summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Odvody <podvody@redhat.com>2015-08-31 15:44:53 +0200
committerSimo Sorce <simo@redhat.com>2015-09-01 11:28:49 -0400
commit30d9c646b9520b9a69b405e11ad3e60be987a3b2 (patch)
tree82894c0242ec19a8ae51decb1fd850a0e182bd01
parent5de27c3fe0c248b5a7b59e966cf9f1fbab6c3ba4 (diff)
downloadcustodia-30d9c646b9520b9a69b405e11ad3e60be987a3b2.tar.gz
custodia-30d9c646b9520b9a69b405e11ad3e60be987a3b2.tar.xz
custodia-30d9c646b9520b9a69b405e11ad3e60be987a3b2.zip
Also capture loginuid of the remote process
Reviewed-by: Simo Sorce <simo@redhat.com> Closes #9
-rw-r--r--custodia/httpd/server.py19
1 files changed, 18 insertions, 1 deletions
diff --git a/custodia/httpd/server.py b/custodia/httpd/server.py
index fd6ef0c..949c00b 100644
--- a/custodia/httpd/server.py
+++ b/custodia/httpd/server.py
@@ -18,6 +18,7 @@ import shutil
import six
import socket
import struct
+import errno
SO_PEERCRED = 17
MAX_REQUEST_SIZE = 10*1024*1024 # For now limit body to 10MiB
@@ -107,13 +108,25 @@ class LocalHTTPRequestHandler(BaseHTTPRequestHandler):
self.query = None
self.url = None
self.body = None
+ self.loginuid = None
def version_string(self):
return self.server.server_string
+ def _get_loginuid(self, pid):
+ loginuid = None
+ try:
+ with open("/proc/" + str(pid) + "/loginuid", "r") as f:
+ loginuid = int(f.read(), 10)
+ except IOError as e:
+ if e.errno != errno.ENOENT:
+ raise
+ if loginuid == -1:
+ loginuid = None
+ return loginuid
+
@property
def peer_creds(self):
-
creds = self.request.getsockopt(socket.SOL_SOCKET, SO_PEERCRED,
struct.calcsize('3i'))
pid, uid, gid = struct.unpack('3i', creds)
@@ -123,6 +136,10 @@ class LocalHTTPRequestHandler(BaseHTTPRequestHandler):
if not BaseHTTPRequestHandler.parse_request(self, *args, **kwargs):
return False
+ # grab the loginuid from `/proc` as soon as possible
+ creds = self.peer_creds
+ self.loginuid = self._get_loginuid(creds['pid'])
+
# after basic parsing also use urlparse to retrieve individual
# elements of a request.
url = urlparse(self.path)