def initsecurity(config): idsetuid = None idsetgid = None if config.has_option("pygopherd", "setuid"): import pwd idsetuid = pwd.getpwnam(config.get("pygopherd", "setuid"))[2] if config.has_option("pygopherd", "setgid"): import grp idsetgid = grp.getgrnam(config.get("pygopherd", "setgid"))[2] if config.getboolean("pygopherd", "usechroot"): os.chroot(config.get("pygopherd", "root")) logger.log("Chrooted to " + config.get("pygopherd", "root")) config.set("pygopherd", "root", "/") if idsetuid != None or idsetgid != None: os.setgroups(()) logger.log("Supplemental group list cleared.") if idsetgid != None: os.setregid(idsetgid, idsetgid) logger.log("Switched to group %d" % idsetgid) if idsetuid != None: os.setreuid(idsetuid, idsetuid) logger.log("Switched to uid %d" % idsetuid)
def contain(command, image_name, image_dir, container_id, container_dir): new_root = create_container_root(image_name, image_dir, container_id, container_dir) print('Created a new root fs for our container: {}'.format(new_root)) # TODO: time to say goodbye to the old mount namespace, see "man 2 unshare" to get some help # HINT 1: there is no os.unshare(), time to use the linux module we made just for you! # HINT 2: the linux module include both functions and constants! e.g. linux.CLONE_NEWNS # TODO: remember shared subtrees? (https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt) # make / a private mount to avoid littering our host mount table # Create mounts (/proc, /sys, /dev) under new_root linux.mount('proc', os.path.join(new_root, 'proc'), 'proc', 0, '') linux.mount('sysfs', os.path.join(new_root, 'sys'), 'sysfs', 0, '') linux.mount('tmpfs', os.path.join(new_root, 'dev'), 'tmpfs', linux.MS_NOSUID | linux.MS_STRICTATIME, 'mode=755') # Add some basic devices devpts_path = os.path.join(new_root, 'dev', 'pts') if not os.path.exists(devpts_path): os.makedirs(devpts_path) linux.mount('devpts', devpts_path, 'devpts', 0, '') for i, dev in enumerate(['stdin', 'stdout', 'stderr']): os.symlink('/proc/self/fd/%d' % i, os.path.join(new_root, 'dev', dev)) # TODO: add more device (e.g. null, zero, random, urandom) using os.mknode os.chroot(new_root) os.chdir('/') os.execvp(command[0], command)
def setupEnvironment(self, chroot, rundir, nodaemon, pidfile): """ Set the filesystem root, the working directory, and daemonize. @type chroot: C{str} or L{NoneType} @param chroot: If not None, a path to use as the filesystem root (using L{os.chroot}). @type rundir: C{str} @param rundir: The path to set as the working directory. @type nodaemon: C{bool} @param nodaemon: A flag which, if set, indicates that daemonization should not be done. @type pidfile: C{str} or C{NoneType} @param pidfile: If not C{None}, the path to a file into which to put the PID of this process. """ if chroot is not None: os.chroot(chroot) if rundir == '.': rundir = '/' os.chdir(rundir) if not nodaemon: daemonize() if pidfile: open(pidfile,'wb').write(str(os.getpid()))
def start(self): serversockets = [] for port in self.ports: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) try: s.bind(("", port)) except socket.error as e: self.print_error("Could not bind port %s: %s." % (port, e)) sys.exit(1) s.listen(5) serversockets.append(s) del s self.print_info("Listening on port %d." % port) if self.chroot: os.chdir(self.chroot) os.chroot(self.chroot) self.print_info("Changed root directory to %s" % self.chroot) if self.setuid: os.setresgid(self.setuid[1], self.setuid[1], self.setuid[1]) os.setresuid(self.setuid[0], self.setuid[0], self.setuid[0]) self.print_info("Setting uid:gid to %s:%s" % (self.setuid[0], self.setuid[1])) last_aliveness_check = time.time() while True: (iwtd, owtd, ewtd) = select.select( serversockets + [x.socket for x in self.clients.values()], [x.socket for x in self.clients.values() if x.write_queue_size() > 0], [], 10) for x in iwtd: if x in self.clients: self.clients[x].socket_readable_notification() else: (conn, addr) = x.accept() if self.ssl_pem_file: import ssl try: conn = ssl.wrap_socket( conn, server_side=True, certfile=self.ssl_pem_file, keyfile=self.ssl_pem_file) except ssl.SSLError as e: self.print_error( "SSL error for connection from %s:%s: %s" % ( addr[0], addr[1], e)) continue self.clients[conn] = self.client_factory(conn) self.print_info("Accepted connection from %s:%s." % ( addr[0], addr[1])) for x in owtd: if x in self.clients: # client may have been disconnected self.clients[x].socket_writable_notification() now = time.time() if last_aliveness_check + 10 < now: for client in self.clients.values(): client.check_aliveness() last_aliveness_check = now
def main(): parser = argparse.ArgumentParser( description='run in a chroot' ) parser.add_argument( 'root', metavar='ROOT', help='chroot directory') parser.add_argument( '--no-pivot', dest='pivot', action='store_false', help="don't pivot_root before chroot") args = parser.parse_args() unshare(CLONE_NEWNS) mount('none', '/', None, MS_REC | MS_PRIVATE, None) if args.pivot: mount(args.root, args.root, None, MS_BIND, None) os.chdir(args.root) if args.pivot: pivot_root('.', 'mnt') umount('mnt', MNT_DETACH) os.chroot('.') mount('proc', '/proc', 'proc', MS_NODEV | MS_NOEXEC | MS_NOSUID, None) mount('sys', '/sys', 'sysfs', MS_NODEV | MS_NOEXEC | MS_NOSUID, None) mount('dev', '/dev', 'devtmpfs', MS_NOSUID, None) os.execve('/bin/sh', ['/bin/sh', '-i'], { 'HOME': '/root', 'PATH': '/usr/bin', 'SHELL': '/bin/sh', 'USER': '******', })
def run(self): os.chroot(self.root) os.chdir('/') if self.search: os.execvp(self.path, self.args) else: os.execv(self.path, self.args)
def __enter__(self): pid = os.fork() if pid == 0: os.chroot(self.path) return self else: os.waitpid(pid, 0)
def executeInNewProcess(fileSource, language, stdin, expectedOutput): """ Forks and runs the given code in a child, chroot'd process. The result (AC, WA, etc.) is written to a pipe that the parent reads from and is returned. """ r, w = os.pipe() pid = os.fork() if pid: # parent process os.close(w) r = os.fdopen(r) # turn r into a file object result = r.read() r.close() os.waitpid(pid, 0) # make sure the child process gets cleaned up return result else: # child process os.close(r) try: os.chdir(config.CHROOT_DIR) os.chroot('.') os.setuid(config.JUDGE_UID) except OSError as e: log.debug("chroot failed. Abandoning execution.") log.debug("%s" % e.message) w.write(status.INTERNAL_ERROR) sys.exit(1) result = executeProgram(fileSource, language, stdin, expectedOutput) result = str(result) w = os.fdopen(w, 'w') w.write(result) w.close() sys.exit(0)
def run_test(sDirBase, sModWork): sConfigDir = loadconfig.get_config_dir() sChrootDir = build_chroot(sDirBase, sConfigDir) shutil.copy(path.join(sConfigDir, path.basename(sModWork)), sDirBase) sDirOrig = os.getcwd() os.chroot(sChrootDir) unittest.main(__import__(sModWork))
def post_install_fun(self): if os.path.isfile(self.installfile): with open(self.installfile, 'r') as installfile: if 'post_install' in installfile.read(): os.chroot(self.rootpath) os.putenv('BASH_ENV', self.installfile) subprocess.call(["bash", '-c', 'post_install'])
def contain(command, image_name, image_dir, container_id, container_dir): linux.unshare(linux.CLONE_NEWNS) # create a new mount namespace linux.mount(None, '/', None, linux.MS_PRIVATE | linux.MS_REC, None) # TODO: we added MS_REC here. wanna guess why? new_root = create_container_root(image_name, image_dir, container_id, container_dir) print('Created a new root fs for our container: {}'.format(new_root)) # Create mounts (/proc, /sys, /dev) under new_root linux.mount('proc', os.path.join(new_root, 'proc'), 'proc', 0, '') linux.mount('sysfs', os.path.join(new_root, 'sys'), 'sysfs', 0, '') linux.mount('tmpfs', os.path.join(new_root, 'dev'), 'tmpfs', linux.MS_NOSUID | linux.MS_STRICTATIME, 'mode=755') # Add some basic devices devpts_path = os.path.join(new_root, 'dev', 'pts') if not os.path.exists(devpts_path): os.makedirs(devpts_path) linux.mount('devpts', devpts_path, 'devpts', 0, '') makedev(os.path.join(new_root, 'dev')) os.chroot(new_root) # TODO: replace with pivot_root os.chdir('/') # TODO: umount2 old root (HINT: see MNT_DETACH in man mount) os.execvp(command[0], command)
def __init__(self, **serverSettings): self.ip = serverSettings.get('ip', '0.0.0.0') self.port = serverSettings.get('port', 69) self.netbootDirectory = serverSettings.get('netbootDirectory', '.') self.logger = serverSettings.get('logger', None) self.mode_debug = serverSettings.get('mode_debug', False) self.sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) self.sock.bind((self.ip, self.port)) if self.logger == None: import logging import logging.handlers # setup logger self.logger = logging.getLogger("tftp") handler = logging.StreamHandler() formatter = logging.Formatter('%(asctime)s %(levelname)s %(message)s') handler.setFormatter(formatter) self.logger.addHandler(handler) if self.mode_debug: self.logger.setLevel(logging.DEBUG) self.logger.debug('NOTICE: TFTP server started in debug mode. TFTP server is using the following:') self.logger.debug('\tTFTP Server IP: ' + self.ip) self.logger.debug('\tTFTP Server Port: ' + str(self.port)) self.logger.debug('\tTFTP Network Boot Directory: ' + self.netbootDirectory) #key is (address, port) pair self.ongoing = defaultdict(lambda: {'filename': '', 'handle': None, 'block': 1, 'blksize': 512}) # Start in network boot file directory and then chroot, # this simplifies target later as well as offers a slight security increase os.chdir (self.netbootDirectory) os.chroot ('.')
def _unInstStop(self, bytes, total, h): (pkg, tsi) = self._extract_str_cbkey(h) self.total_removed += 1 self.complete_actions += 1 if pkg in tsi.obsoleted: action = 'obsoleting' elif tsi.op_type == dnf.transaction.UPGRADE: action = 'cleanup' else: action = dnf.transaction.ERASE self.display.filelog(pkg, action) self.display.event(pkg, action, 100, 100, self.complete_actions, self.total_actions) if self.test: return if tsi is not None: self._scriptout(pkg) # Note that we are currently inside the chroot, which makes # sqlite panic when it tries to open it's journal file. # So let's have some "fun" and workaround that: _do_chroot = False if _do_chroot and self.base.conf.installroot != '/': os.chroot(".") pid = self.base.history.pkg2pid(pkg) state = tsi.history_state(pkg) self.base.history.trans_data_pid_end(pid, state) if _do_chroot and self.base.conf.installroot != '/': os.chroot(self.base.conf.installroot) # :dead # self.ts_done(txmbr.po, txmbr.output_state) else: self._scriptout(name)
def doAufsChroot(aufs_rw_dir, aufs_chroot_dir): " helper that sets the chroot up and does chroot() into it " if not setupAufsChroot(aufs_rw_dir, aufs_chroot_dir): return False os.chroot(aufs_chroot_dir) os.chdir("/") return True
def getUserHome(): """ Finds the home directory of the user running the application. If runnning within a container, the root dir must be passed as a volume. Ex. docker run -v /:/host -e SUDO_USER -e USER foobar """ logger.debug("Finding the users home directory") user = Utils.getUserName() incontainer = Utils.inContainer() # Check to see if we are running in a container. If we are we # will chroot into the /host path before calling os.path.expanduser if incontainer: os.chroot(HOST_DIR) # Call os.path.expanduser to determine the user's home dir. # See https://docs.python.org/2/library/os.path.html#os.path.expanduser # Warn if none is detected, don't error as not having a home # dir doesn't mean we fail. home = os.path.expanduser("~%s" % user) if home == ("~%s" % user): logger.error("No home directory exists for user %s" % user) # Back out of chroot if necessary if incontainer: os.chroot("../..") logger.debug("Running as user %s. Using home directory %s for configuration data" % (user, home)) return home
def checkUserExists(self, username, root="/mnt/sysimage"): childpid = os.fork() if not childpid: if not root in ["","/"]: os.chroot(root) os.chdir("/") del(os.environ["LIBUSER_CONF"]) self.admin = libuser.admin() if self.admin.lookupUserByName(username): os._exit(0) else: os._exit(1) try: status = os.waitpid(childpid, 0)[1] except OSError as e: log.critical("exception from waitpid while creating a user: %s %s", e.errno, e.strerror) return False if os.WIFEXITED(status) and (os.WEXITSTATUS(status) == 0): return True else: return False
def condChroot(chrootPath): if chrootPath is not None: saved = { "ruid": os.getuid(), "euid": os.geteuid(), } uid.setresuid(0,0,0) os.chdir(chrootPath) os.chroot(chrootPath) uid.setresuid(saved['ruid'], saved['euid'])
def __init__(self, **server_settings): self.ip = server_settings.get('ip', '0.0.0.0') self.port = server_settings.get('port', 80) self.netboot_directory = server_settings.get('netboot_directory', '.') self.mode_debug = server_settings.get('mode_debug', False) # debug mode self.logger = server_settings.get('logger', None) # setup logger if self.logger == None: self.logger = logging.getLogger('HTTP') handler = logging.StreamHandler() formatter = logging.Formatter('%(asctime)s [%(levelname)s] %(name)s %(message)s') handler.setFormatter(formatter) self.logger.addHandler(handler) if self.mode_debug: self.logger.setLevel(logging.DEBUG) self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) self.sock.bind((self.ip, self.port)) self.sock.listen(1) # start in network boot file directory and then chroot, # this simplifies target later as well as offers a slight security increase os.chdir (self.netboot_directory) os.chroot ('.') self.logger.debug('NOTICE: HTTP server started in debug mode. HTTP server is using the following:') self.logger.debug('Server IP: {0}'.format(self.ip)) self.logger.debug('Server Port: {0}'.format(self.port)) self.logger.debug('Network Boot Directory: {0}'.format(self.netboot_directory))
def execute(self, config): """ Run the build task for the given config in the chroot. """ build_path = os.path.join(self.path, self.config['build-path']) try: shutil.rmtree(self.path) except OSError: pass shutil.copytree(".", build_path) for (path, sha) in config['file']: if os.path.isabs(path): path = os.path.join(self.path, path[1:]) else: path = os.path.join(build_path, path) with open(path, 'w') as location: with self.server.get(sha) as data: chunk = 'a' while len(chunk) > 0: chunk = data.read(4096) location.write(chunk) pid = os.fork() if pid == 0: os.chroot(self.path) os.chdir('/') os.execl(config['task'], config['task']) else: os.waitpid(pid, 0)
def __init__(self, socket_path, private_key, certificate, lifetime, basic_constraints, key_usage, extended_key_usage, revocation_list_lifetime): asyncore.dispatcher.__init__(self) # Bind to sockets if os.path.exists(socket_path): os.unlink(socket_path) os.umask(0o007) self.create_socket(socket.AF_UNIX, socket.SOCK_STREAM) self.bind(socket_path) self.listen(5) # Load CA private key and certificate self.private_key = crypto.load_privatekey(crypto.FILETYPE_PEM, open(private_key).read()) self.certificate = crypto.load_certificate(crypto.FILETYPE_PEM, open(certificate).read()) self.lifetime = lifetime self.revocation_list_lifetime = revocation_list_lifetime self.basic_constraints = basic_constraints self.key_usage = key_usage self.extended_key_usage = extended_key_usage # Perhaps perform chroot as well, currently results in # (<class 'OpenSSL.crypto.Error'>:[('random number generator', 'SSLEAY_RAND_BYTES', 'PRNG not seeded') # probably needs partially populated /dev in chroot # Dropping privileges _, _, uid, gid, gecos, root, shell = pwd.getpwnam("nobody") os.chroot("/run/certidude/signer/jail") os.setgid(gid) os.setuid(uid)
def log_output(session, path, args, outfile, uploadpath, cwd=None, logerror=0, append=0, chroot=None, env=None): """Run command with output redirected. If chroot is not None, chroot to the directory specified before running the command.""" pid = os.fork() fd = None if not pid: session._forget() try: if chroot: os.chroot(chroot) if cwd: os.chdir(cwd) flags = os.O_CREAT | os.O_WRONLY if append: flags |= os.O_APPEND fd = os.open(outfile, flags, 0666) os.dup2(fd, 1) if logerror: os.dup2(fd, 2) # echo the command we're running into the logfile os.write(fd, '$ %s\n' % ' '.join(args)) environ = os.environ.copy() if env: environ.update(env) os.execvpe(path, args, environ) except: msg = ''.join(traceback.format_exception(*sys.exc_info())) if fd: try: os.write(fd, msg) os.close(fd) except: pass print msg os._exit(1) else: if chroot: outfile = os.path.normpath(chroot + outfile) outfd = None remotename = os.path.basename(outfile) while True: status = os.waitpid(pid, os.WNOHANG) time.sleep(1) if not outfd: try: outfd = file(outfile, 'r') except IOError: # will happen if the forked process has not created the logfile yet continue except: print 'Error reading log file: %s' % outfile print ''.join(traceback.format_exception(*sys.exc_info())) incremental_upload(session, remotename, outfd, uploadpath) if status[0] != 0: if outfd: outfd.close() return status[1]
def __enter__(self): self.old_cwd = os.getcwd() self.old_fd = os.open(self.old_cwd, os.O_DIRECTORY) self.tmpdir = tempfile.mkdtemp() logging.info("TemporaryChroot in %s" % self.tmpdir) os.chroot(self.tmpdir) return self
def _unInstStop(self, bytes, total, h): pkg, state, _ = self._extract_str_cbkey(h) self.total_removed += 1 self.complete_actions += 1 if state == 'Obsoleted': action = TransactionDisplay.PKG_OBSOLETE elif state == 'Updated': action = TransactionDisplay.PKG_CLEANUP else: action = TransactionDisplay.PKG_ERASE self.display.filelog(pkg, action) self.display.event(pkg, action, 100, 100, self.complete_actions, self.total_actions) if self.test: return if state is not None: self._scriptout() # Note that we are currently inside the chroot, which makes # sqlite panic when it tries to open it's journal file. # So let's have some "fun" and workaround that: _do_chroot = False if _do_chroot and self.base.conf.installroot != '/': os.chroot(".") pid = self.base.history.pkg2pid(pkg) self.base.history.trans_data_pid_end(pid, state) if _do_chroot and self.base.conf.installroot != '/': os.chroot(self.base.conf.installroot) # :dead # self.ts_done(txmbr.po, txmbr.output_state) else: self._scriptout()
def run_python(self): # This functions creates a fork with then chroots into the # pakfire root if necessary and then compiles the given scriptlet # code and runs it. log.debug(_("Executing python scriptlet...")) # Create fork. pid = os.fork() if not pid: # child code # The child chroots into the pakfire path. if not self.pakfire.path == "/": os.chroot(self.pakfire.path) # Create a clean global environment, where only # builtin functions are available and the os and sys modules. _globals = { "os" : os, "sys" : sys, } # Compile the scriptlet and execute it. try: obj = compile(self.scriptlet, "<string>", "exec") eval(obj, _globals, {}) except Exception, e: print _("Exception occured: %s") % e os._exit(1) # End the child process without cleaning up. os._exit(0)
def limit(self): resource.setrlimit(resource.RLIMIT_AS, (self.memorylimit.value, self.memorylimit.value + 16777216)) resource.setrlimit(resource.RLIMIT_CPU, (self.cpulimit.value, self.cpulimit.value + 1.0)) os.chroot("/tmp/pjudge/") os.setgid(305) os.setuid(305) return 0
def __exit__(self, typ, exc, trc): log.debug('Leaving chroot') os.fchdir(self.real_root) os.chroot('.') os.chdir(self.cwd) log.debug('Outside chroot') return False
def system_chroot(command): ''' Execute command in chroot environment ''' # prevent stupidity if config.ROOT_DIR == '/': return real_root = os.open('/', os.O_RDONLY) mount = whereis('mount') try: for s in ('/proc', '/dev', '/sys'): sdir = config.ROOT_DIR + s if not os.path.ismount(sdir): if not os.path.isdir(sdir): os.makedirs(sdir) subprocess.check_call((mount, '--rbind', s, sdir)) os.chroot(config.ROOT_DIR) os.chdir('/') subprocess.check_call(command) finally: os.fchdir(real_root) os.chroot('.') os.close(real_root) for s in ('/proc', '/dev', '/sys'): sdir = config.ROOT_DIR + s if os.path.ismount(sdir): subprocess.check_call((mount, '--force', '--lazy', sdir))
def start(self): self.server_sockets = [] for port in self.ports: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) try: s.bind((self.address, port)) except socket.error as e: logger.error("Could not bind port %s: %s.", port, e) sys.exit(1) s.listen(5) self.server_sockets.append(s) logger.info("Listening on port %d.", port) if self.chroot: os.chdir(self.chroot) os.chroot(self.chroot) logger.info("Changed root directory to %s", self.chroot) if self.setuid: os.setgid(self.setuid[1]) os.setuid(self.setuid[0]) logger.info("Setting uid:gid to %s:%s", self.setuid[0], self.setuid[1]) self.last_aliveness_check = time.time() self.run_loop()
def _daemonize(self, options): # http://code.activestate.com/recipes/278731/ pid = os.fork() if pid == 0: os.setsid() pid2 = os.fork() if pid2 != 0: os._exit(0) else: os._exit(0) import resource os.chroot("/") os.umask(0) if os.access(options.pidfile, os.F_OK): f = open(options.pidfile, "r") f.seek(0) old_pid = f.readline() if os.path.exists("/proc/{0}".format(old_pid)): print "Old PID file exists, and process is still running: {0}".format(options.pidfile) sys.exit(1) else: print "Cleaning old PID file, which points to a non-running process." os.remove(options.pidfile) maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1] if (maxfd == resource.RLIM_INFINITY): maxfd = 1024 for fd in range(3, maxfd): try: os.close(fd) except OSError: pass sys.stdin.close() if options.infolog or options.errorlog: _setup_logging(options) if options.infolog: sys.stdout = _LoggingDescriptor(logging.info) else: sys.stdout = _NullDescriptor() if options.errorlog: sys.stderr = _LoggingDescriptor(logging.error) else: sys.stderr = _NullDescriptor() f = open(options.pidfile, "w") f.write("{0}".format(os.getpid())) f.close()
os.chmod( "./jail", stat.S_IRUSR | stat.S_IXUSR | stat.S_IRGRP | stat.S_IXGRP | stat.S_IROTH | stat.S_IXOTH) # ------------ pre-load some modules for chroot -------------- dummy = x509.CertificateSigningRequestBuilder().subject_name( x509.Name([x509.NameAttribute(NameOID.COUNTRY_NAME, u"IN")])).sign(ca_private_key, hashes.SHA256(), default_backend()) # ------------ end pre-load some modules for chroot -------------- try: os.chroot("./jail") except Exception as e: print "*** Failed to chroot", e sys.exit(-1) try: os.setgid(ca_gid) except Exception as e: print "*** Failed to setgid", e sys.exit(-1) try: os.setuid(ca_uid) except Exception as e: print "*** Failed to setuid", e sys.exit(-1)
def chroot_jail(root="/tmp"): os.chroot(root) os.chdir("/")
def chroot(self): os.chroot(self.instroot) os.chdir("/")
os.access(path="path", mode=os.R_OK) # $ getAPathArgument="path" os.chdir("path") # $ getAPathArgument="path" os.chdir(path="path") # $ getAPathArgument="path" os.chflags("path", stat.UF_NODUMP) # $ getAPathArgument="path" os.chflags(path="path", flags=stat.UF_NODUMP) # $ getAPathArgument="path" os.chmod("path", 0o700) # $ getAPathArgument="path" os.chmod(path="path", mode=0o700) # $ getAPathArgument="path" os.chown("path", -1, -1) # $ getAPathArgument="path" os.chown(path="path", uid=-1, gid=-1) # $ getAPathArgument="path" # unix only os.chroot("path") # $ getAPathArgument="path" os.chroot(path="path") # $ getAPathArgument="path" # unix only os.lchflags("path", stat.UF_NODUMP) # $ getAPathArgument="path" os.lchflags(path="path", flags=stat.UF_NODUMP) # $ getAPathArgument="path" # unix only os.lchmod("path", 0o700) # $ getAPathArgument="path" os.lchmod(path="path", mode=0o700) # $ getAPathArgument="path" # unix only os.lchown("path", -1, -1) # $ getAPathArgument="path" os.lchown(path="path", uid=-1, gid=-1) # $ getAPathArgument="path" os.link("src", "dst") # $ getAPathArgument="src" getAPathArgument="dst"
def run(): args = parse_args_main() if config.get('chroot'): os.chroot(config.get('chroot')) if config.source_file is None: # we could try to automatically figure this out from server_path, if # it is set? sys.exit("No configuration provided!") # do this here so it can happen before logging init if args.logfile: if args.logfile == "-": config.get('logging_config').pop('filename', None) args.logfile = "<stdout>" # make the log message easier to read else: config.get('logging_config')['filename'] = args.logfile init_logging(config.get('logging_config')) logging.info("Loaded server configuration from: %s", config.source_file) if config.get('live_debug'): logging.info("Starting in live-debug mode.") config.set('watch_socket_dirs', False) if args.logfile: logging.info("Using command-line supplied logfile: '%s'", args.logfile) export_args_to_config(args) try: config.load_game_data() config.validate() except: err_exit("Errors in config. Exiting.", exc_info=True) if config.get('daemon', False): daemonize() signal.signal(signal.SIGTERM, signal_handler) signal.signal(signal.SIGHUP, signal_handler) signal.signal(signal.SIGINT, signal_handler) if config.get('umask') is not None: os.umask(config.get('umask')) write_pidfile() global servers servers = bind_server() ensure_tornado_current() shed_privileges() # is this ever set to False by anyone in practice? dgl_mode = config.get('dgl_mode') if dgl_mode: userdb.ensure_user_db_exists() userdb.upgrade_user_db() userdb.ensure_settings_db_exists() signal.signal(signal.SIGUSR1, usr1_handler) try: IOLoop.current().set_blocking_log_threshold(0.5) # type: ignore logging.info("Blocking call timeout: 500ms.") except: # this is the new normal; still not sure of a way to deal with this. logging.info("Webserver running without a blocking call timeout.") if dgl_mode: ws_handler.status_file_timeout() auth.purge_login_tokens_timeout() ws_handler.start_reading_milestones() if config.get('watch_socket_dirs'): process_handler.watch_socket_dirs() # start the lobby update timeout loop ws_handler.do_periodic_lobby_updates() logging.info("DCSS Webtiles server started with Tornado %s! (PID: %s)" % (tornado.version, os.getpid())) IOLoop.current().start() logging.info("Bye!") remove_pidfile()
import subprocess import sys import tempfile import time now = time.strftime("%c") ## Display current date and time from now variable print("Script started: %s" % now) time.sleep(5) # # chroot if kickstart # sysroot = '/mnt/sysimage' if os.path.exists(sysroot): os.chroot(sysroot) os.chdir("/") # # realmd setup # domain = "ad.alexmartin.io" ou = "OU=Linux,OU=Servers,OU=Resources,DC=AD,DC=ad,DC=alexmartin,DC=io" principal = "HOST/[email protected]" keytaburl = "http://repos.alexmartio.co.uk/ks/sssd/domainjoin.keytab" fqdn = socket.getfqdn().lower() hostspn = "host/{}@AD.ALEXMARTIN.IO".format(fqdn) keytab = os.path.join(tempfile.mkdtemp(), "domainjoin.keytab") print('')
def chroot(self): os.chroot(self)
def chroot(): os.chroot(root)
def chroot(self): return os.chroot(self) if hasattr(os, 'lchflags'):
def chroot(self): return os.chroot(self)
ssl=tlsctx, backlog=5, reuse_address=True)) maildrop_ports.append( loop.create_server(msmtp, "0.0.0.0", 465, family=socket.AF_INET, ssl=tlsctx, backlog=5, reuse_address=True)) servers = asyncio.gather(*maildrop_ports) maildrop_servers = loop.run_until_complete(servers) # XXX fork, close listen socket, chroot, setuid os.chroot(mindhome) os.setuid(minder_user) syslog.syslog(syslog.LOG_INFO, "listening on :: port 25") try: loop.run_forever() except KeyboardInterrupt: pass # Close the server for server in maildrop_servers: server.close() loop.run_until_complete(server.wait_closed()) loop.close()
def legacy_root_fix(self): print("\nFix ROOT\n") b = False root = self.all_root_par[self.root_target.get_active_text()][0] if self.all_root_btrfs != None and root in self.all_root_btrfs[ self.root_target.get_active_text()]: b = True ids = self.all_root_btrfs[self.root_target.get_active_text()][1] if b: check = subprocess.call( "mount -t btrfs %s -o subvolid=%s /mnt/arfedora_fix_boot 2>/dev/null" % (root, ids), shell=True) if check != 0: self.check = "m" return False else: check = subprocess.call( "mount %s /mnt/arfedora_fix_boot 2>/dev/null" % root, shell=True) if check != 0: self.check = "m" return False os.makedirs("/mnt/arfedora_fix_boot/boot", exist_ok=True) time.sleep(0.2) for i in ["/dev", "/proc", "/sys", "/run", "/dev/pts"]: time.sleep(0.2) check = subprocess.call("mount -B %s /mnt/arfedora_fix_boot%s" % (i, i), shell=True) if check != 0: self.check = "m" subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False real_root = os.open("/", os.O_RDONLY) os.chroot("/mnt/arfedora_fix_boot") os.chdir("/boot") if self.internet: check = subprocess.call(legacy_command[0], shell=True) if check != 0: self.check = "i" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False check = subprocess.call(legacy_command[1], shell=True) if check != 0: self.check = "i" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False if reinstall_kernel[0] == "yes": for i in range(1, len(reinstall_kernel)): try: time.sleep(0.2) subprocess.call(reinstall_kernel[i], shell=True) except: continue check = subprocess.call( "%s --force %s" % (grub_install, self.install_boot_target.get_active_text()), shell=True) if check != 0: self.check = "m" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False check = subprocess.call("%s -o %s" % (grub_mkconfig, legacy), shell=True) if check != 0: self.check = "m" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return True
def efi_root_with_boot_fix(self): print("\nFix ROOT/BOOT/EFI\n") root = self.all_root_par[self.root_target.get_active_text()][0] b = False if self.all_root_btrfs != None and root in self.all_root_btrfs[ self.root_target.get_active_text()]: b = True ids = self.all_root_btrfs[self.root_target.get_active_text()][1] efi = self.efi_target.get_active_text() boot = self.boot_target.get_active_text() if b: check = subprocess.call( "mount -t btrfs %s -o subvolid=%s /mnt/arfedora_fix_boot 2>/dev/null" % (root, ids), shell=True) if check != 0: self.check = "m" return False else: check = subprocess.call( "mount %s /mnt/arfedora_fix_boot 2>/dev/null" % root, shell=True) if check != 0: self.check = "m" return False os.makedirs("/mnt/arfedora_fix_boot/boot", exist_ok=True) time.sleep(0.2) check = subprocess.call( "mount %s /mnt/arfedora_fix_boot/boot 2>/dev/null" % boot, shell=True) if check != 0: self.check = "m" subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False os.makedirs("/mnt/arfedora_fix_boot/boot/efi", exist_ok=True) time.sleep(0.2) check = subprocess.call( "mount %s /mnt/arfedora_fix_boot/boot/efi 2>/dev/null" % efi, shell=True) if check != 0: self.check = "m" subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False time.sleep(0.2) for i in ["/dev", "/proc", "/sys", "/run", "/dev/pts"]: time.sleep(0.2) check = subprocess.call("mount -B %s /mnt/arfedora_fix_boot%s" % (i, i), shell=True) if check != 0: self.check = "m" subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False if not use_internet: if len(b_chroot_efi_custom_command_if_use_internet_false) != 0: for c in b_chroot_efi_custom_command_if_use_internet_false: time.sleep(0.5) check = subprocess.call("%s" % i, shell=True) if check != 0: self.check = "m" subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False real_root = os.open("/", os.O_RDONLY) os.chroot("/mnt/arfedora_fix_boot") os.chdir("/boot") if self.internet: check = subprocess.call(efi_command[0], shell=True) if check != 0: self.check = "i" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False check = subprocess.call(efi_command[1], shell=True) if check != 0: self.check = "i" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False if reinstall_kernel[0] == "yes": for i in range(1, len(reinstall_kernel)): try: time.sleep(0.2) subprocess.call(reinstall_kernel[i], shell=True) except: continue else: if len(i_chroot_efi_custom_command_if_use_internet_false) != 0: for c in i_chroot_efi_custom_command_if_use_internet_false: time.sleep(0.5) check = subprocess.call("%s" % i, shell=True) if check != 0: self.check = "m" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call( "umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False check = subprocess.call("%s -o %s" % (grub_mkconfig, uefi), shell=True) if check != 0: self.check = "m" os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return False os.fchdir(real_root) os.chroot(".") os.close(real_root) subprocess.call("umount -f -R /mnt/arfedora_fix_boot 2>/dev/null", shell=True) return True
def server_main(): args = parse_args() if config.chroot: os.chroot(config.chroot) if args.reset_password or args.clear_reset_password: reset_token_commands(args) return if getattr(config, 'live_debug', False): logging.info("Starting in live-debug mode.") config.watch_socket_dirs = False # do this here so it can happen before logging init if args.logfile: if args.logfile == "-": config.logging_config.pop('filename', None) args.logfile = "<stdout>" # make the log message easier to read else: config.logging_config['filename'] = args.logfile init_logging(config.logging_config) if args.logfile: logging.info("Using command-line supplied logfile: '%s'", args.logfile) _do_load_games() export_args_to_config(args) if not check_config(): err_exit("Errors in config. Exiting.") if config.daemon: daemonize() signal.signal(signal.SIGTERM, signal_handler) signal.signal(signal.SIGHUP, signal_handler) signal.signal(signal.SIGINT, signal_handler) if getattr(config, 'umask', None) is not None: os.umask(config.umask) write_pidfile() global servers servers = bind_server() ensure_tornado_current() shed_privileges() if config.dgl_mode: userdb.ensure_user_db_exists() userdb.upgrade_user_db() userdb.ensure_settings_db_exists() signal.signal(signal.SIGUSR1, usr1_handler) try: IOLoop.current().set_blocking_log_threshold(0.5) # type: ignore logging.info("Blocking call timeout: 500ms.") except: # this is the new normal; still not sure of a way to deal with this. logging.info("Webserver running without a blocking call timeout.") if config.dgl_mode: status_file_timeout() auth.purge_login_tokens_timeout() start_reading_milestones() if config.watch_socket_dirs: process_handler.watch_socket_dirs() # start the lobby update timeout loop do_periodic_lobby_updates() logging.info("DCSS Webtiles server started with Tornado %s! (PID: %s)" % (tornado.version, os.getpid())) IOLoop.current().start() logging.info("Bye!") remove_pidfile()
def _setup_container_filesystem(self, temp_dir, output_dir, memlimit, memory_nodes): """Setup the filesystem layout in the container. As first step, we create a copy of all existing mountpoints in mount_base, recursively, and as "private" mounts (i.e., changes to existing mountpoints afterwards won't propagate to our copy). Then we iterate over all mountpoints and change them according to the mode the user has specified (hidden, read-only, overlay, or full-access). This has do be done for each mountpoint because overlays are not recursive. Then we chroot into the new mount hierarchy. The new filesystem layout still has a view of the host's /proc. We do not mount a fresh /proc here because the grandchild still needs the old /proc. We do simply iterate over all existing mount points and set them to read-only/overlay them, because it is easier to create a new hierarchy and chroot into it. First, we still have access to the original mountpoints while doing so, and second, we avoid race conditions if someone else changes the existing mountpoints. @param temp_dir: The base directory under which all our directories should be created. """ # All strings here are bytes to avoid issues if existing mountpoints are invalid UTF-8. temp_base = self._get_result_files_base(temp_dir).encode() # directory with files created by tool temp_dir = temp_dir.encode() tmpfs_opts = ["size=" + str(memlimit or "100%")] if memory_nodes: tmpfs_opts.append("mpol=bind:" + ",".join(map(str, memory_nodes))) tmpfs_opts = (",".join(tmpfs_opts)).encode() if self._container_tmpfs: libc.mount(None, temp_dir, b"tmpfs", 0, tmpfs_opts) mount_base = os.path.join(temp_dir, b"mount") # base dir for container mounts os.mkdir(mount_base) os.mkdir(temp_base) def _is_below(path, target_path): # compare with trailing slashes for cases like /foo and /foobar path = os.path.join(path, b"") target_path = os.path.join(target_path, b"") return path.startswith(target_path) def find_mode_for_dir(path, fstype=None): if (path == b"/proc"): # /proc is necessary for the grandchild to read PID, will be replaced later. return DIR_READ_ONLY if _is_below(path, b"/proc"): # Irrelevant. return None parent_mode = None result_mode = None for special_dir, mode in self._dir_modes.items(): if _is_below(path, special_dir): if path != special_dir: parent_mode = mode result_mode = mode assert result_mode is not None if result_mode == DIR_OVERLAY and ( _is_below(path, b"/dev") or _is_below(path, b"/sys") or fstype == b"cgroup"): # Overlay does not make sense for /dev, /sys, and all cgroups. return DIR_READ_ONLY if result_mode == DIR_OVERLAY and ( fstype == b"autofs" or fstype == b"vfat" or fstype == b"ntfs"): # Overlayfs does not support these as underlying file systems. logging.debug("Cannot use overlay mode for %s because it has file system %s. " "Using read-only mode instead.", path.decode(), fstype.decode()) return DIR_READ_ONLY if result_mode == DIR_HIDDEN and parent_mode == DIR_HIDDEN: # No need to recursively recreate mountpoints in hidden dirs. return None return result_mode # Overlayfs needs its own additional temporary directory ("work" directory). # temp_base will be the "upper" layer, the host FS the "lower" layer, # and mount_base the mount target. work_base = os.path.join(temp_dir, b"overlayfs") os.mkdir(work_base) # Create a copy of host's mountpoints. # Setting MS_PRIVATE flag discouples our mount namespace from the hosts's, # i.e., mounts we do are not seen by the host, and any (un)mounts the host does afterward # are not seen by us. The latter is desired such that new mounts (e.g., # USB sticks being plugged in) do not appear in the container. # Blocking host-side unmounts from being propagated has the disadvantage # that any unmounts done by the sysadmin won't really unmount the device # because it stays mounted in the container and thus keep the device busy # (cf. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739593#85). # We could allow unmounts being propated with MS_SLAVE instead of MS_PRIVATE, # but we prefer to have the mount namespace of the container being # unchanged during run execution. container.make_bind_mount(b"/", mount_base, recursive=True, private=True) # Ensure each special dir is a mountpoint such that the next loop covers it. for special_dir in self._dir_modes.keys(): mount_path = mount_base + special_dir temp_path = temp_base + special_dir try: container.make_bind_mount(mount_path, mount_path) except OSError as e: # on btrfs, non-recursive bind mounts faitl if e.errno == errno.EINVAL: try: container.make_bind_mount(mount_path, mount_path, recursive=True) except OSError as e2: logging.debug("Failed to make %s a (recursive) bind mount: %s", mount_path, e2) else: logging.debug("Failed to make %s a bind mount: %s", mount_path, e) if not os.path.exists(temp_path): os.makedirs(temp_path) # Set desired access mode for each mountpoint. for unused_source, full_mountpoint, fstype, options in list(container.get_mount_points()): if not _is_below(full_mountpoint, mount_base): continue mountpoint = full_mountpoint[len(mount_base):] or b"/" mode = find_mode_for_dir(mountpoint, fstype) if not mode: continue if not os.access(os.path.dirname(mountpoint), os.X_OK): # If parent is not accessible we cannot mount something on mountpoint. # We mark the inaccessible directory as hidden because otherwise the mountpoint # could become accessible (directly!) if the permissions on the parent # are relaxed during container execution. original_mountpoint = mountpoint parent = os.path.dirname(mountpoint) while not os.access(parent, os.X_OK): mountpoint = parent parent = os.path.dirname(mountpoint) mode = DIR_HIDDEN logging.debug( "Marking inaccessible directory '%s' as hidden " "because it contains a mountpoint at '%s'", mountpoint.decode(), original_mountpoint.decode()) else: logging.debug("Mounting '%s' as %s", mountpoint.decode(), mode) mount_path = mount_base + mountpoint temp_path = temp_base + mountpoint work_path = work_base + mountpoint if mode == DIR_OVERLAY: if not os.path.exists(temp_path): os.makedirs(temp_path) if not os.path.exists(work_path): os.makedirs(work_path) try: # Previous mount in this place not needed if replaced with overlay dir. libc.umount(mount_path) except OSError as e: logging.debug(e) try: container.make_overlay_mount(mount_path, mountpoint, temp_path, work_path) except OSError as e: raise OSError(e.errno, "Creating overlay mount for '{}' failed: {}. " "Please use other directory modes." .format(mountpoint.decode(), os.strerror(e.errno))) elif mode == DIR_HIDDEN: if not os.path.exists(temp_path): os.makedirs(temp_path) try: # Previous mount in this place not needed if replaced with hidden dir. libc.umount(mount_path) except OSError as e: logging.debug(e) container.make_bind_mount(temp_path, mount_path) elif mode == DIR_READ_ONLY: try: container.remount_with_additional_flags(mount_path, options, libc.MS_RDONLY) except OSError as e: if e.errno == errno.EACCES: logging.warning( "Cannot mount '%s', directory may be missing from container.", mountpoint.decode()) else: # If this mountpoint is below an overlay/hidden dir re-create mountpoint. # Linux does not support making read-only bind mounts in one step: # https://lwn.net/Articles/281157/ http://man7.org/linux/man-pages/man8/mount.8.html container.make_bind_mount( mountpoint, mount_path, recursive=True, private=True) container.remount_with_additional_flags(mount_path, options, libc.MS_RDONLY) elif mode == DIR_FULL_ACCESS: try: # Ensure directory is still a mountpoint by attempting to remount. container.remount_with_additional_flags(mount_path, options, 0) except OSError as e: if e.errno == errno.EACCES: logging.warning( "Cannot mount '%s', directory may be missing from container.", mountpoint.decode()) else: # If this mountpoint is below an overlay/hidden dir re-create mountpoint. container.make_bind_mount( mountpoint, mount_path, recursive=True, private=True) else: assert False # Now configure some special hard-coded cases def make_tmpfs_dir(path): """Ensure that a tmpfs is mounted on path, if the path exists""" if path in self._dir_modes: return # explicitly configured by user mount_tmpfs = mount_base + path temp_tmpfs = temp_base + path util.makedirs(temp_tmpfs, exist_ok=True) if os.path.isdir(mount_tmpfs): # If we already have a tmpfs, we can just bind mount it, otherwise we need one if self._container_tmpfs: container.make_bind_mount(temp_tmpfs, mount_tmpfs) else: libc.mount(None, mount_tmpfs, b"tmpfs", 0, tmpfs_opts) # The following directories should be writable RAM disks for Posix shared memory. # For example, the Python multiprocessing module explicitly checks for a tmpfs instance. make_tmpfs_dir(b"/dev/shm") make_tmpfs_dir(b"/run/shm") if self._container_system_config: # If overlayfs is not used for /etc, we need additional bind mounts # for files in /etc that we want to override, like /etc/passwd config_mount_base = mount_base if find_mode_for_dir(b"/etc") != DIR_OVERLAY else None container.setup_container_system_config(temp_base, config_mount_base ) if output_dir: # We need a way to see temp_base in the container in order to be able to copy result # files out of it, so we need a directory that is guaranteed to exist in order to use # it as mountpoint for a bind mount to temp_base. # Of course, the tool inside the container should not have access to temp_base, # so we will add another bind mount with an empty directory on top # (equivalent to --hidden-dir). After the tool terminates we can unmount # the top-level bind mount and then access temp_base. However, this works only # if there is no other mount point below that directory, and the user can force us # to create mount points at arbitrary directory if a directory mode is specified. # So we need an existing directory with no mount points below, and luckily temp_dir # fulfills all requirements (because we have just created it as fresh drectory ourselves). # So we mount temp_base outside of the container to temp_dir inside. util.makedirs(mount_base + temp_dir, exist_ok=True) container.make_bind_mount(temp_base, mount_base + temp_dir, read_only=True) # And the following if branch will automatically hide the bind # mount below an empty directory. # If necessary, (i.e., if /tmp is not already hidden), # hide the directory where we store our files from processes in the container # by mounting an empty directory over it. if os.path.exists(mount_base + temp_dir): util.makedirs(temp_base + temp_dir, exist_ok=True) container.make_bind_mount(temp_base + temp_dir, mount_base + temp_dir) os.chroot(mount_base)
class Stream(mitogen.parent.Stream): child_is_immediate_subprocess = False container = None username = None kind = None docker_path = 'docker' lxc_info_path = 'lxc-info' machinectl_path = 'machinectl' GET_LEADER_BY_KIND = { 'docker': ('docker_path', get_docker_pid), 'lxc': ('lxc_info_path', get_lxc_pid), 'machinectl': ('machinectl_path', get_machinectl_pid), } def construct(self, container, kind, username=None, docker_path=None, lxc_info_path=None, machinectl_path=None, **kwargs): super(Stream, self).construct(**kwargs) if kind not in self.GET_LEADER_BY_KIND: raise Error('unsupported container kind: %r', kind) self.container = container self.kind = kind if username: self.username = username if docker_path: self.docker_path = docker_path if lxc_info_path: self.lxc_info_path = lxc_info_path if machinectl_path: self.machinectl_path = machinectl_path # Order matters. https://github.com/karelzak/util-linux/commit/854d0fe/ NS_ORDER = ('ipc', 'uts', 'net', 'pid', 'mnt', 'user') def preexec_fn(self): nspath = '/proc/%d/ns/' % (self.leader_pid, ) selfpath = '/proc/self/ns/' try: ns_fps = [ open(nspath + name) for name in self.NS_ORDER if os.path.exists(nspath + name) and ( os.readlink(nspath + name) != os.readlink(selfpath + name)) ] except Exception, e: raise Error(str(e)) os.chdir('/proc/%s/root' % (self.leader_pid, )) os.chroot('.') os.chdir('/') for fp in ns_fps: setns(fp.name, fp.fileno()) fp.close() for sym in 'endpwent', 'endgrent', 'endspent', 'endsgent': try: getattr(LIBC, sym)() except AttributeError: pass if self.username: try: os.setgroups([ grent.gr_gid for grent in grp.getgrall() if self.username in grent.gr_mem ]) pwent = pwd.getpwnam(self.username) os.setreuid(pwent.pw_uid, pwent.pw_uid) # shadow-4.4/libmisc/setupenv.c. Not done: MAIL, PATH os.environ.update({ 'HOME': pwent.pw_dir, 'SHELL': pwent.pw_shell or '/bin/sh', 'LOGNAME': self.username, 'USER': self.username, }) if ((os.path.exists(pwent.pw_dir) and os.access(pwent.pw_dir, os.X_OK))): os.chdir(pwent.pw_dir) except Exception: e = sys.exc_info()[1] raise Error(self.username_msg, self.username, self.container, type(e).__name__, e)
def mychroot(): """ pre-execute function """ os.chroot(chrootdir) os.chdir("/")
def chroot(): if root and root != '/': os.chroot(root)
def __exit__(self, type, value, traceback): os.fchdir(self.root) os.chroot('.') os.chdir(self.cwd)
logging.warning("Crawl executable %s doesn't exist!", game_data["crawl_binary"]) success = False if ("client_path" in game_data and not os.path.exists(game_data["client_path"])): logging.warning("Client data path %s doesn't exist!", game_data["client_path"]) success = False if getattr(config, "allow_password_reset", False) and not config.lobby_url: logging.warning("Lobby URL needs to be defined!") success = False return success if __name__ == "__main__": if chroot: os.chroot(chroot) init_logging(logging_config) if not check_config(): err_exit("Errors in config. Exiting.") if daemon: daemonize() signal.signal(signal.SIGTERM, signal_handler) signal.signal(signal.SIGHUP, signal_handler) if umask is not None: os.umask(umask)
def chroot(self): """Change the root dir to this path name""" os.chroot(self)
def 改变当前进程目录(路径): '成功返回True' os.chroot(路径) return True
def execWithCaptureStatus(command, argv, searchPath=0, root='/', stdin=0, catchfd=1, closefd=-1): if not os.access(root + command, os.X_OK): raise RuntimeError(command + " cannot be run") (read, write) = os.pipe() childpid = os.fork() if (not childpid): if (root and root != '/'): os.chroot(root) if isinstance(catchfd, tuple): for fd in catchfd: os.dup2(write, fd) else: os.dup2(write, catchfd) os.close(write) os.close(read) if closefd != -1: os.close(closefd) if stdin: os.dup2(stdin, 0) os.close(stdin) if (searchPath): os.execvp(command, argv) else: os.execv(command, argv) sys.exit(1) os.close(write) rc = "" s = "1" while (s): select.select([read], [], []) s = os.read(read, 1000) rc = rc + s os.close(read) pid = -1 status = -1 try: (pid, status) = os.waitpid(childpid, 0) except OSError as xxx_todo_changeme: (errno, msg) = xxx_todo_changeme.args print(__name__, "waitpid:", msg) if os.WIFEXITED(status) and (os.WEXITSTATUS(status) == 0): status = os.WEXITSTATUS(status) else: status = -1 return (rc, status)
def __enter__(self): os.chroot(self.path)
import os import pwd import sys import textwrap pw = pwd.getpwnam("nobody") os.chdir("home") os.chroot(".") os.setgid(pw.pw_gid) os.setuid(pw.pw_uid) env = {"__builtins__": {}} exec(f"def func():\n{textwrap.indent(sys.stdin.read(), ' ')}", env) ret = env["func"]() if ret is not None: print(ret)
def _child_prep_fn(): if (chroot): os.chroot(chroot) if (chdir): os.chdir(chdir)
def chroot(): if root: os.chroot(root)
def do_chroot(): """Helper function doing the chroot if requested.""" if chroot and chroot != "/": os.chroot(chroot) os.chdir("/")
def chroot(self): """ .. seealso:: :func:`os.chroot` """ os.chroot(self)
def chroot(target_root): if target_root and target_root != '/': os.chroot(target_root) os.chdir("/")
def _run_chroot_process(filesystem, args, stdout=subprocess.PIPE, stderr=subprocess.PIPE): """ Create a chroot jail and run a process in it. Prints the PID of the new process. :param pathlib.Path filesystem: The directory which should be the root of the new process. :param list args: List of strings. See ``subprocess.Popen.args``. :param stdout: See https://docs.python.org/3.1/library/subprocess.html#subprocess.Popen. :param stderr: See https://docs.python.org/3.1/library/subprocess.html#subprocess.Popen. :return subprocess.Popen: The newly started process. """ real_root = os.open("/", os.O_RDONLY) os.chroot(str(filesystem)) process = subprocess.Popen( args=args, stdout=stdout, stderr=stderr, ) os.fchdir(real_root) os.chroot(".") os.close(real_root) # On some platforms it seems to take some time for a process to start, # even after this point. Therefore sleep for 5ms to ensure platform # parity. This seems to be necessary on Travis CI hosted. time.sleep(0.05) return process