Fixes for testing server as regular user

This commit is contained in:
Lauri Võsandi 2017-01-26 15:11:04 +02:00
parent dc9e01b4ad
commit ef72cb70cd
2 changed files with 6 additions and 5 deletions

View File

@ -1,7 +1,6 @@
import click
import falcon
import kerberos # If this fails pip install kerberos
import logging
import os
import re
@ -13,6 +12,7 @@ from certidude import config, const
logger = logging.getLogger("api")
if "kerberos" in config.AUTHENTICATION_BACKENDS:
import kerberos # If this fails pip install kerberos
ktname = os.getenv("KRB5_KTNAME")
if not ktname:

View File

@ -1174,10 +1174,11 @@ def certidude_serve(port, listen):
from certidude import config
# Fetch UID, GID of certidude user
import pwd
_, _, uid, gid, gecos, root, shell = pwd.getpwnam("certidude")
restricted_groups = []
restricted_groups.append(gid)
if os.getuid() == 0:
import pwd
_, _, uid, gid, gecos, root, shell = pwd.getpwnam("certidude")
restricted_groups = []
restricted_groups.append(gid)
"""
Spawn signer process