2021-10-23 02:54:48 -04:00
#!/usr/bin/python3 -u
2021-10-14 07:13:15 -04:00
2021-10-23 02:54:48 -04:00
# Need root privileges to change timezone, and user uid/gid, file/folder ownernship
2021-10-14 07:13:15 -04:00
2021-10-14 19:47:18 -04:00
import grp
2021-10-25 17:57:57 -04:00
import logging
2021-10-14 07:13:15 -04:00
import os
2021-10-14 19:47:18 -04:00
import pwd
2021-10-14 07:13:15 -04:00
import subprocess
2021-10-25 17:57:57 -04:00
import sys
2022-05-12 08:07:26 -04:00
import signal
2021-10-14 07:13:15 -04:00
2021-10-22 17:39:31 -04:00
PYTHON3 = ' /usr/bin/python3 '
2021-12-23 11:28:24 -05:00
dbPath = os . path . join ( os . sep , ' home ' , ' py-kms ' , ' db ' ) # Do not include the database file name, as we must correct the folder permissions (the db file is recursively reachable)
2021-12-03 04:14:29 -05:00
log_level_bootstrap = log_level = os . getenv ( ' LOGLEVEL ' , ' INFO ' )
if log_level_bootstrap == " MININFO " :
log_level_bootstrap = " INFO "
2021-10-25 17:57:57 -04:00
loggersrv = logging . getLogger ( ' logsrv ' )
2021-12-03 04:14:29 -05:00
loggersrv . setLevel ( log_level_bootstrap )
2021-10-25 17:57:57 -04:00
streamhandler = logging . StreamHandler ( sys . stdout )
2021-12-03 04:14:29 -05:00
streamhandler . setLevel ( log_level_bootstrap )
2021-10-25 17:57:57 -04:00
formatter = logging . Formatter ( fmt = ' \x1b [94m %(asctime)s %(levelname)-8s %(message)s ' ,
datefmt = ' %a , %d % b % Y % H: % M: % S ' , )
streamhandler . setFormatter ( formatter )
loggersrv . addHandler ( streamhandler )
2021-10-14 07:13:15 -04:00
2021-10-14 19:47:18 -04:00
def change_uid_grp ( ) :
user_db_entries = pwd . getpwnam ( " py-kms " )
user_grp_db_entries = grp . getgrnam ( " power_users " )
2021-10-25 17:57:57 -04:00
uid = int ( user_db_entries . pw_uid )
gid = int ( user_grp_db_entries . gr_gid )
2021-10-14 19:47:18 -04:00
new_gid = int ( os . getenv ( ' GID ' , str ( gid ) ) )
new_uid = int ( os . getenv ( ' UID ' , str ( uid ) ) )
2021-10-22 17:39:31 -04:00
os . chown ( " /home/py-kms " , new_uid , new_gid )
os . chown ( " /usr/bin/start.py " , new_uid , new_gid )
2021-12-23 12:59:31 -05:00
if os . path . isdir ( dbPath ) :
2021-12-23 11:28:24 -05:00
# Corret permissions recursively, as to access the database file, also its parent folder must be accessible
2021-12-23 12:59:31 -05:00
loggersrv . debug ( f ' Correcting owner permissions on { dbPath } . ' )
os . chown ( dbPath , new_uid , new_gid )
for root , dirs , files in os . walk ( dbPath ) :
for dName in dirs :
dPath = os . path . join ( root , dName )
loggersrv . debug ( f ' Correcting owner permissions on { dPath } . ' )
os . chown ( dPath , new_uid , new_gid )
2021-12-23 11:28:24 -05:00
for fName in files :
2021-12-23 12:59:31 -05:00
fPath = os . path . join ( root , fName )
loggersrv . debug ( f ' Correcting owner permissions on { fPath } . ' )
os . chown ( fPath , new_uid , new_gid )
loggersrv . debug ( subprocess . check_output ( [ ' ls ' , ' -la ' , dbPath ] ) . decode ( ) )
2021-12-23 11:53:17 -05:00
if ' LOGFILE ' in os . environ and os . path . exists ( os . environ [ ' LOGFILE ' ] ) :
# Oh, the user also wants a custom log file -> make sure start.py can access it by setting the correct permissions (777)
2022-01-06 11:14:40 -05:00
os . chmod ( os . environ [ ' LOGFILE ' ] , 0o777 )
2021-12-23 11:53:17 -05:00
loggersrv . error ( str ( subprocess . check_output ( [ ' ls ' , ' -la ' , os . environ [ ' LOGFILE ' ] ] ) ) )
2021-11-30 18:43:01 -05:00
loggersrv . info ( " Setting gid to ' %s ' . " % str ( new_gid ) )
os . setgid ( new_gid )
2021-10-25 17:57:57 -04:00
2021-11-30 18:43:01 -05:00
loggersrv . info ( " Setting uid to ' %s ' . " % str ( new_uid ) )
os . setuid ( new_uid )
2021-10-14 07:13:15 -04:00
2021-10-14 19:47:18 -04:00
def change_tz ( ) :
tz = os . getenv ( ' TZ ' , ' etc/UTC ' )
# TZ is not symlinked and defined TZ exists
2021-10-22 17:39:31 -04:00
if tz not in os . readlink ( ' /etc/localtime ' ) and os . path . isfile ( ' /usr/share/zoneinfo/ ' + tz ) :
2021-10-25 17:57:57 -04:00
loggersrv . info ( " Setting timzeone to %s " % tz )
2021-10-22 17:39:31 -04:00
os . remove ( ' /etc/localtime ' )
os . symlink ( os . path . join ( ' /usr/share/zoneinfo/ ' , tz ) , ' /etc/localtime ' )
2021-10-29 12:53:52 -04:00
f = open ( " /etc/timezone " , " w " )
f . write ( tz )
f . close ( )
2021-10-14 07:13:15 -04:00
2021-10-14 19:47:18 -04:00
# Main
if ( __name__ == " __main__ " ) :
2021-10-25 17:57:57 -04:00
loggersrv . info ( " Log level: %s " % log_level )
2021-10-14 19:47:18 -04:00
change_tz ( )
2022-05-12 08:07:26 -04:00
childProcess = subprocess . Popen ( PYTHON3 + " -u /usr/bin/start.py " , preexec_fn = change_uid_grp ( ) , shell = True )
def shutdown ( signum , frame ) :
loggersrv . info ( " Received signal %s , shutting down... " % signum )
childProcess . terminate ( ) # This will also cause communicate() from below to continue
signal . signal ( signal . SIGTERM , shutdown ) # This signal will be sent by Docker to request shutdown
childProcess . communicate ( )