Loading transfer_service/data_rpc_server.py +7 −20 Original line number Diff line number Diff line #!/usr/bin/env python # # TODO: # - error codes and status codes list and description # - check what happens if the user folder does not exist (e.g. /home/ccarbone) # # import json import logging Loading Loading @@ -90,6 +84,7 @@ class DataRPCServer(RedisRPCServer): userInfo = self.systemUtils.userInfo(user) # Check if the user exists on the transfer node and is registered in the database if not userInfo: # the user does not exist on the system response = { "responseType": "ERROR", "errorCode": 5, "errorMsg": "The user does not exist on the transfer node." } Loading @@ -106,7 +101,7 @@ class DataRPCServer(RedisRPCServer): uid = os.stat(folderPath).st_uid gid = os.stat(folderPath).st_gid # Check if uid and gid match and avoid privilege escalation if uid == userInfo[1] and gid == userInfo[2] and uid != 0 and gid != 0: if uid == userInfo[1] and gid == userInfo[2] and uid >= 1000 and gid >= 100: # If write permissions are set and the 'store' folder is not empty, # it means that data is ready to be copied, otherwise, nothing can # be done until the write permissions are restored or new data is Loading Loading @@ -153,21 +148,13 @@ class DataRPCServer(RedisRPCServer): return response # TODO # to be removed from store_preprocessor.py # or simply add a chmod -x here, to be faster? def prepare(self, username): #self.path = "/home/" + username + "/store" #path = "/home/" + username + "/store" path = self.storageStorePath.replace("{username}", username) for folder, subfolders, files in os.walk(path): os.chown(folder, 0, 0) os.chmod(folder, 0o555) for s in subfolders: os.chown(os.path.join(folder, s), 0, 0) os.chmod(os.path.join(folder, s), 0o555) for f in files: os.chown(os.path.join(folder, f), 0, 0) os.chmod(os.path.join(folder, f), 0o555) for el in os.listdir(path): absPath = path + '/' + el os.chown(absPath, 0, 0) os.chmod(absPath, 0o444) def run(self): self.logger.info(f"Starting RPC server of type {self.type}...") Loading Loading
transfer_service/data_rpc_server.py +7 −20 Original line number Diff line number Diff line #!/usr/bin/env python # # TODO: # - error codes and status codes list and description # - check what happens if the user folder does not exist (e.g. /home/ccarbone) # # import json import logging Loading Loading @@ -90,6 +84,7 @@ class DataRPCServer(RedisRPCServer): userInfo = self.systemUtils.userInfo(user) # Check if the user exists on the transfer node and is registered in the database if not userInfo: # the user does not exist on the system response = { "responseType": "ERROR", "errorCode": 5, "errorMsg": "The user does not exist on the transfer node." } Loading @@ -106,7 +101,7 @@ class DataRPCServer(RedisRPCServer): uid = os.stat(folderPath).st_uid gid = os.stat(folderPath).st_gid # Check if uid and gid match and avoid privilege escalation if uid == userInfo[1] and gid == userInfo[2] and uid != 0 and gid != 0: if uid == userInfo[1] and gid == userInfo[2] and uid >= 1000 and gid >= 100: # If write permissions are set and the 'store' folder is not empty, # it means that data is ready to be copied, otherwise, nothing can # be done until the write permissions are restored or new data is Loading Loading @@ -153,21 +148,13 @@ class DataRPCServer(RedisRPCServer): return response # TODO # to be removed from store_preprocessor.py # or simply add a chmod -x here, to be faster? def prepare(self, username): #self.path = "/home/" + username + "/store" #path = "/home/" + username + "/store" path = self.storageStorePath.replace("{username}", username) for folder, subfolders, files in os.walk(path): os.chown(folder, 0, 0) os.chmod(folder, 0o555) for s in subfolders: os.chown(os.path.join(folder, s), 0, 0) os.chmod(os.path.join(folder, s), 0o555) for f in files: os.chown(os.path.join(folder, f), 0, 0) os.chmod(os.path.join(folder, f), 0o555) for el in os.listdir(path): absPath = path + '/' + el os.chown(absPath, 0, 0) os.chmod(absPath, 0o444) def run(self): self.logger.info(f"Starting RPC server of type {self.type}...") Loading
Cristiano Urban <cristiano.urban.slack@gmail.com>Cristiano Urban <cristiano.urban.slack@gmail.com>