def spawn_sudo(proxy):
"""Spawn the sudo slave process, returning proc and a pipe to message it."""
rnul = open(os.devnull,"r")
wnul = open(os.devnull,"w")
pipe = SecureStringPipe()
c_pipe = pipe.connect()
if not getattr(sys,"frozen",False):
exe = [sys.executable,"-c","import esky; esky.run_startup_hooks()"]
elif os.path.basename(sys.executable).lower() in ("python","pythonw"):
exe = [sys.executable,"-c","import esky; esky.run_startup_hooks()"]
else:
if not esky._startup_hooks_were_run:
raise OSError(None,"unable to sudo: startup hooks not run")
exe = [sys.executable]
args = ["--esky-spawn-sudo"]
args.append(base.b64pickle(proxy))
# Look for a variety of sudo-like programs
sudo = None
display_name = "%s update" % (proxy.name,)
if "DISPLAY" in os.environ:
sudo = find_exe("gksudo","-k","-D",display_name,"--")
if sudo is None:
sudo = find_exe("kdesudo")
if sudo is None:
sudo = find_exe("cocoasudo","--prompt='%s'" % (display_name,))
if sudo is None:
sudo = find_exe("sudo")
if sudo is None:
sudo = []
# Make it a slave process so it dies if we die
exe = sudo + exe + esky.slaveproc.get_slave_process_args() + args
# Pass the pipe in environment vars, they seem to be harder to snoop.
env = os.environ.copy()
env["ESKY_SUDO_PIPE"] = base.b64pickle(c_pipe)
# Spawn the subprocess
kwds = dict(stdin=rnul,stdout=wnul,stderr=wnul,close_fds=True,env=env)
proc = KillablePopen(exe,**kwds)
return (proc,pipe)
def spawn_sudo(proxy):
"""Spawn the sudo slave process, returning proc and a pipe to message it."""
rnul = open(os.devnull, "r")
wnul = open(os.devnull, "w")
pipe = SecureStringPipe()
c_pipe = pipe.connect()
if not getattr(sys, "frozen", False):
exe = [sys.executable, "-c", "import esky; esky.run_startup_hooks()"]
elif os.path.basename(sys.executable).lower() in ("python", "pythonw"):
exe = [sys.executable, "-c", "import esky; esky.run_startup_hooks()"]
else:
if not esky._startup_hooks_were_run:
raise OSError(None, "unable to sudo: startup hooks not run")
exe = [sys.executable]
args = ["--esky-spawn-sudo"]
args.append(base.b64pickle(proxy))
# Look for a variety of sudo-like programs
sudo = None
display_name = "%s update" % (proxy.name, )
if "DISPLAY" in os.environ:
sudo = find_exe("gksudo", "-k", "-D", display_name, "--")
if sudo is None:
sudo = find_exe("kdesudo")
if sudo is None:
sudo = find_exe("cocoasudo", "--prompt='%s'" % (display_name, ))
if sudo is None:
sudo = find_exe("sudo")
if sudo is None:
sudo = []
# Make it a slave process so it dies if we die
exe = sudo + exe + esky.slaveproc.get_slave_process_args() + args
# Pass the pipe in environment vars, they seem to be harder to snoop.
env = os.environ.copy()
env["ESKY_SUDO_PIPE"] = base.b64pickle(c_pipe)
# Spawn the subprocess
kwds = dict(stdin=rnul, stdout=wnul, stderr=wnul, close_fds=True, env=env)
proc = KillablePopen(exe, **kwds)
return (proc, pipe)
def spawn_sudo(proxy):
"""Spawn the sudo slave process, returning proc and a pipe to message it.
This function spawns the proxy app with administrator privileges, using
ShellExecuteEx and the undocumented-but-widely-recommended "runas" verb.
"""
pipe = SecureStringPipe()
c_pipe = pipe.connect()
if getattr(sys,"frozen",False):
if not esky._startup_hooks_were_run:
raise OSError(None,"unable to sudo: startup hooks not run")
exe = [sys.executable]
else:
exe = [sys.executable,"-c","import esky; esky.run_startup_hooks()"]
args = ["--esky-spawn-sudo"]
args.append(base.b64pickle(proxy))
args.append(base.b64pickle(c_pipe))
# Make it a slave process so it dies if we die
exe = exe + esky.slaveproc.get_slave_process_args() + args
if sys.getwindowsversion()[0] < 6:
kwds = {}
if sys.hexversion >= 0x02060000:
kwds["close_fds"] = True
proc = KillablePopen(exe,**kwds)
else:
execinfo = SHELLEXECUTEINFO()
execinfo.cbSize = sizeof(execinfo)
execinfo.fMask = SEE_MASK_NOCLOSEPROCESS | SEE_MASK_NOASYNC
execinfo.hwnd = None
execinfo.lpVerb = "runas"
execinfo.lpFile = exe[0]
execinfo.lpParameters = " ".join(exe[1:])
execinfo.lpDirectory = None
execinfo.nShow = 0
ShellExecuteEx(byref(execinfo))
proc = FakePopen(execinfo.hProcess)
return (proc,pipe)
def spawn_sudo(proxy):
"""Spawn the sudo slave process, returning proc and a pipe to message it.
This function spawns the proxy app with administrator privileges, using
ShellExecuteEx and the undocumented-but-widely-recommended "runas" verb.
"""
pipe = SecureStringPipe()
c_pipe = pipe.connect()
if getattr(sys, "frozen", False):
if not esky._startup_hooks_were_run:
raise OSError(None, "unable to sudo: startup hooks not run")
exe = [sys.executable]
else:
exe = [sys.executable, "-c", "import esky; esky.run_startup_hooks()"]
args = ["--esky-spawn-sudo"]
args.append(base.b64pickle(proxy))
args.append(base.b64pickle(c_pipe))
# Make it a slave process so it dies if we die
exe = exe + esky.slaveproc.get_slave_process_args() + args
if sys.getwindowsversion()[0] < 6:
kwds = {}
if sys.hexversion >= 0x02060000:
kwds["close_fds"] = True
proc = KillablePopen(exe, **kwds)
else:
execinfo = SHELLEXECUTEINFO()
execinfo.cbSize = sizeof(execinfo)
execinfo.fMask = SEE_MASK_NOCLOSEPROCESS | SEE_MASK_NOASYNC
execinfo.hwnd = None
execinfo.lpVerb = b"runas"
execinfo.lpFile = exe[0].encode('utf-8')
execinfo.lpParameters = " ".join(exe[1:]).encode('utf-8')
execinfo.lpDirectory = None
execinfo.nShow = 0
ShellExecuteEx(byref(execinfo))
proc = FakePopen(execinfo.hProcess)
return (proc, pipe)
def spawn_sudo(proxy):
"""Spawn the sudo slave process, returning proc and a pipe to message it."""
pipe = SecureStringPipe()
c_pipe = pipe.connect()
if not getattr(sys, "frozen", False):
exe = [sys.executable, "-c", "import esky; esky.run_startup_hooks()"]
elif os.path.basename(sys.executable).lower() in ("python", "pythonw"):
exe = [sys.executable, "-c", "import esky; esky.run_startup_hooks()"]
else:
if not esky._startup_hooks_were_run:
raise OSError(None, "unable to sudo: startup hooks not run")
exe = [sys.executable]
args = ["--esky-spawn-sudo"]
args.append(base.b64pickle(proxy))
args.append(base.b64pickle(c_pipe))
# Make it a slave process so it dies if we die
exe = exe + esky.slaveproc.get_slave_process_args() + args
auth = ctypes.c_void_p()
right = AuthorizationRight()
right.name = "py.esky.sudo." + proxy.name
right.valueLength = 0
right.value = None
right.flags = 0
rights = AuthorizationRights()
rights.count = 1
rights.items[0] = right
r_auth = byref(auth)
err = sec.AuthorizationCreate(None, None, kAuthorizationFlagDefaults,
r_auth)
if err:
raise OSError(errno.EACCES, "could not sudo: %d" % (err, ))
try:
kAuthFlags = kAuthorizationFlagDefaults \
| kAuthorizationFlagPreAuthorize \
| kAuthorizationFlagInteractionAllowed \
| kAuthorizationFlagExtendRights
err = sec.AuthorizationCopyRights(auth, None, None, kAuthFlags, None)
if err:
raise OSError(errno.EACCES, "could not sudo: %d" % (err, ))
args = (ctypes.c_char_p * len(exe))()
for i, arg in enumerate(exe[1:]):
args[i] = arg
args[len(exe) - 1] = None
io = ctypes.c_void_p()
err = sec.AuthorizationExecuteWithPrivileges(auth, exe[0], 0, args,
byref(io))
if err:
raise OSError(errno.EACCES, "could not sudo: %d" % (err, ))
buf = ctypes.create_string_buffer(8)
read = libc.fread(byref(buf), 1, 4, io)
if read != 4:
libc.fclose(io)
raise OSError(errno.EACCES, "could not sudo: child failed")
pid = struct.unpack("I", buf.raw[:4])[0]
pipe.fp = io
return (FakePopen(pid), pipe)
finally:
sec.AuthorizationFree(auth, kAuthorizationFlagDestroyRights)
def spawn_sudo(proxy):
"""Spawn the sudo slave process, returning proc and a pipe to message it."""
pipe = SecureStringPipe()
c_pipe = pipe.connect()
if not getattr(sys,"frozen",False):
exe = [sys.executable,"-c","import esky; esky.run_startup_hooks()"]
elif os.path.basename(sys.executable).lower() in ("python","pythonw"):
exe = [sys.executable,"-c","import esky; esky.run_startup_hooks()"]
else:
if not esky._startup_hooks_were_run:
raise OSError(None,"unable to sudo: startup hooks not run")
exe = [sys.executable]
args = ["--esky-spawn-sudo"]
args.append(base.b64pickle(proxy))
args.append(base.b64pickle(c_pipe))
# Make it a slave process so it dies if we die
exe = exe + esky.slaveproc.get_slave_process_args() + args
auth = ctypes.c_void_p()
right = AuthorizationRight()
right.name = "py.esky.sudo." + proxy.name
right.valueLength = 0
right.value = None
right.flags = 0
rights = AuthorizationRights()
rights.count = 1
rights.items[0] = right
r_auth = byref(auth)
err = sec.AuthorizationCreate(None,None,kAuthorizationFlagDefaults,r_auth)
if err:
raise OSError(errno.EACCES,"could not sudo: %d" % (err,))
try:
kAuthFlags = kAuthorizationFlagDefaults \
| kAuthorizationFlagPreAuthorize \
| kAuthorizationFlagInteractionAllowed \
| kAuthorizationFlagExtendRights
err = sec.AuthorizationCopyRights(auth,None,None,kAuthFlags,None)
if err:
raise OSError(errno.EACCES,"could not sudo: %d" % (err,))
args = (ctypes.c_char_p * len(exe))()
for i,arg in enumerate(exe[1:]):
args[i] = arg
args[len(exe)-1] = None
io = ctypes.c_void_p()
err = sec.AuthorizationExecuteWithPrivileges(auth,exe[0],0,args,byref(io))
if err:
raise OSError(errno.EACCES,"could not sudo: %d" %(err,))
buf = ctypes.create_string_buffer(8)
read = libc.fread(byref(buf),1,4,io)
if read != 4:
libc.fclose(io)
raise OSError(errno.EACCES,"could not sudo: child failed")
pid = struct.unpack("I",buf.raw[:4])[0]
pipe.fp = io
return (FakePopen(pid),pipe)
finally:
sec.AuthorizationFree(auth,kAuthorizationFlagDestroyRights)
