merge changelog

Signed-off-by: Nico Schottelius <nico@brief.schottelius.org>
This commit is contained in:
Nico Schottelius 2012-05-22 21:15:45 +02:00
commit 4faad3926b
5 changed files with 22 additions and 5 deletions

View file

@ -5,6 +5,7 @@ Changelog
* Exception: No braces means author == Nico Schottelius * Exception: No braces means author == Nico Schottelius
2.0.11: 2.0.11:
* Fix insecure file/directory creation: Use umask 077
* Add support for --remote-exec and --remote-copy parameters * Add support for --remote-exec and --remote-copy parameters
2.0.10: 2012-05-18 2.0.10: 2012-05-18

View file

@ -9,6 +9,8 @@ CORE
- document and add paremeters for remote-copy and remote-exec! - document and add paremeters for remote-copy and remote-exec!
- remove hack, make a feature of it - remove hack, make a feature of it
- remove var=foo calls on remote side. Use -o SendEnv (yeah, see ssh_config(5))
TESTS TESTS
----- -----
- multiple defines of object: - multiple defines of object:

View file

@ -19,6 +19,16 @@
# #
# #
import os
import subprocess
try:
with open(os.devnull, 'w') as devnull:
here = os.path.dirname(os.path.realpath(__file__))
VERSION = subprocess.check_output(
'cd "%s" && git describe' % here,
stderr=devnull, shell=True).decode('utf-8')
except:
VERSION = "2.0.10" VERSION = "2.0.10"
BANNER = """ BANNER = """
@ -38,8 +48,6 @@ BANNER = """
DOT_CDIST = ".cdist" DOT_CDIST = ".cdist"
import os
class Error(Exception): class Error(Exception):
"""Base exception class for this project""" """Base exception class for this project"""
pass pass

View file

@ -60,6 +60,9 @@ class Local(object):
self.log = logging.getLogger(self.target_host) self.log = logging.getLogger(self.target_host)
# Setup file permissions using umask
os.umask(0o077)
def create_directories(self): def create_directories(self):
self.mkdir(self.out_path) self.mkdir(self.out_path)
self.mkdir(self.global_explorer_out_path) self.mkdir(self.global_explorer_out_path)
@ -73,8 +76,7 @@ class Local(object):
def mkdir(self, path): def mkdir(self, path):
"""Create directory on the local side.""" """Create directory on the local side."""
self.log.debug("Local mkdir: %s", path) self.log.debug("Local mkdir: %s", path)
# FIXME: dont set mode here, fix unittest mkdtemp instead os.makedirs(path, exist_ok=True)
os.makedirs(path, mode=0o700, exist_ok=True)
def run(self, command, env=None, return_output=False): def run(self, command, env=None, return_output=False):
"""Run the given command with the given environment. """Run the given command with the given environment.

View file

@ -105,6 +105,10 @@ class Remote(object):
cmd = self._exec.split() cmd = self._exec.split()
cmd.append(self.target_host) cmd.append(self.target_host)
# Always call umask before actual call to ensure proper file permissions
cmd.append("umask 077;")
# FIXME: replace this by -o SendEnv name -o SendEnv name ... to ssh?
# can't pass environment to remote side, so prepend command with # can't pass environment to remote side, so prepend command with
# variable declarations # variable declarations
if env: if env: