def runCommand(sysargs):
"""
Manage subusers
"""
options,args = parseCliArgs(sysargs)
try:
action = args[0]
except IndexError:
print("Wrong number of arguments!")
parseCliArgs(["--help"])
lockedUser = LockedUser()
with lockedUser as user:
user.registry.commit_message = " ".join(["subuser","subuser"]+sysargs)
permissionsAccepter = AcceptPermissionsAtCLI(user,alwaysAccept = options.accept)
if action == "add" or action == "change-image":
if not len(args) == 3:
sys.exit("Wrong number of arguments to add. See `subuser subuser -h`.")
subuserName = args[1]
imageSourceId = args[2]
if action == "add":
if options.homeDir is not None:
homeDir = os.path.expanduser(options.homeDir)
else:
homeDir = None
subuserlib.subuser.add(user,subuserName,imageSourceId,permissionsAccepter=permissionsAccepter,prompt=options.prompt,forceInternal=options.forceInternal,homeDir=homeDir)
elif action == "change-image":
subuserlib.subuser.changeImage(user,subuserName,imageSourceId,permissionsAccepter=permissionsAccepter,prompt=options.prompt)
else:
subuserNames = list(set(args[1:]))
subusers = []
if not options.prefix is None:
allSubuserNames = user.registry.subusers.keys()
subuserNames.extend([subuserName for subuserName in allSubuserNames if subuserName.startswith(options.prefix)])
for subuserName in subuserNames:
try:
subusers.append(user.registry.subusers[subuserName])
except KeyError:
sys.exit("Subuser "+subuserName+" does not exist. Use --help for help.")
if subusers == []:
sys.exit("No subusers specified. Use --help for help.")
if action == "remove":
subuserlib.subuser.remove(user,subusers)
sys.exit()
addAndRemoveCommands = [("add-to-path","remove-from-path",subuserlib.subuser.setExecutableShortcutInstalled),("expose-entrypoints","hide-entrypoints",lambda user,subusers,install:subuserlib.subuser.setEntrypointsExposed(user,subusers,install,permissionsAccepter))]
for add,remove,command in addAndRemoveCommands:
if action == add or action == remove:
if action == add:
install = True
elif action == remove:
install = False
command(user,subusers,install)
sys.exit()
if action == "edit-permissions":
user.registry.logChange("Edit the permissions of:"+ " ".join(subuserNames))
for subuser in subusers:
subuser.editPermissionsCLI()
subuserlib.verify.verify(user,subusers=subusers,permissionsAccepter=permissionsAccepter,prompt=options.prompt)
user.registry.commit()
sys.exit()
sys.exit("Action "+args[0]+" does not exist. Try:\n subuser subuser --help")
def __init__(self,user): UserOwnedObject.__init__(self,user) self.permissionsAccepter = AcceptPermissionsAtCLI(user) self.prompt = True self.checkForUpdatesExternally=False self.subusers=[] # which subusers are we operating on self.useCache=False self.build=True
def verify(realArgs):
options,arguments=parseCliArgs(realArgs)
user = User()
permissionsAccepter = AcceptPermissionsAtCLI(user,alwaysAccept = options.accept)
with user.getRegistry().getLock() as LockFileHandle:
subuserNames = list(user.getRegistry().getSubusers().keys())
subuserNames.sort()
subuserlib.verify.verify(user,subuserNames=subuserNames,permissionsAccepter=permissionsAccepter,prompt=options.prompt)
user.getRegistry().commit()
def testImages(realArgs):
"""
Test the given images.
"""
options,args = parseCliArgs(realArgs)
user = User()
permissionsAccepter = AcceptPermissionsAtCLI(user,alwaysAccept = options.accept)
try:
with user.getRegistry().getLock() as lockFileHandler:
subuserlib.testImages.testImages(user=user,sourceRepoId=args[0],imageSourceNames=args[1:],permissionsAccepter=permissionsAccepter)
except subuserlib.portalocker.portalocker.LockException:
sys.exit("Another subuser process is currently running and has a lock on the registry. Please try again later.")
def runCommand(realArgs):
options, arguments = parseCliArgs(realArgs)
user = User()
user.getRegistry().commit_message = " ".join(["subuser", "repair"] +
realArgs)
permissionsAccepter = AcceptPermissionsAtCLI(user,
alwaysAccept=options.accept)
with user.getRegistry().getLock() as LockFileHandle:
subusers = user.getRegistry().getSubusers().getSortedList()
subuserlib.verify.verify(user,
subusers=subusers,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt)
user.getRegistry().commit()
def runCommand(realArgs):
options, arguments = parseCliArgs(realArgs)
lockedUser = LockedUser()
with lockedUser as user:
user.registry.commit_message = " ".join(["subuser", "repair"] +
realArgs)
permissionsAccepter = AcceptPermissionsAtCLI(
user, alwaysAccept=options.accept)
subusers = user.registry.subusers.getSortedList()
subuserlib.verify.verify(user,
subusers=subusers,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt)
user.registry.commit()
def verify(realArgs):
options, arguments = parseCliArgs(realArgs)
user = User()
permissionsAccepter = AcceptPermissionsAtCLI(user,
alwaysAccept=options.accept)
try:
with user.getRegistry().getLock() as LockFileHandle:
subuserNames = list(user.getRegistry().getSubusers().keys())
subuserNames.sort()
subuserlib.verify.verify(user,
subuserNames=subuserNames,
permissionsAccepter=permissionsAccepter)
user.getRegistry().commit()
except subuserlib.portalocker.portalocker.LockException:
sys.exit(
"Another subuser process is currently running and has a lock on the registry. Please try again later."
)
def _getPermissionsAccepter(self):
from subuserlib.classes.permissionsAccepters.acceptPermissionsAtCLI import AcceptPermissionsAtCLI
return AcceptPermissionsAtCLI(self.getUser(), alwaysAccept=True)
def update(realArgs):
"""
Update your subuser installation.
Tests
-----
**Setup:**
>>> import os
>>> import subuserlib.permissions
>>> from subuserlib.classes.permissions import Permissions
>>> update = __import__("subuser-update")
>>> subuser = __import__("subuser-subuser")
>>> repository = __import__("subuser-repository")
>>> import subuserlib.classes.gitRepository
Check initial test environment:
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set([u'foo'])
True
>>> set([i.getImageSourceName() for i in user.getInstalledImages().values()]) == set([u'foo', u'bar'])
True
Add a subuser who's image has a lot of dependencies.
>>> subuser.subuser(["add","--accept","dependent","dependent@file:///home/travis/remote-test-repo"])
Adding subuser dependent dependent@file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
dependent would like to have the following permissions:
Description: a dependent
Maintainer:
Is a library.
Moderate permissions(These are probably safe):
- user-dirs: To access to the following user directories: '~/Downloads'
- sound-card: To access to your soundcard, can play sounds/record sound.
Liberal permissions(These may pose a security risk):
- x11: To display X11 windows and interact with your X11 server directly(log keypresses, read over your shoulder, steal your passwords, controll your computer ect.)
- system-dirs: To read and write to the host's `/var/log` directory, mounted in the container as:`/var/log`
WARNING: These permissions give the subuser full access to your system when run.
- privileged: To have full access to your system. To even do things as root outside of its container.
A - Accept and apply changes
E - Apply changes and edit result
A
Checking if images need to be updated or installed...
Checking if subuser dependent is up to date.
Installing dependency1 ...
Building...
Building...
Building...
Successfully built 13
Building...
Building...
Building...
Successfully built 14
Installing intermediary ...
Building...
Building...
Building...
Successfully built 15
Building...
Building...
Building...
Successfully built 16
Installing dependent ...
Building...
Building...
Building...
Successfully built 17
Building...
Building...
Building...
Successfully built 18
Installed new image <18> for subuser dependent
Running garbage collector on temporary repositories...
Check that our new subuser was successfully added.
>>> user = User()
>>> subuserNamesBeforeUpdate = user.getRegistry().getSubusers().keys()
>>> set(subuserNamesBeforeUpdate) == set(['dependent', u'foo'])
True
And that its image, along with all of its dependencies were added as well.
>>> installedImagesBeforeUpdate = [i.getImageSourceName() for i in user.getInstalledImages().values()]
>>> set(installedImagesBeforeUpdate) == set([u'foo', u'dependency1', u'bar', u'dependent', u'intermediary'])
True
Running update, when there is nothing to be updated, does nothing.
>>> update.update(["all","--accept"])
Updating...
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Checking if images need to be updated or installed...
Checking if subuser dependent is up to date.
Checking for updates to: dependency1@file:///home/travis/remote-test-repo
Checking for updates to: intermediary@file:///home/travis/remote-test-repo
Checking for updates to: dependent@file:///home/travis/remote-test-repo
Checking if subuser foo is up to date.
Checking for updates to: foo@default
Running garbage collector on temporary repositories...
The same subusers are still installed.
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set(subuserNamesBeforeUpdate)
True
And the same images too.
>>> set([i.getImageSourceName() for i in user.getInstalledImages().values()]) == set(installedImagesBeforeUpdate)
True
However, if we change ``dependent``'s image source's permissions, the user is asked to approve the new permissions:
>>> permissionsPath = "/home/travis/remote-test-repo/dependent/permissions.json"
>>> permissions = Permissions(user,subuserlib.permissions.load(permissionsFilePath=permissionsPath),writePath=permissionsPath)
>>> del permissions["sound-card"]
>>> permissions["user-dirs"] = ["Images","Downloads"]
>>> permissions.save()
>>> try:
... import urlparse
... except ImportError:
... import urllib.parse as urlparse
>>> repo1 = subuserlib.classes.gitRepository.GitRepository("/home/travis/remote-test-repo/")
>>> repo1.run(["commit","-a","-m","changed dependent's permissions"])
0
>>> update.update(["all","--accept"])
Updating...
Updated repository file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
dependent would like to add/change the following permissions:
- To access to the following user directories: '~/Images' '~/Downloads'
dependent no longer needs the following permissions:
- To access to your soundcard, can play sounds/record sound.
A - Accept and apply changes
E - Apply changes and edit result
e - Ignore request and edit permissions by hand
A
Checking if images need to be updated or installed...
Checking if subuser dependent is up to date.
Checking for updates to: dependency1@file:///home/travis/remote-test-repo
Checking for updates to: intermediary@file:///home/travis/remote-test-repo
Checking for updates to: dependent@file:///home/travis/remote-test-repo
Checking if subuser foo is up to date.
Checking for updates to: foo@default
Running garbage collector on temporary repositories...
Now we change the ImageSource for the ``intermediary`` image.
>>> with open("/home/travis/remote-test-repo/images/intermediary/image/SubuserImagefile",mode="w") as subuserImagefile:
... _ = subuserImagefile.write("FROM-SUBUSER-IMAGE dependency2")
And commit the changes to git.
>>> repo1.run(["commit","-a","-m","changed dependency for intermediate from dependency1 to dependency2"])
0
Running an update after a change installs new images and registers them with their subusers. But it does not delete the old ones.
>>> update.update(["all","--accept"])
Updating...
Updated repository file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Checking if images need to be updated or installed...
Checking if subuser dependent is up to date.
Installing dependency2 ...
Building...
Building...
Building...
Successfully built 21
Building...
Building...
Building...
Successfully built 22
Installing intermediary ...
Building...
Building...
Building...
Successfully built 23
Building...
Building...
Building...
Successfully built 24
Installing dependent ...
Building...
Building...
Building...
Successfully built 25
Building...
Building...
Building...
Successfully built 26
Installed new image <26> for subuser dependent
Checking if subuser foo is up to date.
Checking for updates to: foo@default
Running garbage collector on temporary repositories...
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set(['dependent', u'foo'])
True
>>> set([i.getImageSourceName() for i in user.getInstalledImages().values()]) == set([u'foo', u'dependency1', u'bar', u'dependent', u'intermediary', u'intermediary', u'dependency2', u'dependent'])
True
Old images are not deleted so that update lock-subuser-to and update rollback still work. In this example, dependency1 stays installed.
Now we lock the dependent subuser and try changing it again.
>>> update.update(["lock-subuser-to","dependent","HEAD"])
Locking subuser dependent to commit: HEAD
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Running garbage collector on temporary repositories...
>>> with open("/home/travis/remote-test-repo/images/intermediary/image/SubuserImagefile",mode="w") as subuserImagefile:
... _ = subuserImagefile.write("FROM-SUBUSER-IMAGE dependency3")
And commit the changes to git.
>>> repo1.run(["commit","-a","-m","changed dependency for intermediate from dependency2 to dependency3"])
0
Running an update after a change does nothing because the affected subuser is locked.
>>> update.update(["all","--accept"])
Updating...
Updated repository file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Checking if images need to be updated or installed...
Checking if subuser foo is up to date.
Checking for updates to: foo@default
Running garbage collector on temporary repositories...
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set(['dependent', u'foo'])
True
>>> set([i.getImageSourceName() for i in user.getInstalledImages().values()]) == set([u'foo', u'dependency1', u'bar', u'dependent', u'intermediary', u'intermediary', u'dependency2', u'dependent'])
True
When we unlock the subuser it gets updated imediately.
>>> update.update(["unlock-subuser","--accept","dependent"])
Unlocking subuser dependent
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Checking if images need to be updated or installed...
Checking if subuser dependent is up to date.
Installing dependency3 ...
Building...
Building...
Building...
Successfully built 28
Building...
Building...
Building...
Successfully built 29
Installing intermediary ...
Building...
Building...
Building...
Successfully built 30
Building...
Building...
Building...
Successfully built 31
Installing dependent ...
Building...
Building...
Building...
Successfully built 32
Building...
Building...
Building...
Successfully built 33
Installed new image <33> for subuser dependent
Running garbage collector on temporary repositories...
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set(['dependent', u'foo'])
True
>>> set([i.getImageSourceName() for i in user.getInstalledImages().values()]) == set([u'foo', u'dependency1', u'bar', u'dependent', u'intermediary', u'intermediary', u'dependency2',u'dependency3', u'dependent'])
True
"""
options,args = parseCliArgs(realArgs)
user = User()
permissionsAccepter = AcceptPermissionsAtCLI(user,alwaysAccept = options.accept)
if len(args) < 1:
sys.exit("No arguments given. Please use subuser update -h for help.")
elif ["all"] == args:
with user.getRegistry().getLock():
subuserlib.update.all(user,permissionsAccepter=permissionsAccepter)
elif "subusers" == args[0]:
with user.getRegistry().getLock():
subuserlib.update.subusers(user,args[1:],permissionsAccepter=permissionsAccepter)
elif "lock-subuser-to" == args[0]:
try:
subuserName = args[1]
commit = args[2]
except KeyError:
sys.exit("Wrong number of arguments. Expected a subuser name and a commit. Try running\nsubuser update --help\n for more info.")
with user.getRegistry().getLock():
subuserlib.update.lockSubuser(user,subuserName=subuserName,commit=commit)
elif "unlock-subuser" == args[0]:
try:
subuserName = args[1]
except KeyError:
sys.exit("Wrong number of arguments. Expected a subuser's name. Try running\nsubuser update --help\nfor more information.")
with user.getRegistry().getLock():
subuserlib.update.unlockSubuser(user,subuserName=subuserName,permissionsAccepter=permissionsAccepter)
elif len(args) == 1:
sys.exit(" ".join(args) + " is not a valid update subcommand. Please use subuser update -h for help.")
else:
sys.exit(" ".join(args) + " is not a valid update subcommand. Please use subuser update -h for help.")
def subuser(sysargs):
"""
Manage subusers
Tests
-----
**Setup:**
>>> subuser = __import__("subuser-subuser") #import self
>>> import subuserlib.classes.user
At the start of our tests, the test environment has one subuser named ``foo``.
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set([u'foo'])
True
We add another subuser named ``bar``.
>>> subuser.subuser(["add","--accept","bar","bar@file:///home/travis/remote-test-repo"])
Adding subuser bar bar@file:///home/travis/remote-test-repo
Adding new temporary repository file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
bar would like to have the following permissions:
Description: bar
Maintainer: fred
Executable: /usr/bin/bar
A - Accept and apply changes
E - Apply changes and edit result
A
Checking if images need to be updated or installed...
Checking if subuser bar is up to date.
New images for the following subusers need to be installed:
bar
Installing bar ...
Building...
Building...
Building...
Successfully built 6
Building...
Building...
Building...
Successfully built 7
Installed new image <7> for subuser bar
Running garbage collector on temporary repositories...
Now we have two subusers.
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set([u'foo', 'bar'])
True
We remove ``bar``.
>>> subuser.subuser(["remove","bar"])
Removing subuser bar
If you wish to remove the subusers image, issue the command $ subuser remove-old-images
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Running garbage collector on temporary repositories...
Now we only have one subuser.
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set([u'foo'])
True
We add another subuser named ``bar`` using a local folder rather than from a git repo.
>>> subuser.subuser(["add","--accept","bar","bar@/home/travis/remote-test-repo"])
Adding subuser bar bar@/home/travis/remote-test-repo
Adding new temporary repository /home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
bar would like to have the following permissions:
Description: bar
Maintainer: fred
Executable: /usr/bin/bar
A - Accept and apply changes
E - Apply changes and edit result
A
Checking if images need to be updated or installed...
Checking if subuser bar is up to date.
New images for the following subusers need to be installed:
bar
Installing bar ...
Building...
Building...
Building...
Successfully built 10
Building...
Building...
Building...
Successfully built 11
Installed new image <11> for subuser bar
Running garbage collector on temporary repositories...
Now we have two subusers.
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set([u'foo', 'bar'])
True
We remove ``bar``.
>>> subuser.subuser(["remove","bar"])
Removing subuser bar
If you wish to remove the subusers image, issue the command $ subuser remove-old-images
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Running garbage collector on temporary repositories...
Now we only have one subuser.
>>> user = User()
>>> set(user.getRegistry().getSubusers().keys()) == set([u'foo'])
True
If we try adding a subuser which fails to install do to a bad ``SubuserImagefile`` an error is displayed, a cleanup process occures, and nothing terribly bad happens.
This works for syntax errors.
>>> subuser.subuser(["add","--accept","broken-syntax","broken-syntax@file:///home/travis/remote-test-repo"])
Adding subuser broken-syntax broken-syntax@file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
broken-syntax would like to have the following permissions:
Description: broken-syntax
Maintainer: fred
Is a library.
A - Accept and apply changes
E - Apply changes and edit result
A
Checking if images need to be updated or installed...
Checking if subuser broken-syntax is up to date.
Error in broken-syntax's SubuserImagefile on line 0
Subuser image does not exist: ""
Images for the following subusers failed to build:
broken-syntax
Running garbage collector on temporary repositories...
>>> subuser.subuser(["add","--accept","broken-non-existant-dependency","broken-non-existant-dependency@file:///home/travis/remote-test-repo"])
Adding subuser broken-non-existant-dependency broken-non-existant-dependency@file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
broken-non-existant-dependency would like to have the following permissions:
Description: broken-non-existant-dependency
Maintainer: fred
Is a library.
A - Accept and apply changes
E - Apply changes and edit result
A
Checking if images need to be updated or installed...
Checking if subuser broken-non-existant-dependency is up to date.
Error in broken-non-existant-dependency's SubuserImagefile on line 0
Subuser image does not exist: "non-existant-I-do-not-exist!!!!!"
Images for the following subusers failed to build:
broken-non-existant-dependency
Running garbage collector on temporary repositories...
>>> subuser.subuser(["add","--accept","broken-permissions-file","broken-permissions-file@file:///home/travis/remote-test-repo"])
Adding subuser broken-permissions-file broken-permissions-file@file:///home/travis/remote-test-repo
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Checking if images need to be updated or installed...
Error, user dir permissions may not contain system wide absolute paths. The user dir: "/etc/" is forbidden.
Running garbage collector on temporary repositories...
>>> subuser.subuser(["remove","broken-syntax","broken-non-existant-dependency","broken-permissions-file"])
Removing subuser broken-syntax
If you wish to remove the subusers image, issue the command $ subuser remove-old-images
Removing subuser broken-non-existant-dependency
If you wish to remove the subusers image, issue the command $ subuser remove-old-images
Removing subuser broken-permissions-file
If you wish to remove the subusers image, issue the command $ subuser remove-old-images
Verifying subuser configuration.
Verifying registry consistency...
Unregistering any non-existant installed images.
Running garbage collector on temporary repositories...
"""
options,args = parseCliArgs(sysargs)
try:
action = args[0]
except IndexError:
parseCliArgs(["--help"])
user = User()
permissionsAccepter = AcceptPermissionsAtCLI(user,alwaysAccept = options.accept)
if action == "add":
if not len(args) == 3:
sys.exit("Wrong number of arguments to add. See `subuser subuser -h`.")
name = args[1]
imageSourceId = args[2]
with user.getRegistry().getLock():
subuserlib.subuser.add(user,name,imageSourceId,permissionsAccepter=permissionsAccepter,prompt=options.prompt)
elif action == "remove":
names = args[1:]
if not options.prefix is None:
allSubuserNames = user.getRegistry().getSubusers().keys()
names.extend([subuserName for subuserName in allSubuserNames if subuserName.startswith(options.prefix)])
with user.getRegistry().getLock():
subuserlib.subuser.remove(user,names)
elif action == "create-shortcut":
name = args[1]
with user.getRegistry().getLock():
subuserlib.subuser.setExecutableShortcutInstalled(user,name,True)
elif action == "remove-shortcut":
name = args[1]
with user.getRegistry().getLock():
subuserlib.subuser.setExecutableShortcutInstalled(user,name,False)
elif action == "edit-permissions":
name = args[1]
with user.getRegistry().getLock():
user.getRegistry().logChange("Edit "+name+"'s permissions.")
subuser = user.getRegistry().getSubusers()[name]
subuser.editPermissionsCLI()
subuserlib.verify.verify(user,subuserNames=[name],permissionsAccepter=permissionsAccepter,prompt=options.prompt)
user.getRegistry().commit()
else:
sys.exit("Action "+args[0]+" does not exist. Try:\n subuser subuser --help")
def runCommand(realArgs):
"""
Update your subuser installation.
"""
options, args = parseCliArgs(realArgs)
user = User()
user.getRegistry().commit_message = " ".join(["subuser", "update"] +
realArgs)
permissionsAccepter = AcceptPermissionsAtCLI(user,
alwaysAccept=options.accept)
if len(args) < 1:
sys.exit("No arguments given. Please use subuser update -h for help.")
elif ["all"] == args:
with user.getRegistry().getLock():
subuserlib.update.all(user,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt,
useCache=options.useCache)
elif "subusers" == args[0]:
subuserNamesToUpdate = args[1:]
subusersToUpdate = []
for subuserName in subuserNamesToUpdate:
try:
subusersToUpdate.append(
user.getRegistry().getSubusers()[subuserName])
except KeyError:
sys.exit("Subuser " + subuserName +
" does not exist. Use --help for help.")
if subusersToUpdate:
with user.getRegistry().getLock():
subuserlib.update.subusers(
user,
subusers=subusersToUpdate,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt,
useCache=options.useCache)
else:
sys.exit(
"You did not specify any subusers to be updated. Use --help for help. Exiting..."
)
elif "lock-subuser-to" == args[0]:
try:
subuserName = args[1]
commit = args[2]
except IndexError:
sys.exit(
"Wrong number of arguments. Expected a subuser name and a commit. Try running\nsubuser update --help\n for more info."
)
with user.getRegistry().getLock():
try:
subuser = user.getRegistry().getSubusers()[subuserName]
except KeyError:
sys.exit(
"Subuser " + subuserName +
" does not exist and therefore cannot be locked. Use --help for help."
)
subuserlib.update.lockSubuser(user, subuser=subuser, commit=commit)
elif "unlock-subuser" == args[0]:
try:
subuserName = args[1]
except IndexError:
sys.exit(
"Wrong number of arguments. Expected a subuser's name. Try running\nsubuser update --help\nfor more information."
)
try:
subuser = user.getRegistry().getSubusers()[subuserName]
except KeyError:
sys.exit("Subuser " + subuserName +
" does not exist. Cannot lock. Use --help for help.")
with user.getRegistry().getLock():
subuserlib.update.unlockSubuser(
user,
subuser=subuser,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt)
elif len(args) == 1:
sys.exit(
" ".join(args) +
" is not a valid update subcommand. Please use subuser update -h for help."
)
else:
sys.exit(
" ".join(args) +
" is not a valid update subcommand. Please use subuser update -h for help."
)
def runCommand(realArgs):
"""
Run packaging subcommands.
"""
options, args = parseCliArgs(realArgs)
try:
subcommand = args[0]
subcommands = ["init", "add", "test"]
if not subcommand in subcommands:
sys.exit(
subcommand +
" not a recognized subcommand of pkg. Use --help for help.")
except IndexError:
sys.exit("No command given, use -h for help.")
user = User()
if subcommand == "init":
if not os.path.exists("./.subuser.json"):
repoConfig = {}
if options.imageSourcesDir:
repoConfig["image-sources-dir"] = options.imageSourcesDir
with user.getEndUser().get_file("./.subuser.json",
"w") as subuserDotJson:
json.dump(repoConfig, subuserDotJson)
if options.imageSourcesDir:
user.getEndUser().makedirs(options.imageSourcesDir)
subuserlib.print.printWithoutCrashing(
"Subuser repository initialized successfully!")
subuserlib.print.printWithoutCrashing(
"You can add new image sources with:")
subuserlib.print.printWithoutCrashing(
"$ subuser pkg add image-source-name")
else:
sys.exit("Subuser repository already initialized. Exiting.")
if subcommand == "add":
repo = subuserlib.resolve.getRepositoryFromPath(
user, os.environ["PWD"])
imageSourceToAdd = args[1]
if imageSourceToAdd in repo:
sys.exit(
"An image source named " + imageSourceToAdd +
" is already present in the repository. Cannot add. Exiting.")
subuserlib.print.printWithoutCrashing("Adding new image source " +
imageSourceToAdd)
useDefaultLocations = options.imageFile is None and options.permissionsFile is None and options.buildContext is None
if useDefaultLocations:
imageSourceDir = os.path.join(repo.getImageSourcesDir(),
imageSourceToAdd)
buildContext = os.path.join(imageSourceDir, "image")
imageFile = os.path.join(buildContext, "SubuserImagefile")
permissionsFile = os.path.join(imageSourceDir, "permissions.json")
try:
user.getEndUser().makedirs(buildContext)
except OSError:
pass
else:
if repo.getRepoConfig() is None:
sys.exit(
"You must initialize your repository with 'pkg init' before adding image sources to it."
)
if options.buildContext is None or options.imageFile is None or options.permissionsFile is None:
sys.exit(
"If you specify non-default paths you must specify all of them. That is --image-file, --build-context AND --permissions-file. Cannot add image. Exiting..."
)
imageFile = options.imageFile
try:
user.getEndUser().makedirs(os.path.dirname(imageFile))
except OSError:
pass
buildContext = options.buildContext
try:
user.getEndUser().makedirs(buildContext)
except OSError:
pass
permissionsFile = options.permissionsFile
try:
user.getEndUser().makedirs(os.path.dirname(permissionsFile))
except OSError:
pass
repoConfig = repo.getRepoConfig()
if not "explicit-image-sources" in repoConfig:
repoConfig["explicit-image-sources"] = {}
repoConfig["explicit-image-sources"][imageSourceToAdd] = {
"image-file": imageFile,
"build-context": buildContext,
"permissions-file": permissionsFile
}
with user.getEndUser().get_file("./.subuser.json",
"w") as subuserDotJson:
json.dump(repoConfig,
subuserDotJson,
indent=1,
separators=(",", ": "))
permissions = defaultPermissions
(returncode, maintainerName,
stderr) = user.getEndUser().callCollectOutput(
["git", "config", "user.name"])
subuserlib.print.printWithoutCrashing(stderr)
(returncode, maintainerEmail,
stderr) = user.getEndUser().callCollectOutput(
["git", "config", "user.email"])
subuserlib.print.printWithoutCrashing(stderr)
permissions["maintainer"] = maintainerName.rstrip(
"\n") + " <" + maintainerEmail.rstrip("\n") + ">"
if not os.path.exists(permissionsFile):
with user.getEndUser().get_file(permissionsFile, "w") as pf:
json.dump(permissions, pf, indent=1, separators=(",", ": "))
while True:
user.getEndUser().runEditor(permissionsFile)
try:
Permissions(user,
initialPermissions=subuserlib.permissions.load(
permissionsFilePath=permissionsFile),
writePath=permissionsFile).save()
break
except SyntaxError as e:
input(str(e) + "\nPress ENTER to edit the file again.")
if not os.path.exists(imageFile):
with user.getEndUser().get_file(imageFile, "w") as imgf:
imgf.write(defaultImageFileTemplate)
user.getEndUser().runEditor(imageFile)
try:
if input("Would you like to test your new image? [Y/n]") == "n":
sys.exit(0)
except EOFError:
subuserlib.print.printWithoutCrashing("")
if not subuserlib.test.testing:
sys.exit(0)
if subcommand == "test" or subcommand == "add":
user = User()
repo = subuserlib.resolve.getRepositoryFromPath(
user, os.environ["PWD"])
permissionsAccepter = AcceptPermissionsAtCLI(
user, alwaysAccept=options.accept)
imageSourceNames = args[1:]
with user.getRegistry().getLock() as lockFileHandler:
subusers = []
subuserNamePrefix = "!test-image-subuser-"
# Build the images
for imageSourceName in imageSourceNames:
subuserName = subuserNamePrefix + imageSourceName
subuserlib.subuser.addFromImageSourceNoVerify(
user, subuserName, repo[imageSourceName])
subusers.append(user.getRegistry().getSubusers()[subuserName])
subuserlib.verify.verify(user,
subusers=subusers,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt,
useCache=True)
subusersToTryBuildingAgain = None
while not subusersToTryBuildingAgain == []:
subusersToTryBuildingAgain = []
for subuser in subusers:
if subuser.getImageId() is None:
try:
if not input(subuser.getName(
) + " failed to build. Edit its image file and try again? [Y/n]"
) == "n":
subusersToTryBuildingAgain.append(subuser)
user.getEndUser().runEditor(
subuser.getImageSource().getImageFile())
except EOFError:
subuserlib.print.printWithoutCrashing("")
subuserlib.print.printWithoutCrashing(
"Not editing and not trying again due to lack of terminal."
)
if subusersToTryBuildingAgain:
subuserlib.verify.verify(
user,
subusers=subusersToTryBuildingAgain,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt,
useCache=True)
user.getRegistry().commit(
"subuser pkg %s\n%s" %
(subcommand, "\n".join(imageSourceNames)))
# Run the images
for subuser in subusers:
if subuser.getPermissions()["executable"] and subuser.getImageId():
try:
arguments = input(
"Running " + subuser.getName() +
" enter arguments and press enter to continue:")
except EOFError:
subuserlib.print.printWithoutCrashing("")
arguments = ""
arguments = arguments.split(" ")
if arguments == [""]:
arguments = []
runtime = subuser.getRuntime(os.environ)
if runtime:
runtime.run(arguments)
with user.getRegistry().getLock() as lockFileHandler:
# Remove the subusers
user = User()
subuserlib.subuser.remove(user, subusers)
user.getRegistry().commit(
"subuser pkg: Remove temp subusers after test.")
def pkg(realArgs):
"""
Run packaging subcommands.
"""
options, args = parseCliArgs(realArgs)
user = User()
subcommand = args[0]
if subcommand == "init":
if not os.path.exists("./.subuser.json"):
repoConfig = {}
if options.imageSourcesDir:
repoConfig["image-sources-dir"] = options.imageSourcesDir
with open("./.subuser.json", "w") as subuserDotJson:
json.dump(repoConfig, subuserDotJson)
if options.imageSourcesDir:
user.getEndUser().makedirs(options.imageSourcesDir)
user.getEndUser().chown("./.subuser.json")
print("Subuser repository initialized successfully!")
print("You can add new image sources with:")
print("$ subuser pkg add image-source-name")
else:
sys.exit("Subuser repository already initialized. Exiting.")
if subcommand == "add":
repo = subuserlib.resolve.getRepositoryFromPath(
user, os.environ["PWD"])
imageSourceToAdd = args[1]
if imageSourceToAdd in repo:
sys.exit(
"An image source named " + imageSourceToAdd +
" is already present in the repository. Cannot add. Exiting.")
useDefaultLocations = options.imageFile is None and options.permissionsFile is None and options.buildContext is None
if useDefaultLocations:
imageSourceDir = os.path.join(repo.getImageSourcesDir(),
imageSourceToAdd)
buildContext = os.path.join(imageSourceDir, "image")
imageFile = os.path.join(buildContext, "SubuserImagefile")
permissionsFile = os.path.join(imageSourceDir, "permissions.json")
try:
user.getEndUser().makedirs(buildContext)
except OSError:
pass
else:
if options.buildContext is None or options.imageFile is None or options.permissionsFile is None:
sys.exit(
"If you specify non-default paths you must specify all of them. That is --image-file, --build-context AND --permissions-file. Cannot add image. Exiting..."
)
imageFile = options.imageFile
try:
user.getEndUser().makedirs(os.path.dirname(imageFile))
except OSError:
pass
buildContext = options.buildContext
try:
user.getEndUser().makedirs(os.path.dirname(buildContext))
except OSError:
pass
permissionsFile = options.permissionsFile
try:
user.getEndUser().makedirs(os.path.dirname(permissionsFile))
except OSError:
pass
repoConfig = repo.getRepoConfig()
if not "explicit-image-sources" in repoConfig:
repoConfig["explicit-image-sources"] = {}
repoConfig["explicit-image-sources"][imageSourceToAdd] = {
"image-file": imageFile,
"build-context": buildContext,
"permissions-file": permissionsFile
}
with open("./.subuser.json", "w") as subuserDotJson:
json.dump(repoConfig,
subuserDotJson,
indent=1,
separators=(",", ": "))
permissions = copy.deepcopy(subuserlib.permissions.defaults)
(returncode,
maintainerName) = subuserlib.subprocessExtras.callCollectOutput(
["git", "config", "user.name"])
(returncode,
maintainerEmail) = subuserlib.subprocessExtras.callCollectOutput(
["git", "config", "user.email"])
permissions["maintainer"] = maintainerName.rstrip(
"\n") + " <" + maintainerEmail.rstrip("\n") + ">"
if not os.path.exists(permissionsFile):
with open(permissionsFile, "w") as pf:
json.dump(permissions, pf, indent=1, separators=(",", ": "))
subuserlib.subprocessExtras.runEditor(permissionsFile)
Permissions(user,
initialPermissions=subuserlib.permissions.load(
permissionsFilePath=permissionsFile),
writePath=permissionsFile).save()
user.getEndUser().chown(permissionsFile)
if not os.path.exists(imageFile):
with open(imageFile, "w") as imgf:
imgf.write("""FROM-SUBUSER-IMAGE libx11@default
RUN apt-get update && apt-get upgrade -y && apt-get install -y PKG""")
user.getEndUser().chown(imageFile)
subuserlib.subprocessExtras.runEditor(imageFile)
if raw_input("Would you like to test your new image? [Y/n]") == "n":
sys.exit(0)
if subcommand == "test" or subcommand == "add":
user = User()
repo = subuserlib.resolve.getRepositoryFromPath(
user, os.environ["PWD"])
permissionsAccepter = AcceptPermissionsAtCLI(
user, alwaysAccept=options.accept)
imageSourceNames = args[1:]
with user.getRegistry().getLock() as lockFileHandler:
subuserNames = []
subuserNamePrefix = "!test-image-subuser-"
# Build the images
for imageSourceName in imageSourceNames:
subuserName = subuserNamePrefix + imageSourceName
subuserNames.append(subuserName)
subuserlib.subuser.addFromImageSourceNoVerify(
user, subuserName, repo[imageSourceName])
subuserlib.verify.verify(user,
subuserNames=subuserNames,
permissionsAccepter=permissionsAccepter,
prompt=options.prompt)
for subuserName in subuserNames:
if user.getRegistry().getSubusers()[subuserName].getImageId(
) is None and not raw_input(
subuserName +
" failed to build. Edit its image file and try again? [Y/n]"
) == "n":
subuserlib.subprocessExtras.runEditor(
user.getRegistry().getSubusers()
[subuserName].getImageSource().getImageFile())
subuserlib.verify.verify(
user,
subuserNames=[subuserName],
permissionsAccepter=permissionsAccepter,
prompt=options.prompt)
user.getRegistry().commit()
# Create a list of the names of the new subusers
subuserNames = []
for imageSourceName in imageSourceNames:
subuserNames.append(subuserNamePrefix + imageSourceName)
# Run the images
for subuserName in subuserNames:
arguments = raw_input(
"Running " + subuserName +
" enter arguments and press enter to continue:")
arguments = arguments.split(" ")
if arguments == [""]:
arguments = []
subuser = user.getRegistry().getSubusers()[subuserName]
if subuser.getPermissions()["executable"]:
runtime = subuser.getRuntime(os.environ)
if runtime:
runtime.run(arguments)
with user.getRegistry().getLock() as lockFileHandler:
# Remove the subusers
user = User()
subuserlib.subuser.remove(user, subuserNames)
user.getRegistry().commit()