diff --git a/common.py b/common.py index 15b7c08..54b4182 100644 --- a/common.py +++ b/common.py @@ -67,7 +67,11 @@ def prepareLaunchpadCookie(): ftstr = ["FALSE", "TRUE"] - newLPCookie = open("%s/.lpcookie.txt" % os.environ.get('HOME'), 'w') + # This shall be where our new cookie file lives - at ~/.lpcookie.txt + newLPCookieLocation = "%s/.lpcookie.txt" % os.environ.get('HOME') + + # Open file for writing. + newLPCookie = open(newLPCookieLocation, 'w') newLPCookie.write("# HTTP Cookie File.\n") # Header. for item in cur.fetchall(): @@ -77,16 +81,20 @@ def prepareLaunchpadCookie(): ftstr[item[2]], item[3], item[4], item[5])) newLPCookie.write("\n") # New line. - newLPCookie.close() + newLPCookie.close() # And close file. # Check what we have written. - checkCookie = open("%s/.lpcookie.txt" % os.environ.get('HOME')).read() + checkCookie = open(newLPCookieLocation).read() if checkCookie == "# HTTP Cookie File.\n\n": print >> sys.stderr, "No Launchpad cookies were written to file. " \ "Please visit and log into Launchpad and run this script again." - os.remove("%s/.lpcookie.txt" % os.environ.get('HOME')) # Delete file. + os.remove(newLPCookieLocation) # Delete file. sys.exit(1) + # For security reasons, change file mode to write and read + # only by owner. + os.chmod(newLPCookieLocation, 0600) + launchpad_cookiefile = "%s/.lpcookie.txt" % os.environ.get('HOME') # Return the Launchpad cookie. diff --git a/debian/changelog b/debian/changelog index 563fbca..d3259be 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,7 @@ ubuntu-dev-tools (0.38ubuntu1) intrepid; urgency=low [ Jonathan Patrick Davies ] * requestsync: Check if user is a member of ubuntu-core-dev if sync request is for a package in main. + * common.py: Change cookie file permissions to read and write only by user. -- Jonathan Patrick Davies Tue, 12 Aug 2008 14:52:34 +0100 diff --git a/requestsync b/requestsync index bc22028..7575216 100755 --- a/requestsync +++ b/requestsync @@ -53,25 +53,37 @@ def checkNeedsSponsorship(component): file exists first. """ urlopener = common.setupLaunchpadUrlOpener(launchpad_cookiefile) - + + # Check where the package is and assign the appropriate variables. if component in ['main', 'restricted']: team = "ubuntu-core-dev" sponsor = "ubuntu-main-sponsors" else: team = "ubuntu-dev" sponsor = "ubuntu-universe-sponsors" + + # Try and open up Launchpad. + try: teamLPPage = urlopener.open('https://launchpad.net/~%s' % team).read() + except urllib2.HTTPError: + print >> sys.stderr, "Unable to connect to Launchpad." + + # Check if they are a member of the team. + if "You are an indirect member of this team:" in teamLPPage or \ + "You are a member of this team." in teamLPPage: + return False # Sponsorship not required. - teamLPPage = urlopener.open('https://launchpad.net/~%s' % team).read() - - if 'You are not a member of this team:' in teamLPPage: + # Check if they are not. + if "You are not a member of this team" in teamLPPage: print "You are not a member (direct or indirect) of the '%s' " \ "team on Launchpad." % team print "Your sync request shall require an approval by a member of " \ - "the %s team." % sponsor - print "before it is processed by a member of the Ubuntu Archive admins." + "the '%s'\nteam, who shall be subscribed to this bug report." % sponsor + print "This must be done before it can be processed by a member of " \ + "the Ubuntu Archive team." + print "Should the above be incorrect, please press Control-C now to " \ + "stop this script now\nand check the cookie file at:", launchpad_cookiefile + raw_input_exit_on_ctrlc() # Abort if necessary. return True # Sponsorship required. - else: - return False # Sponsorship not required. def cur_version_component(sourcepkg, release): '''Determine current package version in ubuntu.'''