Commits

Vladimir Mihailenco  committed 3f50927

Add SUDO_USER option

  • Participants
  • Parent commits b3e921e
  • Branches sudo_refactoring

Comments (0)

Files changed (6)

File fab_deploy/apache.py

 def apache_restart():
     """ Restarts apache using init.d script. """
     # restart is not used because it can leak memory in some cases
-    sudo('invoke-rc.d apache2 stop')
-    sudo('invoke-rc.d apache2 start')
+    utils.safe_sudo('invoke-rc.d apache2 stop')
+    utils.safe_sudo('invoke-rc.d apache2 start')
 
 # ==== installation ===
 
 def apache_install():
     """ Installs apache. """
     system.aptitude_install('apache2 libapache2-mod-wsgi libapache2-mod-rpaf')
-    sudo('rm -f /etc/apache2/sites-enabled/default')
-    sudo('rm -f /etc/apache2/sites-enabled/000-default')
+    utils.safe_sudo('rm -f /etc/apache2/sites-enabled/default')
+    utils.safe_sudo('rm -f /etc/apache2/sites-enabled/000-default')
     apache_setup_locale()
 
 def apache_make_config():
     name = env.conf['INSTANCE_NAME']
     utils.upload_config_template('apache.config',
                                  '/etc/apache2/sites-available/%s' % name,
-                                 use_sudo=True)
-    sudo('a2ensite %s' % name)
+                                 use_sudo=True, user=env.conf.SUDO_USER)
+    utils.safe_sudo('a2ensite %s' % name)
 
 def apache_setup():
     """ Updates apache config, wsgi script and restarts apache. """
     unicode file names without this. """
     files.append('/etc/apache2/envvars',
                  ['export LANG="en_US.UTF-8"', 'export LC_ALL="en_US.UTF-8"'],
-                 use_sudo=True)
+                 use_sudo=True, user=env.conf.SUDO_USER)
 
 # === automatic apache ports management ===
 
 def _ports_lines():
     with settings(hide('stdout')):
-        ports_data = sudo('cat ' + APACHE_PORTS_FILE)
+        ports_data = utils.safe_sudo('cat ' + APACHE_PORTS_FILE)
     return ports_data.splitlines()
 
 def _used_ports(lines):
             ])
             env.conf.APACHE_PORT = port
             puts('Instance is not binded to any port. Binding it to port ' + str(port))
-            sudo("echo '%s\n' > %s" % ('\n'.join(lines), APACHE_PORTS_FILE))
+            utils.safe_sudo("echo '%s\n' > %s" % ('\n'.join(lines), APACHE_PORTS_FILE))
             return
     warn('All apache ports are used!')

File fab_deploy/deploy.py

             abort("Aborting.")
 
     def wipe_web():
-        sudo('rm -f /etc/nginx/sites-enabled/' + env.conf['INSTANCE_NAME'])
-        sudo('a2dissite ' + env.conf['INSTANCE_NAME'])
-        sudo('invoke-rc.d nginx reload')
-        sudo('invoke-rc.d apache2 reload')
+        utils.safe_sudo('rm -f /etc/nginx/sites-enabled/' + env.conf['INSTANCE_NAME'])
+        utils.safe_sudo('a2dissite ' + env.conf['INSTANCE_NAME'])
+        utils.safe_sudo('invoke-rc.d nginx reload')
+        utils.safe_sudo('invoke-rc.d apache2 reload')
 
     wipe_web()
     run('rm -rf %s' % env.conf.SRC_DIR)

File fab_deploy/mysql.py

         "mysql-server-%s mysql-server/root_password password %s" % (version, passwd),
     ]
 
-    sudo("echo '%s' | debconf-set-selections" % "\n".join(debconf_defaults))
+    utils.safe_sudo("echo '%s' | debconf-set-selections" % "\n".join(debconf_defaults))
 
     warn('\n=========\nThe password for mysql "root" user will be set to "%s"\n=========\n' % passwd)
     system.aptitude_install('mysql-server')

File fab_deploy/nginx.py

 from __future__ import with_statement
-from fabric.api import run, sudo, env, settings
+from fabric.api import run, env, settings
 from fab_deploy import utils
 from fab_deploy import system
 from fab_deploy import apache
     os = utils.detect_os()
     options = {'lenny': '-t lenny-backports'}
     system.aptitude_install('nginx', options.get(os, ''))
-    sudo('rm -f /etc/nginx/sites-enabled/default')
+    utils.safe_sudo('rm -f /etc/nginx/sites-enabled/default')
 
 def nginx_setup():
     """ Updates nginx config and restarts nginx. """
     name = env.conf['INSTANCE_NAME']
     utils.upload_config_template('nginx.config',
                                  '/etc/nginx/sites-available/%s' % name,
-                                 use_sudo=True)
+                                 use_sudo=True, user=env.conf.SUDO_USER)
     with settings(warn_only=True):
-        sudo('ln -s /etc/nginx/sites-available/%s /etc/nginx/sites-enabled/%s' % (name, name))
-    sudo('invoke-rc.d nginx restart')
+        utils.safe_sudo('ln -s /etc/nginx/sites-available/%s /etc/nginx/sites-enabled/%s' % (name, name))
+    utils.safe_sudo('invoke-rc.d nginx restart')

File fab_deploy/system.py

 #coding: utf-8
 from __future__ import with_statement
 import os.path
-from fabric.api import run, sudo, settings, env, cd
+from fabric.api import run, settings, env, cd
 from fabric.contrib import files
 from fabric import utils as fabric_utils
 from fab_deploy import utils
 
 def prepare_server():
     """ Prepares server: installs system packages. """
+    os = utils.detect_os()
+    if os in ['lenny', 'squeeze'] and env.conf.SUDO_USER == 'root':
+        install_sudo()
+    
     setup_backports()
     install_common_software()
 
+@utils.run_as('root')
+def install_sudo():
+    run('aptitude install -y sudo')
+
 def install_common_software():
     """ Installs common system packages. """
     common_packages = [
     aptitude_install('mercurial git', vcs_options.get(os, ""))
     aptitude_install('bzr', '--without-recommends')
 
-    sudo('easy_install -U pip')
-    sudo('pip install -U virtualenv')
+    utils.safe_sudo('easy_install -U pip')
+    utils.safe_sudo('pip install -U virtualenv')
 
 
 def setup_backports():
         fabric_utils.puts("Backports are not available for " + os)
         return
 
-    sudo("echo 'deb %s' > /etc/apt/sources.list.d/backports.sources.list" % backports[os])
+    utils.safe_sudo("echo 'deb %s' > /etc/apt/sources.list.d/backports.sources.list" % backports[os])
     with settings(warn_only=True):
-        sudo('aptitude update')
+        utils.safe_sudo('aptitude update')
 
 def create_linux_account(pub_key_file):
     """ Creates linux account and setups ssh access. """
         ssh_key = f.read()
     username = env.conf['USER']
     with (settings(warn_only=True)):
-        sudo('adduser %s --disabled-password --gecos ""' % username)
+        utils.safe_sudo('adduser %s --disabled-password --gecos ""' % username)
         with cd('/home/' + username):
-            sudo('mkdir -p .ssh')
-            files.append('.ssh/authorized_keys', ssh_key, use_sudo=True)
-            sudo('chown -R %s:%s .ssh' % (username, username))
+            utils.safe_sudo('mkdir -p .ssh')
+            files.append('.ssh/authorized_keys', ssh_key, use_sudo=True,
+                         user=env.conf.SUDO_USER)
+            utils.safe_sudo('chown -R %s:%s .ssh' % (username, username))
 
 def ssh_add_key(pub_key_file):
     """ Adds a ssh key from passed file to user's authorized_keys on server. """
 
 def aptitude_install(packages, options=''):
     """ Installs package via aptitude. """
-    sudo('aptitude install %s -y %s' % (options, packages,))
+    utils.safe_sudo('aptitude install %s -y %s' % (options, packages,))
 
 
 #def install_backup_system():
-#    sudo('aptitude install -y s3cmd ruby rubygems libxml2-dev libxslt-dev libopenssl-ruby')
-#    sudo('gem install rubygems-update')
-#    sudo('/var/lib/gems/1.8/bin/update_rubygems')
-#    sudo('gem install astrails-safe --source http://gemcutter.org')
+#    utils.safe_sudo('aptitude install -y s3cmd ruby rubygems libxml2-dev libxslt-dev libopenssl-ruby')
+#    utils.safe_sudo('gem install rubygems-update')
+#    utils.safe_sudo('/var/lib/gems/1.8/bin/update_rubygems')
+#    utils.safe_sudo('gem install astrails-safe --source http://gemcutter.org')

File fab_deploy/utils.py

 
 
 __all__ = ['run_as', 'update_env', 'inside_project', 'inside_virtualenv',
-           'delete_pyc', 'print_env', 'detect_os']
+           'delete_pyc', 'print_env', 'detect_os', 'safe_sudo']
 
 def _codename(distname, version, id):
     patterns = [
         GIT_BRANCH = 'master',
         DB_NAME=env.conf['INSTANCE_NAME'],
         DB_USER='root',
+        SUDO_USER='root',
         PROCESSES=1,
         THREADS=15,
         SERVER_NAME=host,
         path = os.path.join(dir, name)
         if os.path.exists(path):
             return path
+
+def safe_sudo(command, shell=True, pty=True, combine_stderr=True, user=None):
+    user = env.conf.SUDO_USER
+    return sudo(command, shell=shell, pty=pty, combine_stderr=combine_stderr,
+                user=user)