-
-
Notifications
You must be signed in to change notification settings - Fork 503
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Setting UID (e.g. dropping root privileges) #133
Comments
Hi Tomek I like it and would merge this feature. I think the behavior of raising a I'm curious why TTYs need to be turned off though? Also, be sure to add a unit test in |
Hi Andrew, As far as turning of the TTYs - if I don't do so the process hangs and I have to
I have no idea what's the problem here. Permissions, maybe? Nevertheless, I think that if the docs mention switching off TTYs when using I've been thinking a lot about testing the feature, but I see a small problem here - the test would have to be run by One more question has just came to my mind - which Python versions do you wish me to test before opening a pull request? I'm thinking 2.6, 2.7, 3.3. Anyways, thanks for the lib - it's been very helpful and made my life much easier :). |
Ah I was able to reproduce the TTY/uid issue. However, when I ran my test script, I got an exception:
If I do what you did in the terminal though, no exception is raised, which is odd. But for this, I think it's clear that the setuid is happening too soon. Can you try moving it closer to the os.execve and see if that works for you?
I think it makes sense to wrap that particular unit test in a "skip" decorator. Take a look at
All 3 if possible. If you run
Very happy to hear it, I'm glad it's helpful :) |
OK, so I moved the UID setting part before I'm gonna perform some tests on the code that is the root cause of my need to change UID (it's a part of a project I'm working on at work) and see if it works as expected. As far as functional and compatibility tests go - thanks for your input. I'll keep that in mind while writing test code and performing compatibility tests. Targeting Python 3.x isn't a problem for me - I already have the interpreters built and ready to use. Once I'm done I'll open a pull request so you can review the final code. |
Merged what was in your branch into the 1.2 release and it will go out then. Thanks for your contribution 👍 |
* added `_out` and `_out_bufsize` validator [#346](amoffat/sh#346) * bugfix for internal stdout thread running when it shouldn't [#346](amoffat/sh#346) * regression bugfix on timeout [#344](amoffat/sh#344) * regression bugfix on `_ok_code=None` * further improvements on cpu usage * regression in cpu usage [#339](amoffat/sh#339) * fd leak regression and fix for flawed fd leak detection test [#337](amoffat/sh#337) * support for `io.StringIO` in python2 * added support for using raw file descriptors for `_in`, `_out`, and `_err` * removed `.close()`ing `_out` handler if FIFO detected * composed commands no longer propagate `_bg` * better support for using `sys.stdin` and `sys.stdout` for `_in` and `_out` * bugfix where `which()` would not stop searching at the first valid executable found in PATH * added `_long_prefix` for programs whose long arguments start with something other than `--` [#278](amoffat/sh#278) * added `_log_msg` for advanced configuration of log message [#311](amoffat/sh#311) * added `sh.contrib.sudo` * added `_arg_preprocess` for advanced command wrapping * alter callable `_in` arguments to signify completion with falsy chunk * bugfix where pipes passed into `_out` or `_err` were not flushed on process end [#252](amoffat/sh#252) * deprecated `with sh.args(**kwargs)` in favor of `sh2 = sh(**kwargs)` * made `sh.pushd` thread safe * added `.kill_group()` and `.signal_group()` methods for better process control [#237](amoffat/sh#237) * added `new_session` special keyword argument for controlling spawned process session [#266](amoffat/sh#266) * bugfix better handling for EINTR on system calls [#292](amoffat/sh#292) * bugfix where with-contexts were not threadsafe [#247](amoffat/sh#195) * `_uid` new special keyword param for specifying the user id of the process [#133](amoffat/sh#133) * bugfix where exceptions were swallowed by processes that weren't waited on [#309](amoffat/sh#309) * bugfix where processes that dupd their stdout/stderr to a long running child process would cause sh to hang [#310](amoffat/sh#310) * improved logging output [#323](amoffat/sh#323) * bugfix for python3+ where binary data was passed into a process's stdin [#325](amoffat/sh#325) * Introduced execution contexts which allow baking of common special keyword arguments into all commands [#269](amoffat/sh#269) * `Command` and `which` now can take an optional `paths` parameter which specifies the search paths [#226](amoffat/sh#226) * `_preexec_fn` option for executing a function after the child process forks but before it execs [#260](amoffat/sh#260) * `_fg` reintroduced, with limited functionality. hurrah! [#92](amoffat/sh#92) * bugfix where a command would block if passed a fd for stdin that wasn't yet ready to read [#253](amoffat/sh#253) * `_long_sep` can now take `None` which splits the long form arguments into individual arguments [#258](amoffat/sh#258) * making `_piped` perform "direct" piping by default (linking fds together). this fixes memory problems [#270](amoffat/sh#270) * bugfix where calling `next()` on an iterable process that has raised `StopIteration`, hangs [#273](amoffat/sh#273) * `sh.cd` called with no arguments no changes into the user's home directory, like native `cd` [#275](amoffat/sh#275) * `sh.glob` removed entirely. the rationale is correctness over hand-holding. [#279](amoffat/sh#279) * added `_truncate_exc`, defaulting to `True`, which tells our exceptions to truncate output. * bugfix for exceptions whose messages contained unicode * `_done` callback no longer assumes you want your command put in the background. * `_done` callback is now called asynchronously in a separate thread. * `_done` callback is called regardless of exception, which is necessary in order to release held resources, for example a process pool
Hello,
I'm working on adding
_uid
special keyword argument and I thought I'd ask for suggestions before actually opening a pull request. The code in question is available here.Now, as you can see this is clearly a dirty hack at the moment. What I'd like to know is how to properly handle the situation when the parent process isn't owned by
root
(currently raisingRuntimeError
). Also, I have to explicitly turn off TTYs onstdin
andstdout
(which isn't that much of a problem, I guess).Would you even consider adding this functionality to the library?
Best regards.
EDIT:
An example of the feature in action:
twojcik-mb:sh bilbo$ sudo python -c "import sh; print sh.whoami().stdout.strip(); print sh.whoami(_uid=501).stdout.strip()" root bilbo
The text was updated successfully, but these errors were encountered: