update sudo rules, change file/directory group owners

c5a2005a · sveseli · 419b4de2 · c5a2005a · c5a2005a · c5a2005a
Commit c5a2005a authored 9 years ago by sveseli
--- a/etc/dm.sudo-rules.template
+++ b/etc/dm.sudo-rules.template
@@ -5,7 +5,8 @@ User_Alias USER=DM_SYSTEM_USER
 Cmnd_Alias SETFACL=/usr/bin/setfacl -m group\:*\:rx DM_DATA_DIR/*
 Cmnd_Alias USERMOD=/usr/sbin/usermod -a -G * *
 Cmnd_Alias GROUPADD=/usr/sbin/groupadd *
+Cmnd_Alias CHOWN=/bin/chown -R \:* *

-USER HOST=(root) NOPASSWD: SETFACL,USERMOD,GROUPADD
+USER HOST=(root) NOPASSWD: SETFACL,USERMOD,GROUPADD,CHOWN


--- a/src/python/dm/common/utility/linuxUtility.py
+++ b/src/python/dm/common/utility/linuxUtility.py
@@ -10,6 +10,7 @@ class LinuxUtility:
    GROUPADD_CMD = '/usr/sbin/groupadd'
    USERMOD_CMD = '/usr/sbin/usermod'
    SETFACL_CMD = '/usr/bin/setfacl'
+    CHOWN_CMD = '/bin/chown'

    @classmethod
    def getLogger(cls):
@@ -52,6 +53,13 @@ class LinuxUtility:
        cmd = '%s -m group\:%s\:rx %s' % (cls.SETFACL_CMD, groupName, path)
        cls.executeSudoCommand(cmd)

+    @classmethod
+    def changePathGroupOwner(cls, path, groupName):
+        logger = cls.getLogger()
+        logger.debug('Changing group owner to %s for path %s' % (groupName, path))
+        cmd = '%s -R \:%s %s' % (cls.CHOWN_CMD, groupName, path)
+        cls.executeSudoCommand(cmd)
+
 #######################################################################
 # Testing.


--- a/src/python/dm/ds_web_service/service/impl/experimentManager.py
+++ b/src/python/dm/ds_web_service/service/impl/experimentManager.py
@@ -91,6 +91,9 @@ class ExperimentManager(Singleton):
            self.platformUtility.createGroup(experimentName)
            self.logger.debug('Setting permissions for %s to %s' % (storageDirectory, self.DIR_PERMISSIONS_MODE))
            OsUtility.chmodPath(storageDirectory, dirMode=self.DIR_PERMISSIONS_MODE)
+            self.logger.debug('Changing group owner for %s to %s' % (storageDirectory, experimentName))
+            self.platformUtility.changePathGroupOwner(storageDirectory, experimentName)
+
            experimentUsers = experiment.get('experimentUsernameList', [])
            self.logger.debug('Found experiment users: %s', experimentUsers)
            for username in experimentUsers:
@@ -109,6 +112,8 @@ class ExperimentManager(Singleton):
            if self.manageStoragePermissions:
                self.logger.debug('Modifying permissions for %s' % filePath)
                OsUtility.chmodPath(filePath, fileMode=self.FILE_PERMISSIONS_MODE)
+                self.logger.debug('Changing group owner for %s to %s' % (filePath, experimentName))
+                self.platformUtility.changePathGroupOwner(filePath, experimentName)
                self.logger.debug('Processing file %s' % filePath)
                self.fileProcessingManager.processFile(fileInfo)
        else: