diff options
author | Michael DeHaan <mdehaan@redhat.com> | 2008-01-21 12:47:23 -0500 |
---|---|---|
committer | Michael DeHaan <mdehaan@redhat.com> | 2008-01-21 12:47:23 -0500 |
commit | a2d760b7369059731a6cfbe673e117a553511a20 (patch) | |
tree | 09fb0cc98b4350f80282100a3036a1d9647a68d9 /cobbler | |
parent | eb932370e804b831efebe4a1660ff8b8db8c0335 (diff) | |
download | third_party-cobbler-a2d760b7369059731a6cfbe673e117a553511a20.tar.gz third_party-cobbler-a2d760b7369059731a6cfbe673e117a553511a20.tar.xz third_party-cobbler-a2d760b7369059731a6cfbe673e117a553511a20.zip |
Enforce permissions/context after reposync.
Diffstat (limited to 'cobbler')
-rw-r--r-- | cobbler/action_reposync.py | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/cobbler/action_reposync.py b/cobbler/action_reposync.py index 70656af..535b9b4 100644 --- a/cobbler/action_reposync.py +++ b/cobbler/action_reposync.py @@ -72,6 +72,7 @@ class RepoSync: self.do_rsync(repo) else: self.do_reposync(repo) + self.update_permissions(repo_path) return True @@ -269,4 +270,27 @@ class RepoSync: print _("- createrepo failed. Is it installed?") del fnames[:] # we're in the right place + # ================================================================================== + + def update_permissions(self, repo_path): + """ + Verifies that permissions and contexts after an rsync are as expected. + Sending proper rsync flags should prevent the need for this, though this is largely + a safeguard. + """ + # all_path = os.path.join(repo_path, "*") + cmd1 = "chown -R root:apache %s" % repo_path + sub_process.call(cmd1, shell=True) + + cmd2 = "chmod -R 640 %s" % repo_path + sub_process.call(cmd2, shell=True) + + getenforce = "/usr/sbin/getenforce" + if os.path.exists(getenforce): + data = sub_process.Popen(getenforce, shell=True, stdout=sub_process.PIPE).communicate()[0] + if data.lower().find("disabled") == -1: + cmd3 = "chcon --reference /var/www %s" % repo_path + sub_process.call(cmd3, shell=True) + + |