diff options
Diffstat (limited to 'setacls.py')
-rwxr-xr-x | setacls.py | 146 |
1 files changed, 146 insertions, 0 deletions
diff --git a/setacls.py b/setacls.py new file mode 100755 index 0000000..527c64f --- /dev/null +++ b/setacls.py @@ -0,0 +1,146 @@ +#!/usr/bin/python + +# Copyright 2009 Jon Stanley +# +# This copyrighted material is made available to anyone wishing to use, modify, +# copy, or redistribute it subject to the terms and conditions of the GNU +# General Public License v.2. This program is distributed in the hope that it +# will be useful, but WITHOUT ANY WARRANTY expressed or implied, including the +# implied warranties of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# See the GNU General Public License for more details. You should have +# received a copy of the GNU General Public License along with this program; +# if not, write to the Free Software Foundation, Inc., 51 Franklin Street, +# Fifth Floor, Boston, MA 02110-1301, USA. +# +# Author(s): Jon Stanley <jonstanley@gmail.com> +# + + +import sys +import posix1e +import re +import grp +import pwd +import os +from optparse import OptionParser + +CVSBASE = '/cvs/pkgs' +GROUP = re.compile('^@') +scm_admin_group = 'cvsadmin' +secondary_arch_groups = ['fedora-s390', 'fedora-ia64', + 'fedora-sparc'] +version = '0.1' +newacls = {} + +try: + avail_file = open('avail.minimal','r') +except IOError: + sys.stderr.write('Cannot open avail file!\n') + sys.exit(1) + +pkgs = {} + +def get_one(pkg): + pkg_ret = {} + for item in pkgs.keys(): + acl_list = pkgs[item].strip().split(' | ')[1].split(',') + +def get_all(): + '''Returns all packages in a dict of ACL objects. The keys of the dict are paths + of the branches that we want to set ACL's on''' + acls = {} + for line in pkgs.keys(): + acl_list = pkgs[line] + #print acl_list + acls[line] = build_acl(acl_list) + print acls + for acl in acls.keys(): + print acls[acl] + +def build_acl(acl_text): + '''Builds an ACL from a line in the avail file. Expects a list of users and + groups (groups should be prepended with an @), and returns an ACL object''' + + for item in acl_text: + if GROUP.match(item): + try: + groups.append(item.lstrip('@')) + #print 'groups appended' % groups + except NameError: + groups = [item.lstrip('@')] + #print 'groups %s' % groups + else: + try: + people.append(item) + #print 'people appended %s' % people + except NameError: + people = [item] + #print 'people %s' % people + acl = posix1e.ACL() + + user = posix1e.Entry(acl) + user.tag_type = posix1e.ACL_USER_OBJ + user.permset.add(posix1e.ACL_READ | posix1e.ACL_WRITE | + posix1e.ACL_EXECUTE) + + group = posix1e.Entry(acl) + group.copy(user) + group.tag_type=posix1e.ACL_GROUP_OBJ + + other = posix1e.Entry(acl) + other.tag_type=posix1e.ACL_OTHER + other.permset.add(posix1e.ACL_READ | posix1e.ACL_EXECUTE) + + mask = posix1e.Entry(acl) + mask.tag_type=posix1e.ACL_MASK + mask.permset.add(posix1e.ACL_READ | posix1e.ACL_WRITE | + posix1e.ACL_EXECUTE) + + for item in groups: + group_acl = posix1e.Entry(acl) + group_acl.tag_type = posix1e.ACL_GROUP + group_acl.qualifier = 500 + #group_acl.qualifier = grp.getgrnam(item).gr_gid + group_acl.permset.add(posix1e.ACL_READ | posix1e.ACL_WRITE | + posix1e.ACL_EXECUTE) + for item in secondary_arch_groups: + group_acl = posix1e.Entry(acl) + group_acl.tag_type = posix1e.ACL_GROUP + group_acl.qualifier = grp.getgrnam(item).gr_gid + group_acl.permset.add(posix1e.ACL_READ | posix1e.ACL_WRITE | + posix1e.ACL_EXECUTE) + for item in people: + people_acl = posix1e.Entry(acl) + people_acl.tag_type = posix1e.ACL_USER + people_acl.qualifier = 500 + #people_acl.qualifier = pwd.getpwnam(item).pw_uid + people_acl.permset.add(posix1e.ACL_READ | posix1e.ACL_WRITE | + posix1e.ACL_EXECUTE) + #print acl + #print 'acl is valid: %s' % acl.valid() + #print '%s/%s' % ( CVSBASE, pkg ) + return acl + +def main(): + usage = '%prog [options] [pkgs...]' + parser = OptionParser(usage, version=version) + parser.add_option('-a', '--all-packages', action='store_true', + dest='all', help='Operate on all packages (slow and destructive') + parser.add_option('-D', '--debug', action='store_true', dest='debug', help= + 'Print extra debug info') + parser.add_option('-d', '--dry-run', action='store_true', dest='dr', help= + 'Just print what would be done') + options, args = parser.parse_args() + for line in avail_file.readlines(): + parsed, pkg = line.strip().split(' | ')[1].split(','), \ + line.strip().split(' | ')[2] + pkgs[pkg] = parsed + print pkgs + + +if __name__ == '__main__': + main() + get_all() + print newacls + for acl in newacls.keys(): + print newacls[acl] |