From 84f5cce7ea1119ec6fa3bb44129cca351a759eb4 Mon Sep 17 00:00:00 2001
From: Florian Mounier <florian.mounier@kozea.fr>
Date: Tue, 22 Apr 2014 10:03:23 +0200
Subject: [PATCH] Set gid and initgroups

---
 butterfly.service     | 2 +-
 butterfly/__init__.py | 2 +-
 butterfly/routes.py   | 9 ++++-----
 butterfly/utils.py    | 4 ++++
 4 files changed, 10 insertions(+), 7 deletions(-)

diff --git a/butterfly.service b/butterfly.service
index dce8953..943b5ea 100644
--- a/butterfly.service
+++ b/butterfly.service
@@ -3,7 +3,7 @@ Description=Butterfly Terminal Server
 After=network.target
 
 [Service]
-ExecStart=/usr/bin/butterfly.server.py 
+ExecStart=/usr/bin/butterfly.server.py
 Restart=on-abort
 
 [Install]
diff --git a/butterfly/__init__.py b/butterfly/__init__.py
index 0b807c0..166fdec 100644
--- a/butterfly/__init__.py
+++ b/butterfly/__init__.py
@@ -14,7 +14,7 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
-__version__ = '1.4.0'
+__version__ = '1.4.1'
 
 
 import os
diff --git a/butterfly/routes.py b/butterfly/routes.py
index ba7471e..0dae3cb 100644
--- a/butterfly/routes.py
+++ b/butterfly/routes.py
@@ -99,10 +99,6 @@ class TermWebSocket(Route, tornado.websocket.WebSocketHandler):
     def pty(self):
         self.pid, self.fd = pty.fork()
         if self.pid == 0:
-            try:
-                os.closerange(3, 256)
-            except:
-                pass
             self.shell()
         else:
             self.communicate()
@@ -143,6 +139,8 @@ class TermWebSocket(Route, tornado.websocket.WebSocketHandler):
                 server == self.callee):
             # User has been auth with ssl or is the same user as server
             try:
+                os.initgroups(self.callee.name, self.callee.gid)
+                os.setgid(self.callee.gid)
                 os.setuid(self.callee.uid)
             except PermissionError:
                 print('The server must be run as root '
@@ -181,7 +179,8 @@ class TermWebSocket(Route, tornado.websocket.WebSocketHandler):
         os.execvpe(args[0], args, env)
 
     def communicate(self):
-        self.log.info('Adding handler')
+        self.log.info('PTY forked : %s (%s)' % (
+            os.ttyname(self.fd), os.ctermid()))
         fcntl.fcntl(self.fd, fcntl.F_SETFL, os.O_NONBLOCK)
 
         def utf8_error(e):
diff --git a/butterfly/utils.py b/butterfly/utils.py
index 4c92e3a..0faf1c7 100644
--- a/butterfly/utils.py
+++ b/butterfly/utils.py
@@ -51,6 +51,10 @@ class User(object):
     def uid(self):
         return self.pw.pw_uid
 
+    @property
+    def gid(self):
+        return self.pw.pw_gid
+
     @property
     def name(self):
         return self.pw.pw_name