Skip to content
Snippets Groups Projects
Commit c60d6ee5 authored by Cristiano Urban's avatar Cristiano Urban
Browse files

Get user UID and GID from transfer node user folder.

parent c1c35b2d
No related branches found
No related tags found
No related merge requests found
Pipeline #13683 passed
......@@ -169,10 +169,10 @@ class DataRPCServer(RedisRPCServer):
"errorCode": 2,
"errorMsg": errorMsg }
return response
uid = os.stat(folderPath).st_uid
gid = os.stat(folderPath).st_gid
# Check if uid and gid match and avoid privilege escalation
if uid == userInfo[1] and gid == userInfo[2] and uid >= 1000 and gid >= 100:
uid = userInfo[1]
gid = userInfo[2]
# Avoid privilege escalation
if uid >= 1000 and gid >= 100:
# If write permissions are set and the 'store' folder is not empty,
# it means that data is ready to be copied, otherwise, nothing can
# be done until the write permissions are restored or new data is
......
......@@ -6,11 +6,12 @@
#
import os
import pwd
import re
import shutil
import sys
from config import Config
class SystemUtils(object):
......@@ -24,19 +25,24 @@ class SystemUtils(object):
}
def __init__(self):
pass
config = Config("/etc/vos_ts/vos_ts.conf")
params = config.loadSection("transfer_node")
self.vospaceUserBasePath = params["base_path"]
def userInfo(self, username):
"""
Returns username, UID and GID associated to a given user,
using the Python password database module (pwd).
Obtains username, UID and GID associated to a given user
from the user directory (name.surname) on the transfer node.
"""
try:
info = pwd.getpwnam(username)
except KeyError:
vospaceUserFolderPath = self.vospaceUserBasePath.replace("{username}", username)
uid = os.stat(vospaceUserFolderPath).st_uid
gid = os.stat(vospaceUserFolderPath).st_gid
except OSError:
return False
else:
return [ info[0], info[2], info[3] ]
return [ username, uid, gid ]
def findIllegalCharacters(self, name):
"""Checks for file/dir names containing illegal characters."""
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment