| 17 |
17 |
|
| 18 |
18 |
# imports ead2
|
| 19 |
19 |
from ead2.lib.libbackend import PamAuth
|
| 20 |
|
from ead2.lib.libsecure import ServerContextFactory
|
|
20 |
from ead2.lib.libsecure import ServerContextFactory, _gain_privileges, _drop_privileges
|
| 21 |
21 |
from ead2.backend.lib import error
|
| 22 |
22 |
from ead2.backend.lib.action import get_action, get_action_classes
|
| 23 |
23 |
from ead2.backend.lib.actionlist import load_actions
|
| ... | ... | |
| 26 |
26 |
from ead2.backend.lib.perm.registry import PermissionManager
|
| 27 |
27 |
|
| 28 |
28 |
#fichier de config specifique au backend
|
| 29 |
|
from ead2.backend.config.config import (NOBODY_UID, NOBODY_GID,
|
| 30 |
|
FRONTEND_KEYS_FILE, CONFIG_DIR, TEMPLATE_DIR, EOLE_MODULE, debug)
|
|
29 |
from ead2.backend.config.config import (FRONTEND_KEYS_FILE, CONFIG_DIR, TEMPLATE_DIR, EOLE_MODULE, debug)
|
| 31 |
30 |
#fichier de config de l'EAD, contenant les infos importantes
|
| 32 |
31 |
#sur les tickets de session du sso
|
| 33 |
32 |
from ead2.config.config import AUTH_SERVER, BACKEND_LISTEN_PORT
|
| ... | ... | |
| 59 |
58 |
return file(templatefile, 'r').read()
|
| 60 |
59 |
raise AssertionError
|
| 61 |
60 |
|
| 62 |
|
def _drop_privileges():
|
| 63 |
|
"""
|
| 64 |
|
drop de privileges vers nobody/nobody passage en root
|
| 65 |
|
"""
|
| 66 |
|
setegid(NOBODY_GID)
|
| 67 |
|
seteuid(NOBODY_UID)
|
| 68 |
|
|
| 69 |
|
def _gain_privileges(uid, gid):
|
| 70 |
|
"""
|
| 71 |
|
on donne les privileges uid, gid
|
| 72 |
|
"""
|
| 73 |
|
seteuid(uid)
|
| 74 |
|
setegid(gid)
|
| 75 |
|
|
| 76 |
61 |
def get_username(infos):
|
| 77 |
62 |
"""
|
| 78 |
63 |
Renvoie le username depuis les informations utilisateurs
|