jingrow/gunicorn
1
0
Fork 0
mirror of https://github.com/frappe/gunicorn.git synced 2026-01-14 11:09:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

allow changin worker user/group in non daemon mode. fix authorization of

Browse Source 
unix socket too
This commit is contained in:
benoitc 2010-02-15 15:27:29 +01:00
parent 330e945c7a
commit 5cc19f7037
2 changed files with 29 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
gunicorn/main.py
View File

@ -39,9 +39,9 @@ def options():
op.make_option('-m', '--umask', dest="umask", type='int', op.make_option('-m', '--umask', dest="umask", type='int',
help="Define umask of daemon process"), help="Define umask of daemon process"),
op.make_option('-u', '--user', dest="user", op.make_option('-u', '--user', dest="user",
help="Change user in daemon mode"), help="Change worker user"),
op.make_option('-g', '--group', dest="group", op.make_option('-g', '--group', dest="group",
help="Change group in daemon mode"), help="Change worker group"),
op.make_option('--log-level', dest='loglevel', default='info', op.make_option('--log-level', dest='loglevel', default='info',
help='Log level below which to silence messages. [%default]'), help='Log level below which to silence messages. [%default]'),
op.make_option('--log-file', dest='logfile', default='-', op.make_option('--log-file', dest='logfile', default='-',
@ -65,24 +65,12 @@ def configure_logging(opts):
h.setFormatter(logging.Formatter("%(asctime)s - %(levelname)s %(message)s")) h.setFormatter(logging.Formatter("%(asctime)s - %(levelname)s %(message)s"))
logger.addHandler(h) logger.addHandler(h)
def daemonize(umask, user=None, group=None): def daemonize(umask):
if not 'GUNICORN_FD' in os.environ: if not 'GUNICORN_FD' in os.environ:
if os.fork() == 0: if os.fork() == 0:
os.setsid() os.setsid()
if os.fork() == 0: if os.fork() == 0:
os.umask(umask) os.umask(umask)
if group:
if group.isdigit():
gid = int(group)
else:
gid = grp.getgrnam(group).gr_gid
os.setgid(gid)
if user:
if user.isdigit():
uid = int(user)
else:
uid = pwd.getpwnam(user).pw_uid
os.setuid(uid)
else: else:
os._exit(0) os._exit(0)
else: else:
@ -100,6 +88,20 @@ def daemonize(umask, user=None, group=None):
os.open(util.REDIRECT_TO, os.O_RDWR) os.open(util.REDIRECT_TO, os.O_RDWR)
os.dup2(0, 1) os.dup2(0, 1)
os.dup2(0, 2) os.dup2(0, 2)
def set_owner_process(user,group):
if group:
if group.isdigit():
gid = int(group)
else:
gid = grp.getgrnam(group).gr_gid
os.setgid(gid)
if user:
if user.isdigit():
uid = int(user)
else:
uid = pwd.getpwnam(user).pw_uid
os.setuid(uid)
def main(usage, get_app): def main(usage, get_app):
parser = op.OptionParser(usage=usage, option_list=options(), parser = op.OptionParser(usage=usage, option_list=options(),
@ -123,9 +125,11 @@ def main(usage, get_app):
arbiter = Arbiter(addr, workers, app, **kwargs) arbiter = Arbiter(addr, workers, app, **kwargs)
if opts.daemon: if opts.daemon:
daemonize(umask, user=opts.user, group=opts.group) daemonize(umask)
else: else:
os.setpgrp() os.setpgrp()
set_owner_process(opts.user, opts.group)
configure_logging(opts) configure_logging(opts)
arbiter.run() arbiter.run()
@ -161,9 +165,10 @@ def paste_server(app, global_conf=None, host="127.0.0.1", port=None,
arbiter = Arbiter(bind_addr, workers, app, **kwargs) arbiter = Arbiter(bind_addr, workers, app, **kwargs)
if daemon == "true": if daemon == "true":
daemonize(umask, user=user, group=group) daemonize(umask)
else: else:
os.setpgrp() os.setpgrp()
set_owner_process(opts.user, opts.group)
arbiter.run() arbiter.run()
def run(): def run():

11
gunicorn/management/commands/run_gunicorn.py
View File

@ -32,9 +32,9 @@ class Command(BaseCommand):
make_option('--umask', dest='umask', type='int', make_option('--umask', dest='umask', type='int',
help="Define umask of daemon process"), help="Define umask of daemon process"),
make_option('-u', '--user', dest="user", make_option('-u', '--user', dest="user",
help="Change user in daemon mode"), help="Change worker user"),
make_option('-g', '--group', dest="group", make_option('-g', '--group', dest="group",
help="Change group in daemon mode"), help="Change worker group"),
) )
help = "Starts a fully-functional Web server using gunicorn." help = "Starts a fully-functional Web server using gunicorn."
args = '[optional port number, or ipaddr:port or unix:/path/to/sockfile]' args = '[optional port number, or ipaddr:port or unix:/path/to/sockfile]'
@ -55,8 +55,6 @@ class Command(BaseCommand):
quit_command = (sys.platform == 'win32') and 'CTRL-BREAK' or 'CONTROL-C' quit_command = (sys.platform == 'win32') and 'CTRL-BREAK' or 'CONTROL-C'
pidfile = options.get('pidfile', None) pidfile = options.get('pidfile', None)
umask = options.get('umask', UMASK) umask = options.get('umask', UMASK)
uid = options.get('user')
gid = options.get('group')
print "Validating models..." print "Validating models..."
self.validate(display_num_errors=True) self.validate(display_num_errors=True)
@ -76,7 +74,10 @@ class Command(BaseCommand):
arbiter = Arbiter(addr, workers, handler, arbiter = Arbiter(addr, workers, handler,
pidfile=pidfile) pidfile=pidfile)
if daemon: if daemon:
daemonize(umask, user=user, group=group) daemonize(umask)
else:
os.setpgrp()
set_owner_process(options.user, options.group)
arbiter.run() arbiter.run()
except WSGIServerException, e: except WSGIServerException, e:
# Use helpful error messages instead of ugly tracebacks. # Use helpful error messages instead of ugly tracebacks.