diff options
| author | Thierry Carrez <thierry@openstack.org> | 2012-11-16 15:50:01 +0100 |
|---|---|---|
| committer | Thierry Carrez <thierry@openstack.org> | 2012-12-03 15:12:06 +0100 |
| commit | 12e264d58f052f192f3408f5cd8637809eff085b (patch) | |
| tree | 8e121921f75e1a00e67845761a681a653feeb6c1 /bin/nova-rootwrap | |
| parent | 651637ad5475153ef3f2bc15ff0037aebec414c3 (diff) | |
Configurable exec_dirs to find rootwrap commands
Adds support for a configurable set of trusted directories to search
executables in (exec_dirs), which defaults to system PATH. If your
filter specifies an exec_path that doesn't start with '/', then it
will be searched in exec_dirs. Avoids having to write multiple
filters to care for distro differences. Fixes bug 1079723.
Also returns a specific error rather than try to run absent executables.
Change-Id: Idab03bb0be6832a75ffeed4e78d25d0543f5caf9
Diffstat (limited to 'bin/nova-rootwrap')
| -rwxr-xr-x | bin/nova-rootwrap | 40 |
1 files changed, 27 insertions, 13 deletions
diff --git a/bin/nova-rootwrap b/bin/nova-rootwrap index a28205a80..3322bc815 100755 --- a/bin/nova-rootwrap +++ b/bin/nova-rootwrap @@ -42,6 +42,7 @@ import sys RC_UNAUTHORIZED = 99 RC_NOCOMMAND = 98 RC_BADCONFIG = 97 +RC_NOEXECFOUND = 96 def _subprocess_setup(): @@ -65,6 +66,11 @@ if __name__ == '__main__': config.read(configfile) try: filters_path = config.get("DEFAULT", "filters_path").split(",") + if config.has_option("DEFAULT", "exec_dirs"): + exec_dirs = config.get("DEFAULT", "exec_dirs").split(",") + else: + # Use system PATH if exec_dirs is not specified + exec_dirs = os.environ["PATH"].split(':') except ConfigParser.Error: print "%s: Incorrect configuration file: %s" % (execname, configfile) sys.exit(RC_BADCONFIG) @@ -79,16 +85,24 @@ if __name__ == '__main__': # Execute command if it matches any of the loaded filters filters = wrapper.load_filters(filters_path) - filtermatch = wrapper.match_filter(filters, userargs) - if filtermatch: - obj = subprocess.Popen(filtermatch.get_command(userargs), - stdin=sys.stdin, - stdout=sys.stdout, - stderr=sys.stderr, - preexec_fn=_subprocess_setup, - env=filtermatch.get_environment(userargs)) - obj.wait() - sys.exit(obj.returncode) - - print "Unauthorized command: %s" % ' '.join(userargs) - sys.exit(RC_UNAUTHORIZED) + try: + filtermatch = wrapper.match_filter(filters, userargs, + exec_dirs=exec_dirs) + if filtermatch: + obj = subprocess.Popen(filtermatch.get_command(userargs, + exec_dirs=exec_dirs), + stdin=sys.stdin, + stdout=sys.stdout, + stderr=sys.stderr, + preexec_fn=_subprocess_setup, + env=filtermatch.get_environment(userargs)) + obj.wait() + sys.exit(obj.returncode) + + except wrapper.FilterMatchNotExecutable as exc: + print "Executable not found: %s" % exc.match.exec_path + sys.exit(RC_NOEXECFOUND) + + except wrapper.NoFilterMatched: + print "Unauthorized command: %s" % ' '.join(userargs) + sys.exit(RC_UNAUTHORIZED) |