[Erp5-report] r45370 luke - in /slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid: ./...

nobody at svn.erp5.org nobody at svn.erp5.org
Wed Apr 13 14:26:29 CEST 2011 

Author: luke
Date: Wed Apr 13 14:26:29 2011
New Revision: 45370

URL: http://svn.erp5.org?rev=45370&view=rev
Log:
 - create minimalistic environment using supervisor

It is required that partition will be fully separated from host operating system.
This can be achieved by playing with environment, like it is done. Only HOME,
USER and LOGNAME are partition runtime values, so they are setup on slapgrid
level.

Previously partition environment was inheriting from operating system/running
user. It lead to leakage of some information from, like PATH, and it is said
that partition shall use only provided software.

Of course full manipulation of environment is possible on software level.

Modified:
    slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/SlapObject.py
    slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/slapgrid.py
    slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/templates/program_partition_supervisord.conf.in

Modified: slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/SlapObject.py
URL: http://svn.erp5.org/slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/SlapObject.py?rev=45370&r1=45369&r2=45370&view=diff
==============================================================================
--- slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/SlapObject.py [utf8] (original)
+++ slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/SlapObject.py [utf8] Wed Apr 13 14:26:29 2011
@@ -278,7 +278,10 @@ class Partition(object):
           program_name=runner,
           instance_path=self.instance_path,
           user_id=uid,
-          group_id=gid
+          group_id=gid,
+          # As supervisord has no environment to inherit setup minimalistic one
+          HOME=pwd.getpwuid(uid).pw_dir,
+          USER=pwd.getpwuid(uid).pw_name,
         )
       updateFile(self.supervisord_partition_configuration_path,
           partition_supervisor_configuration)

Modified: slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/slapgrid.py
URL: http://svn.erp5.org/slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/slapgrid.py?rev=45370&r1=45369&r2=45370&view=diff
==============================================================================
--- slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/slapgrid.py [utf8] (original)
+++ slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/slapgrid.py [utf8] Wed Apr 13 14:26:29 2011
@@ -46,13 +46,11 @@ from utils import setFinished
 from utils import getSoftwareUrlHash
 from slapos import slap
 from slapos.slap import NotFoundError
-from utils import getCleanEnvironment
 from utils import getSupervisorRPC
 from utils import dropPrivileges
 from utils import SlapPopen
 import tempfile
 import StringIO
-import pwd
 from lxml import etree
 
 
@@ -237,7 +235,7 @@ class Slapgrid(object):
           log_message = 'Unknown supervisord state %r. Will try to start.' % status
           self.logger.warning(log_message)
 
-    self.logger.info("Launching supervisord.")
+    self.logger.info("Launching supervisord with clean environment.")
     # Extract python binary to prevent shebang size limit
     invocation_list = ["supervisord", '-c']
     invocation_list.append("import sys ; sys.path=" + str(sys.path) + " ; import "
@@ -245,7 +243,7 @@ class Slapgrid(object):
         self.supervisord_configuration_path +
         "'] ; supervisor.supervisord.main()")
     supervisord_popen = SlapPopen(invocation_list,
-        env=getCleanEnvironment(pwd.getpwuid(os.getuid()).pw_dir),
+        env={},
         executable=sys.executable)
     result = supervisord_popen.communicate()[0]
     if supervisord_popen.returncode == 0:

Modified: slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/templates/program_partition_supervisord.conf.in
URL: http://svn.erp5.org/slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/templates/program_partition_supervisord.conf.in?rev=45370&r1=45369&r2=45370&view=diff
==============================================================================
--- slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/templates/program_partition_supervisord.conf.in [utf8] (original)
+++ slapos/trunk/util/slapos.tool.grid/src/slapos/tool/grid/templates/program_partition_supervisord.conf.in [utf8] Wed Apr 13 14:26:29 2011
@@ -19,3 +19,4 @@ stdout_logfile_backups=1
 stderr_logfile=%(instance_path)s/.%(program_id)s.log
 stderr_logfile_maxbytes=100KB
 stderr_logfile_backups=1
+environment=USER="%(USER)s",LOGNAME="%(USER)s",HOME="%(HOME)s"

More information about the Erp5-report mailing list