diff options
| author | Tomás Touceda <chiiph@leap.se> | 2013-03-12 09:56:05 -0300 |
|---|---|---|
| committer | Tomás Touceda <chiiph@leap.se> | 2013-03-12 09:56:05 -0300 |
| commit | 2da60cd0f78378fdcb8f6364a798720281b34b4d (patch) | |
| tree | 066497f18c47ebd24c8626800f2a2341cfd1f05b /src/leap/util | |
| parent | cf83b3ffe300058a4ed30d255481f0c781b0b942 (diff) | |
Check and try to fix certificate permissions
Diffstat (limited to 'src/leap/util')
| -rw-r--r-- | src/leap/util/files.py | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/src/leap/util/files.py b/src/leap/util/files.py new file mode 100644 index 00000000..f7fda39e --- /dev/null +++ b/src/leap/util/files.py @@ -0,0 +1,27 @@ +import os +import stat +import logging + +logger = logging.getLogger(__name__) + + +def check_and_fix_urw_only(cert): + """ + Test for 600 mode and try to set it if anything different found + + Might raise OSError + + @param cert: Certificate path + @type cert: str + """ + mode = stat.S_IMODE(os.stat(cert).st_mode) + + if mode != int('600', 8): + try: + logger.warning('Bad permission on %s attempting to set 600' % + (cert,)) + os.chmod(cert, stat.S_IRUSR | stat.S_IWUSR) + except OSError: + logger.error('Error while trying to chmod 600 %s' % + cert) + raise |