create log directory during startup if it does not exist (debian)

skip creation of settings file if the location is not writeable during startup
add basic support for profiling
fixed is_device_allowed problem (was to strict)

bin/CryptoBoxWebserver

@@ -263,6 +263,7 @@ def parseOptions():
 		port="8080",
 		host="",
 		verbose=True,
+		profile_file=False,
 		user=None)
 	parser.add_option("-c", "--config", dest="conffile",
 		help="read configuration from FILE", metavar="FILE")
@@ -282,6 +283,8 @@ def parseOptions():
 		help="attach to HOST")
 	parser.add_option("-u","--user", dest="user", metavar="USER",
 		help="change to USER after starting the webserver")
+	parser.add_option("","--profile", dest="profile_file", metavar="PROFILE_FILE",
+		help="enable profiling and store results in PROFILE_FILE")
 	(options, args) = parser.parse_args()
 	## we do not expect any remaining arguments
 	if len(args) != 0:
@@ -310,6 +313,12 @@ def parseOptions():
 			parser.error("invalid user specified (%s)" % options.user)
 		## we will use the uid
 		options.user = uid
+	if options.profile_file:
+		options.profile_file = os.path.abspath(options.profile_file)
+		try:
+			import profile
+		except ImportError:
+			parser.error("profiling requires the python module 'profile' - debian users should run 'apt-get install python-profiler'")
 	return options
 
 
@@ -327,7 +336,11 @@ if __name__ == "__main__":
 		fork_to_background()
 	## start the webserver
 	try:
-		cbw.start()
+		if options.profile_file:
+			import profile
+			profile.run('cbw.start()', options.profile_file)
+		else:
+			cbw.start()
 	except CBError, err_msg:
 		sys.stderr.write("Failed to start the CryptoBox webserver!\n")
 		sys.stderr.write("%s\n" % str(err_msg))

bin/do_unittests.sh

@@ -57,3 +57,4 @@ if test -n "$files"
  fi
 
 enable_filecheck
+

debian/changelog

@@ -1,3 +1,10 @@
+cryptobox (0.3.2-1) unstable; urgency=low
+
+  * improve robustness of startup-script
+  * fix non-writeable-settings-location problems
+
+ -- Lars Kruse <devel@sumpfralle.de>  Fri,  5 Jan 2007 02:20:55 +0100
+
 cryptobox (0.3.1-1) unstable; urgency=low
 
   * new upstream release

debian/cryptobox-server.init

@@ -50,12 +50,19 @@ case "$1" in
 	start )
 		# create the directory of the pid file if necessary
 		PIDDIR=$(dirname "$PIDFILE")
-		if [ -d "$PIDDIR" ]
+		if [ ! -d "$PIDDIR" ]
 		  then	mkdir -p "$PIDDIR"
 			# necessary: the cryptobox server needs the permission to remove the pid file
 		  	chown $RUNAS:root "$PIDDIR"
 			chmod 755 "$PIDDIR"
 		 fi
+		# create the directory of the pid file if necessary
+		LOGDIR=$(dirname "$LOGFILE")
+		if [ ! -d "$LOGDIR" ]
+		  then	mkdir -p "$LOGDIR"
+		  	chown $RUNAS:root "$LOGDIR"
+			chmod 750 "$LOGDIR"
+		 fi
 		log_daemon_msg "Starting $DESC"
 		if start-stop-daemon \
 			--quiet --start --user $RUNAS --pidfile "$PIDFILE" \

plugins/logs/intl/cryptobox-server-feature-logs.pot

@@ -1,8 +1,4 @@
 #: Name
-msgid "Show event log"
-msgstr ""
-
-#: Link
 msgid "Event log"
 msgstr ""
 

plugins/logs/intl/en/cryptobox-server-feature-logs.po

@@ -1,9 +1,5 @@
 
 #: Name
-msgid "Show event log"
-msgstr "Show event log"
-
-#: Link
 msgid "Event log"
 msgstr "Event log"
 
@@ -64,6 +60,9 @@ msgstr "No log file configured"
 msgid "The CryptoBox is not configured to log events to a file. Thus it is not possible to review log events."
 msgstr "The CryptoBox is not configured to log events to a file. Thus it is not possible to review log events."
 
+#~ msgid "Show event log"
+#~ msgstr "Show event log"
+
 #~ msgid "Show the content of the log file"
 #~ msgstr "Show the content of the log file"
 

plugins/volume_mount/intl/cryptobox-server-feature-volume_mount.pot

@@ -67,7 +67,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/cs/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/da/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/de/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/en/cryptobox-server-feature-volume_mount.po

@@ -68,8 +68,9 @@ msgid "Unknown format"
 msgstr "Unknown format"
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
-msgstr "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+#, fuzzy
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
+msgstr "The type of this volume ist not known. Maybe you want to initialize it first?"
 
 #: WarningMessage.InvalidContainerType.Link.Text
 msgid "Format volume"

plugins/volume_mount/intl/es/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/fi/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/fr/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/hu/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/it/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:50+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/ja/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/nl/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/pl/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/pt/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/ru/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/sl/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/intl/sv/cryptobox-server-feature-volume_mount.po

@@ -3,7 +3,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: CryptoBox-Server 0.3\n"
 "Report-Msgid-Bugs-To: translate@cryptobox.org\n"
-"POT-Creation-Date: 2006-12-18 11:39+0100\n"
+"POT-Creation-Date: 2007-01-05 04:51+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -82,7 +82,7 @@ msgid "Unknown format"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Text
-msgid "The type of this volume ist not known. Maybe you want to initialize itfirst?"
+msgid "The type of this volume ist not known. Maybe you want to initialize it first?"
 msgstr ""
 
 #: WarningMessage.InvalidContainerType.Link.Text

plugins/volume_mount/language.hdf

@@ -50,7 +50,7 @@ WarningMessage {
 
 	InvalidContainerType {
 		Title	= Unknown format
-		Text	= The type of this volume ist not known. Maybe you want to initialize itfirst?
+		Text	= The type of this volume ist not known. Maybe you want to initialize it first?
 		Link.Text	= Format volume
 		Link.Rel 	= volume_format_fs
 	}

src/cryptobox/__init__.py

@@ -10,5 +10,5 @@ __all__ = ['core', 'web', 'plugins', 'tests']
 __revision__ = "$Id$"
 
 
-__version__ = "0.3.1"
+__version__ = "0.3.2"
 

src/cryptobox/core/main.py

@@ -221,13 +221,19 @@ class CryptoBox:
 	def is_device_allowed(self, devicename):
 		"check if a device is white-listed for being used as cryptobox containers"
 		import types
+		devicename = os.path.abspath(devicename)
 		allowed = self.prefs["Main"]["AllowedDevices"]
 		if type(allowed) == types.StringType:
 			allowed = [allowed]
 		for a_dev in allowed:
-			## remove double dots and so on ...
-			real_device = os.path.realpath(devicename)
-			if a_dev and re.search('^' + a_dev, real_device):
+			if not a_dev:
+				continue
+			## double dots are not allowed (e.g. /dev/ide/../sda)
+			if re.search("/\.\./", devicename):
+				continue
+			## it is not possible to check for 'realpath' - that does not work
+			## for the cryptobox as /dev/ is bind-mounted (real hda-name is /opt/...)
+			if re.search('^%s' % a_dev, devicename):
 				return True
 		return False
 

src/cryptobox/core/settings.py

@@ -294,20 +294,21 @@ class CryptoBoxSettings:
 		if os.path.exists(plugin_conf_file):
 			plugin_conf = configobj.ConfigObj(plugin_conf_file, configspec=plugin_rules)
 		else:
-			plugin_conf = configobj.ConfigObj(plugin_conf_file, configspec=plugin_rules,
-					create_empty=True)
+			try:
+				plugin_conf = configobj.ConfigObj(plugin_conf_file,
+						configspec=plugin_rules, create_empty=True)
+			except IOError:
+				plugin_conf = configobj.ConfigObj(configspec=plugin_rules)
+				plugin_conf.filename = plugin_conf_file
 		## validate and convert values according to the spec
 		plugin_conf.validate(validate.Validator())
-		## check if plugin_conf_file file was created successfully?
-		if not os.path.exists(plugin_conf_file):
-			raise CBEnvironmentError(
-					"failed to create plugin configuration file (%s)" % plugin_conf_file)
 		return plugin_conf
 
 
 	def __get_volumes_database(self):
 		"""Load the volume database file if it exists.
 		"""
+		#TODO: add configuration specification and validation
 		try:
 			try:
 				conf_file = os.path.join(
@@ -322,11 +323,11 @@ class CryptoBoxSettings:
 		if os.path.exists(conf_file):
 			conf = configobj.ConfigObj(conf_file)
 		else:
-			conf = configobj.ConfigObj(conf_file, create_empty=True)
-		## check if conf_file file was created successfully?
-		if not os.path.exists(conf_file):
-			raise CBEnvironmentError(
-					"failed to create volume database file (%s)" % conf_file)
+			try:
+				conf = configobj.ConfigObj(conf_file, create_empty=True)
+			except IOError:
+				conf = configobj.ConfigObj()
+				conf.filename = conf_file
 		return conf
 
 
@@ -349,14 +350,14 @@ class CryptoBoxSettings:
 		if os.path.exists(user_db_file):
 			user_db = configobj.ConfigObj(user_db_file, configspec=user_db_rules)
 		else:
-			user_db = configobj.ConfigObj(user_db_file, configspec=user_db_rules,
-					create_empty=True)
+			try:
+				user_db = configobj.ConfigObj(user_db_file,
+						configspec=user_db_rules, create_empty=True)
+			except IOError:
+				user_db = configobj.ConfigObj(configspec=user_db_rules)
+				user_db.filename = user_db_file
 		## validate and set default value for "admin" user
 		user_db.validate(validate.Validator())
-		## check if user_db file was created successfully?
-		if not os.path.exists(user_db_file):
-			raise CBEnvironmentError(
-					"failed to create user database file (%s)" % user_db_file)
 		## define password hash function - never use "sha" directly - SPOT
 		user_db.get_digest = lambda password: sha.new(password).hexdigest()
 		return user_db