Add config option for executor process user

Also adds an 'executor' section to the configuration documentation.

Also fixes an attribute name typo.

Change-Id: I1f8387527e485d04ee3e22ba4673e9a0f02dd224
This commit is contained in:
David Shrewsbury 2017-04-27 12:28:45 -04:00
parent eb8564702c
commit e7374204d3
2 changed files with 31 additions and 7 deletions

View File

@ -169,6 +169,29 @@ can be found on the :doc:`merger` page.
Path to PID lock file for the merger process.
``pidfile=/var/run/zuul-merger/merger.pid``
executor
""""""""
The zuul-executor process configuration.
**git_dir**
Directory that Zuul should clone local git repositories to.
``git_dir=/var/lib/zuul/git``
**log_config**
Path to log config file for the executor process.
``log_config=/etc/zuul/logging.yaml``
**private_key_file**
SSH private key file to be used when logging into worker nodes.
``private_key_file=~/.ssh/id_rsa``
**user**
User ID for the zuul-executor process. In normal operation as a daemon,
the executor should be started as the ``root`` user, but it will drop
privileges to this user during startup.
``user=zuul``
.. _connection:
connection ArbitraryName

View File

@ -39,9 +39,6 @@ import zuul.executor.server
# Similar situation with gear and statsd.
# TODO(Shrews): Get this from the config file
USER = 'zuul'
FINGER_PORT = 79
@ -89,7 +86,7 @@ class Executor(zuul.cmd.ZuulApp):
self.log.info("Starting log streamer")
streamer = zuul.lib.log_streamer.LogStreamer(
USER, '0.0.0.0', FINGER_PORT, self.jobdir_root)
self.user, '0.0.0.0', FINGER_PORT, self.jobroot_dir)
# Keep running until the parent dies:
pipe_read = os.fdopen(pipe_read)
@ -107,7 +104,7 @@ class Executor(zuul.cmd.ZuulApp):
'''
if os.getuid() != 0:
return
pw = pwd.getpwnam(USER)
pw = pwd.getpwnam(self.user)
os.setgroups([])
os.setgid(pw.pw_gid)
os.setuid(pw.pw_uid)
@ -116,12 +113,16 @@ class Executor(zuul.cmd.ZuulApp):
def main(self, daemon=True):
# See comment at top of file about zuul imports
self.jobroot_dir = None
if self.config.has_option('executor', 'user'):
self.user = self.config.get('executor', 'user')
else:
self.user = 'zuul'
if self.config.has_option('zuul', 'jobroot_dir'):
self.jobroot_dir = os.path.expanduser(
self.config.get('zuul', 'jobroot_dir'))
else:
self.jobdir_root = tempfile.gettempdir()
self.jobroot_dir = tempfile.gettempdir()
self.setup_logging('executor', 'log_config')
self.log = logging.getLogger("zuul.Executor")