1. Georg Brandl
  2. rac

Commits

g...@Georglap  committed adba93e

Add mod loading.

  • Participants
  • Parent commits 9bf78a4
  • Branches default

Comments (0)

Files changed (5)

File rac.conf.py

View file
  • Ignore whitespace
 # This directory must exist.
 sysconfdir = "/tmp/vhosts"
 
+# Directory where all config files that load modules lie.
+# This is used to load the required modules when checking vhost
+# config files with apache2 -t.
+modconfdir = "/tmp/mods-enabled"
+
+# This must be the same directory as the ServerRoot in the main
+# apache config.
+serverroot = "/usr/lib/apache2"
+
 # Minimum time, in seconds, to wait between two reloads of the
 # apache config.
 reloadspan = 600

File rac/check.py

View file
  • Ignore whitespace
     pass
 
 
-def validate(config, filename):
+def validate(config, user, filename):
     f = file(filename, 'r')
     try:
         nodetree = Parser(f).parse()
         else:
             entry = dirs.get(node.name, defdir)
         if callable(entry):
-            entry = entry(config, node)
+            entry = entry(config, user, node)
         if not entry:
             raise ValidationError('the %s %r on line %d is not allowed' %
                                   (node.type, node.name, node.lno))

File rac/dhandler.py

View file
  • Ignore whitespace
     # first, check if it's there
     if not os.path.isfile(filename):
         raise Fail(filename + ': not found')
-    # add the wrapping VirtualHost context for apache's check
-    sf = file(filename, 'r')
+    # first, check with apache -t if it can be parsed
+    # for that, we have to
+    # * add the wrapping VirtualHost context
+    # * load all modules
     fileno, pathname = tempfile.mkstemp()
+    os.write(fileno, 'ServerRoot %s\n' % config.get('serverroot', '/usr/lib/apache2'))
+    modconfdir = config.get('modconfdir', '')
+    if modconfdir:
+        for fn in os.listdir(modconfdir):
+            if fn.startswith('.'): continue
+            f = open(os.path.join(modconfdir, fn), 'r')
+            os.write(fileno, f.read()+'\n')
+            f.close()
+
     os.write(fileno, '<VirtualHost *:80>\n')
     os.write(fileno, config.get('vhostprefix', '') %
              {'basename': os.path.basename(filename), 'username': user})
+    sf = file(filename, 'r')
     os.write(fileno, sf.read())
+    sf.close()
     os.write(fileno, '\n</VirtualHost>\n')
     os.close(fileno)
-    sf.close()
-    # first, check with apache -t if it can be parsed
     apachecmd = config.get('apachecmd', '/usr/sbin/apache2')
     subp = subprocess.Popen([apachecmd, '-t', '-f', pathname],
                             stderr=subprocess.PIPE)
     os.unlink(pathname)
     # then, check if it's valid for our policy
     try:
-        validate(config, filename)
+        validate(config, user, filename)
     except ValidationError, err:
         raise Fail(filename + ': ' + str(err))
     return filename + ': validation successful'

File rac/policy.py

View file
  • Ignore whitespace
 
 directives = {
     'include': False,
+    'loadmodule': False,
     'suexecusergroup': False,
 
     # all unknown directives

File rac/validators.py

View file
  • Ignore whitespace
 
 # Reject Directory directives with wildcards
 
-def directory(config, node):
+def directory(config, user, node):
     return True