+def security_check_homedir(location):
+ """
+ Performs a check against a directory to determine if current
+ directory's owner has a home directory that is a parent directory.
+ This protects against malicious mountpoints, and is roughly equivalent
+ to the suexec checks.
+ """
+ try:
+ uid = util.get_dir_uid(location)
+ real = os.path.realpath(location)
+ if not real.startswith(pwd.getpwuid(uid).pw_dir + "/"):
+ logging.error("Security check failed, owner of deployment and "
+ "owner of home directory mismatch for %s" % location)
+ return False
+ except KeyError:
+ logging.error("Security check failed, could not look up "
+ "owner of %s (uid %d)" % (location, uid))
+ return False
+ except OSError as e:
+ logging.error("OSError: %s" % str(e))
+ return False
+ return True
+
+def calculate_log_name(log_dir, i):
+ """
+ Calculates a log entry given a numeric identifier, and
+ directory under operation.
+ """
+ return os.path.join(log_dir, "%04d.log" % i)
+
+def create_logdir(log_dir):
+ """
+ Creates a log directory and chmods it 777 to enable de-priviledged
+ processes to create files.
+ """
+ try:
+ os.mkdir(log_dir)
+ except OSError as e:
+ if e.errno != errno.EEXIST:
+ raise
+ #if create_subdirs:
+ # log_dir = os.path.join(log_dir, str(int(time.time())))
+ # os.mkdir(log_dir) # if fails, be fatal
+ # # XXX: update last symlink
+ os.chmod(log_dir, 0o777)
+