fix permission

This commit is contained in:
virusdefender 2018-08-10 09:33:29 +08:00
parent b62c76c5c5
commit 0bf9bed776
4 changed files with 15 additions and 9 deletions

View File

@ -10,7 +10,7 @@ RUN buildDeps='software-properties-common git libtool cmake python-dev python3-p
mkdir build && cd build && cmake .. && make && make install && cd ../bindings/Python && python3 setup.py install && \
apt-get purge -y --auto-remove $buildDeps && \
apt-get clean && rm -rf /var/lib/apt/lists/* && \
mkdir -p /code && useradd -r compiler
mkdir -p /code && useradd -r compiler && useradd -r code
HEALTHCHECK --interval=5s --retries=3 CMD python3 /code/service.py
ADD server /code

View File

@ -10,8 +10,8 @@ COMPILER_LOG_PATH = os.path.join(LOG_BASE, "compile.log")
JUDGER_RUN_LOG_PATH = os.path.join(LOG_BASE, "judger.log")
SERVER_LOG_PATH = os.path.join(LOG_BASE, "judge_server.log")
RUN_USER_UID = pwd.getpwnam("nobody").pw_uid
RUN_GROUP_GID = grp.getgrnam("nogroup").gr_gid
RUN_USER_UID = pwd.getpwnam("code").pw_uid
RUN_GROUP_GID = grp.getgrnam("code").gr_gid
COMPILER_USER_UID = pwd.getpwnam("compiler").pw_uid
COMPILER_GROUP_GID = grp.getgrnam("compiler").gr_gid

View File

@ -1,7 +1,8 @@
#!/bin/bash
rm -rf /judger/*
mkdir -p /judger/run /judger/spj
chown compiler:compiler /judger/spj
chown -R compiler:compiler /judger/
chmod -R 771 /judger/
core=$(grep --count ^processor /proc/cpuinfo)
n=$(($core*2))
exec gunicorn --workers $n --threads $n --error-logfile /log/gunicorn.log --time 600 --bind 0.0.0.0:8080 server:app

View File

@ -6,7 +6,7 @@ import uuid
from flask import Flask, request, Response
from compiler import Compiler
from config import JUDGER_WORKSPACE_BASE, SPJ_SRC_DIR, SPJ_EXE_DIR
from config import JUDGER_WORKSPACE_BASE, SPJ_SRC_DIR, SPJ_EXE_DIR, COMPILER_GROUP_GID
from exception import TokenVerificationFailed, CompileError, SPJCompileError, JudgeClientError
from judge_client import JudgeClient
from utils import server_info, logger, token
@ -23,7 +23,8 @@ class InitSubmissionEnv(object):
def __enter__(self):
try:
os.mkdir(self.path)
os.chmod(self.path, 0o777)
os.chown(self.path, 0, COMPILER_GROUP_GID)
os.chmod(self.path, 0o771)
except Exception as e:
logger.exception(e)
raise JudgeClientError("failed to create runtime dir")
@ -102,10 +103,14 @@ class JudgeServer:
if not os.path.exists(spj_src_path):
with open(spj_src_path, "w", encoding="utf-8") as f:
f.write(src)
os.chown(spj_src_path, 0, COMPILER_GROUP_GID)
os.chmod(spj_src_path, 0o660)
try:
Compiler().compile(compile_config=spj_compile_config,
src_path=spj_src_path,
output_dir=SPJ_EXE_DIR)
exe_path = Compiler().compile(compile_config=spj_compile_config,
src_path=spj_src_path,
output_dir=SPJ_EXE_DIR)
os.chmod(exe_path, 0o771)
# turn common CompileError into SPJCompileError
except CompileError as e:
raise SPJCompileError(e.message)