install
author Paul Crowley <paul@lshift.net>
Wed, 14 Oct 2009 15:36:12 +0100
changeset 128 b1610de4b6b1
parent 96 975fb921c3f3
child 164 32131253c2f1
permissions -rwxr-xr-x
Reword caution

#!/usr/bin/env python

import sys
import shutil
import os
import pwd
import subprocess
import optparse

oparser = optparse.OptionParser()

oparser.add_option("--prefix")
oparser.add_option("--root")
oparser.set_defaults(root="", prefix="/usr/local")
(options, args) = oparser.parse_args()

if len(args) > 0:
    oparser.print_help()
    sys.exit(-1)

# This must be run as root, because it must create an hg user.
# Normally the clean thing to do is let it fail with a permission error
# if a non-root user tries to run it, but I don't want anyone thinking
# that they can make it work as non-root by changing install paths.
# Patches for doing this more cleanly welcome of course.

if os.getgid() != 0:
    print >>sys.stderr, "Install must be run as root user"
    sys.exit(-1)


def installFiles(d, *sources):
    d = options.root + d
    os.makedirs(d)
    for f in sources:
        shutil.copy(f, d)

installFiles(options.prefix + '/share/mercurial-server',
    'src/hg-ssh',
    'src/refresh-auth')
installFiles(options.prefix + '/share/mercurial-server/mercurialserver',
    'src/mercurialserver/__init__.py',
    'src/mercurialserver/paths.py',
    'src/mercurialserver/changes.py',
    'src/mercurialserver/access.py',
    'src/mercurialserver/servelog.py',
    'src/mercurialserver/refreshauth.py',
    'src/mercurialserver/ruleset.py')
installFiles(options.prefix + '/share/mercurial-server/init',
    'src/init/hginit',
    'src/init/hgadmin-hgrc')
installFiles(options.prefix + '/share/doc/mercurial-server',
    'README',
    'doc/configuring-access',
    'doc/file-conditions',
    'doc/how-it-works',
    'doc/security')
installFiles('/etc/mercurial-server',
    'src/init/conf/remote-hgrc',
    'src/init/conf/access.conf')
installFiles('/etc/mercurial-server/keys/root')
installFiles('/etc/mercurial-server/keys/users')

def becomeFunc(u):
    p = pwd.getpwnam(u)
    def become():
        os.setgid(p.pw_gid)
        os.setegid(p.pw_gid)
        os.setuid(p.pw_uid)
        os.seteuid(p.pw_uid)
    return become

if options.root == '':
    try:
       pwd.getpwnam('hg')
    except KeyError:
        subprocess.check_call(
            "adduser --system --shell /bin/sh --group --disabled-password".split() + 
            ["--gecos", "Mercurial repositories", "hg"])
        subprocess.check_call([options.prefix + '/share/mercurial-server/init/hginit',
            options.prefix + '/share/mercurial-server'],
            preexec_fn = becomeFunc('hg'))