[X2Go-Commits] [x2gobroker] 01/02: Add --drop-privileges feature so that x2gobroker-daemon can drop root privileges when started via systemd.
git-admin at x2go.org
git-admin at x2go.org
Tue Feb 25 13:56:36 CET 2014
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2gobroker.
commit 76a202a89db4c8da7587075da96c995b76e507ca
Author: Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
Date: Tue Feb 25 13:52:09 2014 +0100
Add --drop-privileges feature so that x2gobroker-daemon can drop root privileges when started via systemd.
---
bin/x2gobroker | 30 +++++++++++++++++++++++++++++-
debian/changelog | 2 ++
man/man1/x2gobroker.1 | 5 +++++
x2gobroker-daemon.service | 2 +-
4 files changed, 37 insertions(+), 2 deletions(-)
diff --git a/bin/x2gobroker b/bin/x2gobroker
index 5086845..a8ef7ab 100755
--- a/bin/x2gobroker
+++ b/bin/x2gobroker
@@ -27,6 +27,8 @@ import argparse
import socket
import logging
import atexit
+import pwd, grp
+
try:
import daemon
@@ -41,7 +43,6 @@ try:
except ImportError:
CAN_DAEMONIZE = False
-
def prep_http_mode():
global urls
@@ -92,6 +93,25 @@ from x2gobroker import __VERSION__
from x2gobroker import __AUTHOR__
from x2gobroker.loggers import logger_broker, logger_access, logger_error, tornado_log_request
+def drop_privileges(uid=x2gobroker.defaults.X2GOBROKER_DAEMON_USER, gid=x2gobroker.defaults.X2GOBROKER_DAEMON_USER):
+ if os.getuid() != 0:
+ # We're not root so, like, whatever dude
+ return
+
+ # Get the uid/gid from the name
+ running_uid = pwd.getpwnam(uid).pw_uid
+ running_gid = grp.getgrnam(gid).gr_gid
+
+ # Remove group privileges
+ os.setgroups([])
+
+ # Try setting the new uid/gid
+ os.setgid(running_gid)
+ os.setuid(running_uid)
+
+ # Ensure a very conservative umask
+ old_umask = os.umask(077)
+
interactive_mode_warning = False
# check effective UID the broker runs as and complain appropriately...
if x2gobroker.defaults.X2GOBROKER_USER != x2gobroker.defaults.X2GOBROKER_DAEMON_USER and os.geteuid() != 0:
@@ -118,6 +138,11 @@ if __name__ == "__main__":
{'args':['-P', '--pidfile'], 'default': pidfile, 'help': 'Alternative file path for the daemon\'s PID file', },
{'args':['-L', '--logdir'], 'default': daemon_logdir, 'help': 'Directory where log files for the process\'s stdout and stderr can be created', },
])
+ if os.getuid() == 0:
+ daemon_options.extend([
+ {'args':['--drop-privileges'], 'default': False, 'action': 'store_true', 'help': 'Drop privileges to uid X2GOBROKER_DAEMON_USER and gid X2GOBROKER_DAEMON_GROUP', },
+ ])
+
sshbroker_options = [
{'args':['--task'], 'default': None, 'metavar': 'BROKER_TASK', 'help': 'broker task (listsessions, selectsession, setpass, testcon', },
{'args':['--user'], 'default': None, 'metavar': 'USER_NAME', 'help': 'Operate on behalf of this user name', },
@@ -140,6 +165,9 @@ if __name__ == "__main__":
cmdline_args = p.parse_args()
+ if cmdline_args.drop_privileges:
+ drop_privileges()
+
if cmdline_args.config_file is not None:
x2gobroker.defaults.X2GOBROKER_CONFIG = cmdline_args.config_file
diff --git a/debian/changelog b/debian/changelog
index 63dce8c..b0e6113 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -86,6 +86,8 @@ x2gobroker (0.0.3.0-0x2go1) UNRELEASED; urgency=low
- Provide symlink x2gobroker-daemon.
- Provide systemd service files for x2gobroker-daemon and
x2gobroker-authservice.
+ - Add --drop-privileges feature so that x2gobroker-daemon can drop root
+ privileges when started via systemd.
* debian/control:
+ Replace LDAP support with session brokerage support in LONG_DESCRIPTION.
+ Fix SYNOPSIS texts.
diff --git a/man/man1/x2gobroker.1 b/man/man1/x2gobroker.1
index 00ccc1f..5159d60 100644
--- a/man/man1/x2gobroker.1
+++ b/man/man1/x2gobroker.1
@@ -80,6 +80,11 @@ Custom PID file location when daemonizing (default: <RUNDIR>/x2gobroker/x2gobrok
.TP
\*(T<\fB\-L, \-\-logdir\fR\*(T>
Directory where stdout/stderr will be redirected after having daemonized (default: /var/log/x2gobroker/).
+.TP
+\*(T<\fB\-D, \-\-drop\-privileges\fR\*(T>
+If started as root, drop privileges to uid X2GO_DAEMON_USER and gid X2GO_DAEMON_GROUP (as configured
+in \fI/etc/x2go/broker/defaults.conf\fR on systemd systems or \fI/etc/defaults/python-x2gobroker\fR
+on SystemV systems).
.SH "FILES"
/etc/x2go/x2gobroker.conf, /etc/x2go/broker/* (configuration files)
.PP
diff --git a/x2gobroker-daemon.service b/x2gobroker-daemon.service
index fa13e00..20438d6 100644
--- a/x2gobroker-daemon.service
+++ b/x2gobroker-daemon.service
@@ -3,7 +3,7 @@ Description=X2Go Session Broker Daemon
[Service]
Type=forking
-ExecStart=/usr/bin/x2gobroker-daemon
+ExecStart=/usr/bin/x2gobroker-daemon -D --drop-privileges
PIDFile=/run/x2gobroker/x2gobroker-daemon.pid
[Install]
--
Alioth's /srv/git/_hooks_/post-receive-email on /srv/git/code.x2go.org/x2gobroker.git
More information about the x2go-commits
mailing list