diff options
author | Lars Kellogg-Stedman <lars@redhat.com> | 2017-04-10 15:52:37 -0400 |
---|---|---|
committer | Scott Moser <smoser@brickies.net> | 2017-04-12 11:20:27 -0400 |
commit | 721348a622a660b65acfdf7fdf53203b47f80748 (patch) | |
tree | 0b0f58342c8bc5cf5cfd1514095cb25b259f0052 /cloudinit | |
parent | 493f6c3e923902d5d4f3d87e1cc4c726ea90ada4 (diff) | |
download | vyos-cloud-init-721348a622a660b65acfdf7fdf53203b47f80748.tar.gz vyos-cloud-init-721348a622a660b65acfdf7fdf53203b47f80748.zip |
util: teach write_file about copy_mode option
On centos/fedora/rhel/derivatives, /etc/ssh/sshd_config has mode 0600,
but cloud-init unilaterally sets file modes to 0644 when no explicit
mode is passed to util.write_file. On ubuntu/debian, this file has
mode 0644. With this patch, write_file learns about the copy_mode
option, which will cause it to use the mode of the existing file by
default, falling back to the explicit mode parameter if the file does
not exist.
LP: #1644064
Resolves: rhbz#1295984
Diffstat (limited to 'cloudinit')
-rw-r--r-- | cloudinit/atomic_helper.py | 12 | ||||
-rwxr-xr-x | cloudinit/config/cc_set_passwords.py | 3 | ||||
-rw-r--r-- | cloudinit/util.py | 10 |
3 files changed, 22 insertions, 3 deletions
diff --git a/cloudinit/atomic_helper.py b/cloudinit/atomic_helper.py index fb2df8d5..587b9945 100644 --- a/cloudinit/atomic_helper.py +++ b/cloudinit/atomic_helper.py @@ -2,13 +2,23 @@ import json import os +import stat import tempfile _DEF_PERMS = 0o644 -def write_file(filename, content, mode=_DEF_PERMS, omode="wb"): +def write_file(filename, content, mode=_DEF_PERMS, + omode="wb", copy_mode=False): # open filename in mode 'omode', write content, set permissions to 'mode' + + if copy_mode: + try: + file_stat = os.stat(filename) + mode = stat.S_IMODE(file_stat.st_mode) + except OSError: + pass + tf = None try: tf = tempfile.NamedTemporaryFile(dir=os.path.dirname(filename), diff --git a/cloudinit/config/cc_set_passwords.py b/cloudinit/config/cc_set_passwords.py index eb0bdab0..bb24d57f 100755 --- a/cloudinit/config/cc_set_passwords.py +++ b/cloudinit/config/cc_set_passwords.py @@ -215,7 +215,8 @@ def handle(_name, cfg, cloud, log, args): pw_auth)) lines = [str(l) for l in new_lines] - util.write_file(ssh_util.DEF_SSHD_CFG, "\n".join(lines)) + util.write_file(ssh_util.DEF_SSHD_CFG, "\n".join(lines), + copy_mode=True) try: cmd = cloud.distro.init_cmd # Default service diff --git a/cloudinit/util.py b/cloudinit/util.py index 17abdf81..6940850c 100644 --- a/cloudinit/util.py +++ b/cloudinit/util.py @@ -1688,7 +1688,7 @@ def chmod(path, mode): os.chmod(path, real_mode) -def write_file(filename, content, mode=0o644, omode="wb"): +def write_file(filename, content, mode=0o644, omode="wb", copy_mode=False): """ Writes a file with the given content and sets the file mode as specified. Resotres the SELinux context if possible. @@ -1698,6 +1698,14 @@ def write_file(filename, content, mode=0o644, omode="wb"): @param mode: The filesystem mode to set on the file. @param omode: The open mode used when opening the file (w, wb, a, etc.) """ + + if copy_mode: + try: + file_stat = os.stat(filename) + mode = stat.S_IMODE(file_stat.st_mode) + except OSError: + pass + ensure_dir(os.path.dirname(filename)) if 'b' in omode.lower(): content = encode_text(content) |