Hello Alon Bar-Lev,
I'd like you to do a code review. Please visit
http://gerrit.ovirt.org/21249
to review the following change.
Change subject: packaging: setup: generate answerfile readable by user only
......................................................................
packaging: setup: generate answerfile readable by user only
fix file mode of previous stored answer files at state.
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1028748
Change-Id: I3c1ca00b7a56216d7051c7625c5e983d422caab9
Signed-off-by: Alon Bar-Lev <[email protected]>
---
M packaging/setup/plugins/ovirt-engine-common/core/answerfile.py
M packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py
A packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py
3 files changed, 65 insertions(+), 0 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/49/21249/1
diff --git a/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py
b/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py
index 92067df..0b1910d 100644
--- a/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py
+++ b/packaging/setup/plugins/ovirt-engine-common/core/answerfile.py
@@ -76,6 +76,7 @@
)
)
with open(self.resolveFile(answer), 'w') as f:
+ os.fchmod(f.fileno(), 0o600)
f.write(
(
'# action=%s\n'
diff --git a/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py
b/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py
index 7d962c2..ee20db6 100644
--- a/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py
+++ b/packaging/setup/plugins/ovirt-engine-setup/upgrade/__init__.py
@@ -24,12 +24,14 @@
from . import dbvalidations
from . import asynctasks
+from . import answerfile_fixup
@util.export
def createPlugins(context):
dbvalidations.Plugin(context=context)
asynctasks.Plugin(context=context)
+ answerfile_fixup.Plugin(context=context)
# vim: expandtab tabstop=4 shiftwidth=4
diff --git
a/packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py
b/packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py
new file mode 100644
index 0000000..260a7e3
--- /dev/null
+++ b/packaging/setup/plugins/ovirt-engine-setup/upgrade/answerfile_fixup.py
@@ -0,0 +1,62 @@
+#
+# ovirt-engine-setup -- ovirt engine setup
+# Copyright (C) 2013 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+
+"""Answer file fixup plugin."""
+
+
+import os
+import glob
+import gettext
+_ = lambda m: gettext.dgettext(message=m, domain='ovirt-engine-setup')
+
+
+from otopi import util
+from otopi import plugin
+
+
+from ovirt_engine_setup import constants as osetupcons
+
+
[email protected]
+class Plugin(plugin.PluginBase):
+ """Temporary fixup for invalid permission of past answer files."""
+
+ def __init__(self, context):
+ super(Plugin, self).__init__(context=context)
+
+ @plugin.event(
+ stage=plugin.Stages.STAGE_MISC,
+ )
+ def _misc(self):
+ for f in glob.glob(
+ os.path.join(
+ osetupcons.FileLocations.OVIRT_SETUP_ANSWERS_DIR,
+ '*.conf',
+ )
+ ):
+ try:
+ os.chmod(f, 0o600)
+ except:
+ self.logger.debug(
+ "Cannot modify permission for '%s'",
+ f,
+ exc_info=True,
+ )
+
+
+# vim: expandtab tabstop=4 shiftwidth=4
--
To view, visit http://gerrit.ovirt.org/21249
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I3c1ca00b7a56216d7051c7625c5e983d422caab9
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: ovirt-engine-3.3.1
Gerrit-Owner: Sandro Bonazzola <[email protected]>
Gerrit-Reviewer: Alon Bar-Lev <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
