def preserve_xattrs(path, nofollow=False, namespace=None): """Context manager to save/restore extended attributes on |path| If you want to rewrite a file (possibly replacing it with a new one), but want to preserve the extended attributes, this will do the trick. # First read all the extended attributes. with save_xattrs('/some/file'): ... rewrite the file ... # Now the extended attributes are restored as needed. """ kwargs = { 'nofollow': nofollow, } if namespace: # Compiled xattr python module does not like it when namespace=None. kwargs['namespace'] = namespace old_attrs = dict(xattr.get_all(path, **kwargs)) try: yield finally: new_attrs = dict(xattr.get_all(path, **kwargs)) for name, value in new_attrs.items(): if name not in old_attrs: # Clear out new ones. xattr.remove(path, name, **kwargs) elif new_attrs[name] != old_attrs[name]: # Update changed ones. xattr.set(path, name, value, **kwargs) for name, value in old_attrs.items(): if name not in new_attrs: # Re-add missing ones. xattr.set(path, name, value, **kwargs)
def preserve_xattrs(path, nofollow=False, namespace=None): """Context manager to save/restore extended attributes on |path| If you want to rewrite a file (possibly replacing it with a new one), but want to preserve the extended attributes, this will do the trick. # First read all the extended attributes. with save_xattrs('/some/file'): ... rewrite the file ... # Now the extended attributes are restored as needed. """ kwargs = {'nofollow': nofollow,} if namespace: # Compiled xattr python module does not like it when namespace=None. kwargs['namespace'] = namespace old_attrs = dict(xattr.get_all(path, **kwargs)) try: yield finally: new_attrs = dict(xattr.get_all(path, **kwargs)) for name, value in new_attrs.items(): if name not in old_attrs: # Clear out new ones. xattr.remove(path, name, **kwargs) elif new_attrs[name] != old_attrs[name]: # Update changed ones. xattr.set(path, name, value, **kwargs) for name, value in old_attrs.items(): if name not in new_attrs: # Re-add missing ones. xattr.set(path, name, value, **kwargs)
def _checkDeprecated(self, item, symlink=False): """check deprecated list, set, get operations against an item""" self.checkList(xattr.listxattr(item, symlink), []) self.assertRaises(EnvironmentError, xattr.setxattr, item, self.USER_ATTR, self.USER_VAL, XATTR_REPLACE) try: xattr.setxattr(item, self.USER_ATTR, self.USER_VAL, 0, symlink) except IOError: err = sys.exc_info()[1] if symlink and (err.errno == errno.EPERM or err.errno == errno.ENOENT): # symlinks may fail, in which case we abort the rest # of the test for this case (Linux returns EPERM; OS X returns ENOENT) return raise self.assertRaises(EnvironmentError, xattr.setxattr, item, self.USER_ATTR, self.USER_VAL, XATTR_CREATE) self.checkList(xattr.listxattr(item, symlink), [self.USER_ATTR]) self.assertEqual(xattr.getxattr(item, self.USER_ATTR, symlink), self.USER_VAL) self.checkTuples(xattr.get_all(item, nofollow=symlink), [(self.USER_ATTR, self.USER_VAL)]) xattr.removexattr(item, self.USER_ATTR) self.checkList(xattr.listxattr(item, symlink), []) self.checkTuples(xattr.get_all(item, nofollow=symlink), []) self.assertRaises(EnvironmentError, xattr.removexattr, item, self.USER_ATTR)
def test_mixed_access(testdir, gen): """test mixed access to file""" with gen(testdir) as (a, b): # Check empty lists_equal(xattr.list(a), []) lists_equal(xattr.listxattr(b), []) # Check value xattr.set(a, USER_ATTR, USER_VAL) for i in [a, b]: # Deprecated functions lists_equal(xattr.listxattr(i), [USER_ATTR]) assert xattr.getxattr(i, USER_ATTR) == USER_VAL tuples_equal(xattr.get_all(i), [(USER_ATTR, USER_VAL)]) # Current functions lists_equal(xattr.list(i), [USER_ATTR]) assert xattr.list(i, namespace=NAMESPACE) == [USER_NN] assert xattr.get(i, USER_ATTR) == USER_VAL assert xattr.get(i, USER_NN, namespace=NAMESPACE) == USER_VAL tuples_equal(xattr.get_all(i), [(USER_ATTR, USER_VAL)]) assert xattr.get_all(i, namespace=NAMESPACE) == \ [(USER_NN, USER_VAL)] # Overwrite xattr.set(b, USER_ATTR, LARGE_VAL, flags=xattr.XATTR_REPLACE) assert xattr.get(a, USER_ATTR) == LARGE_VAL assert xattr.getxattr(a, USER_ATTR) == LARGE_VAL xattr.removexattr(b, USER_ATTR) assert xattr.get_all(a, namespace=NAMESPACE) == [] assert xattr.get_all(b, namespace=NAMESPACE) == []
def test_set_get_remove(subject, use_ns): item = subject[0] lists_equal(xattr.list(item), []) if use_ns: xattr.set(item, USER_NN, USER_VAL, namespace=NAMESPACE) else: xattr.set(item, USER_ATTR, USER_VAL) if use_ns: assert xattr.list(item, namespace=NAMESPACE) == [USER_NN] else: lists_equal(xattr.list(item), [USER_ATTR]) lists_equal(xattr.list(item, namespace=EMPTY_NS), [USER_ATTR]) if use_ns: assert xattr.get(item, USER_NN, namespace=NAMESPACE) == USER_VAL else: assert xattr.get(item, USER_ATTR) == USER_VAL if use_ns: assert xattr.get_all(item, namespace=NAMESPACE) == \ [(USER_NN, USER_VAL)] else: tuples_equal(xattr.get_all(item), [(USER_ATTR, USER_VAL)]) if use_ns: xattr.remove(item, USER_NN, namespace=NAMESPACE) else: xattr.remove(item, USER_ATTR) lists_equal(xattr.list(item), []) tuples_equal(xattr.get_all(item), [])
def _checkDeprecated(self, item, symlink=False): """check deprecated list, set, get operations against an item""" self.assertEqual(self._ignore(xattr.listxattr(item, symlink)), []) self.assertRaises(EnvironmentError, xattr.setxattr, item, self.USER_ATTR, self.USER_VAL, XATTR_REPLACE) try: xattr.setxattr(item, self.USER_ATTR, self.USER_VAL, 0, symlink) except IOError: err = sys.exc_info()[1] if err.errno == errno.EPERM and symlink: # symlinks may fail, in which case we abort the rest # of the test for this case return raise self.assertRaises(EnvironmentError, xattr.setxattr, item, self.USER_ATTR, self.USER_VAL, XATTR_CREATE) self.assertEqual(self._ignore(xattr.listxattr(item, symlink)), [self.USER_ATTR]) self.assertEqual(xattr.getxattr(item, self.USER_ATTR, symlink), self.USER_VAL) self.assertEqual(self._ignore_tuples(xattr.get_all(item, nofollow=symlink)), [(self.USER_ATTR, self.USER_VAL)]) xattr.removexattr(item, self.USER_ATTR) self.assertEqual(self._ignore(xattr.listxattr(item, symlink)), []) self.assertEqual(self._ignore_tuples(xattr.get_all(item, nofollow=symlink)), []) self.assertRaises(EnvironmentError, xattr.removexattr, item, self.USER_ATTR)
def _checkListSetGet(self, item, symlink=False, use_ns=False): """check list, set, get operations against an item""" self.assertEqual(self._ignore(xattr.list(item, symlink)), []) self.assertRaises(EnvironmentError, xattr.set, item, self.USER_ATTR, self.USER_VAL, flags=XATTR_REPLACE) self.assertRaises(EnvironmentError, xattr.set, item, self.USER_NN, self.USER_VAL, flags=XATTR_REPLACE, namespace=NS_USER) try: if use_ns: xattr.set(item, self.USER_NN, self.USER_VAL, namespace=NS_USER, nofollow=symlink) else: xattr.set(item, self.USER_ATTR, self.USER_VAL, nofollow=symlink) except IOError: err = sys.exc_info()[1] if err.errno == errno.EPERM and symlink: # symlinks may fail, in which case we abort the rest # of the test for this case return raise self.assertRaises(EnvironmentError, xattr.set, item, self.USER_ATTR, self.USER_VAL, flags=XATTR_CREATE) self.assertRaises(EnvironmentError, xattr.set, item, self.USER_NN, self.USER_VAL, flags=XATTR_CREATE, namespace=NS_USER) self.assertEqual(self._ignore(xattr.list(item, nofollow=symlink)), [self.USER_ATTR]) self.assertEqual(self._ignore(xattr.list(item, nofollow=symlink, namespace=EMPTY_NS)), [self.USER_ATTR]) self.assertEqual(xattr.list(item, namespace=NS_USER, nofollow=symlink), [self.USER_NN]) self.assertEqual(xattr.get(item, self.USER_ATTR, nofollow=symlink), self.USER_VAL) self.assertEqual(xattr.get(item, self.USER_NN, nofollow=symlink, namespace=NS_USER), self.USER_VAL) self.assertEqual(self._ignore_tuples(xattr.get_all(item, nofollow=symlink)), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(item, nofollow=symlink, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)]) if use_ns: xattr.remove(item, self.USER_NN, namespace=NS_USER) else: xattr.remove(item, self.USER_ATTR) self.assertEqual(self._ignore(xattr.list(item, symlink)), []) self.assertEqual(self._ignore_tuples(xattr.get_all(item, nofollow=symlink)), []) self.assertRaises(EnvironmentError, xattr.remove, item, self.USER_ATTR, nofollow=symlink) self.assertRaises(EnvironmentError, xattr.remove, item, self.USER_NN, namespace=NS_USER, nofollow=symlink)
def _checkListSetGet(self, item, symlink=False, use_ns=False): """check list, set, get operations against an item""" self.checkList(xattr.list(item, symlink), []) self.assertRaises(EnvironmentError, xattr.set, item, self.USER_ATTR, self.USER_VAL, flags=XATTR_REPLACE) self.assertRaises(EnvironmentError, xattr.set, item, self.USER_NN, self.USER_VAL, flags=XATTR_REPLACE, namespace=NS_USER) try: if use_ns: xattr.set(item, self.USER_NN, self.USER_VAL, namespace=NS_USER, nofollow=symlink) else: xattr.set(item, self.USER_ATTR, self.USER_VAL, nofollow=symlink) except IOError: err = sys.exc_info()[1] if symlink and (err.errno == errno.EPERM or err.errno == errno.ENOENT): # symlinks may fail, in which case we abort the rest # of the test for this case (Linux returns EPERM; OS X # returns ENOENT) return raise self.assertRaises(EnvironmentError, xattr.set, item, self.USER_ATTR, self.USER_VAL, flags=XATTR_CREATE) self.assertRaises(EnvironmentError, xattr.set, item, self.USER_NN, self.USER_VAL, flags=XATTR_CREATE, namespace=NS_USER) self.checkList(xattr.list(item, nofollow=symlink), [self.USER_ATTR]) self.checkList(xattr.list(item, nofollow=symlink, namespace=EMPTY_NS), [self.USER_ATTR]) self.assertEqual(xattr.list(item, namespace=NS_USER, nofollow=symlink), [self.USER_NN]) self.assertEqual(xattr.get(item, self.USER_ATTR, nofollow=symlink), self.USER_VAL) self.assertEqual(xattr.get(item, self.USER_NN, nofollow=symlink, namespace=NS_USER), self.USER_VAL) self.checkTuples(xattr.get_all(item, nofollow=symlink), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(item, nofollow=symlink, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)]) if use_ns: xattr.remove(item, self.USER_NN, namespace=NS_USER) else: xattr.remove(item, self.USER_ATTR) self.checkList(xattr.list(item, symlink), []) self.checkTuples(xattr.get_all(item, nofollow=symlink), []) self.assertRaises(EnvironmentError, xattr.remove, item, self.USER_ATTR, nofollow=symlink) self.assertRaises(EnvironmentError, xattr.remove, item, self.USER_NN, namespace=NS_USER, nofollow=symlink)
def testNoXattrDeprecated(self): """test no attributes (deprecated functions)""" fh, fname = self._getfile() self.checkList(xattr.listxattr(fname), []) self.checkTuples(xattr.get_all(fname), []) dname = self._getdir() self.checkList(xattr.listxattr(dname), []) self.checkTuples(xattr.get_all(dname), []) _, sname = self._getsymlink() self.checkList(xattr.listxattr(sname, True), []) self.checkTuples(xattr.get_all(sname, nofollow=True), [])
def testMixedAccessDeprecated(self): """test mixed access to file (deprecated functions)""" fh, fname = self._getfile() fo = os.fdopen(fh) self.assertEqual(xattr.listxattr(fname), []) xattr.setxattr(fname, self.USER_ATTR, self.USER_VAL) self.assertEqual(xattr.listxattr(fh), [self.USER_ATTR]) self.assertEqual(xattr.getxattr(fo, self.USER_ATTR), self.USER_VAL) self.assertEqual(xattr.get_all(fo), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fname), [(self.USER_ATTR, self.USER_VAL)]) fo.close()
def testNoXattrDeprecated(self): """test no attributes (deprecated functions)""" fh, fname = self._getfile() self.assertEqual(xattr.listxattr(fname), []) self.assertEqual(xattr.get_all(fname), []) dname = self._getdir() self.assertEqual(xattr.listxattr(dname), []) self.assertEqual(xattr.get_all(dname), []) _, sname = self._getsymlink() self.assertEqual(xattr.listxattr(sname, True), []) self.assertEqual(xattr.get_all(sname, nofollow=True), [])
def test_set_get_remove_deprecated(subject): """check deprecated list, set, get operations against an item""" item = subject[0] lists_equal(xattr.listxattr(item), []) xattr.setxattr(item, USER_ATTR, USER_VAL, 0) lists_equal(xattr.listxattr(item), [USER_ATTR]) assert xattr.getxattr(item, USER_ATTR) == USER_VAL tuples_equal(xattr.get_all(item), [(USER_ATTR, USER_VAL)]) xattr.removexattr(item, USER_ATTR) lists_equal(xattr.listxattr(item), []) tuples_equal(xattr.get_all(item), [])
def test_no_attributes(any_subject): """test no attributes""" item, nofollow = any_subject lists_equal(xattr.list(item, nofollow=nofollow), []) assert xattr.list(item, nofollow=nofollow, namespace=NAMESPACE) == [] tuples_equal(xattr.get_all(item, nofollow=nofollow), []) assert xattr.get_all(item, nofollow=nofollow, namespace=NAMESPACE) == [] with pytest.raises(EnvironmentError): xattr.get(item, USER_NN, nofollow=nofollow, namespace=NAMESPACE)
def testMixedAccessDeprecated(self): """test mixed access to file (deprecated functions)""" fh, fname = self._getfile() fo = os.fdopen(fh) self.checkList(xattr.listxattr(fname), []) xattr.setxattr(fname, self.USER_ATTR, self.USER_VAL) self.checkList(xattr.listxattr(fh), [self.USER_ATTR]) self.assertEqual(xattr.getxattr(fo, self.USER_ATTR), self.USER_VAL) self.checkTuples(xattr.get_all(fo), [(self.USER_ATTR, self.USER_VAL)]) self.checkTuples(xattr.get_all(fname), [(self.USER_ATTR, self.USER_VAL)]) fo.close()
def test_binary_payload(subject): """test binary values""" item = subject[0] BINVAL = b"abc\0def" xattr.set(item, USER_ATTR, BINVAL) lists_equal(xattr.list(item), [USER_ATTR]) assert xattr.list(item, namespace=NAMESPACE) == [USER_NN] assert xattr.get(item, USER_ATTR) == BINVAL assert xattr.get(item, USER_NN, namespace=NAMESPACE) == BINVAL tuples_equal(xattr.get_all(item), [(USER_ATTR, BINVAL)]) assert xattr.get_all(item, namespace=NAMESPACE) == [(USER_NN, BINVAL)] xattr.remove(item, USER_ATTR)
def testBinaryPayload(self): """test binary values""" fh, fname = self._getfile() os.close(fh) BINVAL = "abc" + "\0" + "def" if PY3K: BINVAL = BINVAL.encode() xattr.set(fname, self.USER_ATTR, BINVAL) self.assertEqual(xattr.list(fname), [self.USER_ATTR]) self.assertEqual(xattr.list(fname, namespace=NS_USER), [self.USER_NN]) self.assertEqual(xattr.get(fname, self.USER_ATTR), BINVAL) self.assertEqual(xattr.get(fname, self.USER_NN, namespace=NS_USER), BINVAL) self.assertEqual(xattr.get_all(fname), [(self.USER_ATTR, BINVAL)]) self.assertEqual(xattr.get_all(fname, namespace=NS_USER), [(self.USER_NN, BINVAL)]) xattr.remove(fname, self.USER_ATTR)
def testMixedAccess(self): """test mixed access to file""" fh, fname = self._getfile() fo = os.fdopen(fh) self.assertEqual(xattr.list(fname), []) xattr.set(fname, self.USER_ATTR, self.USER_VAL) self.assertEqual(xattr.list(fh), [self.USER_ATTR]) self.assertEqual(xattr.list(fh, namespace=NS_USER), [self.USER_NN]) self.assertEqual(xattr.get(fo, self.USER_ATTR), self.USER_VAL) self.assertEqual(xattr.get(fo, self.USER_NN, namespace=NS_USER), self.USER_VAL) self.assertEqual(xattr.get_all(fo), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fo, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)]) self.assertEqual(xattr.get_all(fname), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fname, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)]) fo.close()
def test_no_attributes_deprecated(any_subject): """test no attributes (deprecated functions)""" item, nofollow = any_subject lists_equal(xattr.listxattr(item, True), []) tuples_equal(xattr.get_all(item, True), []) with pytest.raises(EnvironmentError): xattr.getxattr(item, USER_ATTR, True)
def testManyOps(self): """test many ops""" fh, fname = self._getfile() xattr.set(fh, self.USER_ATTR, self.USER_VAL) VL = [self.USER_ATTR] VN = [self.USER_NN] for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.list(fh), VL) self.assertEqual(xattr.list(fh, namespace=EMPTY_NS), VL) self.assertEqual(xattr.list(fh, namespace=NS_USER), VN) for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.get(fh, self.USER_ATTR), self.USER_VAL) self.assertEqual(xattr.get(fh, self.USER_NN, namespace=NS_USER), self.USER_VAL) for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.get_all(fh), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fh, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)])
def is_untrusted_xattr(path, orig_perms): """Check for 'user.qubes.untrusted' xattr on the file. Expects a readable file. """ try: file_xattrs = xattr.get_all(path) except: error('Unable to read extended attributes of {}'.format(path)) safe_chmod(path, orig_perms, 'Unable to set original permissions of {}'.format(path)) sys.exit(65) # Check for our custom qubes attribute untrusted_attribute = (b'user.qubes.untrusted', b'true') if untrusted_attribute in file_xattrs: # We found our attribute # Return to original permissions safe_chmod(path, orig_perms, 'Unable to set original permissions of {}'.format(path)) return True # Return to original permissions safe_chmod(path, orig_perms, 'Unable to set original permissions of {}'.format(path)) # We didn't find our attribute return False
def _add_linux_xattr(self, path, st): if not xattr: return try: self.linux_xattr = xattr.get_all(path, nofollow=True) except EnvironmentError, e: if e.errno != errno.EOPNOTSUPP: raise
def _add_linux_xattr(self, path, st): if not xattr: return try: self.linux_xattr = xattr.get_all(path, nofollow=True) except EnvironmentError as e: if e.errno != errno.EOPNOTSUPP: raise
def testBinaryPayload(self): """test binary values""" fh, fname = self._getfile() os.close(fh) BINVAL = "abc" + '\0' + "def" if PY3K: BINVAL = BINVAL.encode() xattr.set(fname, self.USER_ATTR, BINVAL) self.checkList(xattr.list(fname), [self.USER_ATTR]) self.assertEqual(xattr.list(fname, namespace=NS_USER), [self.USER_NN]) self.assertEqual(xattr.get(fname, self.USER_ATTR), BINVAL) self.assertEqual(xattr.get(fname, self.USER_NN, namespace=NS_USER), BINVAL) self.checkTuples(xattr.get_all(fname), [(self.USER_ATTR, BINVAL)]) self.assertEqual(xattr.get_all(fname, namespace=NS_USER), [(self.USER_NN, BINVAL)]) xattr.remove(fname, self.USER_ATTR)
def testNoXattrDeprecated(self): """test no attributes (deprecated functions)""" fh, fname = self._getfile() self.checkList(xattr.listxattr(fname), []) self.checkTuples(xattr.get_all(fname), []) self.assertRaises(EnvironmentError, xattr.getxattr, fname, self.USER_ATTR) dname = self._getdir() self.checkList(xattr.listxattr(dname), []) self.checkTuples(xattr.get_all(dname), []) self.assertRaises(EnvironmentError, xattr.getxattr, dname, self.USER_ATTR) _, sname = self._getsymlink() self.checkList(xattr.listxattr(sname, True), []) self.checkTuples(xattr.get_all(sname, nofollow=True), []) self.assertRaises(EnvironmentError, xattr.getxattr, fname, self.USER_ATTR, True)
def test_binary_payload_deprecated(subject): """test binary values (deprecated functions)""" item = subject[0] BINVAL = b"abc\0def" xattr.setxattr(item, USER_ATTR, BINVAL) lists_equal(xattr.listxattr(item), [USER_ATTR]) assert xattr.getxattr(item, USER_ATTR) == BINVAL tuples_equal(xattr.get_all(item), [(USER_ATTR, BINVAL)]) xattr.removexattr(item, USER_ATTR)
def test_many_ops(subject): """test many ops""" item = subject[0] xattr.set(item, USER_ATTR, USER_VAL) VL = [USER_ATTR] VN = [USER_NN] for i in range(MANYOPS_COUNT): lists_equal(xattr.list(item), VL) lists_equal(xattr.list(item, namespace=EMPTY_NS), VL) assert xattr.list(item, namespace=NAMESPACE) == VN for i in range(MANYOPS_COUNT): assert xattr.get(item, USER_ATTR) == USER_VAL assert xattr.get(item, USER_NN, namespace=NAMESPACE) == USER_VAL for i in range(MANYOPS_COUNT): tuples_equal(xattr.get_all(item), [(USER_ATTR, USER_VAL)]) assert xattr.get_all(item, namespace=NAMESPACE) == \ [(USER_NN, USER_VAL)]
def testMixedAccess(self): """test mixed access to file""" fh, fname = self._getfile() fo = os.fdopen(fh) self.checkList(xattr.list(fname), []) xattr.set(fname, self.USER_ATTR, self.USER_VAL) self.checkList(xattr.list(fh), [self.USER_ATTR]) self.assertEqual(xattr.list(fh, namespace=NS_USER), [self.USER_NN]) self.assertEqual(xattr.get(fo, self.USER_ATTR), self.USER_VAL) self.assertEqual(xattr.get(fo, self.USER_NN, namespace=NS_USER), self.USER_VAL) self.checkTuples(xattr.get_all(fo), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fo, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)]) self.checkTuples(xattr.get_all(fname), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fname, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)]) fo.close()
def xattr_diff(afile, bfile): def tuple_list_to_hash(tl): ret = {} for k,v in tl: ret[k] = v return ret info = [] a_attr = tuple_list_to_hash(xattr.get_all(afile, namespace=xattr.NS_USER)) b_attr = tuple_list_to_hash(xattr.get_all(bfile, namespace=xattr.NS_USER)) for ka,va in a_attr.items(): if b_attr.has_key(ka): if b_attr[ka] != va: info.append("xattrs differ for %s" % ka) else: info.append("only in %s: %s" % (afile, ka)) for kb,vb in b_attr.items(): if not a_attr.has_key(kb): info.append("only in %s: %s" % (bfile, kb)) return info
def testManyOps(self): """test many ops""" fh, fname = self._getfile() xattr.set(fh, self.USER_ATTR, self.USER_VAL) VL = [self.USER_ATTR] VN = [self.USER_NN] for i in range(self.MANYOPS_COUNT): self.checkList(xattr.list(fh), VL) self.checkList(xattr.list(fh, namespace=EMPTY_NS), VL) self.assertEqual(xattr.list(fh, namespace=NS_USER), VN) for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.get(fh, self.USER_ATTR), self.USER_VAL) self.assertEqual(xattr.get(fh, self.USER_NN, namespace=NS_USER), self.USER_VAL) for i in range(self.MANYOPS_COUNT): self.checkTuples(xattr.get_all(fh), [(self.USER_ATTR, self.USER_VAL)]) self.assertEqual(xattr.get_all(fh, namespace=NS_USER), [(self.USER_NN, self.USER_VAL)])
def read_user_xattr(fd): try: it = xattr.get_all(fd) except IOError as e: for err in 'ENOTSUP', 'EOPNOTSUPP': if hasattr(errno, err) and e.errno == getattr(errno, err): raise e meta = {k[5:]: v for k, v in it if k.startswith('user.')} return meta
def testManyOpsDeprecated(self): """test many ops (deprecated functions)""" fh, fname = self._getfile() xattr.setxattr(fh, self.USER_ATTR, self.USER_VAL) VL = [self.USER_ATTR] for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.listxattr(fh), VL) for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.getxattr(fh, self.USER_ATTR), self.USER_VAL) for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.get_all(fh), [(self.USER_ATTR, self.USER_VAL)])
def xattr_diff(afile, bfile): def tuple_list_to_hash(tl): ret = {} for k, v in tl: ret[k] = v return ret info = [] a_attr = tuple_list_to_hash(xattr.get_all(afile, namespace=xattr.NS_USER)) b_attr = tuple_list_to_hash(xattr.get_all(bfile, namespace=xattr.NS_USER)) for ka, va in a_attr.items(): if b_attr.has_key(ka): if b_attr[ka] != va: info.append("xattrs differ for %s" % ka) else: info.append("only in %s: %s" % (afile, ka)) for kb, vb in b_attr.items(): if not a_attr.has_key(kb): info.append("only in %s: %s" % (bfile, kb)) return info
def make_link(root: str, filename: str, dst_folder: str): filepath = os.path.join(root, filename) original_filepath = os.path.join('..', '..', '..', filepath) for k, v in xattr.get_all(filepath): k = str(k, 'utf-8') v = str(v, 'utf-8') v_dir = os.path.join(dst_folder, k, v) os.makedirs(v_dir) new_filepath = os.path.join(v_dir, filename) os.symlink(original_filepath, new_filepath)
def read_user_xattr(fd): it = {} try: it = xattr.get_all(fd) except IOError as err: for code in ('ENOTSUP', 'EOPNOTSUPP', 'ENOENT'): if hasattr(errno, code) and err.errno == getattr(errno, code): raise err meta = debinarize({k[5:]: v for k, v in it if k.startswith(b'user.')}) return meta
def testBinaryPayloadDeprecated(self): """test binary values (deprecated functions)""" fh, fname = self._getfile() os.close(fh) BINVAL = "abc" + "\0" + "def" if PY3K: BINVAL = BINVAL.encode() xattr.setxattr(fname, self.USER_ATTR, BINVAL) self.assertEqual(xattr.listxattr(fname), [self.USER_ATTR]) self.assertEqual(xattr.getxattr(fname, self.USER_ATTR), BINVAL) self.assertEqual(xattr.get_all(fname), [(self.USER_ATTR, BINVAL)]) xattr.removexattr(fname, self.USER_ATTR)
def testBinaryPayloadDeprecated(self): """test binary values (deprecated functions)""" fh, fname = self._getfile() os.close(fh) BINVAL = "abc" + '\0' + "def" if PY3K: BINVAL = BINVAL.encode() xattr.setxattr(fname, self.USER_ATTR, BINVAL) self.checkList(xattr.listxattr(fname), [self.USER_ATTR]) self.assertEqual(xattr.getxattr(fname, self.USER_ATTR), BINVAL) self.checkTuples(xattr.get_all(fname), [(self.USER_ATTR, BINVAL)]) xattr.removexattr(fname, self.USER_ATTR)
def test_many_ops_deprecated(subject): """test many ops (deprecated functions)""" item = subject[0] xattr.setxattr(item, USER_ATTR, USER_VAL) VL = [USER_ATTR] for i in range(MANYOPS_COUNT): lists_equal(xattr.listxattr(item), VL) for i in range(MANYOPS_COUNT): assert xattr.getxattr(item, USER_ATTR) == USER_VAL for i in range(MANYOPS_COUNT): tuples_equal(xattr.get_all(item), [(USER_ATTR, USER_VAL)])
def testManyOpsDeprecated(self): """test many ops (deprecated functions)""" fh, fname = self._getfile() xattr.setxattr(fh, self.USER_ATTR, self.USER_VAL) VL = [self.USER_ATTR] for i in range(self.MANYOPS_COUNT): self.checkList(xattr.listxattr(fh), VL) for i in range(self.MANYOPS_COUNT): self.assertEqual(xattr.getxattr(fh, self.USER_ATTR), self.USER_VAL) for i in range(self.MANYOPS_COUNT): self.checkTuples(xattr.get_all(fh), [(self.USER_ATTR, self.USER_VAL)])
def testNoXattr(self): """test no attributes""" fh, fname = self._getfile() self.checkList(xattr.list(fname), []) self.assertEqual(xattr.list(fname, namespace=NS_USER), []) self.checkTuples(xattr.get_all(fname), []) self.assertEqual(xattr.get_all(fname, namespace=NS_USER), []) self.assertRaises(EnvironmentError, xattr.get, fname, self.USER_NN, namespace=NS_USER) dname = self._getdir() self.checkList(xattr.list(dname), []) self.assertEqual(xattr.list(dname, namespace=NS_USER), []) self.checkTuples(xattr.get_all(dname), []) self.assertEqual(xattr.get_all(dname, namespace=NS_USER), []) self.assertRaises(EnvironmentError, xattr.get, dname, self.USER_NN, namespace=NS_USER) _, sname = self._getsymlink() self.checkList(xattr.list(sname, nofollow=True), []) self.assertEqual(xattr.list(sname, nofollow=True, namespace=NS_USER), []) self.checkTuples(xattr.get_all(sname, nofollow=True), []) self.assertEqual(xattr.get_all(sname, nofollow=True, namespace=NS_USER), []) self.assertRaises(EnvironmentError, xattr.get, sname, self.USER_NN, namespace=NS_USER, nofollow=True)
def change_file(path, trusted): """Change the trust state of a file""" # Save the original permissions of the file orig_perms = os.stat(path).st_mode # See if the file is readable try: with open(path): pass except IOError: # Try to unlock file to get read access safe_chmod(path, 0o644, 'Could not unlock {} for reading'.format(path)) if trusted: # Set file to trusted # AKA remove our xattr file_xattrs = xattr.get_all(path) untrusted_attribute = (b'user.qubes.untrusted', b'true') # Check if the xattr exists first if untrusted_attribute in file_xattrs: try: xattr.removexattr(path, 'user.qubes.untrusted') except: # Unable to remove our xattr, return original permissions error( 'Unable to remove untrusted attribute on {}'.format(path)) safe_chmod(path, orig_perms, 'Unable to set original perms. on {}'.format(path)) # Remove visual attributes set_visual_attributes(path, False) else: # Set file to untrusted # AKA add our xattr and lock try: xattr.setxattr(path, 'user.qubes.untrusted', 'true') safe_chmod( path, 0o0, 'Unable to set untrusted permissions on: {}'.format(path)) except: # Unable to remove our xattr, return original permissions safe_chmod( path, orig_perms, 'Unable to return perms after setting as untrusted: {}'.format( path)) sys.exit(65) # Add visual attributes set_visual_attributes(path, True)
def xattr_sync_impl(file_name, meta): xlist = xattr.get_all(file_name, namespace=xattr.NS_USER) to_delete = [] to_set = {} for k,v in meta.items(): to_set[k] = v for k,v in xlist: if (k == ACL_XATTR): continue if (not meta.has_key(k)): to_delete.append(k) elif (meta[k] == v): del to_set[k] return to_delete, to_set
def xattr_sync_impl(file_name, meta): xlist = xattr.get_all(file_name, namespace=xattr.NS_USER) to_delete = [] to_set = {} for k, v in meta.items(): to_set[k] = v for k, v in xlist: if (k == ACL_XATTR): continue if (not meta.has_key(k)): to_delete.append(k) elif (meta[k] == v): del to_set[k] return to_delete, to_set
def assert_xattr(file_name, meta): """ Raise an exception if the xattrs on a file are not what we expect """ to_delete, to_set = xattr_sync_impl(file_name, meta) if (len(to_delete) == 0) and (len(to_set) == 0): return print "XATTRS DIFFER: ", print "EXPECTED: {", sep = "" for k,v in meta.items(): print sep + str(k) + " : " + str(v), sep = ", " print "}", print "GOT: {", sep = "" for k,v in xattr.get_all(file_name, namespace=xattr.NS_USER): if (k == ACL_XATTR): continue print "%s%s:%s" % (sep, k, v), sep = ", " print "}", print raise Exception("extended attributes are not what we expect on %s" % file_name)
def _getitem(self, cpv): values = {} path = self.__get_path(cpv) all = {} for tuple in xattr.get_all(path,namespace=self.ns): key,value = tuple all[key] = value if not '_mtime_' in all: raise KeyError(cpv) # We default to '' like other caches for key in self.keys: attr_value = all.get(key,'1:') parts,sep,value = attr_value.partition(':') parts = int(parts) if parts > 1: for i in range(1,parts): value += all.get(key+str(i)) values[key] = value return values
def testNoXattr(self): """test no attributes""" fh, fname = self._getfile() self.assertEqual(xattr.list(fname), []) self.assertEqual(xattr.list(fname, namespace=NS_USER), []) self.assertEqual(xattr.get_all(fname), []) self.assertEqual(xattr.get_all(fname, namespace=NS_USER), []) dname = self._getdir() self.assertEqual(xattr.list(dname), []) self.assertEqual(xattr.list(dname, namespace=NS_USER), []) self.assertEqual(xattr.get_all(dname), []) self.assertEqual(xattr.get_all(dname, namespace=NS_USER), []) _, sname = self._getsymlink() self.assertEqual(xattr.list(sname, nofollow=True), []) self.assertEqual(xattr.list(sname, nofollow=True, namespace=NS_USER), []) self.assertEqual(xattr.get_all(sname, nofollow=True), []) self.assertEqual(xattr.get_all(sname, nofollow=True, namespace=NS_USER), [])
def all_xattrs(self, path, **kw): return dict(xattr.get_all(path, namespace=xattr.NS_USER, **kw))
def get(self, path): d = dict(xattr.get_all(path, namespace = xattr.NS_USER)) for k in d: d[k] = d[k].split(',') return Values(d)
def items(self): """ Returns a list of key/value pairs for all filesystem attributes """ allAttrs = xattr.get_all(self._path, namespace=xattr.NS_USER) return [ (key.decode(), self._decodeVal(val)) for key, val in allAttrs ]
def _get_xattrs(self, filename): pairs = xattr.get_all(os.path.join(self.dirpath, filename), namespace=xattr.NS_USER) return dict([list(map(to_unicode, p)) for p in pairs])