#7958 closed enhancement (fixed)
[PATCH] Options for tracd to drop privileges
| Reported by: | Owned by: | Thijs Triemstra | |
|---|---|---|---|
| Priority: | normal | Milestone: | 1.0 |
| Component: | web frontend/tracd | Version: | 0.11.2 |
| Severity: | normal | Keywords: | patch consider bitesized |
| Cc: | Branch: | ||
| Release Notes: |
Added options to |
||
| API Changes: | |||
| Internal Changes: | |||
Description
Patch is attached
Attachments (2)
Change History (14)
by , 17 years ago
| Attachment: | trac-drop-privileges.patch added |
|---|
comment:1 by , 17 years ago
Cannot be applied as is: it requires OS host specific modules (Unix): pwd, grp
comment:2 by , 17 years ago
Please also specify the Trac version, especially when you submit a patch.
follow-ups: 4 5 comment:3 by , 17 years ago
daemonize() is OS specific too but it is used. It was written for Trac 0.11.2
comment:4 by , 17 years ago
| Version: | none → 0.11.2 |
|---|
follow-up: 6 comment:5 by , 17 years ago
Replying to anonymous:
daemonize() is OS specific too but it is used.
Yeah, but it does not unconditionally import Unix-specific modules
comment:6 by , 17 years ago
Replying to eblot:
Replying to anonymous:
daemonize() is OS specific too but it is used.
Yeah, but it does not unconditionally import Unix-specific modules
Here is why this patch is not valid as-is:
Python 2.5.4 (r254:67916, Dec 23 2008, 15:10:54) [MSC v.1310 32 bit (Intel)] on win32 Type "help", "copyright", "credits" or "license" for more information. >>> import grp Traceback (most recent call last): File "<stdin>", line 1, in <module> ImportError: No module named grp >>> import pwd Traceback (most recent call last): File "<stdin>", line 1, in <module> ImportError: No module named pwd >>>
Import of grp and pwd modules should be conditional (i.e. depends on the OS)
comment:7 by , 17 years ago
| Keywords: | patch consider added |
|---|---|
| Milestone: | → 0.13 |
Please update the patch as requested by eblot if you still like to get the patch accepted.
comment:8 by , 15 years ago
| Keywords: | bitesized added |
|---|---|
| Milestone: | next-major-0.1X → unscheduled |
comment:9 by , 15 years ago
| Owner: | set to |
|---|---|
| Status: | new → assigned |
comment:10 by , 15 years ago
| Milestone: | unscheduled → 0.13 |
|---|---|
| Summary: | Options for tracd to drop privileges → [PATCH] Options for tracd to drop privileges |
attached patch checks for the import and throws an error for incorrect uid/gid values.
follow-up: 12 comment:11 by , 15 years ago
| Release Notes: | modified (diff) |
|---|---|
| Resolution: | → fixed |
| Status: | assigned → closed |
Improved patch applied in [10388], with the following changes:
- Allow numerical user and group IDs.
- Print any errors occurring when dropping privileges.
- Reverted to
--userand--groupinstead of--uidand--gid, as I find it clearer. I have seen the same names in other programs (e.g. openvpn).
comment:12 by , 15 years ago
Replying to rblank:
- Reverted to
--userand--groupinstead of--uidand--gid, as I find it clearer. I have seen the same names in other programs (e.g. openvpn).
Yeah, I took them from twistd.
drop privileges patch