~azzar1/unity/add-show-desktop-key

Viewing changes to setup.py

Committer: mattgiuca
Date: 2008-02-06 05:57:31 UTC
Revision ID: svn-v3-trunk0:2b9c9e99-6f39-0410-b283-7f802c844ae2:trunk:433

setup.py: Conf now writes another file, lib/conf/jailconf.py. This file is a
stripped down version of conf which only contains things the jail needs, in a
jail-relative fashion.

Build will, when building the jail, overwrite lib/conf/conf.py WITHIN the jail
with jailconf.py, thus ensuring the sensitive details in conf.py never get
copied into the user's jails, and they see the jailconf version instead.

Also added action_remove which is used by some other actions as an
abstraction.

files modified:
setup.py

Show diffs side-by-side

added added

removed removed

setup.py

502

cwd = os.getcwd()

503

# the files that will be created/overwritten

504

conffile = os.path.join(cwd, "lib/conf/conf.py")

505

jailconffile = os.path.join(cwd, "lib/conf/jailconf.py")

505

506

conf_hfile = os.path.join(cwd, "trampoline/conf.h")

506

507

508

# Get command-line arguments to avoid asking questions.

521

522

print """This tool will create the following files:

522

523

524

525

524

526

prompting you for details about your configuration. The file will be

525

527

overwritten if it already exists. It will *not* install or deploy IVLE.

526

528

527

529

Please hit Ctrl+C now if you do not wish to do this.

528

""" % (conffile, conf_hfile)

530

""" % (conffile, jailconffile, conf_hfile)

529

531

530

532

# Get information from the administrator

531

533

# If EOF is encountered at any time during the questioning, just exit

579

581

580

582

print "Successfully wrote lib/conf/conf.py"

581

583

584

# Write conf/jailconf.py

585

586

try:

587

conf = open(jailconffile, "w")

588

589

# In the "in-jail" version of conf, we don't need MOST of the details

590

# (it would be a security risk to have them here).

591

# So we just write root_dir, and jail_base is "/".

592

# (jail_base being "/" means "jail-relative" paths are relative to "/"

593

# when inside the jail.)

594

conf.write("""# IVLE Configuration File

595

# conf.py

596

# Miscellaneous application settings

597

# (User jail version)

598

599

600

# In URL space, where in the site is IVLE located. (All URLs will be prefixed

601

# with this).

602

# eg. "/" or "/ivle".

603

root_dir = %s

604

605

# In the local file system, where are the student/user file spaces located.

606

# The user jails are expected to be located immediately in subdirectories of

607

# this location.

608

jail_base = '/'

609

""" % repr(root_dir))

610

611

conf.close()

612

except IOError, (errno, strerror):

613

print "IO error(%s): %s" % (errno, strerror)

614

sys.exit(1)

615

616

print "Successfully wrote lib/conf/jailconf.py"

617

582

618

# Write trampoline/conf.h

583

619

584

620

try:

602

638

* (Note that root is an implicit member of this list).

603

639

604

640

static const int allowed_uids[] = { %s };

605

""" % (jail_base, repr(allowed_uids_list)[1:-1]))

641

""" % (repr(jail_base)[1:-1], repr(allowed_uids_list)[1:-1]))

642

# Note: The above uses PYTHON reprs, not C reprs

643

# However they should be the same with the exception of the outer

644

# characters, which are stripped off and replaced

606

645

607

646

conf.close()

608

647

except IOError, (errno, strerror):

614

653

615

654

print "You may modify the configuration at any time by editing"

616

655

print conffile

656

print jailconffile

617

657

print conf_hfile

618

658

619

659

return 0

649

689

# Also copy the IVLE lib directory into the jail

650

690

# This is necessary for running certain scripts

651

691

action_copylist(install_list.list_lib, 'jail/opt/ivle', dry)

692

# IMPORTANT: The file jail/opt/ivle/lib/conf/conf.py contains details

693

# which could compromise security if left in the jail (such as the DB

694

# password).

695

# The "safe" version is in jailconf.py. Delete conf.py and replace it with

696

# jailconf.py.

697

# NOTE: The first thing action_rename does is call action_remove.

698

action_rename('jail/opt/ivle/lib/conf/jailconf.py',

699

'jail/opt/ivle/lib/conf/conf.py', dry)

652

700

653

701

# Compile .py files into .pyc or .pyo files

654

702

compileall.compile_dir('www', quiet=True)

655

703

compileall.compile_dir('lib', quiet=True)

656

compileall.compile_dir('console', quiet=True)

704

compileall.compile_dir('scripts', quiet=True)

657

705

compileall.compile_dir('jail/opt/ivle/lib', quiet=True)

658

706

659

707

# Set up ivle.pth inside the jail

815

863

if ret != 0:

816

864

raise RunError(prog, ret)

817

865

866

def action_remove(path, dry):

867

"""Calls rmtree, deleting the target file if it exists."""

868

if os.access(path, os.F_OK):

869

print "rm -r", path

870

if not dry:

871

shutil.rmtree(path, True)

872

818

873

def action_rename(src, dst, dry):

819

874

"""Calls rename. Deletes the target if it already exists."""

820

if os.access(dst, os.F_OK):

821

print "rm -r", dst

822

if not dry:

823

shutil.rmtree(dst, True)

875

action_remove(dst, dry)

824

876

print "mv ", src, dst

825

877

if dry: return

826

878

try:

846

898

directories as necessary.

847

899

848

900

See shutil.copytree."""

849

if os.access(dst, os.F_OK):

850

print "rm -r", dst

851

if not dry:

852

shutil.rmtree(dst, True)

901

action_remove(dst, dry)

853

902

print "cp -r", src, dst

854

903

if dry: return

855

904

shutil.copytree(src, dst, True)

858

907

"""Hard-links an entire directory tree. Same as copytree but the created

859

908

files are hard-links not actual copies. Removes the existing destination.

860

909

"""

861

if os.access(dst, os.F_OK):

862

print "rm -r", dst

863

if not dry:

864

shutil.rmtree(dst, True)

910

action_remove(dst, dry)

865

911

print "<cp with hardlinks> -r", src, dst

866

912

if dry: return

867

913

common.makeuser.linktree(src, dst)

Older »