On Thu, Mar 3, 2011 at 9:35 AM, Hartmut Goebel <h.goe...@goebel-consult.de>wrote:
> Am 02.03.2011 20:27, schrieb nap: > > So to to the trick for the main satellites, but how modules like the > > broker ones will have to do? After the "daemonization", they will be > > in the current directory /var/lib/shinken or something similar. If we > > do not set the sys.path, they won't be able to load the shinken lib > > isn't it? > The trick is: After importing the shinken main module by using the > imp-"hack", the sub-modules and -packages are imported without problem, > too. The current directory does no longer matter, since the sub-modules > are search relative to the shinken main-module. > > It does not matter whether the module is daemonized or not or whether it > changes the working directory after `import shinken.`. > Oh that's great so! > > > I think the sys.path is not a so bad thing. After this, we know that > > we can import shinken.whatwewant from every place of the daemon and it > > do not change if we do a direct launch or a daemon one. It's like a > > sort "cleaning" of path before starting. > IMHO the drawback is: Not only shinken is imported from the "new" > directory, but every module is searched there. This may open options for > attackers. (This is why twisted only adds the current dir if not running > as root.) > > But let's step back and rethink, why we would need some "hack" at all: > We need it for importing shinken if > a) running from a non-installed checkout (if "." is not in PYTHONPATH, > which is the default) > b) not for running on Windows (if installed using setup.py) > c) not for running on *ix (if installed using setup.py) > d) not for running on *ix (if installed via apt, rpm, etc.) > > Do we need sys.path for accessing libexec or anything else? Do we need > it for importing something else? > No, all we need should be on the shinken/* I think. Libexec should not be imported. > Did I miss something? > No I think you got it all right :) > > > If we comment it quite good, it's not a howful hack after all, and > > it's quite even clear what we do (just set in the path so we can just > > import shinken/ after all), we should add such a comment for imp too > > after all. > ACK for comments. > ACK for commit :) Thanks for this good solution so :) Jean > > -- > Schönen Gruß - Regards > Hartmut Goebel > Dipl.-Informatiker (univ.), CISSP, CSSLP > > Goebel Consult > Spezialist für IT-Sicherheit in komplexen Umgebungen > http://www.goebel-consult.de > > Monatliche Kolumne: http://www.cissp-gefluester.de/ > Goebel Consult mit Mitglied bei http://www.7-it.de >
------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT data in Real-Time with Splunk. Collect, index and harness all the fast moving IT data generated by your applications, servers and devices whether physical, virtual or in the cloud. Deliver compliance at lower cost and gain new business insights. http://p.sf.net/sfu/splunk-dev2dev
_______________________________________________ Shinken-devel mailing list Shinken-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shinken-devel
