diff --git a/services/univention-bind/bind.py b/services/univention-bind/bind.py index de60519..3dceebd 100755 --- a/services/univention-bind/bind.py +++ b/services/univention-bind/bind.py @@ -72,14 +72,14 @@ def prerun(): """Called before busy period.""" listener.configRegistry.load() -def chgrp_bind(filename): +def chgrp_bind(fd): try: bind_gid = grp.getgrnam("bind").gr_gid except KeyError: ud.debug(ud.LISTENER, ud.WARNING, 'Failed to change grp to bind for %s. gid for bind not found' % filename) return - os.chown(filename, 0, bind_gid) + os.fchown(fd, 0, bind_gid) def handler(dn, new, old): @@ -101,11 +101,10 @@ def handler(dn, new, old): # Create a file to trigger the postrun() zone = new['zoneName'][0] zonefile = sanitized_path_join(PROXY_CACHE_DIR, "%s.zone" % (zone, )) - proxy_cache = open(zonefile, 'w') - proxy_cache.write(zone) - proxy_cache.close() - os.chmod(zonefile, 0640) - chgrp_bind(zonefile) + with open(zonefile, 'wb') as proxy_cache: + os.fchmod(proxy_cache, 0640) + chgrp_bind(proxy_cache) + proxy_cache.write(zone) finally: listener.unsetuid() @@ -130,8 +129,9 @@ def _new_zone(ucr, zonename, dn): zonefile = sanitized_path_join(NAMED_CONF_DIR, zonename) # Create empty file and restrict permission - os.close(os.open(zonefile, os.O_CREAT|os.O_EXCL, 0640)) - chgrp_bind(zonefile) + fd = os.open(zonefile, os.O_CREAT|os.O_EXCL, 0640) + chgrp_bind(fd) + os.close(fd) # Now fill zone file ldap_uri = "ldap://%s:%s/%s%s" % ( @@ -150,15 +150,14 @@ def _new_zone(ucr, zonename, dn): # Create proxy configuration file proxy_file = sanitized_path_join(NAMED_CONF_DIR, zonename+'.proxy') - proxy_zone = open(proxy_file, 'w') - proxy_zone.write('zone "%s" {\n' % (zonename,)) - proxy_zone.write('\ttype slave;\n') - proxy_zone.write('\tfile "%s.zone";\n' % (sanitize_filename(zonename), )) - proxy_zone.write('\tmasters port 7777 { 127.0.0.1; };\n') - proxy_zone.write('};\n') - proxy_zone.close() - os.chmod(proxy_file, 0640) - chgrp_bind(proxy_file) + with open(proxy_file, 'w') as proxy_zone: + os.fchmod(proxy_zone, 0640) + chgrp_bind(proxy_zone) + proxy_zone.write('zone "%s" {\n' % (zonename,)) + proxy_zone.write('\ttype slave;\n') + proxy_zone.write('\tfile "%s.zone";\n' % (sanitize_filename(zonename), )) + proxy_zone.write('\tmasters port 7777 { 127.0.0.1; };\n') + proxy_zone.write('};\n') global __zone_created_or_removed __zone_created_or_removed = True @@ -188,7 +187,7 @@ def clean(): try: if os.path.exists(NAMED_CONF_FILE): os.unlink(NAMED_CONF_FILE) - open(NAMED_CONF_FILE, 'w').close() + open(NAMED_CONF_FILE, 'w').close() # FIXME: wrong permissions? if os.path.isdir(NAMED_CONF_DIR): for f in os.listdir(NAMED_CONF_DIR): @@ -295,19 +294,15 @@ def postrun(): listener.setuid(0) try: # Re-create named and proxy inclusion file - named_conf = open(NAMED_CONF_FILE, 'w') - proxy_conf = open(PROXY_CONF_FILE, 'w') - if os.path.isdir(NAMED_CONF_DIR): - for f in os.listdir(NAMED_CONF_DIR): - if not f.endswith('.proxy'): - named_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) - else: - proxy_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) - named_conf.close() - proxy_conf.close() - - os.chmod(NAMED_CONF_FILE, 0644) - os.chmod(PROXY_CONF_FILE, 0644) + with open(NAMED_CONF_FILE, 'w') as named_conf, open(PROXY_CONF_FILE, 'w') as proxy_conf: + os.fchmod(named_conf, 0644) + os.fchmod(proxy_conf, 0644) + if os.path.isdir(NAMED_CONF_DIR): + for f in os.listdir(NAMED_CONF_DIR): + if not f.endswith('.proxy'): + named_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) + else: + proxy_conf.write('include "%s";\n' % os.path.join(NAMED_CONF_DIR, f)) # Restart is needed when new zones are added or old zones removed. restart = False