diff options
Diffstat (limited to 'buildscripts/resmokelib/core/programs.py')
-rw-r--r-- | buildscripts/resmokelib/core/programs.py | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/buildscripts/resmokelib/core/programs.py b/buildscripts/resmokelib/core/programs.py index 51c4b92f202..bd3716e805d 100644 --- a/buildscripts/resmokelib/core/programs.py +++ b/buildscripts/resmokelib/core/programs.py @@ -61,8 +61,7 @@ def mongod_program(logger, executable=None, process_kwargs=None, **kwargs): # Apply the rest of the command line arguments. _apply_kwargs(args, kwargs) - if "keyFile" in kwargs: - _set_keyfile_permissions(kwargs["keyFile"]) + _set_keyfile_permissions(kwargs) process_kwargs = utils.default_if_none(process_kwargs, {}) return _process.Process(logger, args, **process_kwargs) @@ -89,8 +88,7 @@ def mongos_program(logger, executable=None, process_kwargs=None, **kwargs): # Apply the rest of the command line arguments. _apply_kwargs(args, kwargs) - if "keyFile" in kwargs: - _set_keyfile_permissions(kwargs["keyFile"]) + _set_keyfile_permissions(kwargs) process_kwargs = utils.default_if_none(process_kwargs, {}) return _process.Process(logger, args, **process_kwargs) @@ -147,8 +145,7 @@ def mongo_shell_program(logger, executable=None, filename=None, process_kwargs=N # Have the mongos shell run the specified file. args.append(filename) - if "keyFile" in global_vars["TestData"]: - _set_keyfile_permissions(global_vars["TestData"]["keyFile"]) + _set_keyfile_permissions(global_vars["TestData"]) process_kwargs = utils.default_if_none(process_kwargs, {}) return _process.Process(logger, args, **process_kwargs) @@ -230,12 +227,18 @@ def _apply_kwargs(args, kwargs): args.append(arg_value) -def _set_keyfile_permissions(keyfile_path): +def _set_keyfile_permissions(opts): """ - Change the permissions on 'keyfile_path' to 600, i.e. only the user - can read and write the file. + Change the permissions of keyfiles in 'opts' to 600, i.e. only the + user can read and write the file. This necessary to avoid having the mongod/mongos fail to start up - because "permissions on 'keyfile_path' are too open". + because "permissions on the keyfiles are too open". + + We can't permanently set the keyfile permissions because git is not + aware of them. """ - os.chmod(keyfile_path, stat.S_IRUSR | stat.S_IWUSR) + if "keyFile" in opts: + os.chmod(opts["keyFile"], stat.S_IRUSR | stat.S_IWUSR) + if "encryptionKeyFile" in opts: + os.chmod(opts["encryptionKeyFile"], stat.S_IRUSR | stat.S_IWUSR) |