From 92dea32dd44eb4882000552c39dc71f2ff9b5863 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Wed, 2 Feb 2022 08:37:22 -0500 Subject: [PATCH 01/15] Change to python 2/3 agnostic syntax --- confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient index 11d3758e..34a2f1ad 100644 --- a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient +++ b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient @@ -138,7 +138,7 @@ def get_net_apikey(nodename, mgr): newpass = newpass.encode('utf8') salt = salt.encode('utf8') crypted = c_crypt(newpass, salt) - for addrinfo in socket.getaddrinfo(mgr, 13001, type=socket.SOCK_STREAM): + for addrinfo in socket.getaddrinfo(mgr, 13001, 0, socket.SOCK_STREAM): try: clisock = socket.socket(addrinfo[0], addrinfo[1]) clisock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) From bc7d480a17aaddeeb968ab721cd36b43ee5fa2f3 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Wed, 2 Feb 2022 10:53:46 -0500 Subject: [PATCH 02/15] Use more widely known paths for libcrypt --- .../common/initramfs/opt/confluent/bin/apiclient | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient index 34a2f1ad..2bc8de98 100644 --- a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient +++ b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient @@ -20,9 +20,9 @@ class InvalidApiKey(Exception): cryptname = ctypes.util.find_library('crypt') if not cryptname: - if os.path.exists('/usr/lib64/libcrypt.so.1'): + if os.path.exists('/lib64/libcrypt.so.1'): cryptname = 'libcrypt.so.1' - elif os.path.exists('/usr/lib64/libcrypt.so.2'): + elif os.path.exists('/lib64/libcrypt.so.2'): cryptname = 'libcrypt.so.2' c_libcrypt = ctypes.CDLL(cryptname) c_crypt = c_libcrypt.crypt From 700fe1bc3b117da3037d39a6109332d69da466b2 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 3 Feb 2022 10:09:28 -0500 Subject: [PATCH 03/15] Fix for EL7 compatibility Some python 3 exclusive assumptions were made. Unfortunately, EL7 is python2 centric. --- .../common/initramfs/opt/confluent/bin/apiclient | 10 ++++++++-- .../common/profile/scripts/confignet | 14 ++++++++++---- 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient index 2bc8de98..720173f7 100644 --- a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient +++ b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient @@ -93,14 +93,20 @@ def scan_confluents(): if addr[0] == socket.AF_INET6: if addr[-1] in doneidxs: continue - s6.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_MULTICAST_IF, addr[-1]) + try: + s6.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_MULTICAST_IF, addr[-1]) + except TypeError: + s6.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_MULTICAST_IF, addr[-1].tobytes()) try: s6.sendto(msg, ('ff02::c', 1900)) except OSError: pass doneidxs.add(addr[-1]) elif addr[0] == socket.AF_INET: - s4.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_IF, addr[1]) + try: + s4.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_IF, addr[1]) + except TypeError: + s4.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_IF, addr[1].tobytes()) try: s4.sendto(msg, ('239.255.255.250', 1900)) except OSError: diff --git a/confluent_osdeploy/common/profile/scripts/confignet b/confluent_osdeploy/common/profile/scripts/confignet index b8b2d29a..e868a4c4 100644 --- a/confluent_osdeploy/common/profile/scripts/confignet +++ b/confluent_osdeploy/common/profile/scripts/confignet @@ -8,11 +8,17 @@ import sys import time import shlex import subprocess -from importlib.machinery import SourceFileLoader try: - apiclient = SourceFileLoader('apiclient', '/opt/confluent/bin/apiclient').load_module() -except FileNotFoundError: - apiclient = SourceFileLoader('apiclient', '/etc/confluent/apiclient').load_module() + from importlib.machinery import SourceFileLoader + def load_source(mod, path): + return SourceFileLoader(mod, path).load_module() +except ImportError: + from imp import load_source + +try: + apiclient = load_source('apiclient', '/opt/confluent/bin/apiclient') +except IOError: + apiclient = load_source('apiclient', '/etc/confluent/apiclient') def add_lla(iface, mac): pieces = mac.split(':') From 6769c171c1293c573f66ef6648fa79581105f85a Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Thu, 3 Feb 2022 11:50:34 -0500 Subject: [PATCH 04/15] Fix confignet for python2 --- confluent_osdeploy/common/profile/scripts/confignet | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_osdeploy/common/profile/scripts/confignet b/confluent_osdeploy/common/profile/scripts/confignet index e868a4c4..3bdc7638 100644 --- a/confluent_osdeploy/common/profile/scripts/confignet +++ b/confluent_osdeploy/common/profile/scripts/confignet @@ -317,7 +317,7 @@ if __name__ == '__main__': myname = myname[0] myname = socket.inet_pton(socket.AF_INET, myname) for addr in myaddrs: - if myname == bytes(addr[1]): + if myname == addr[1].tobytes(): curridx = addr[-1] if curridx in doneidxs: continue From b1cbca414a148c12c01c39681983cc6403315282 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 7 Feb 2022 08:39:45 -0500 Subject: [PATCH 05/15] Fix compatibility with CentOS7 for imgutil build -s --- imgutil/imgutil | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/imgutil/imgutil b/imgutil/imgutil index b7e0b484..383a467e 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -342,7 +342,7 @@ def create_yumconf(sourcedir, addrepos): if os.path.exists(sourcedir + '/repodata'): yumconf.write('[genimage-topdir]\n') yumconf.write('name=Local install repository\n') - yumconf.write('baseurl={0}\n'.format(sourcedir)) + yumconf.write('baseurl=file://{0}\n'.format(sourcedir)) yumconf.write('enabled=1\ngpgcheck=0\n\n') else: c = configparser.ConfigParser() From 4a38a88136eae96d962a9db75c934d74d5703dcd Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 7 Feb 2022 09:20:05 -0500 Subject: [PATCH 06/15] Add recognition of RHEL9 media --- confluent_server/confluent/osimage.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/confluent_server/confluent/osimage.py b/confluent_server/confluent/osimage.py index 6f015afb..7c8822e0 100644 --- a/confluent_server/confluent/osimage.py +++ b/confluent_server/confluent/osimage.py @@ -484,6 +484,10 @@ def check_rhel(isoinfo): ver = entry.split('-')[2] arch = entry.split('.')[-2] break + elif 'redhat-release-9' in entry: + ver = entry.split('-')[2] + arch = entry.split('.')[-2] + break else: if '.discinfo' in isoinfo[1]: prodinfo = isoinfo[1]['.discinfo'] From c2b66958d719f34b5ad2ee2b02aa4d0b3bf0a1e6 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Mon, 7 Feb 2022 12:23:44 -0500 Subject: [PATCH 07/15] Update imgutil to not need rpm-python EL7 does not have rpm for python3, use the cli instead for such a case. --- imgutil/imgutil | 48 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 35 insertions(+), 13 deletions(-) diff --git a/imgutil/imgutil b/imgutil/imgutil index 383a467e..bb5a346a 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -904,21 +904,43 @@ def fingerprint_source(sourcepath, args): return oshandler def fingerprint_host_el(args, hostpath='/'): - try: - import rpm - except ImportError: - return None if hostpath[0] != '/': hostpath = os.path.join(os.getcwd(), hostpath) - ts = rpm.TransactionSet(hostpath) - rpms = ts.dbMatch('provides', 'system-release') - for inf in rpms: - if 'el8' not in inf.release and 'el7' not in inf.release: - continue - osname = inf.name.replace('-release', '').replace('-', '_') - if osname == 'centos_linux': - osname = 'centos' - return ElHandler(osname, inf.version, os.uname().machine, args) + try: + import rpm + ts = rpm.TransactionSet(hostpath) + rpms = ts.dbMatch('provides', 'system-release') + for inf in rpms: + if 'el8' not in inf.release and 'el7' not in inf.release: + continue + osname = inf.name + version = inf.version + relese = inf.release + except ImportError: + try: + rver = subprocess.check_output('rpm --root {0} -q --whatprovides system-release'.format(hostpath).split()) + if not isinstance(rver, str): + rver = rver.decode('utf8') + for infline in subprocess.check_output('rpm -qi {0}'.format(rver).split()).decode('utf8').split('\n'): + if ':' not in infline: + continue + k, v = infline.split(':', 1) + k = k.strip() + v = v.strip() + if k == 'Name': + osname = v + elif k == 'Release': + release = v + elif k == 'Version': + version = v + except subprocess.SubprocessError: + return None + if 'el8' not in release and 'el7' not in release: + return None + osname = osname.replace('-release', '').replace('-', '_') + if osname == 'centos_linux': + osname = 'centos' + return ElHandler(osname, version, os.uname().machine, args) def fingerprint_host_deb(args, hostpath='/'): From b0b8ee128b1a6a94a3812c4190324fbdf11ef656 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 09:35:10 -0500 Subject: [PATCH 08/15] Correct imgutil typo --- imgutil/imgutil | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/imgutil/imgutil b/imgutil/imgutil index bb5a346a..cb14a650 100644 --- a/imgutil/imgutil +++ b/imgutil/imgutil @@ -915,7 +915,7 @@ def fingerprint_host_el(args, hostpath='/'): continue osname = inf.name version = inf.version - relese = inf.release + release = inf.release except ImportError: try: rver = subprocess.check_output('rpm --root {0} -q --whatprovides system-release'.format(hostpath).split()) From 358b719ceca969c0556c31c70659c3fd287e8332 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 10:41:27 -0500 Subject: [PATCH 09/15] Implement deployment binding for new installs When doing osdeploy initialize, save the uuid and have deployment targets specifically pair back with site via uuid. --- confluent_osdeploy/utils/copernicus.c | 16 ++++++++++++++++ confluent_server/bin/osdeploy | 10 ++++++++++ confluent_server/confluent/core.py | 4 +++- 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/confluent_osdeploy/utils/copernicus.c b/confluent_osdeploy/utils/copernicus.c index 807f5dc1..a3aa1d19 100644 --- a/confluent_osdeploy/utils/copernicus.c +++ b/confluent_osdeploy/utils/copernicus.c @@ -27,6 +27,20 @@ int add_uuid(char* destination, int maxsize) { return uuidsize + 6; } +int add_confluent_uuid(char* destination, int maxsize) { + int uuidf; + int uuidsize; + uuidf = open("/confluent_uuid", O_RDONLY); + if (uuidf < 1) { return 0; } + strncpy(destination, "/confluentuuid=", maxsize); + uuidsize = read(uuidf, destination + 15, maxsize - 15); + close(uuidf); + if (destination[uuidsize + 14] == '\n') { + destination[uuidsize + 14] = 0; + } + return uuidsize + 15; +} + void add_macs(char* destination, int maxsize) { struct ifaddrs *ifc, *ifa; struct sockaddr_ll *lla; @@ -107,6 +121,8 @@ int main(int argc, char* argv[]) { offset = strnlen(msg, 1024); add_uuid(msg + offset, 1024 - offset); offset = strnlen(msg, 1024); + add_confluent_uuid(msg + offset, 1024 - offset); + offset = strnlen(msg, 1024); add_macs(msg + offset, 1024 - offset); offset = strnlen(msg, 1024); ns = socket(AF_INET6, SOCK_DGRAM, 0); diff --git a/confluent_server/bin/osdeploy b/confluent_server/bin/osdeploy index e849cfd8..38ade0b5 100644 --- a/confluent_server/bin/osdeploy +++ b/confluent_server/bin/osdeploy @@ -315,6 +315,16 @@ def initialize(cmdset): opath = os.getcwd() os.chdir('/var/lib/confluent/public/site') totar = [] + if not os.path.exists('confluent_uuid'): + c = client.Command() + for rsp in c.read('/uuid'): + uuid = rsp.get('uuid', {}}).get('value', None) + if uuid: + with open('confluent_uuid') as uuidout: + uuidout.write(uuid) + uuidout.write('\n') + totar.append('confluent_uuid') + topack.append('confluent_uuid') if os.path.exists('ssh'): totar.append('ssh') topack.append('ssh/') diff --git a/confluent_server/confluent/core.py b/confluent_server/confluent/core.py index fd9aa58e..741db4fa 100644 --- a/confluent_server/confluent/core.py +++ b/confluent_server/confluent/core.py @@ -158,7 +158,7 @@ def _merge_dict(original, custom): rootcollections = ['deployment/', 'discovery/', 'events/', 'networking/', 'noderange/', 'nodes/', 'nodegroups/', 'usergroups/' , - 'users/', 'version'] + 'users/', 'uuid', 'version'] class PluginRoute(object): @@ -1216,6 +1216,8 @@ def handle_path(path, operation, configmanager, inputdata=None, autostrip=True): configmanager, inputdata, operation, pathcomponents) elif pathcomponents[0] == 'version': return (msg.Attributes(kv={'version': confluent.__version__}),) + elif pathcomponents[0] == 'uuid': + return (msg.Attributes(kv={'uuid': cfm.get_global('confluent_uuid')}),) elif pathcomponents[0] == 'usergroups': # TODO: when non-administrator accounts exist, # they must only be allowed to see their own user From 6e03f6ee0a619b14261573e0ad95234a6319b823 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 10:49:42 -0500 Subject: [PATCH 10/15] Correct syntax typo --- confluent_server/bin/osdeploy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/bin/osdeploy b/confluent_server/bin/osdeploy index 38ade0b5..1b9b6ba7 100644 --- a/confluent_server/bin/osdeploy +++ b/confluent_server/bin/osdeploy @@ -318,7 +318,7 @@ def initialize(cmdset): if not os.path.exists('confluent_uuid'): c = client.Command() for rsp in c.read('/uuid'): - uuid = rsp.get('uuid', {}}).get('value', None) + uuid = rsp.get('uuid', {}).get('value', None) if uuid: with open('confluent_uuid') as uuidout: uuidout.write(uuid) From e7b1791df3d94c2dc646079ba498686250cb302f Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 10:59:15 -0500 Subject: [PATCH 11/15] Modify input in bandit-friendly way bandit erroneously flags 'input' based on possible python2-ism. Avoid the error by using 'getinput', making that input or raw_input based on the python version. --- confluent_client/confluent/client.py | 10 +++++----- confluent_server/confluent/pam.py | 6 +++--- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/confluent_client/confluent/client.py b/confluent_client/confluent/client.py index fae497ee..bee16f00 100644 --- a/confluent_client/confluent/client.py +++ b/confluent_client/confluent/client.py @@ -42,9 +42,9 @@ _attraliases = { } try: - input = raw_input + getinput = raw_input except NameError: - pass + getinput = input class NestedDict(dict): @@ -284,9 +284,9 @@ class Command(object): nodename = list(self.read( '/noderange/{0}/nodes/'.format(noderange)))[0].get('item', {}).get('href', None) nodename = nodename[:-1] - p = input('Command is about to affect node {0}, continue (y/n)? '.format(nodename)) + p = getinput('Command is about to affect node {0}, continue (y/n)? '.format(nodename)) else: - p = input('Command is about to affect {0} nodes, continue (y/n)? '.format(nsize)) + p = getinput('Command is about to affect {0} nodes, continue (y/n)? '.format(nsize)) if p.lower() != 'y': sys.stderr.write('Aborting at user request\n') sys.exit(1) @@ -401,7 +401,7 @@ class Command(object): if fingerprint == khf[hostid]: return else: - replace = input( + replace = getinput( "MISMATCHED CERTIFICATE DATA, ACCEPT NEW? (y/n):") if replace not in ('y', 'Y'): raise Exception("BAD CERTIFICATE") diff --git a/confluent_server/confluent/pam.py b/confluent_server/confluent/pam.py index ed57fc8a..5316a565 100644 --- a/confluent_server/confluent/pam.py +++ b/confluent_server/confluent/pam.py @@ -242,10 +242,10 @@ if __name__ == "__main__": readline.set_pre_input_hook(hook) if sys.version_info >= (3,): - result = input(prompt) + getinput = input else: - result = raw_input(prompt) - + getinput = raw_input + result = getinput(prompt) readline.set_pre_input_hook() return result From 00bedf694635bc957d9517f548faf0e13d355fb7 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 12:06:52 -0500 Subject: [PATCH 12/15] Shuffle confluenntuuid to earlier in copernicus Currently, ssdp handler behavior needs confluentuuid first, if it is to have any effect. --- confluent_osdeploy/utils/copernicus.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/confluent_osdeploy/utils/copernicus.c b/confluent_osdeploy/utils/copernicus.c index a3aa1d19..ab989c0e 100644 --- a/confluent_osdeploy/utils/copernicus.c +++ b/confluent_osdeploy/utils/copernicus.c @@ -119,10 +119,10 @@ int main(int argc, char* argv[]) { inet_pton(AF_INET, "239.255.255.250", &dst4.sin_addr); strncpy(msg, "M-SEARCH * HTTP/1.1\r\nST: urn:xcat.org:service:confluent:", 1024); offset = strnlen(msg, 1024); - add_uuid(msg + offset, 1024 - offset); - offset = strnlen(msg, 1024); add_confluent_uuid(msg + offset, 1024 - offset); offset = strnlen(msg, 1024); + add_uuid(msg + offset, 1024 - offset); + offset = strnlen(msg, 1024); add_macs(msg + offset, 1024 - offset); offset = strnlen(msg, 1024); ns = socket(AF_INET6, SOCK_DGRAM, 0); From b1032d8c4ce86f443613a68bcdf3c5307b93f98d Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 12:31:04 -0500 Subject: [PATCH 13/15] Specify write mode for confluent_uuid file --- confluent_server/bin/osdeploy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/confluent_server/bin/osdeploy b/confluent_server/bin/osdeploy index 1b9b6ba7..d125ef0a 100644 --- a/confluent_server/bin/osdeploy +++ b/confluent_server/bin/osdeploy @@ -320,7 +320,7 @@ def initialize(cmdset): for rsp in c.read('/uuid'): uuid = rsp.get('uuid', {}).get('value', None) if uuid: - with open('confluent_uuid') as uuidout: + with open('confluent_uuid', 'w') as uuidout: uuidout.write(uuid) uuidout.write('\n') totar.append('confluent_uuid') From b809514ef9881c86ce11c7202f30e7c65ff2a1fe Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 16:40:41 -0500 Subject: [PATCH 14/15] Fix osdeploy initialize dependency on master key Make sure confluent has made /etc/confluent, and further always initialize the encryption key, as it will almost certainly be needed and easiest to just always generate on first startup. --- confluent_server/bin/osdeploy | 22 ++++++++++++++-------- confluent_server/confluent/main.py | 2 ++ 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/confluent_server/bin/osdeploy b/confluent_server/bin/osdeploy index d125ef0a..44a46b29 100644 --- a/confluent_server/bin/osdeploy +++ b/confluent_server/bin/osdeploy @@ -121,6 +121,9 @@ def init_confluent_myname(): return mynamedone = True hasconfluentuser = None + neededuid = os.stat('/etc/confluent').st_uid + if neededuid == 0: + return try: hasconfluentuser = pwd.getpwnam('confluent') except KeyError: @@ -247,6 +250,17 @@ def initialize(cmdset): 'subject.') else: didsomething = False + if not os.path.exists('/etc/confluent'): + sys.stderr.write('Start confluent service prior to initializng OS deployment\n') + sys.exit(1) + if cmdset.t or cmdset.s or cmdset.a or cmdset.u: + neededuid = os.stat('/etc/confluent').st_uid + try: + os.makedirs('/var/lib/confluent') + os.chown('/var/lib/confluent', neededuid, -1) + except OSError as e: + if e.errno != 17: + raise if cmdset.u: didsomething = True if not glob.glob('/root/.ssh/*.pub'): @@ -258,14 +272,6 @@ def initialize(cmdset): sys.exit(1) init_confluent_myname() sshutil.initialize_root_key(False) - if cmdset.t or cmdset.s or cmdset.a or cmdset.u: - neededuid = os.stat('/etc/confluent').st_uid - try: - os.makedirs('/var/lib/confluent') - os.chown('/var/lib/confluent', neededuid, -1) - except OSError as e: - if e.errno != 17: - raise if cmdset.t: didsomething = True init_confluent_myname() diff --git a/confluent_server/confluent/main.py b/confluent_server/confluent/main.py index 3a429b54..5f35b2c8 100644 --- a/confluent_server/confluent/main.py +++ b/confluent_server/confluent/main.py @@ -272,6 +272,8 @@ def run(args): if not confluentuuid: confluentuuid = str(uuid.uuid4()) configmanager.set_global('confluent_uuid', confluentuuid) + if not configmanager._masterkey: + configmanager.init_masterkey() if dbgif: oumask = os.umask(0o077) try: From fbd3a442acd523df4183888fa12f8ce7de11d429 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Tue, 8 Feb 2022 17:38:01 -0500 Subject: [PATCH 15/15] Support numeric owner/group in syncfile list --- confluent_server/confluent/syncfiles.py | 29 ++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/confluent_server/confluent/syncfiles.py b/confluent_server/confluent/syncfiles.py index d9586f44..b5d6c277 100644 --- a/confluent_server/confluent/syncfiles.py +++ b/confluent_server/confluent/syncfiles.py @@ -128,15 +128,34 @@ class SyncList(object): try: uid = pwd.getpwnam(optval).pw_uid except KeyError: - uid = None - optval = {'name': optval, 'id': uid} + try: + uid = int(optval) + optval = None + except ValueError: + uid = None + if optval: + optval = {'name': optval} + else: + optval = {} + if uid is not None: + optval['id'] = uid elif optname == 'group': try: gid = grp.getgrnam(optval).gr_gid except KeyError: - gid = None - optval = {'name': optval, 'id': gid} - entopts[optname] = optval + try: + gid = int(optval) + optval = None + except ValueError: + gid = None + if optval: + optval = {'name': optval} + else: + optval = {} + if gid is not None: + optval['id'] = gid + if optval: + entopts[optname] = optval currmap[k] = v targ = v if v else k for f in targ.split():