def shell(self): try: os.chdir(self.path or self.callee.dir) except Exception: self.log.debug( "Can't chdir to %s" % (self.path or self.callee.dir), exc_info=True) env = os.environ # If local and local user is the same as login user # We set the env of the user from the browser # Usefull when running as root if self.caller == self.callee: env.update(self.socket.env) env["TERM"] = "xterm-256color" env["COLORTERM"] = "butterfly" env["HOME"] = self.callee.dir env["LOCATION"] = "http%s://%s:%d/" % ( "s" if not tornado.options.options.unsecure else "", tornado.options.options.host, tornado.options.options.port) env["PATH"] = '%s:%s' % (os.path.abspath(os.path.join( os.path.dirname(__file__), 'bin')), env.get("PATH")) try: tty = os.ttyname(0).replace('/dev/', '') except Exception: self.log.debug("Can't get ttyname", exc_info=True) tty = '' if self.caller != self.callee: try: os.chown(os.ttyname(0), self.callee.uid, -1) except Exception: self.log.debug("Can't chown ttyname", exc_info=True) utils.add_user_info( self.uid, tty, os.getpid(), self.callee.name, self.request.headers['Host']) if not tornado.options.options.unsecure or ( self.socket.local and self.caller == self.callee and server == self.callee ) or not tornado.options.options.login: # User has been auth with ssl or is the same user as server # or login is explicitly turned off if ( not tornado.options.options.unsecure and tornado.options.options.login and not ( self.socket.local and self.caller == self.callee and server == self.callee )): # User is authed by ssl, setting groups try: os.initgroups(self.callee.name, self.callee.gid) os.setgid(self.callee.gid) os.setuid(self.callee.uid) except Exception: self.log.error( 'The server must be run as root ' 'if you want to log as different user\n', exc_info=True) sys.exit(1) if tornado.options.options.cmd: args = tornado.options.options.cmd.split(' ') else: args = [tornado.options.options.shell or self.callee.shell] args.append('-i') os.execvpe(args[0], args, env) # This process has been replaced # Unsecure connection with su if server.root: if self.socket.local: if self.callee != self.caller: # Force password prompt by dropping rights # to the daemon user os.setuid(daemon.uid) else: # We are not local so we should always get a password prompt if self.callee == daemon: # No logging from daemon sys.exit(1) os.setuid(daemon.uid) if os.path.exists('/usr/bin/su'): args = ['/usr/bin/su'] else: args = ['/bin/su'] if sys.platform == 'linux': args.append('-p') if tornado.options.options.shell: args.append('-s') args.append(tornado.options.options.shell) args.append(self.callee.name) os.execvpe(args[0], args, env)
def shell(self): try: os.chdir(self.path or self.callee.dir) except Exception: log.debug("Can't chdir to %s" % (self.path or self.callee.dir), exc_info=True) # If local and local user is the same as login user # We set the env of the user from the browser # Usefull when running as root if self.caller == self.callee: env = os.environ env.update(self.socket.env) else: # May need more? env = {} env["TERM"] = "xterm-256color" env["COLORTERM"] = "butterfly" env["HOME"] = self.callee.dir env["LOCATION"] = self.uri env['BUTTERFLY_PATH'] = os.path.abspath( os.path.join(os.path.dirname(__file__), 'bin')) try: tty = os.ttyname(0).replace('/dev/', '') except Exception: log.debug("Can't get ttyname", exc_info=True) tty = '' if self.caller != self.callee: try: os.chown(os.ttyname(0), self.callee.uid, -1) except Exception: log.debug("Can't chown ttyname", exc_info=True) utils.add_user_info(self.uid, tty, os.getpid(), self.callee.name, self.uri) local_login = (self.socket.local and self.caller == self.callee and server == self.callee) secure = not tornado.options.options.unsecure force_login = tornado.options.options.login ignore_security = ( tornado.options.options. i_hereby_declare_i_dont_want_any_security_whatsoever) if not force_login and (ignore_security or secure or local_login): # User has been auth with ssl or is the same user as server # or login is explicitly turned off if secure and not local_login: # User is authed by ssl, setting groups try: os.initgroups(self.callee.name, self.callee.gid) os.setgid(self.callee.gid) os.setuid(self.callee.uid) # Apparently necessary for some cmd env['LOGNAME'] = env['USER'] = self.callee.name except Exception: log.error( 'The server must be run as root ' 'if you want to log as different user\n', exc_info=True) sys.exit(1) if tornado.options.options.cmd: args = tornado.options.options.cmd.split(' ') else: args = [tornado.options.options.shell or self.callee.shell] args.append('-il') # In some cases some shells don't export SHELL var env['SHELL'] = args[0] os.execvpe(args[0], args, env) # This process has been replaced if tornado.options.options.pam_profile: if not server.root: print('You must be root to use pam_profile option.') sys.exit(3) pam_path = os.path.join( os.path.dirname(os.path.realpath(__file__)), 'pam.py') os.execvpe(sys.executable, [ sys.executable, pam_path, self.callee.name, tornado.options.options.pam_profile ], env) # Unsecure connection with su if server.root: if self.socket.local: if self.callee != self.caller: # Force password prompt by dropping rights # to the daemon user os.setuid(daemon.uid) else: # We are not local so we should always get a password prompt if self.callee == daemon: # No logging from daemon sys.exit(1) os.setuid(daemon.uid) if os.path.exists('/usr/bin/su'): args = ['/usr/bin/su'] else: args = ['/bin/su'] args.append('-l') if sys.platform.startswith('linux') and tornado.options.options.shell: args.append('-s') args.append(tornado.options.options.shell) args.append(self.callee.name) os.execvpe(args[0], args, env)
def shell(self): try: os.chdir(self.path or self.callee.dir) except Exception: log.debug( "Can't chdir to %s" % (self.path or self.callee.dir), exc_info=True) # If local and local user is the same as login user # We set the env of the user from the browser # Usefull when running as root if self.caller == self.callee: env = os.environ env.update(self.socket.env) else: # May need more? env = {} env["TERM"] = "xterm-256color" env["COLORTERM"] = "butterfly" env["HOME"] = self.callee.dir env["LOCATION"] = self.uri env['BUTTERFLY_PATH'] = os.path.abspath(os.path.join( os.path.dirname(__file__), 'bin')) try: tty = os.ttyname(0).replace('/dev/', '') except Exception: log.debug("Can't get ttyname", exc_info=True) tty = '' if self.caller != self.callee: try: os.chown(os.ttyname(0), self.callee.uid, -1) except Exception: log.debug("Can't chown ttyname", exc_info=True) utils.add_user_info( self.uid, tty, os.getpid(), self.callee.name, self.uri) local_login = ( self.socket.local and self.caller == self.callee and server == self.callee) secure = not tornado.options.options.unsecure force_login = tornado.options.options.login ignore_security = ( tornado.options.options. i_hereby_declare_i_dont_want_any_security_whatsoever) if not force_login and (ignore_security or secure or local_login): # User has been auth with ssl or is the same user as server # or login is explicitly turned off if secure and not local_login: # User is authed by ssl, setting groups try: os.initgroups(self.callee.name, self.callee.gid) os.setgid(self.callee.gid) os.setuid(self.callee.uid) # Apparently necessary for some cmd env['LOGNAME'] = env['USER'] = self.callee.name except Exception: log.error( 'The server must be run as root ' 'if you want to log as different user\n', exc_info=True) sys.exit(1) if tornado.options.options.cmd: args = tornado.options.options.cmd.split(' ') else: args = [tornado.options.options.shell or self.callee.shell] args.append('-il') # In some cases some shells don't export SHELL var env['SHELL'] = args[0] os.execvpe(args[0], args, env) # This process has been replaced if tornado.options.options.pam_profile: if not server.root: print('You must be root to use pam_profile option.') sys.exit(3) pam_path = os.path.join( os.path.dirname(os.path.realpath(__file__)), 'pam.py') os.execvpe(sys.executable, [ sys.executable, pam_path, self.callee.name, tornado.options.options.pam_profile], env) # Unsecure connection with su if server.root: if self.socket.local: if self.callee != self.caller: # Force password prompt by dropping rights # to the daemon user os.setuid(daemon.uid) else: # We are not local so we should always get a password prompt if self.callee == daemon: # No logging from daemon sys.exit(1) os.setuid(daemon.uid) if os.path.exists('/usr/bin/su'): args = ['/usr/bin/su'] else: args = ['/bin/su'] args.append('-l') if sys.platform == 'linux' and tornado.options.options.shell: args.append('-s') args.append(tornado.options.options.shell) args.append(self.callee.name) os.execvpe(args[0], args, env)
def shell(self): try: os.chdir(self.path or self.callee.dir) except Exception: self.log.debug("Can't chdir to %s" % (self.path or self.callee.dir), exc_info=True) env = os.environ # If local and local user is the same as login user # We set the env of the user from the browser # Usefull when running as root if self.caller == self.callee: env.update(self.socket.env) env["TERM"] = "xterm-256color" env["COLORTERM"] = "butterfly" env["HOME"] = self.callee.dir env["LOCATION"] = "http%s://%s:%d/" % ( "s" if not tornado.options.options.unsecure else "", tornado.options.options.host, tornado.options.options.port) env["PATH"] = '%s:%s' % (os.path.abspath( os.path.join(os.path.dirname(__file__), 'bin')), env.get("PATH")) try: tty = os.ttyname(0).replace('/dev/', '') except Exception: self.log.debug("Can't get ttyname", exc_info=True) tty = '' if self.caller != self.callee: try: os.chown(os.ttyname(0), self.callee.uid, -1) except Exception: self.log.debug("Can't chown ttyname", exc_info=True) utils.add_user_info(self.uid, tty, os.getpid(), self.callee.name, self.request.headers['Host']) if not tornado.options.options.unsecure or ( self.socket.local and self.caller == self.callee and server == self.callee) or not tornado.options.options.login: # User has been auth with ssl or is the same user as server # or login is explicitly turned off if (not tornado.options.options.unsecure and tornado.options.options.login and not (self.socket.local and self.caller == self.callee and server == self.callee)): # User is authed by ssl, setting groups try: os.initgroups(self.callee.name, self.callee.gid) os.setgid(self.callee.gid) os.setuid(self.callee.uid) except Exception: self.log.error( 'The server must be run as root ' 'if you want to log as different user\n', exc_info=True) sys.exit(1) if tornado.options.options.cmd: args = tornado.options.options.cmd.split(' ') else: args = [tornado.options.options.shell or self.callee.shell] args.append('-i') os.execvpe(args[0], args, env) # This process has been replaced # Unsecure connection with su if server.root: if self.socket.local: if self.callee != self.caller: # Force password prompt by dropping rights # to the daemon user os.setuid(daemon.uid) else: # We are not local so we should always get a password prompt if self.callee == daemon: # No logging from daemon sys.exit(1) os.setuid(daemon.uid) if os.path.exists('/usr/bin/su'): args = ['/usr/bin/su'] else: args = ['/bin/su'] if sys.platform == 'linux': args.append('-p') if tornado.options.options.shell: args.append('-s') args.append(tornado.options.options.shell) args.append(self.callee.name) os.execvpe(args[0], args, env)