BIND 10 #970: [kean] noisy traceback when piping into bindctl without login
BIND 10 Development
do-not-reply at isc.org
Mon Nov 18 03:18:06 UTC 2013
#970: [kean] noisy traceback when piping into bindctl without login
-------------------------------------+-------------------------------------
Reporter: jreed | Owner:
Type: defect | UnAssigned
Priority: medium | Status:
Component: bind-ctl | reviewing
Keywords: | Milestone:
Sensitive: 0 | Sprint-20131015
Sub-Project: DNS | Resolution:
Estimated Difficulty: 0.0 | CVSS Scoring:
Total Hours: 0 | Defect Severity:
| Medium
| Feature Depending on Ticket:
| Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
Changes (by kean):
* owner: kean => UnAssigned
* status: accepted => reviewing
Comment:
This is another old bug that no longer seems to exist. I changed the
ownership of my home directory .bind10 to root and ran bindctl:
{{{
./bindctl
Error reading saved username and password from
/home/kean/.bind10/default_user.csv: [Errno 13] Permission denied:
'/home/kean/.bind10/default_user.csv'
No stored password file found.
When the system is first set up you need to create at least one user
account.
For information on how to set up a BIND 10 system, please check see the
BIND 10 Guide:
http://bind10.isc.org/docs/bind10-guide.html#quick-start-auth-dns
If a user account has been set up, please check the b10-cmdctl log for
other
information.
Username: kean
Password:
["login success"]
Error saving user information: [Errno 13] Permission denied:
'/home/kean/.bind10/default_user.csv'
user info file name: /home/kean/.bind10/default_user.csv
>
}}}
I then removed the {{{.bind10}}} directory, became root via {{{su}}} and
re-ran bind10 and bindctl. The {{{.bind10}}} directory was correctly
created in the root user's home directory, not in my directory.
The code that decides where to put the directory looks like this:
{{{
self.csv_file_dir = pwd.getpwnam(getpass.getuser()).pw_dir + \
os.sep + '.bind10' + os.sep
}}}
According to the Python docs for getpass.getuser: "This function checks
the environment variables LOGNAME, USER, LNAME and USERNAME, in order, and
returns the value of the first one which is set to a non-empty string. If
none are set, the login name from the password database is returned on
systems which support the pwd module, otherwise, an exception is raised."
Certainly on Linux Fedora Core 19, after doing an {{{su}}} all of those
variables except for USERNAME are all set to "root". Only USERNAME retians
my original login. The bug did not specify which platform this was for but
I suspect that on that platform LOGNAME or USER remained set to the
original user name. The error is one of usage of {{{su}}}. It is
considered good practice to do an "su -" so that the session acts as if it
had just started up (and would therefore set the environment as if the
real root user had logged in) rather than just changing the euid to 0, as
happens with certain implementations of su.
Regardless, the code above is correct (although perhaps overly complicated
- it could probably just as easily use $HOME rather than bothering with
parsing the passwd entries) and so my analysis of this bug is that it is
simply no longer valid and requires no changes.
--
Ticket URL: <http://bind10.isc.org/ticket/970#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list