install
author Paul Crowley <paul@lshift.net>
Sat, 07 Mar 2009 09:48:10 +0000
changeset 85 80fa761c7f5d
parent 84 964b04126d01
child 87 535502c18eaa
permissions -rwxr-xr-x
Safety check must actually exit

#!/usr/bin/env python

import sys
import shutil
import os
import pwd
import subprocess

# This must be run as root, because it must create an hg user.
# Normally the clean thing to do is let it fail with a permission error
# if a non-root user tries to run it, but I don't want anyone thinking
# that they can make it work as non-root by changing install paths.
# Patches welcome for doing this more cleanly of course.

if os.getgid() != 0:
    print >>sys.stderr, "Install must be run as root user"
    sys.exit(-1)

if len(sys.argv) > 2:
    print >>sys.stderr, "Usage: install [<destination-prefix>]"
    sys.exit(-1)
if len(sys.argv) == 2:
    dest = sys.argv[1] + '/lib/mercurial-server'
else:
    dest = '/usr/local/lib/mercurial-server'

def installFiles(d, *sources):
    os.makedirs(d)
    for f in sources:
        shutil.copy(f, d)

installFiles(dest,
    'src/hg-ssh',
    'src/refresh-auth')
installFiles(dest + '/mercurialserver',
    'src/mercurialserver/__init__.py',
    'src/mercurialserver/paths.py',
    'src/mercurialserver/changes.py',
    'src/mercurialserver/access.py',
    'src/mercurialserver/servelog.py',
    'src/mercurialserver/refreshauth.py',
    'src/mercurialserver/ruleset.py')
installFiles(dest + '/init',
    'src/init/hginit',
    'src/init/hgadmin-hgrc')
installFiles('/etc/mercurial-server',
    'src/init/conf/remote-hgrc',
    'src/init/conf/access.conf')
installFiles('/etc/mercurial-server/keys/root')
installFiles('/etc/mercurial-server/keys/users')

def becomeFunc(u):
    p = pwd.getpwnam(u)
    def become():
        os.setgid(p.pw_gid)
        os.setegid(p.pw_gid)
        os.setuid(p.pw_uid)
        os.seteuid(p.pw_uid)
    return become

try:
   pwd.getpwnam('hg')
except KeyError:
    subprocess.check_call(
        "adduser --system --shell /bin/sh --group --disabled-password".split() + 
        ["--gecos", "Mercurial repositories", "hg"])
    subprocess.check_call([dest + '/init/hginit'], preexec_fn = becomeFunc('hg'))