Changeset View
Changeset View
Standalone View
Standalone View
saslauthd/__init__.py
# Copyright 2010-2013 Kolab Systems AG (http://www.kolabsys.com) | # Copyright 2010-2016 Kolab Systems AG (http://www.kolabsys.com) | ||||
# | # | ||||
# Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen a kolabsys.com> | # Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen a kolabsys.com> | ||||
# | # | ||||
# This program is free software: you can redistribute it and/or modify | # This program is free software: you can redistribute it and/or modify | ||||
# it under the terms of the GNU General Public License as published by | # it under the terms of the GNU General Public License as published by | ||||
# the Free Software Foundation, either version 3 of the License, or | # the Free Software Foundation, either version 3 of the License, or | ||||
# (at your option) any later version. | # (at your option) any later version. | ||||
Show All 31 Lines | |||||
from pykolab import utils | from pykolab import utils | ||||
from pykolab.auth import Auth | from pykolab.auth import Auth | ||||
from pykolab.constants import * | from pykolab.constants import * | ||||
from pykolab.translate import _ | from pykolab.translate import _ | ||||
log = pykolab.getLogger('saslauthd') | log = pykolab.getLogger('saslauthd') | ||||
conf = pykolab.getConf() | conf = pykolab.getConf() | ||||
class SASLAuthDaemon(object): | class SASLAuthDaemon(object): | ||||
def __init__(self): | def __init__(self): | ||||
daemon_group = conf.add_cli_parser_option_group(_("Daemon Options")) | daemon_group = conf.add_cli_parser_option_group(_("Daemon Options")) | ||||
daemon_group.add_option( | daemon_group.add_option( | ||||
"--fork", | "--fork", | ||||
dest = "fork_mode", | dest = "fork_mode", | ||||
action = "store_true", | action = "store_true", | ||||
▲ Show 20 Lines • Show All 104 Lines • ▼ Show 20 Lines | def run(self): | ||||
except SystemExit, e: | except SystemExit, e: | ||||
exitcode = e | exitcode = e | ||||
except KeyboardInterrupt: | except KeyboardInterrupt: | ||||
exitcode = 1 | exitcode = 1 | ||||
log.info(_("Interrupted by user")) | log.info(_("Interrupted by user")) | ||||
except AttributeError, e: | except AttributeError, e: | ||||
exitcode = 1 | exitcode = 1 | ||||
traceback.print_exc() | traceback.print_exc() | ||||
print >> sys.stderr, _("Traceback occurred, please report a bug at https://issues.kolab.org") | print >> sys.stderr, _("Traceback occurred, please report a " + | ||||
"bug at https://issues.kolab.org") | |||||
except TypeError, e: | except TypeError, e: | ||||
exitcode = 1 | exitcode = 1 | ||||
traceback.print_exc() | traceback.print_exc() | ||||
log.error(_("Type Error: %s") % e) | log.error(_("Type Error: %s") % e) | ||||
except: | except: | ||||
exitcode = 2 | exitcode = 2 | ||||
traceback.print_exc() | traceback.print_exc() | ||||
print >> sys.stderr, _("Traceback occurred, please report a bug at https://issues.kolab.org") | print >> sys.stderr, _("Traceback occurred, please report a " + | ||||
"bug at https://issues.kolab.org") | |||||
sys.exit(exitcode) | sys.exit(exitcode) | ||||
def do_saslauthd(self): | def do_saslauthd(self): | ||||
""" | """ | ||||
Create the actual listener socket, and handle the authentication. | Create the actual listener socket, and handle the authentication. | ||||
The actual authentication handling is passed on to the appropriate | The actual authentication handling is passed on to the appropriate | ||||
Show All 23 Lines | def do_saslauthd(self): | ||||
bound = False | bound = False | ||||
while not bound: | while not bound: | ||||
cur_tries += 1 | cur_tries += 1 | ||||
try: | try: | ||||
(clientsocket, address) = s.accept() | (clientsocket, address) = s.accept() | ||||
bound = True | bound = True | ||||
except Exception, errmsg: | except Exception, errmsg: | ||||
log.error( | log.error( | ||||
_("kolab-saslauthd could not accept " + \ | _("kolab-saslauthd could not accept " + | ||||
"connections on socket: %r") % (errmsg) | "connections on socket: %r") % (errmsg) | ||||
) | ) | ||||
if cur_tries >= max_tries: | if cur_tries >= max_tries: | ||||
log.fatal(_("Maximum tries exceeded, exiting")) | log.fatal(_("Maximum tries exceeded, exiting")) | ||||
sys.exit(1) | sys.exit(1) | ||||
time.sleep(1) | time.sleep(1) | ||||
▲ Show 20 Lines • Show All 56 Lines • ▼ Show 20 Lines | class SASLAuthDaemon(object): | ||||
def set_signal_handlers(self): | def set_signal_handlers(self): | ||||
import signal | import signal | ||||
signal.signal(signal.SIGHUP, self.reload_config) | signal.signal(signal.SIGHUP, self.reload_config) | ||||
signal.signal(signal.SIGTERM, self.remove_pid) | signal.signal(signal.SIGTERM, self.remove_pid) | ||||
def write_pid(self): | def write_pid(self): | ||||
pid = os.getpid() | pid = os.getpid() | ||||
fp = open(conf.pidfile,'w') | fp = open(conf.pidfile, 'w') | ||||
fp.write("%d\n" % (pid)) | fp.write("%d\n" % (pid)) | ||||
fp.close() | fp.close() | ||||
def _ensure_socket_dir(self): | def _ensure_socket_dir(self): | ||||
utils.ensure_directory( | utils.ensure_directory( | ||||
os.path.dirname(conf.socketfile), | os.path.dirname(conf.socketfile), | ||||
conf.process_username, | conf.process_username, | ||||
conf.process_groupname | conf.process_groupname | ||||
▲ Show 20 Lines • Show All 53 Lines • ▼ Show 20 Lines | def _drop_privileges(self): | ||||
except KeyError: | except KeyError: | ||||
print >> sys.stderr, _("User %s does not exist") % ( | print >> sys.stderr, _("User %s does not exist") % ( | ||||
conf.process_username | conf.process_username | ||||
) | ) | ||||
sys.exit(1) | sys.exit(1) | ||||
# Set real and effective user if not the same as current. | # Set real and effective user if not the same as current. | ||||
if not user_uid == ruid: | if not user_uid == ruid: | ||||
log.debug( | log.debug( | ||||
_("Switching real and effective user id to %d") % ( | _("Switching real and effective user id to %d") % ( | ||||
user_uid | user_uid | ||||
), | ), | ||||
level=8 | level=8 | ||||
) | ) | ||||
os.setreuid(user_uid, user_uid) | os.setreuid(user_uid, user_uid) | ||||
except: | except: | ||||
log.error(_("Could not change real and effective uid and/or gid")) | log.error(_("Could not change real and effective uid and/or gid")) |