Remove user/group dropping from plain server

Author: davegaeddert

plain/plain/server/config.py

@@ -9,11 +9,9 @@
 
 import argparse
 import copy
-import grp
 import inspect
 import ipaddress
 import os
-import pwd
 import re
 import ssl
 import sys
@@ -129,14 +127,6 @@ def address(self):
         s = self.settings["bind"].get()
         return [util.parse_address(util.bytes_to_str(bind)) for bind in s]
 
-    @property
-    def uid(self):
-        return self.settings["user"].get()
-
-    @property
-    def gid(self):
-        return self.settings["group"].get()
-
     @property
     def proc_name(self):
         pn = self.settings["proc_name"].get()
@@ -426,35 +416,6 @@ def _validate_callable(val):
     return _validate_callable
 
 
-def validate_user(val):
-    if val is None:
-        return os.geteuid()
-    if isinstance(val, int):
-        return val
-    elif val.isdigit():
-        return int(val)
-    else:
-        try:
-            return pwd.getpwnam(val).pw_uid
-        except KeyError:
-            raise ConfigError(f"No such user: '{val}'")
-
-
-def validate_group(val):
-    if val is None:
-        return os.getegid()
-
-    if isinstance(val, int):
-        return val
-    elif val.isdigit():
-        return int(val)
-    else:
-        try:
-            return grp.getgrnam(val).gr_gid
-        except KeyError:
-            raise ConfigError(f"No such group: '{val}'")
-
-
 def validate_post_request(val):
     val = validate_callable(-1)(val)
 
@@ -1025,77 +986,6 @@ class WorkerTmpDir(Setting):
         """
 
 
-class User(Setting):
-    name = "user"
-    section = "Server Mechanics"
-    cli = ["-u", "--user"]
-    meta = "USER"
-    validator = validate_user
-    default = os.geteuid()
-    default_doc = "``os.geteuid()``"
-    desc = """\
-        Switch worker processes to run as this user.
-
-        A valid user id (as an integer) or the name of a user that can be
-        retrieved with a call to ``pwd.getpwnam(value)`` or ``None`` to not
-        change the worker process user.
-        """
-
-
-class Group(Setting):
-    name = "group"
-    section = "Server Mechanics"
-    cli = ["-g", "--group"]
-    meta = "GROUP"
-    validator = validate_group
-    default = os.getegid()
-    default_doc = "``os.getegid()``"
-    desc = """\
-        Switch worker process to run as this group.
-
-        A valid group id (as an integer) or the name of a user that can be
-        retrieved with a call to ``grp.getgrnam(value)`` or ``None`` to not
-        change the worker processes group.
-        """
-
-
-class Umask(Setting):
-    name = "umask"
-    section = "Server Mechanics"
-    cli = ["-m", "--umask"]
-    meta = "INT"
-    validator = validate_pos_int
-    type = auto_int
-    default = 0
-    desc = """\
-        A bit mask for the file mode on files written by Gunicorn.
-
-        Note that this affects unix socket permissions.
-
-        A valid value for the ``os.umask(mode)`` call or a string compatible
-        with ``int(value, 0)`` (``0`` means Python guesses the base, so values
-        like ``0``, ``0xFF``, ``0022`` are valid for decimal, hex, and octal
-        representations)
-        """
-
-
-class Initgroups(Setting):
-    name = "initgroups"
-    section = "Server Mechanics"
-    cli = ["--initgroups"]
-    validator = validate_bool
-    action = "store_true"
-    default = False
-
-    desc = """\
-        If true, set the worker process's group access list with all of the
-        groups of which the specified username is a member, plus the specified
-        group id.
-
-        .. versionadded:: 19.7
-        """
-
-
 class TmpUploadDir(Setting):
     name = "tmp_upload_dir"
     section = "Server Mechanics"

plain/plain/server/glogging.py

@@ -420,13 +420,6 @@ def _set_handler(self, log, output, fmt, stream=None):
             else:
                 util.check_is_writable(output)
                 h = logging.FileHandler(output)
-                # make sure the user can reopen the file
-                try:
-                    os.chown(h.baseFilename, self.cfg.user, self.cfg.group)
-                except OSError:
-                    # it's probably OK there, we assume the user has given
-                    # /dev/null as a parameter.
-                    pass
 
             h.setFormatter(fmt)
             h._gunicorn = True

plain/plain/server/sock.py

@@ -118,10 +118,7 @@ def __str__(self):
         return f"unix:{self.cfg_addr}"
 
     def bind(self, sock):
-        old_umask = os.umask(self.conf.umask)
         sock.bind(self.cfg_addr)
-        util.chown(self.cfg_addr, self.conf.uid, self.conf.gid)
-        os.umask(old_umask)
 
 
 def _sock_type(addr):

plain/plain/server/util.py

@@ -15,7 +15,6 @@
 import io
 import logging
 import os
-import pwd
 import random
 import re
 import socket
@@ -92,34 +91,6 @@ def get_arity(f):
     return arity
 
 
-def get_username(uid):
-    """get the username for a user id"""
-    return pwd.getpwuid(uid).pw_name
-
-
-def set_owner_process(uid, gid, initgroups=False):
-    """set user and group of workers processes"""
-
-    if gid:
-        if uid:
-            try:
-                username = get_username(uid)
-            except KeyError:
-                initgroups = False
-
-        if initgroups:
-            os.initgroups(username, gid)
-        elif gid != os.getgid():
-            os.setgid(gid)
-
-    if uid and uid != os.getuid():
-        os.setuid(uid)
-
-
-def chown(path, uid, gid):
-    os.chown(path, uid, gid)
-
-
 if sys.platform.startswith("win"):
 
     def _waitfor(func, pathname, waitall=False):

plain/plain/server/workers/base.py

@@ -104,10 +104,6 @@ def init_process(self):
             for k, v in self.cfg.env.items():
                 os.environ[k] = v
 
-        util.set_owner_process(
-            self.cfg.uid, self.cfg.gid, initgroups=self.cfg.initgroups
-        )
-
         # Reseed the random number generator
         util.seed()
 

plain/plain/server/workers/workertmp.py

@@ -18,17 +18,10 @@
 
 class WorkerTmp:
     def __init__(self, cfg):
-        old_umask = os.umask(cfg.umask)
         fdir = cfg.worker_tmp_dir
         if fdir and not os.path.isdir(fdir):
             raise RuntimeError(f"{fdir} doesn't exist. Can't create workertmp.")
         fd, name = tempfile.mkstemp(prefix="wgunicorn-", dir=fdir)
-        os.umask(old_umask)
-
-        # change the owner and group of the file if the worker will run as
-        # a different user or group, so that the worker can modify the file
-        if cfg.uid != os.geteuid() or cfg.gid != os.getegid():
-            util.chown(name, cfg.uid, cfg.gid)
 
         # unlink the file so we don't leak temporary files
         try: