cfg, frontpage: Ignore errors while reading config and shortcuts

- Ignore errors while trying to expand a file path list into its .d components
path list.

- Ignore errors when reading shortcuts fails a file for any reason.

- Errors when reading configuration file already ignored. os.path.isfile() and
configparser.Configparser.read() do not raise an exception under any
circumstances.

Analysis:

Regression in 20.12 reported at
https://discuss.freedombox.org/t/fb-20-12-solved-plinth-fails-to-start-due-to-new-frontpage-py-shortcuts-and-filesystem-permissions/994/4

- freedom-maker creates /var/lib/freedombox/ with mode 755 as root but this only
applies for disk images.

- freedombox.postinst, networks, apache check for the existence of
/var/lib/freedombox/is-freedombox-disk-image .

- Samba creates /var/lib/freedombox with mode 755 as root.

- Backups creates /var/lib/freedombox/borgbackup but not the parent directory?

- Shortcuts are now read from /var/lib/freedombox/.

Tests performed:

- Create directories /var/lib/freedombox and /etc/freedombox with permission set
to 750. In case of configuration, an early warning message is printed and in
case of shortcuts warnings are printed but service starts properly. Changing the
permission to 755 removes the warnings.

- Ensure 755 permission on above two directories. Create non-empty files
custom-shortcuts.json and freedombox.config with permissions 640. In case of
config no warning is printed (silently ignored) and in case of shortcuts,
warning is printed that file could not be read but service starts properly.
Changing the permission to 644, no warnings are printed.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>

plinth/cfg.py

@@ -57,8 +57,12 @@ def expand_to_dot_d_paths(file_paths):
         final_list.append(str(file_path))
         path = pathlib.Path(file_path)
         path_d = path.with_suffix(path.suffix + '.d')
-        for dot_d_file in sorted(path_d.glob('*' + path.suffix)):
-            final_list.append(str(dot_d_file))
+        try:
+            for dot_d_file in sorted(path_d.glob('*' + path.suffix)):
+                final_list.append(str(dot_d_file))
+        except Exception as exception:
+            logger.warning('Unable to read from directory %s: %s', path_d,
+                           exception)
 
     return final_list
 
@@ -89,7 +93,7 @@ def read():
 
 def read_file(config_path):
     """Read and merge into defaults a single configuration file."""
-    if not os.path.isfile(config_path):
+    if not os.path.isfile(config_path):  # Does not throw exceptions
         # Ignore missing configuration files
         return
 
@@ -103,7 +107,7 @@ def read_file(config_path):
             'parent_parent_dir':
                 pathlib.Path(config_path).parent.parent.resolve(),
         })
-    parser.read(config_path)
+    parser.read(config_path)  # Ignores all read errors
 
     config_items = (
         ('Path', 'file_root', 'string'),

plinth/frontpage.py

@@ -174,14 +174,15 @@ def get_custom_shortcuts():
     shortcuts = {'shortcuts': []}
     for file_path in get_custom_shortcuts_paths():
         file_path = pathlib.Path(file_path)
-        if not file_path.is_file() or not file_path.stat().st_size:
-            continue
+        try:
+            if not file_path.is_file() or not file_path.stat().st_size:
+                continue
 
-        logger.info('Loading custom shortcuts from %s', file_path)
-        with file_path.open() as file_handle:
-            try:
+            logger.info('Loading custom shortcuts from %s', file_path)
+            with file_path.open() as file_handle:
                 shortcuts['shortcuts'] += json.load(file_handle)['shortcuts']
-            except (KeyError, json.JSONDecodeError):
-                logger.info('Error loading shortcuts from %s', file_path)
+        except Exception as exception:
+            logger.warning('Error loading shortcuts from %s: %s', file_path,
+                           exception)
 
     return shortcuts