Added user and group script options

2023-08-10 21:13:00 +03:00 · 2012-05-07 13:29:20 +07:00 · 2012-05-07 13:29:20 +07:00 · 620a5998d0
commit 620a5998d0
parent 8828f3cc74
3 changed files with 17 additions and 10 deletions
--- a/README.md
+++ b/README.md
@ -7,7 +7,7 @@ Have a try here: <a href="http://0bin.net">0bin.net</a>

 It allows anybody to host a pastebin while welcoming any type of content to be pasted in it. The idea is that one can (probably...) not be legally entitled to <a href="http://www.zdnet.com/blog/security/pastebin-to-hunt-for-hacker-pastes-anonymous-cries-censorship/11336">moderate the pastebin content</a> as he/she has no way to decrypt it.

-It's an Python implementation of the <a href="https://github.com/sebsauvage/ZeroBin/">zerobin project</a>.
+It's an Python implementation of the <a href="https://github.com/sebsauvage/ZeroBin/">zerobin project</a>. It's easy to install even if you know nothing about Python.

 How it works
 =============
--- a/src/utils.py
+++ b/src/utils.py
@ -14,19 +14,25 @@ except (AttributeError):
    pass # privilege does't work on several plateform


-def drop_privileges():
-    time.sleep(5)
-    if settings.USER:
-        settings.GROUP = settings.GROUP or settings.USER
+def drop_privileges(user=None, group=None, wait=5):
+    """
+        Try to set the process user and group to another one.
+        If no group is provided, it's set to the same as the user.
+        You can wait for a certain time before doing so.
+    """
+    if wait:
+        time.sleep(wait)
+    if user:
+        group = group or user
        try:
-            user = coerce_user(settings.USER)
-            group = coerce_group(settings.GROUP)
+            user = coerce_user(user)
+            group = coerce_group(group)

            lock_files =  glob.glob(os.path.join(tempfile.gettempdir(),
                                                 'bottle.*.lock'))
            for lock_file in lock_files:
                os.chown(lock_file, user, group)

-            drop_privileges_permanently(settings.USER, settings.GROUP, ())
+            drop_privileges_permanently(user, group, ())
        except Exception:
            print "Failed to drop privileges. Running with current user."
--- a/start.py
+++ b/start.py
@ -111,14 +111,15 @@ def error404(code):

@clize.clize
 def runserver(host=settings.HOST, port=settings.PORT, debug=settings.DEBUG,
-              serve_static=settings.DEBUG):
+              serve_static=settings.DEBUG, user=settings.USER,
+              group=settings.GROUP):

    if serve_static:
        @app.route('/static/<filename:path>')
        def server_static(filename):
            return static_file(filename, root=settings.STATIC_FILES_ROOT)

-    thread.start_new_thread(drop_privileges, ())
+    thread.start_new_thread(drop_privileges, (user, group))

    if debug:
        bottle.debug(True)