Changeset View
Changeset View
Standalone View
Standalone View
saslauthd/__init__.py
Show All 19 Lines | """ | ||||
SASL authentication daemon for multi-domain Kolab deployments. | SASL authentication daemon for multi-domain Kolab deployments. | ||||
The SASL authentication daemon can use the domain name space or realm | The SASL authentication daemon can use the domain name space or realm | ||||
in the login credentials to determine the backend authentication | in the login credentials to determine the backend authentication | ||||
database, and authenticate the credentials supplied against that | database, and authenticate the credentials supplied against that | ||||
backend. | backend. | ||||
""" | """ | ||||
from __future__ import print_function | |||||
from optparse import OptionParser | from optparse import OptionParser | ||||
from ConfigParser import SafeConfigParser | from ConfigParser import SafeConfigParser | ||||
import grp | import grp | ||||
import os | import os | ||||
import pwd | import pwd | ||||
import shutil | import shutil | ||||
import sys | import sys | ||||
▲ Show 20 Lines • Show All 128 Lines • ▼ Show 20 Lines | def run(self): | ||||
except SystemExit, e: | except SystemExit, e: | ||||
exitcode = e | exitcode = e | ||||
except KeyboardInterrupt: | except KeyboardInterrupt: | ||||
exitcode = 1 | exitcode = 1 | ||||
log.info(_("Interrupted by user")) | log.info(_("Interrupted by user")) | ||||
except AttributeError, e: | except AttributeError, e: | ||||
exitcode = 1 | exitcode = 1 | ||||
traceback.print_exc() | traceback.print_exc() | ||||
print >> sys.stderr, _("Traceback occurred, please report a " + | print(_("Traceback occurred, please report a " + | ||||
"bug at https://issues.kolab.org") | "bug at https://issues.kolab.org"), | ||||
file=sys.stderr) | |||||
except TypeError, e: | except TypeError, e: | ||||
exitcode = 1 | exitcode = 1 | ||||
traceback.print_exc() | traceback.print_exc() | ||||
log.error(_("Type Error: %s") % e) | log.error(_("Type Error: %s") % e) | ||||
except: | except: | ||||
exitcode = 2 | exitcode = 2 | ||||
traceback.print_exc() | traceback.print_exc() | ||||
print >> sys.stderr, _("Traceback occurred, please report a " + | print(_("Traceback occurred, please report a " + | ||||
"bug at https://issues.kolab.org") | "bug at https://issues.kolab.org"), | ||||
file=sys.stderr) | |||||
sys.exit(exitcode) | sys.exit(exitcode) | ||||
def do_saslauthd(self): | def do_saslauthd(self): | ||||
""" | """ | ||||
Create the actual listener socket, and handle the authentication. | Create the actual listener socket, and handle the authentication. | ||||
The actual authentication handling is passed on to the appropriate | The actual authentication handling is passed on to the appropriate | ||||
▲ Show 20 Lines • Show All 130 Lines • ▼ Show 20 Lines | def _drop_privileges(self): | ||||
( | ( | ||||
group_name, | group_name, | ||||
group_password, | group_password, | ||||
group_gid, | group_gid, | ||||
group_members | group_members | ||||
) = grp.getgrnam(conf.process_groupname) | ) = grp.getgrnam(conf.process_groupname) | ||||
except KeyError: | except KeyError: | ||||
print >> sys.stderr, _("Group %s does not exist") % ( | print(_("Group %s does not exist") % ( | ||||
conf.process_groupname | conf.process_groupname | ||||
) | ), file=sys.stderr) | ||||
sys.exit(1) | sys.exit(1) | ||||
# Set real and effective group if not the same as current. | # Set real and effective group if not the same as current. | ||||
if not group_gid == rgid: | if not group_gid == rgid: | ||||
log.debug( | log.debug( | ||||
_("Switching real and effective group id to %d") % ( | _("Switching real and effective group id to %d") % ( | ||||
group_gid | group_gid | ||||
Show All 12 Lines | def _drop_privileges(self): | ||||
user_uid, | user_uid, | ||||
user_gid, | user_gid, | ||||
user_gecos, | user_gecos, | ||||
user_homedir, | user_homedir, | ||||
user_shell | user_shell | ||||
) = pwd.getpwnam(conf.process_username) | ) = pwd.getpwnam(conf.process_username) | ||||
except KeyError: | except KeyError: | ||||
print >> sys.stderr, _("User %s does not exist") % ( | print(_("User %s does not exist") % ( | ||||
conf.process_username | conf.process_username | ||||
) | ), file=sys.stderr) | ||||
sys.exit(1) | sys.exit(1) | ||||
# Set real and effective user if not the same as current. | # Set real and effective user if not the same as current. | ||||
if not user_uid == ruid: | if not user_uid == ruid: | ||||
log.debug( | log.debug( | ||||
_("Switching real and effective user id to %d") % ( | _("Switching real and effective user id to %d") % ( | ||||
user_uid | user_uid | ||||
), | ), | ||||
level=8 | level=8 | ||||
) | ) | ||||
os.setreuid(user_uid, user_uid) | os.setreuid(user_uid, user_uid) | ||||
except: | except: | ||||
log.error(_("Could not change real and effective uid and/or gid")) | log.error(_("Could not change real and effective uid and/or gid")) |