コード例 #1
0
    def execute(self, root_allowed=False):
        """Execute using self.data

        :param bool root_allowed: Allow execute as root commands
        :return:
        """
        if self.user == ROOT_USER and not root_allowed and not self.data.get(
                'ssh'):
            raise SecurityException(
                'For security, execute commands as root is not allowed. '
                'Use --root-allowed to allow executing commands as root. '
                ' It is however recommended to add a user to the configuration '
                'of the device (device: {})'.format(self.name))
        if self.data.get('user') and self.data.get('ssh'):
            raise InvalidConfig(
                'User option is unsupported in ssh mode. The ssh user must be defined in '
                'the ssh option. For example: user@machine')
        if self.data.get('ssh'):
            cmd = execute_over_ssh(self.data['cmd'], self.data['ssh'],
                                   self.data.get('cwd'))
            output = execute_cmd(cmd)
        else:
            cmd = run_as_cmd(self.data['cmd'], self.user)
            output = execute_cmd(cmd, self.data.get('cwd'))
        if output:
            return output[0]
コード例 #2
0
    def __init__(self, file, ignore_perms=False, **kwargs):
        """Set the config file and validate file permissions

        :param str file: path to file
        :param kwargs: default values in dict
        """
        super(Config, self).__init__(**kwargs)
        if not os.path.lexists(file):
            raise ConfigFileNotFoundError(file)
        if not ignore_perms and (
            (not os.getuid() and not only_root_write(file))
                or oth_w_perm(file)):
            file = os.path.abspath(file)
            raise SecurityException(
                'There should be no permissions for other users in the file "{file}". '
                'Current permissions: {user}:{group} {perms}. {msg}. '
                'Run "sudo chmod 660 \'{file}\' && sudo chown root:root \'{file}\'"'
                .format(
                    file=file,
                    user=get_file_owner(file),
                    group=get_file_group(file),
                    perms=os.stat(file).st_mode & 0o777,
                    msg='Removes write permission for others' if os.getuid()
                    else 'Only root must be able to write to file'))
        self.file = file
        self.read()
コード例 #3
0
ファイル: config.py プロジェクト: MSBartmess/OrangeDashboard
 def __init__(self, file, **kwargs):
     super(Config, self).__init__(**kwargs)
     if (not os.getuid() and not only_root_write(file)) or oth_w_perm(file):
         raise SecurityException(
             'There should be no permissions for other users in the file "{}". {}.'
             .format(
                 file, 'Removes write permission for others' if os.getuid()
                 else 'Only root must be able to write to file'))
     self.file = file
     self.read()
コード例 #4
0
 def execute(self, root_allowed=False):
     logger.debug('%s device executed (mac %s)', self.name, self.src)
     if not self.cmd:
         logger.warning('%s: There is no cmd in device conf.', self.name)
         return
     cmd = self.cmd
     if self.user == ROOT_USER and not root_allowed:
         raise SecurityException(
             'For security, execution as root is not allowed.')
     cmd = run_as_cmd(cmd, self.user)
     execute(cmd, self.cwd)
コード例 #5
0
ファイル: execute.py プロジェクト: stingerhouse/amazon-dash
    def execute(self, root_allowed=False):
        """Execute using self.data

        :param bool root_allowed: Allow execute as root commands
        :return:
        """
        if self.user == ROOT_USER and not root_allowed:
            raise SecurityException(
                'For security, execute commands as root is not allowed. '
                'Use --root-allowed to allow executing commands as root. '
                ' It is however recommended to add a user to the configuration '
                'of the device (device: {})'.format(self.name))
        cmd = run_as_cmd(self.data['cmd'], self.user)
        execute_cmd(cmd, self.data.get('cwd'))