[Twisted-Python] Aplication process uid/gid
Hello list, The code: =============================== import pwd from apolicy.config import config ... from twisted.protocols import basic from twisted.internet import reactor, protocol, task from twisted.application import internet, service ... user = pwd.getpwnam(config.get("main","user")) application = service.Application('apolicy', uid=user[2], gid=user[3]) serviceCollection = service.IServiceCollection(application) address, port = config.get("main", "listen").split(":") internet.TCPServer(int(port), ACLPolicyDaemonFactory(), interface=address).setServiceParent(serviceCollection) =============================== I'm using twistd to start my daemon, the process starts normally and the owner is the user nobody. # ps uaxf | grep nobody nobody 29052 0.1 0.6 13140 6440 ? S 09:11 0:01 /usr/bin/python /usr/bin/twistd -y /usr/lib/python2.4/site-packages/apolicy/server.py -q --logfile /var/log/twistd.log --pidfile=/var/run/twistd.pid My class ACLPolicyDaemonFactory() tries to write a file to test if the path given to my application is writable and has no problems, but the file is created as root. What is the point where the process is already running as nobody? Regards, Miguel
On Mon, 28 Apr 2008 09:38:00 -0300, Miguel Filho <miguel.filho@gmail.com> wrote:
Hello list,
The code: =============================== [snip] application = service.Application('apolicy', uid=user[2], gid=user[3]) serviceCollection = service.IServiceCollection(application)
address, port = config.get("main", "listen").split(":")
internet.TCPServer(int(port), ACLPolicyDaemonFactory(), interface=address).setServiceParent(serviceCollection) ===============================
I'm using twistd to start my daemon, the process starts normally and the owner is the user nobody.
# ps uaxf | grep nobody nobody 29052 0.1 0.6 13140 6440 ? S 09:11 0:01 /usr/bin/python /usr/bin/twistd -y /usr/lib/python2.4/site-packages/apolicy/server.py -q --logfile /var/log/twistd.log --pidfile=/var/run/twistd.pid
My class ACLPolicyDaemonFactory() tries to write a file to test if the path given to my application is writable and has no problems, but the file is created as root. What is the point where the process is already running as nobody?
Privileges aren't shed immediately when Application is created. They're shed after privilegedStartService and before startService. You should delay any potentially sensitive operations until startService (ie, don't do them in ACLPolicyDaemonFactory.__init__ which is when I assume you meant you were opening that file). Jean-Paul
On Mon, Apr 28, 2008 at 9:46 AM, Jean-Paul Calderone <exarkun@divmod.com> wrote:
Privileges aren't shed immediately when Application is created. They're shed after privilegedStartService and before startService. You should delay any potentially sensitive operations until startService (ie, don't do them in ACLPolicyDaemonFactory.__init__ which is when I assume you meant you were opening that file).
Indeed, I'm doing it from ACLPolicyDaemonFactory.__init__. Should I implement startService in my Factory class or somewhere else? Miguel
On Mon, 28 Apr 2008 10:40:23 -0300, Miguel Filho <miguel.filho@gmail.com> wrote:
On Mon, Apr 28, 2008 at 9:46 AM, Jean-Paul Calderone <exarkun@divmod.com> wrote:
Privileges aren't shed immediately when Application is created. They're shed after privilegedStartService and before startService. You should delay any potentially sensitive operations until startService (ie, don't do them in ACLPolicyDaemonFactory.__init__ which is when I assume you meant you were opening that file).
Indeed, I'm doing it from ACLPolicyDaemonFactory.__init__. Should I implement startService in my Factory class or somewhere else?
Only services which are children of the application get startService called on them. So to do it this way, you'll need a service in that situation. Factories get startFactory called on them when they're bound to their first port (and stopFactory when they're unbound from their last). If you're binding a privileged port, though, then this will happen while the process is still running as root, so it's not as reliable as using startService. To make a service, you need to implement IService: http://twistedmatrix.com/documents/current/api/twisted.application.service.I... You may also want to give the service a reference to your factory, or vice versa, so that they can share state or call methods on each other or whatever else is necessary. Jean-Paul
On Mon, Apr 28, 2008 at 10:52 AM, Jean-Paul Calderone <exarkun@divmod.com> wrote:
Only services which are children of the application get startService called on them. So to do it this way, you'll need a service in that situation. Factories get startFactory called on them when they're bound to their first port (and stopFactory when they're unbound from their last). If you're binding a privileged port, though, then this will happen while the process is still running as root, so it's not as reliable as using startService.
There we go: class ACLPolicyDaemonService(service.Service): def __init__(self): self.factory = ACLPolicyDaemonFactory() def startService(self): self.factory.configure() service.Service.startService(self) I borrowed the code and ideas from the tutorial[1] and it is working fine, I call my configure() method inside the service, and the file is created as nobody as needed. Thank you very much for the help. Regards, Miguel [1] http://twistedmatrix.com/projects/core/documentation/howto/tutorial/protocol...
participants (2)
-
Jean-Paul Calderone -
Miguel Filho