def changeUserGroup(config, options): # Change group? gid = config.process_gid errors = [] if gid is not None: try: setgid(gid) except OSError: errors.append("group to %s" % gid) # Change user? uid = config.process_uid if uid is not None: try: setuid(uid) except OSError: errors.append("user to %s" % uid) if not errors: return # On error: propose some help help = permissionHelp(options) # Raise an error message errors = ' and '.join(reversed(errors)) message = 'Unable to set ' + errors if help: message += ' (%s)' % help raise ChildError(message)
def prepareProcess(process): project = process.project() config = project.config options = process.application().options # Trace the new process process.debugger.traceme() # Change the user and group if SUPPORT_UID: changeUserGroup(config, options) # Set current working directory directory = process.getWorkingDirectory() try: chdir(directory) except OSError, err: if err.errno != EACCES: raise user = getuid() user = getpwuid(user).pw_name message = 'The user %s is not allowed enter directory to %s' \ % (user, directory) help = permissionHelp(options) if help: message += ' (%s)' % help raise ChildError(message)
def changeOwner(self, uid): if not SUPPORT_UID: return gid = getgid() try: chown(self.directory, uid, gid) except OSError, err: if err.errno != EPERM: raise help = permissionHelp(self.application().options) message = "You are not allowed to change the owner of the directory %s to %s:%s" \ % (self.directory, uid, gid) if help: message += " (%s)" % help raise FusilError(message)
def tracePID(self, agent, pid): if not self.enabled: return None try: process = self.debugger.addProcess(pid, False) self.registerProcess(agent, process) process.cont() except PtraceError, err: if err.errno == EPERM: msg = "You are not allowed to trace the process %s: permission denied or process already traced" % pid else: msg = "Process can no be attached! %s" % err help = permissionHelp(self.application().options) if help: msg += " (%s)" % help raise DebuggerError("ERROR: %s" % msg)
user = getpwuid(user).pw_name message = 'The user %s is not allowed enter directory to %s' \ % (user, directory) help = permissionHelp(options) if help: message += ' (%s)' % help raise ChildError(message) # Make sure that the program is executable by the current user program = process.current_arguments[0] if not access(program, X_OK): user = getuid() user = getpwuid(user).pw_name message = 'The user %s is not allowed to execute the file %s' \ % (user, program) help = permissionHelp(options) if help: message += ' (%s)' % help raise ChildError(message) # Limit process resources limitResources(process, config, options) def limitResources(process, config, options): # Change process priority to be nice if not options.fast: beNice() # Set process priority to nice and limit memory if 0 < process.max_memory: limitMemory(process.max_memory, hard=True)
user = getpwuid(user).pw_name message = 'The user %s is not allowed enter directory to %s' \ % (user, directory) help = permissionHelp(options) if help: message += ' (%s)' % help raise ChildError(message) # Make sure that the program is executable by the current user program = process.current_arguments[0] if not access(program, X_OK): user = getuid() user = getpwuid(user).pw_name message = 'The user %s is not allowed to execute the file %s' \ % (user, program) help = permissionHelp(options) if help: message += ' (%s)' % help raise ChildError(message) # Limit process resources limitResources(process, config, options) def limitResources(process, config, options): # Change process priority to be nice if not options.fast: beNice() # Set process priority to nice and limit memory if 0 < process.max_memory: