def test_start_acquires_lock(self): context = priv_context.PrivContext('test', capabilities=[]) context.channel = "something not None" context.start_lock = mock.Mock() context.start_lock.__enter__ = mock.Mock() context.start_lock.__exit__ = mock.Mock() self.assertFalse(context.start_lock.__enter__.called) context.start() self.assertTrue(context.start_lock.__enter__.called)
def test_set_client_mode(self, mock_sys): context = priv_context.PrivContext('test', capabilities=[]) self.assertTrue(context.client_mode) context.set_client_mode(False) self.assertFalse(context.client_mode) # client_mode should remain to False on win32. mock_sys.platform = 'win32' self.assertRaises(RuntimeError, context.set_client_mode, True)
# Copyright 2019 Kaloom, Inc. All rights reserved. # Copyright (C) 2016 Red Hat, Inc # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context vif_plug = priv_context.PrivContext( "vif_plug_kaloom_kvs", cfg_section="vif_plug_kaloom_kvs_privileged", pypath=__name__ + ".vif_plug", capabilities=[c.CAP_NET_ADMIN, c.CAP_CHOWN], )
# Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context default = priv_context.PrivContext( 'zun.common', cfg_section='privsep', pypath=__name__ + '.default', capabilities=[c.CAP_SYS_ADMIN], ) cni = priv_context.PrivContext( 'zun.cni', cfg_section='privsep', pypath=__name__ + '.cni', capabilities=[c.CAP_SYS_ADMIN, c.CAP_NET_ADMIN, c.CAP_SYS_PTRACE], )
# Copyright 2016 Red Hat, Inc # Copyright 2017 Rackspace Australia # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. """Setup privsep decorator.""" from oslo_privsep import priv_context # NOTE(tonyb): DAC == Discriminatory Access Control. Basically this context # can bypass permissions checks in the file-system. dac_admin_pctxt = priv_context.PrivContext( 'nova', cfg_section='nova_privileged', pypath=__name__ + '.dac_admin_pctxt', # NOTE(tonyb): These map to CAP_CHOWN, CAP_DAC_OVERRIDE, # CAP_DAC_READ_SEARCH and CAP_FOWNER. Some do not have # symbolic names in oslo.privsep yet. See capabilites(7) # for more information capabilities=[0, 1, 2, 3], )
# Derived from os-vif/vif_plug_ovs/privsep.py # # Copyright (c) 2017 Netronome Systems Pty. Ltd. # Copyright (C) 2016 Red Hat, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context vif_plug = priv_context.PrivContext( "vif_plug_agilio_ovs", cfg_section="vif_plug_agilio_ovs_privileged", pypath=__name__ + ".vif_plug", capabilities=[c.CAP_NET_ADMIN, c.CAP_SYS_ADMIN], )
# Copyright 2017 Big Switch Networks, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context vif_plug = priv_context.PrivContext( "os_vif_bigswitch.vif_plug_ivs", cfg_section="vif_plug_ivs_privileged", pypath=__name__ + ".vif_plug", capabilities=[c.CAP_NET_ADMIN], )
# Copyright 2016 Semihalf. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context vif_plug = priv_context.PrivContext( "vif_plug_vrouter", cfg_section="vif_plug_vrouter_privileged", pypath=__name__ + ".vif_plug", capabilities=[c.CAP_NET_ADMIN], )
# Copyright(c) 2016 Nippon Telegraph and Telephone Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. from oslo_privsep import priv_context monitors_priv = priv_context.PrivContext( "masakarimonitors", cfg_section="masakarimonitors_privileged", pypath=__name__ + ".monitors_priv", capabilities=[], )
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. import os from oslotest import base from oslo_privsep import priv_context import oslo_privsep.tests from oslo_privsep.tests import fixture context = priv_context.PrivContext( # This context allows entrypoints anywhere below oslo_privsep.tests. oslo_privsep.tests.__name__, pypath=__name__ + '.context', # This is one of the rare cases where we actually want zero powers: capabilities=[], ) class TestContextTestCase(base.BaseTestCase): def setUp(self): super(TestContextTestCase, self).setUp() privsep_fixture = self.useFixture( fixture.UnprivilegedPrivsepFixture(context)) self.privsep_conf = privsep_fixture.conf def assertNotMyPid(self, pid): # Verify that `pid` is some positive integer, that isn't our pid self.assertIsInstance(pid, int)
# License for the specific language governing permissions and limitations # under the License. import logging import os import time import unittest from oslo_config import fixture as config_fixture from oslotest import base from oslo_privsep import priv_context test_context = priv_context.PrivContext( __name__, cfg_section='privsep', pypath=__name__ + '.test_context', capabilities=[], ) @test_context.entrypoint def sleep(): # We don't want the daemon to be able to handle these calls too fast. time.sleep(.001) @test_context.entrypoint def one(): return 1
def test_init_windows(self, mock_sys): mock_sys.platform = 'win32' context = priv_context.PrivContext('test', capabilities=[]) self.assertFalse(context.client_mode)
# Copyright 2018 Michael Still and Aptira # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. """Setup privsep decorator.""" from oslo_privsep import capabilities from oslo_privsep import priv_context sys_admin_pctxt = priv_context.PrivContext( 'cinder', cfg_section='cinder_sys_admin', pypath=__name__ + '.sys_admin_pctxt', capabilities=[capabilities.CAP_CHOWN, capabilities.CAP_DAC_OVERRIDE, capabilities.CAP_DAC_READ_SEARCH, capabilities.CAP_FOWNER, capabilities.CAP_NET_ADMIN, capabilities.CAP_SYS_ADMIN], )
# Copyright (C) 2016 Red Hat, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context vif_plug = priv_context.PrivContext( "midonet", cfg_section="vif_plug_midonet", pypath=__name__ + ".vif_plug", capabilities=[c.CAP_NET_ADMIN], ) mm_ctl = priv_context.PrivContext( "midonet", cfg_section="vif_plug_midonet_mm_ctl", pypath=__name__ + ".mm_ctl", capabilities=[c.CAP_NET_ADMIN], )
# Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context # It is expected that most (if not all) solum operations can be # executed with these privileges. default = priv_context.PrivContext( __name__, cfg_section='privsep_solum', pypath=__name__ + '.default', capabilities=[c.CAP_SYS_ADMIN], )
# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. import os from oslo_privsep import capabilities as c from oslo_privsep import priv_context capabilities = [c.CAP_SYS_ADMIN] # On virtual environments libraries are not owned by the Daemon user (root), so # the Daemon needs the capability to bypass file read permission checks in # order to dynamically load the code to run. if os.environ.get('VIRTUAL_ENV'): capabilities.append(c.CAP_DAC_READ_SEARCH) # It is expected that most (if not all) os-brick operations can be # executed with these privileges. default = priv_context.PrivContext( __name__, cfg_section='privsep_osbrick', pypath=__name__ + '.default', capabilities=capabilities, )
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as caps from oslo_privsep import priv_context # It is expected that most (if not all) neutron operations can be # executed with these privileges. default = priv_context.PrivContext( __name__, cfg_section='privsep', pypath=__name__ + '.default', # TODO(gus): CAP_SYS_ADMIN is required (only?) for manipulating # network namespaces. SYS_ADMIN is a lot of scary powers, so # consider breaking this out into a separate minimal context. capabilities=[ caps.CAP_SYS_ADMIN, caps.CAP_NET_ADMIN, caps.CAP_DAC_OVERRIDE, caps.CAP_DAC_READ_SEARCH, caps.CAP_SYS_PTRACE ], ) dhcp_release_cmd = priv_context.PrivContext( __name__, cfg_section='privsep_dhcp_release', pypath=__name__ + '.dhcp_release_cmd', capabilities=[caps.CAP_SYS_ADMIN, caps.CAP_NET_ADMIN]) ovs_vsctl_cmd = priv_context.PrivContext( __name__, cfg_section='privsep_ovs_vsctl',
# Copyright 2019 ZTE Corporation # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. """Setup privsep decorator.""" from oslo_privsep import capabilities from oslo_privsep import priv_context sys_admin_pctxt = priv_context.PrivContext( 'cyborg', cfg_section='cyborg_sys_admin', pypath=__name__ + '.sys_admin_pctxt', # TODO(yumeng): # CAP_SYS_ADMIN has a lot of scary powers, so # consider breaking this out into a separate minimal context. capabilities=[ capabilities.CAP_CHOWN, capabilities.CAP_DAC_OVERRIDE, capabilities.CAP_DAC_READ_SEARCH, capabilities.CAP_FOWNER, capabilities.CAP_SYS_ADMIN ], )
# Copyright (c) 2018 Intel Corporation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context yardstick_root = priv_context.PrivContext("yardstick", cfg_section="yardstick_privileged", pypath=__name__ + ".yardstick_root", capabilities=[c.CAP_SYS_ADMIN])
# Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context os_vif_pctxt = priv_context.PrivContext( 'os_vif', cfg_section='os_vif_privileged', pypath=__name__ + '.os_vif_pctxt', capabilities=[c.CAP_NET_ADMIN], )
# # Copyright (C) 2016 Red Hat, Inc # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as c from oslo_privsep import priv_context vif_plug = priv_context.PrivContext( "vif_plug_linux_bridge", cfg_section="vif_plug_linux_bridge_privileged", pypath=__name__ + ".vif_plug", capabilities=[c.CAP_NET_ADMIN], )
# Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_privsep import capabilities as caps from oslo_privsep import priv_context # It is expected that most (if not all) neutron operations can be # executed with these privileges. default = priv_context.PrivContext( __name__, cfg_section='privsep', pypath=__name__ + '.default', # TODO(gus): CAP_SYS_ADMIN is required (only?) for manipulating # network namespaces. SYS_ADMIN is a lot of scary powers, so # consider breaking this out into a separate minimal context. capabilities=[caps.CAP_SYS_ADMIN, caps.CAP_NET_ADMIN, caps.CAP_DAC_OVERRIDE, caps.CAP_DAC_READ_SEARCH], )
# -*- coding: utf-8 -*- # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and # limitations under the License. """Setup privsep decorator.""" from oslo_privsep import capabilities as c from oslo_privsep import priv_context mdev_context = priv_context.PrivContext( "networking_vhost_vfio", cfg_section="networking_vhost_vfio_mdev", pypath=__name__ + ".mdev_context", capabilities=[c.CAP_DAC_OVERRIDE, c.CAP_FOWNER], )