}
ByGroup {
+ dak "/srv/ftp-master.debian.org/dak/config/debian/dak.conf-dak";
ftpteam "";
backports "/srv/ftp-master.debian.org/dak/config/debian/dak.conf-backports";
};
--- /dev/null
+Dinstall {
+ UnprivUser "dak-unpriv";
+ UnprivGroup "dak-unpriv";
+};
import threading
from daklib import utils
+from daklib.config import Config
from daklib.dbconn import DBConn, get_component_by_package_suite
from daklib.gpg import SignedFile
from daklib.regexes import html_escaping, re_html_escaping, re_version, re_spacestrip, \
package_relations = {} #: Store relations of packages for later output
# default is to not output html.
-use_html = 0
+use_html = False
################################################################################
to_print += " "+format_field(key,field_value)+'\n'
return to_print
-def do_command (command, filename, escaped=0):
+def do_command (command, filename, escaped=False):
o = os.popen("%s %s" % (command, filename))
if escaped:
return escaped_text(o.read())
return formatted_text(o.read())
def do_lintian (filename):
+ cnf = Config()
+ cmd = []
+
+ user = cnf.get('Dinstall::UnprivUser') or None
+ if user is not None:
+ cmd.extend(['sudo', '-H', '-u', user])
+
+ color = 'always'
if use_html:
- return do_command("lintian --show-overrides --color html", filename, 1)
- else:
- return do_command("lintian --show-overrides --color always", filename, 1)
+ color = 'html'
+
+ cmd.extend(['lintian', '--show-overrides', '--color', color])
+
+ return do_command(' '.join(cmd), filename, escaped=True)
def get_copyright (deb_filename):
global printed
if Options["Html-Output"]:
global use_html
- use_html = 1
+ use_html = True
stdout_fd = sys.stdout
dsc = upload.source
cnf = Config()
+ group = cnf.get('Dinstall::UnprivGroup') or None
+
#bcc = "X-DAK: dak process-new"
#if cnf.has_key("Dinstall::Bcc"):
# u.Subst["__BCC__"] = bcc + "\nBcc: %s" % (cnf["Dinstall::Bcc"])
try:
with lock_package(upload.changes.source):
- with UploadCopy(upload) as upload_copy:
+ with UploadCopy(upload, group=group) as upload_copy:
handler = PolicyQueueUploadHandler(upload, session)
if handler.get_action() is not None:
print "PENDING %s\n" % handler.get_action()
def do_pkg(upload_id):
+ cnf = Config()
+
session = DBConn().session()
upload = session.query(PolicyQueueUpload).filter_by(id=upload_id).one()
htmlfiles_to_process.append(htmlfile)
sources.append(htmlname)
+ group = cnf.get('Dinstall::UnprivGroup') or None
+
with open(htmlfile, 'w') as outfile:
- with policy.UploadCopy(upload) as upload_copy:
+ with policy.UploadCopy(upload, group=group) as upload_copy:
handler = policy.PolicyQueueUploadHandler(upload, session)
missing = [ (o['type'], o['package']) for o in handler.missing_overrides() ]
distribution = changes.distribution
cnf = Config()
session = self.transaction.session
+ group = cnf.get('Dinstall::UnprivGroup') or None
self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'),
- mode=0o2750, group=cnf.unprivgroup)
+ mode=0o2750, group=group)
with FilesystemTransaction() as fs:
src = os.path.join(self.original_directory, self.original_changes.filename)
dst = os.path.join(self.directory, self.original_changes.filename)
changespath = os.path.join(upload.directory, changes.filename)
try:
- if cnf.unprivgroup:
- cmd = "sudo -H -u {0} -- /usr/bin/lintian --show-overrides --tags-from-file {1} {2}".format(cnf.unprivgroup, temp_filename, changespath)
- else:
- cmd = "/usr/bin/lintian --show-overrides --tags-from-file {0} {1}".format(temp_filename, changespath)
- result, output = commands.getstatusoutput(cmd)
+ cmd = []
+
+ user = cnf.get('Dinstall::UnprivUser') or None
+ if user is not None:
+ cmd.extend(['sudo', '-H', '-u', user])
+
+ cmd.extend(['/usr/bin/lintian', '--show-overrides', '--tags-from-file', temp_filename, changespath])
+ result, output = commands.getstatusoutput(" ".join(cmd))
finally:
os.unlink(temp_filename)
for field in [('db_revision', None, int),
('defaultsuitename', 'unstable', str),
('exportpath', '', str),
- ('unprivgroup', None, str),
('use_extfiles', None, int)
]:
setattr(self, 'get_%s' % field[0], lambda s=None, x=field[0], y=field[1], z=field[2]: self.get_db_value(x, y, z))
given by the C{directory} attribute. The copy will be removed on leaving
the with-block.
"""
- def __init__(self, upload):
+ def __init__(self, upload, group=None):
"""initializer
@type upload: L{daklib.dbconn.PolicyQueueUpload}
self.directory = None
self.upload = upload
+ self.group = group
def export(self, directory, mode=None, symlink=True, ignore_existing=False):
"""export a copy of the upload
def __enter__(self):
assert self.directory is None
+ mode = 0o0700
+ symlink = True
+ if self.group is not None:
+ mode = 0o2750
+ symlink = False
+
cnf = Config()
- self.directory = tempfile.mkdtemp(dir=cnf.get('Dir::TempPath'))
- self.export(self.directory, symlink=True)
+ self.directory = utils.temp_dirname(parent=cnf.get('Dir::TempPath'),
+ mode=mode,
+ group=self.group)
+ self.export(self.directory, symlink=symlink)
return self
def __exit__(self, *args):
projects / dak.git / commitdiff