Revert "Move packstack logs to /var/log/packstack"
Due to security reasons.
This reverts commit 075eb3f5a8
.
Change-Id: Ie12d3a57d9d25cb5d89c88e7761b1b8db7793b06
This commit is contained in:
parent
a602c6549f
commit
ce423165ca
|
@ -9,66 +9,38 @@ import pwd
|
||||||
import sys
|
import sys
|
||||||
import datetime
|
import datetime
|
||||||
import tempfile
|
import tempfile
|
||||||
import random
|
|
||||||
import string
|
|
||||||
import errno
|
|
||||||
import logging
|
|
||||||
|
|
||||||
from .utils import get_current_user
|
from .utils import get_current_user
|
||||||
|
|
||||||
# Iinitializes the directory by creating it or
|
|
||||||
# changing ownsership it already exists.
|
|
||||||
# in case there's a problem it falls back to the
|
|
||||||
# default directory
|
|
||||||
# returns the name of the created directory
|
|
||||||
def init_directory(dirname, force_ownership=True):
|
|
||||||
try:
|
|
||||||
os.makedirs(dirname, 0700)
|
|
||||||
except OSError as e:
|
|
||||||
if e.errno == errno.EEXIST and os.path.isdir(dirname):
|
|
||||||
# directory is already created, check ownership
|
|
||||||
stat = os.stat(dirname)
|
|
||||||
if (force_ownership and stat.st_uid == 0 and
|
|
||||||
os.getuid() != stat.st_uid):
|
|
||||||
print ('%s is already created and owned by root. Please change '
|
|
||||||
'ownership and try again.' % dirname)
|
|
||||||
sys.exit(1)
|
|
||||||
elif e.errno == errno.EACCES:
|
|
||||||
logging.info("Can't create directory %s." % dirname)
|
|
||||||
return None
|
|
||||||
else:
|
|
||||||
raise
|
|
||||||
finally:
|
|
||||||
uid, gid = get_current_user()
|
|
||||||
if uid != 0 and os.getuid() == 0:
|
|
||||||
try:
|
|
||||||
os.chown(dirname, uid, gid)
|
|
||||||
except Exception, ex:
|
|
||||||
if force_ownership:
|
|
||||||
print ('Unable to change owner of %s. Please fix ownership'
|
|
||||||
' manually and try again.' % dirname)
|
|
||||||
sys.exit(1)
|
|
||||||
return dirname
|
|
||||||
|
|
||||||
APP_NAME = "Installer"
|
APP_NAME = "Installer"
|
||||||
|
|
||||||
FILE_YUM_VERSION_LOCK = "/etc/yum/pluginconf.d/versionlock.list"
|
FILE_YUM_VERSION_LOCK = "/etc/yum/pluginconf.d/versionlock.list"
|
||||||
|
|
||||||
PACKSTACK_VAR_DIR = init_directory("/var/tmp/packstack")
|
PACKSTACK_VAR_DIR = "/var/tmp/packstack"
|
||||||
PACKSTACK_LOG_DIR = init_directory("/var/log/packstack", force_ownership=False)
|
try:
|
||||||
if not PACKSTACK_LOG_DIR:
|
os.mkdir(PACKSTACK_VAR_DIR, 0700)
|
||||||
PACKSTACK_LOG_DIR = PACKSTACK_VAR_DIR
|
except OSError:
|
||||||
|
# directory is already created, check ownership
|
||||||
|
stat = os.stat(PACKSTACK_VAR_DIR)
|
||||||
|
if stat.st_uid == 0 and os.getuid() != stat.st_uid:
|
||||||
|
print ('%s is already created and owned by root. Please change '
|
||||||
|
'ownership and try again.' % PACKSTACK_VAR_DIR)
|
||||||
|
sys.exit(1)
|
||||||
|
finally:
|
||||||
|
uid, gid = get_current_user()
|
||||||
|
|
||||||
|
if uid != 0 and os.getuid() == 0:
|
||||||
|
try:
|
||||||
|
os.chown(PACKSTACK_VAR_DIR, uid, gid)
|
||||||
|
except Exception, ex:
|
||||||
|
print ('Unable to change owner of %s. Please fix ownership '
|
||||||
|
'manually and try again.' % PACKSTACK_VAR_DIR)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
_tmpdirprefix = datetime.datetime.now().strftime('%Y%m%d-%H%M%S-')
|
_tmpdirprefix = datetime.datetime.now().strftime('%Y%m%d-%H%M%S-')
|
||||||
LOG_DIR = ""
|
VAR_DIR = tempfile.mkdtemp(prefix=_tmpdirprefix, dir=PACKSTACK_VAR_DIR)
|
||||||
VAR_DIR = tempfile.mkdtemp(prefix=_tmpdirprefix, dir=PACKSTACK_VAR_DIR,)
|
DIR_LOG = VAR_DIR
|
||||||
if PACKSTACK_VAR_DIR != PACKSTACK_LOG_DIR:
|
|
||||||
LOG_DIR = VAR_DIR.replace("tmp", "log")
|
|
||||||
init_directory(LOG_DIR)
|
|
||||||
else:
|
|
||||||
LOG_DIR = VAR_DIR
|
|
||||||
|
|
||||||
|
|
||||||
PUPPET_MANIFEST_RELATIVE = "manifests"
|
PUPPET_MANIFEST_RELATIVE = "manifests"
|
||||||
PUPPET_MANIFEST_DIR = os.path.join(VAR_DIR, PUPPET_MANIFEST_RELATIVE)
|
PUPPET_MANIFEST_DIR = os.path.join(VAR_DIR, PUPPET_MANIFEST_RELATIVE)
|
||||||
|
|
||||||
|
|
|
@ -36,7 +36,7 @@ def initLogging (debug):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
logFilename = "openstack-setup.log"
|
logFilename = "openstack-setup.log"
|
||||||
logFile = os.path.join(basedefs.LOG_DIR, logFilename)
|
logFile = os.path.join(basedefs.DIR_LOG, logFilename)
|
||||||
|
|
||||||
# Create the log file with specific permissions, puppet has a habbit of putting
|
# Create the log file with specific permissions, puppet has a habbit of putting
|
||||||
# passwords in logs
|
# passwords in logs
|
||||||
|
|
|
@ -141,7 +141,7 @@ def waitforpuppet(currently_running):
|
||||||
# Once a remote puppet run has finished, we retrieve the log
|
# Once a remote puppet run has finished, we retrieve the log
|
||||||
# file and check it for errors
|
# file and check it for errors
|
||||||
local_server = utils.ScriptRunner()
|
local_server = utils.ScriptRunner()
|
||||||
log = os.path.join(basedefs.LOG_DIR,
|
log = os.path.join(basedefs.PUPPET_MANIFEST_DIR,
|
||||||
os.path.basename(finished_logfile).replace(".finished", ".log"))
|
os.path.basename(finished_logfile).replace(".finished", ".log"))
|
||||||
local_server.append('scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@%s:%s %s' % (hostname, finished_logfile, log))
|
local_server.append('scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@%s:%s %s' % (hostname, finished_logfile, log))
|
||||||
# To not pollute logs we turn of logging of command execution
|
# To not pollute logs we turn of logging of command execution
|
||||||
|
|
Loading…
Reference in New Issue