[web configuration] ensure data home directory / uicache file belong to daemon user and are writeable
--- a/cwconfig.py Thu Jul 08 08:54:45 2010 +0200
+++ b/cwconfig.py Thu Jul 08 10:03:03 2010 +0200
@@ -991,6 +991,29 @@
"""write down current configuration"""
self.generate_config(open(self.main_config_file(), 'w'))
+ def check_writeable_uid_directory(self, path):
+ """check given directory path exists, belongs to the user running the
+ server process and is writeable.
+
+ If not, try to fix this, leting exception propagate when not possible.
+ """
+ if not exists(path):
+ os.makedirs(path)
+ if self['uid']:
+ try:
+ uid = int(self['uid'])
+ except ValueError:
+ from pwd import getpwnam
+ uid = getpwnam(self['uid']).pw_uid
+ else:
+ uid = os.getuid()
+ fstat = os.stat(path)
+ if fstat.st_uid != uid:
+ os.chown(path, uid, os.getgid())
+ import stat
+ if not (fstat.st_mode & stat.S_IWUSR):
+ os.chmod(path, fstat.st_mode | stat.S_IWUSR)
+
@cached
def instance_md5_version(self):
import hashlib
--- a/etwist/server.py Thu Jul 08 08:54:45 2010 +0200
+++ b/etwist/server.py Thu Jul 08 10:03:03 2010 +0200
@@ -402,6 +402,7 @@
def run(config, vreg=None, debug=None):
if debug is not None:
config.debugmode = debug
+ config.check_writeable_uid_directory(config.appdatahome)
# create the site
root_resource = CubicWebRootResource(config, vreg=vreg)
website = server.Site(root_resource)
--- a/server/serverconfig.py Thu Jul 08 08:54:45 2010 +0200
+++ b/server/serverconfig.py Thu Jul 08 10:03:03 2010 +0200
@@ -15,9 +15,8 @@
#
# You should have received a copy of the GNU Lesser General Public License along
# with CubicWeb. If not, see <http://www.gnu.org/licenses/>.
-"""server.serverconfig definition
+"""server.serverconfig definition"""
-"""
__docformat__ = "restructuredtext en"
from os.path import join, exists
--- a/web/webconfig.py Thu Jul 08 08:54:45 2010 +0200
+++ b/web/webconfig.py Thu Jul 08 10:03:03 2010 +0200
@@ -15,9 +15,8 @@
#
# You should have received a copy of the GNU Lesser General Public License along
# with CubicWeb. If not, see <http://www.gnu.org/licenses/>.
-"""common web configuration for twisted/modpython instances
+"""web ui configuration for cubicweb instances"""
-"""
__docformat__ = "restructuredtext en"
_ = unicode
@@ -335,8 +334,10 @@
def _build_ui_properties(self):
# self.datadir_url[:-1] to remove trailing /
from cubicweb.web.propertysheet import PropertySheet
+ cachedir = join(self.appdatahome, 'uicache')
+ self.check_writeable_uid_directory(cachedir)
self.uiprops = PropertySheet(
- join(self.appdatahome, 'uicache'),
+ cachedir,
data=lambda x: self.datadir_url + x,
datadir_url=self.datadir_url[:-1])
self._init_uiprops(self.uiprops)