From 7314430fb3dfe88eff626c773d32cd3fd329561d Mon Sep 17 00:00:00 2001 From: Sascha Silbe Date: Tue, 05 Oct 2010 17:10:34 +0000 Subject: Merge remote branch 'refs/remotes/origin/t/rainbow-0.8' into HEAD --- diff --git a/.topdeps b/.topdeps new file mode 100644 index 0000000..9c9ac90 --- /dev/null +++ b/.topdeps @@ -0,0 +1 @@ +upstream/master diff --git a/.topmsg b/.topmsg new file mode 100644 index 0000000..b507693 --- /dev/null +++ b/.topmsg @@ -0,0 +1,7 @@ +From: Sascha Silbe +Subject: [PATCH] add support for rainbow-0.8 + +Replace hardcoded paths that only work with earlier versions of Rainbow. +Fix permissions when used with Rainbow. + +Signed-off-by: Sascha Silbe diff --git a/src/carquinyol/filestore.py b/src/carquinyol/filestore.py index 9eb975f..f9cd724 100644 --- a/src/carquinyol/filestore.py +++ b/src/carquinyol/filestore.py @@ -14,6 +14,7 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +import pwd import os import errno import logging @@ -99,47 +100,46 @@ class FileStore(object): logging.debug('Entry %r doesnt have any file', uid) return '' + if extension is None: + extension = '' + elif extension: + extension = '.' + extension + use_instance_dir = os.path.exists('/etc/olpc-security') and \ os.getuid() != user_id if use_instance_dir: if not user_id: - raise ValueError('Couldnt determine the current user uid.') - destination_dir = os.path.join(os.environ['HOME'], 'isolation', - '1', 'uid_to_instance_dir', str(user_id)) + raise ValueError('Could not determine the uid of the caller.') + destination_dir = os.path.join(pwd.getpwuid(user_id).pw_dir, + 'instance') + old_umask = os.umask(0007) else: profile = os.environ.get('SUGAR_PROFILE', 'default') destination_dir = os.path.join(os.path.expanduser('~'), '.sugar', profile, 'data') + + try: if not os.path.exists(destination_dir): os.makedirs(destination_dir) - - if extension is None: - extension = '' - elif extension: - extension = '.' + extension + finally: + if use_instance_dir: + os.umask(old_umask) fd, destination_path = tempfile.mkstemp(prefix=uid + '_', suffix=extension, dir=destination_dir) os.close(fd) os.unlink(destination_path) - # Try to hard link from the original file to the targetpath. This can - # fail if the file is in a different filesystem. Do a symlink instead. try: os.link(file_path, destination_path) except OSError, e: - if e.errno == errno.EXDEV: - os.symlink(file_path, destination_path) - else: + if e.errno != errno.EXDEV: raise + os.symlink(file_path, destination_path) - # Try to make the original file readable. This can fail if the file is - # in a FAT filesystem. - try: - os.chmod(file_path, 0604) - except OSError, e: - if e.errno != errno.EPERM: - raise + # Both symbolic and hard links "share" the permissions of the + # original file. Make sure it's (only) readable to the caller. + os.chmod(file_path, 0440) return destination_path @@ -184,6 +184,7 @@ class AsyncCopy(object): def _cleanup(self): os.close(self.src_fp) os.close(self.dest_fp) + os.chmod(self.dest, 0400) def _copy_block(self, user_data=None): try: @@ -221,8 +222,11 @@ class AsyncCopy(object): def start(self): self.src_fp = os.open(self.src, os.O_RDONLY) + if os.path.exists(self.dest) and not os.access(self.dest, os.W_OK): + os.chmod(self.dest, 0600) + self.dest_fp = os.open(self.dest, os.O_RDWR | os.O_TRUNC | os.O_CREAT, - 0644) + 0600) stat = os.fstat(self.src_fp) self.size = stat[6] -- cgit v0.9.1