282
os.path.normpath(os.path.join(os.getcwd(),dst))):
1284
action_remove(dst, dry)
1285
print "cp -r", src, dst
1287
shutil.copytree(src, dst, True)
1289
def action_linktree(src, dst, dry):
1290
"""Hard-links an entire directory tree. Same as copytree but the created
1291
files are hard-links not actual copies. Removes the existing destination.
1293
action_remove(dst, dry)
1294
print "<cp with hardlinks> -r", src, dst
1296
common.makeuser.linktree(src, dst)
1298
def action_copylist(srclist, dst, dry, srcdir="."):
1299
"""Copies all files in a list to a new location. The files in the list
1300
are read relative to the current directory, and their destinations are the
1301
same paths relative to dst. Creates all parent directories as necessary.
1302
srcdir is "." by default, can be overridden.
1304
for srcfile in srclist:
1305
dstfile = os.path.join(dst, srcfile)
1306
srcfile = os.path.join(srcdir, srcfile)
1307
dstdir = os.path.split(dstfile)[0]
1308
if not os.path.isdir(dstdir):
1309
action_mkdir(dstdir, dry)
1310
print "cp -f", srcfile, dstfile
1313
shutil.copyfile(srcfile, dstfile)
1314
shutil.copymode(srcfile, dstfile)
1315
except shutil.Error:
1318
def action_copyfile(src, dst, dry):
1319
"""Copies one file to a new location. Creates all parent directories
1321
Warn if file not found.
1323
dstdir = os.path.split(dst)[0]
1324
if not os.path.isdir(dstdir):
1325
action_mkdir(dstdir, dry)
1326
print "cp -f", src, dst
1329
shutil.copyfile(src, dst)
1330
shutil.copymode(src, dst)
1331
except (shutil.Error, IOError), e:
1332
print "Warning: " + str(e)
1334
def action_symlink(src, dst, dry):
1335
"""Creates a symlink in a given location. Creates all parent directories
1338
dstdir = os.path.split(dst)[0]
1339
if not os.path.isdir(dstdir):
1340
action_mkdir(dstdir, dry)
1341
# Delete existing file
1342
if os.path.exists(dst):
1344
print "ln -fs", src, dst
1346
os.symlink(src, dst)
1348
def action_append(ivle_pth, ivle_www):
1349
file = open(ivle_pth, 'a+')
1350
file.write(ivle_www + '\n')
1353
def action_chown_setuid(file, dry):
1354
"""Chowns a file to root, and sets the setuid bit on the file.
1355
Calling this function requires the euid to be root.
1356
The actual mode of path is set to: rws--s--s
1358
print "chown root:root", file
1360
os.chown(file, 0, 0)
1361
print "chmod a+xs", file
1362
print "chmod u+rw", file
1364
os.chmod(file, stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH
1365
| stat.S_ISUID | stat.S_IRUSR | stat.S_IWUSR)
1367
def action_chmod_x(file, dry):
1368
"""Chmod 755 a file (sets permissions to rwxr-xr-x)."""
1369
print "chmod 755", file
1371
os.chmod(file, stat.S_IXUSR | stat.S_IRUSR | stat.S_IWUSR
1372
| stat.S_IXGRP | stat.S_IRGRP | stat.S_IXOTH | stat.S_IROTH)
1375
def action_chmod_w(file, dry):
1376
"""Chmod 777 a file (sets permissions to rwxrwxrwx)."""
1377
print "chmod 777", file
1379
os.chmod(file, stat.S_IXUSR | stat.S_IRUSR | stat.S_IWUSR
1380
| stat.S_IXGRP | stat.S_IWGRP | stat.S_IRGRP | stat.S_IXOTH
1381
| stat.S_IWOTH | stat.S_IROTH)
1383
def query_user(default, prompt):
1384
"""Prompts the user for a string, which is read from a line of stdin.
1385
Exits silently if EOF is encountered. Returns the string, with spaces
1386
removed from the beginning and end.
1388
Returns default if a 0-length line (after spaces removed) was read.
1390
sys.stdout.write('%s\n (default: "%s")\n>' % (prompt, default))
1392
val = sys.stdin.readline()
1393
except KeyboardInterrupt:
1395
sys.stdout.write("\n")
1397
sys.stdout.write("\n")
1399
if val == '': sys.exit(1)
1400
# If empty line, return default
1402
if val == '': return default
1405
def filter_mutate(function, list):
1406
"""Like built-in filter, but mutates the given list instead of returning a
1407
new one. Returns None."""
1410
# Delete elements which do not match
1411
if not function(list[i]):
1415
93
if __name__ == "__main__":
added
removed
setup.py
