Пример #1
0
def changeUserGroup(config, options):
    # Change group?
    gid = config.process_gid
    errors = []
    if gid is not None:
        try:
            setgid(gid)
        except OSError:
            errors.append("group to %s" % gid)

    # Change user?
    uid = config.process_uid
    if uid is not None:
        try:
            setuid(uid)
        except OSError:
            errors.append("user to %s" % uid)
    if not errors:
        return

    # On error: propose some help
    help = permissionHelp(options)

    # Raise an error message
    errors = ' and '.join(reversed(errors))
    message = 'Unable to set ' + errors
    if help:
        message += ' (%s)' % help
    raise ChildError(message)
Пример #2
0
def prepareProcess(process):
    project = process.project()
    config = project.config
    options = process.application().options

    # Trace the new process
    process.debugger.traceme()

    # Change the user and group
    if SUPPORT_UID:
        changeUserGroup(config, options)

    # Set current working directory
    directory = process.getWorkingDirectory()
    try:
        chdir(directory)
    except OSError, err:
        if err.errno != EACCES:
            raise
        user = getuid()
        user = getpwuid(user).pw_name
        message = 'The user %s is not allowed enter directory to %s' \
            % (user, directory)
        help = permissionHelp(options)
        if help:
            message += ' (%s)' % help
        raise ChildError(message)
Пример #3
0
def prepareProcess(process):
    project = process.project()
    config = project.config
    options = process.application().options

    # Trace the new process
    process.debugger.traceme()

    # Change the user and group
    if SUPPORT_UID:
        changeUserGroup(config, options)

    # Set current working directory
    directory = process.getWorkingDirectory()
    try:
        chdir(directory)
    except OSError, err:
        if err.errno != EACCES:
            raise
        user = getuid()
        user = getpwuid(user).pw_name
        message = 'The user %s is not allowed enter directory to %s' \
            % (user, directory)
        help = permissionHelp(options)
        if help:
            message += ' (%s)' % help
        raise ChildError(message)
Пример #4
0
def changeUserGroup(config, options):
    # Change group?
    gid = config.process_gid
    errors = []
    if gid is not None:
        try:
            setgid(gid)
        except OSError:
            errors.append("group to %s" % gid)

    # Change user?
    uid = config.process_uid
    if uid is not None:
        try:
            setuid(uid)
        except OSError:
            errors.append("user to %s" % uid)
    if not errors:
        return

    # On error: propose some help
    help = permissionHelp(options)

    # Raise an error message
    errors = ' and '.join(reversed(errors))
    message = 'Unable to set ' + errors
    if help:
        message += ' (%s)' % help
    raise ChildError(message)
Пример #5
0
 def changeOwner(self, uid):
     if not SUPPORT_UID:
         return
     gid = getgid()
     try:
         chown(self.directory, uid, gid)
     except OSError, err:
         if err.errno != EPERM:
             raise
         help = permissionHelp(self.application().options)
         message = "You are not allowed to change the owner of the directory %s to %s:%s" \
             % (self.directory, uid, gid)
         if help:
             message += " (%s)" % help
         raise FusilError(message)
Пример #6
0
 def changeOwner(self, uid):
     if not SUPPORT_UID:
         return
     gid = getgid()
     try:
         chown(self.directory, uid, gid)
     except OSError, err:
         if err.errno != EPERM:
             raise
         help = permissionHelp(self.application().options)
         message = "You are not allowed to change the owner of the directory %s to %s:%s" \
             % (self.directory, uid, gid)
         if help:
             message += " (%s)" % help
         raise FusilError(message)
Пример #7
0
 def tracePID(self, agent, pid):
     if not self.enabled:
         return None
     try:
         process = self.debugger.addProcess(pid, False)
         self.registerProcess(agent, process)
         process.cont()
     except PtraceError, err:
         if err.errno == EPERM:
             msg = "You are not allowed to trace the process %s: permission denied or process already traced" % pid
         else:
             msg = "Process can no be attached! %s" % err
         help = permissionHelp(self.application().options)
         if help:
             msg += " (%s)" % help
         raise DebuggerError("ERROR: %s" % msg)
Пример #8
0
 def tracePID(self, agent, pid):
     if not self.enabled:
         return None
     try:
         process = self.debugger.addProcess(pid, False)
         self.registerProcess(agent, process)
         process.cont()
     except PtraceError, err:
         if err.errno == EPERM:
             msg = "You are not allowed to trace the process %s: permission denied or process already traced" % pid
         else:
             msg = "Process can no be attached! %s" % err
         help = permissionHelp(self.application().options)
         if help:
             msg += " (%s)" % help
         raise DebuggerError("ERROR: %s" % msg)
Пример #9
0
        user = getpwuid(user).pw_name
        message = 'The user %s is not allowed enter directory to %s' \
            % (user, directory)
        help = permissionHelp(options)
        if help:
            message += ' (%s)' % help
        raise ChildError(message)

    # Make sure that the program is executable by the current user
    program = process.current_arguments[0]
    if not access(program, X_OK):
        user = getuid()
        user = getpwuid(user).pw_name
        message = 'The user %s is not allowed to execute the file %s' \
            % (user, program)
        help = permissionHelp(options)
        if help:
            message += ' (%s)' % help
        raise ChildError(message)

    # Limit process resources
    limitResources(process, config, options)

def limitResources(process, config, options):
    # Change process priority to be nice
    if not options.fast:
        beNice()

    # Set process priority to nice and limit memory
    if 0 < process.max_memory:
        limitMemory(process.max_memory, hard=True)
Пример #10
0
        user = getpwuid(user).pw_name
        message = 'The user %s is not allowed enter directory to %s' \
            % (user, directory)
        help = permissionHelp(options)
        if help:
            message += ' (%s)' % help
        raise ChildError(message)

    # Make sure that the program is executable by the current user
    program = process.current_arguments[0]
    if not access(program, X_OK):
        user = getuid()
        user = getpwuid(user).pw_name
        message = 'The user %s is not allowed to execute the file %s' \
            % (user, program)
        help = permissionHelp(options)
        if help:
            message += ' (%s)' % help
        raise ChildError(message)

    # Limit process resources
    limitResources(process, config, options)


def limitResources(process, config, options):
    # Change process priority to be nice
    if not options.fast:
        beNice()

    # Set process priority to nice and limit memory
    if 0 < process.max_memory: