Alon Bar-Lev has uploaded a new change for review. Change subject: packaging: setup: generate answerfile readable by user only ......................................................................
packaging: setup: generate answerfile readable by user only fix file mode of previous stored answer files at state. Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1028748 Change-Id: I3c1ca00b7a56216d7051c7625c5e983d422caab9 Signed-off-by: Alon Bar-Lev <alo...@redhat.com> --- M packaging/setup/plugins/ovirt-engine-common/core/answerfile.py M packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py A packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py 3 files changed, 65 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/98/21198/1 diff --git a/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py b/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py index e1439c1..53726c1 100644 --- a/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py +++ b/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py @@ -76,6 +76,7 @@ ) ) with open(self.resolveFile(answer), 'w') as f: + os.fchmod(f.fileno(), 0o600) f.write( ( '# action=%s\n' diff --git a/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py b/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py index 7d962c2..ee20db6 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py +++ b/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py @@ -24,12 +24,14 @@ from . import dbvalidations from . import asynctasks +from . import answerfile_fixup @util.export def createPlugins(context): dbvalidations.Plugin(context=context) asynctasks.Plugin(context=context) + answerfile_fixup.Plugin(context=context) # vim: expandtab tabstop=4 shiftwidth=4 diff --git a/packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py b/packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py new file mode 100644 index 0000000..260a7e3 --- /dev/null +++ b/packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py @@ -0,0 +1,62 @@ +# +# ovirt-engine-setup -- ovirt engine setup +# Copyright (C) 2013 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + + +"""Answer file fixup plugin.""" + + +import os +import glob +import gettext +_ = lambda m: gettext.dgettext(message=m, domain='ovirt-engine-setup') + + +from otopi import util +from otopi import plugin + + +from ovirt_engine_setup import constants as osetupcons + + +@util.export +class Plugin(plugin.PluginBase): + """Temporary fixup for invalid permission of past answer files.""" + + def __init__(self, context): + super(Plugin, self).__init__(context=context) + + @plugin.event( + stage=plugin.Stages.STAGE_MISC, + ) + def _misc(self): + for f in glob.glob( + os.path.join( + osetupcons.FileLocations.OVIRT_SETUP_ANSWERS_DIR, + '*.conf', + ) + ): + try: + os.chmod(f, 0o600) + except: + self.logger.debug( + "Cannot modify permission for '%s'", + f, + exc_info=True, + ) + + +# vim: expandtab tabstop=4 shiftwidth=4 -- To view, visit http://gerrit.ovirt.org/21198 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I3c1ca00b7a56216d7051c7625c5e983d422caab9 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
