From d814ee4a06aee5b911e4a89d245738b4e5ef497e Mon Sep 17 00:00:00 2001 From: Victor Shyba Date: Sat, 30 Sep 2017 02:35:06 -0300 Subject: [bug] refuse to start if blobs is misconfigured As kali pointed out, one can disable blobs after enabling it, which would cause data loss as blobs documents would become unreacheable. This commit adds a warning and refuses to start the server. -- Resolves: #8866 --- src/leap/soledad/server/entrypoints.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) (limited to 'src') diff --git a/src/leap/soledad/server/entrypoints.py b/src/leap/soledad/server/entrypoints.py index 7f521dba..7d18ca58 100644 --- a/src/leap/soledad/server/entrypoints.py +++ b/src/leap/soledad/server/entrypoints.py @@ -20,9 +20,11 @@ The entrypoint for Soledad server. This is the entrypoint for the application that is loaded from the initscript or the systemd script. """ +import os from twisted.internet import reactor from twisted.python import threadpool +from twisted.logger import Logger from .auth import localPortal, publicPortal from .session import SoledadSession @@ -32,6 +34,7 @@ from ._wsgi import init_couch_state # load configuration from file conf = get_config() +log = Logger() class SoledadEntrypoint(SoledadSession): @@ -54,4 +57,20 @@ class LocalServicesEntrypoint(SoledadSession): # initialized when the reactor is running +def check_conf(): + path = conf['blobs_path'] + blobs_not_empty = bool(os.path.exists(path) and os.listdir(path)) + if not conf['blobs'] and blobs_not_empty: + message = """ +** WARNING: Blobs is disabled, but blobs directory isn't empty. ** +** If it was previously enabled, disabling can cause data loss due blobs ** +** documents not being accessible to users. ** +** Blobs directory: %s +** REFUSING TO START. Please double check your configuration. ** + """ + log.error(message % path) + reactor.stop() + + +reactor.callWhenRunning(check_conf) reactor.callWhenRunning(init_couch_state, conf) -- cgit v1.2.3