From: Vagisha Gupta Date: Tue, 28 May 2019 07:20:29 +0000 (+0530) Subject: Improve permission warning X-Git-Tag: 1.1.0rc1~9 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=80e2f0e7d561b13dc3bf05eba1909df49264336e;p=thirdparty%2Fsuricata-update.git Improve permission warning Improve permission warning when Suricata-update runs with the wrong user When suricata-update runs with a non-root user, it gives an ugly traceback. To avoid those ugly tracebacks, try except block is put around the operation that are being performed on the file i.e. shutil.copyfile(src, dest) and exit cleanly with an error in the log. Also, to avoid ugly tracebacks for permission of suricata.yaml, try-except is put around where it is accessed and exit cleanly. --- diff --git a/suricata/update/main.py b/suricata/update/main.py index ac5ab15..cd4afc0 100644 --- a/suricata/update/main.py +++ b/suricata/update/main.py @@ -391,6 +391,10 @@ class Fetch: "will use latest cached version: %s", url, err) return self.extract_files(tmp_filename) raise err + except IOError as err: + self.progress_hook_finish() + logger.error("Failed to copy file: %s", err) + sys.exit(1) except Exception as err: raise err self.progress_hook_finish() @@ -1306,8 +1310,11 @@ def _main(): os.path.exists(config.get("suricata-conf")) and \ suricata_path and os.path.exists(suricata_path): logger.info("Loading %s",config.get("suricata-conf")) - suriconf = suricata.update.engine.Configuration.load( - config.get("suricata-conf"), suricata_path=suricata_path) + try: + suriconf = suricata.update.engine.Configuration.load( + config.get("suricata-conf"), suricata_path=suricata_path) + except subprocess.CalledProcessError: + return 1 # Disable rule that are for app-layers that are not enabled. if suriconf: