2017-05-26 20:08:45 +00:00
|
|
|
"""
|
2018-01-04 03:53:35 +00:00
|
|
|
Copyright 2018 Oliver Smith
|
2017-05-26 20:08:45 +00:00
|
|
|
|
|
|
|
This file is part of pmbootstrap.
|
|
|
|
|
|
|
|
pmbootstrap is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation, either version 3 of the License, or
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
pmbootstrap is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with pmbootstrap. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
"""
|
2017-07-21 16:25:52 +00:00
|
|
|
import configparser
|
|
|
|
import errno
|
2017-05-26 20:08:45 +00:00
|
|
|
import logging
|
|
|
|
import os
|
|
|
|
import pmb.chroot
|
|
|
|
import pmb.config
|
|
|
|
import pmb.chroot.apk
|
|
|
|
|
|
|
|
|
2017-06-14 17:10:21 +00:00
|
|
|
def get_running_pid(args):
|
2017-07-21 16:25:52 +00:00
|
|
|
"""
|
|
|
|
:returns: the running distccd's pid as integer or None
|
|
|
|
"""
|
2017-10-12 20:08:10 +00:00
|
|
|
pidfile = args.work + "/chroot_native/home/pmos/distccd.pid"
|
2017-05-26 20:08:45 +00:00
|
|
|
if not os.path.exists(pidfile):
|
|
|
|
return None
|
|
|
|
with open(pidfile, "r") as handle:
|
|
|
|
lines = handle.readlines()
|
|
|
|
return int(lines[0][:-1])
|
|
|
|
|
|
|
|
|
2017-07-21 16:25:52 +00:00
|
|
|
def get_running_info(args):
|
2017-06-14 17:10:21 +00:00
|
|
|
"""
|
2017-07-21 16:25:52 +00:00
|
|
|
:returns: A dictionary in the form of {"arch": .., "cmdline": "" }. arch is
|
|
|
|
the architecture (e.g. "armhf" or "aarch64"), and "cmdline" is the
|
|
|
|
saved value from the generate_cmdline() list, joined on space.
|
|
|
|
If the information can not be read, "arch" and "cmdline" are set to
|
|
|
|
"unknown".
|
|
|
|
The arch is used to print a nice stop message, the full cmdline is used to
|
|
|
|
check whether distccd needs to be restartet (e.g. because the arch has been
|
|
|
|
changed, or the verbose flag).
|
2017-06-14 17:10:21 +00:00
|
|
|
"""
|
2017-07-21 16:25:52 +00:00
|
|
|
info = configparser.ConfigParser()
|
|
|
|
path = args.work + "/chroot_native/tmp/distccd_running_info"
|
|
|
|
if os.path.exists(path):
|
|
|
|
info.read(path)
|
|
|
|
else:
|
|
|
|
info["distccd"] = {}
|
|
|
|
info["distccd"]["arch"] = "unknown"
|
|
|
|
info["distccd"]["cmdline"] = "unknown"
|
|
|
|
return info["distccd"]
|
2017-06-14 17:10:21 +00:00
|
|
|
|
|
|
|
|
2017-05-26 20:08:45 +00:00
|
|
|
def is_running(args):
|
2017-06-14 17:10:21 +00:00
|
|
|
"""
|
|
|
|
:returns: When not running: None
|
2017-07-21 16:25:52 +00:00
|
|
|
When running: result from get_running_info()
|
2017-06-14 17:10:21 +00:00
|
|
|
"""
|
2017-05-26 20:08:45 +00:00
|
|
|
# Get the PID
|
2017-06-14 17:10:21 +00:00
|
|
|
pid = get_running_pid(args)
|
2017-05-26 20:08:45 +00:00
|
|
|
if not pid:
|
|
|
|
return False
|
|
|
|
|
|
|
|
# Verify, if it still exists by sending a kill signal
|
|
|
|
try:
|
|
|
|
os.kill(pid, 0)
|
|
|
|
except OSError as err:
|
|
|
|
if err.errno == errno.ESRCH: # no such process
|
2017-10-12 20:08:10 +00:00
|
|
|
pmb.chroot.root(args, ["rm", "/home/pmos/distccd.pid"])
|
2017-05-26 20:08:45 +00:00
|
|
|
return False
|
|
|
|
elif err.errno == errno.EPERM: # access denied
|
2017-07-21 16:25:52 +00:00
|
|
|
return get_running_info(args)
|
|
|
|
|
|
|
|
|
|
|
|
def generate_cmdline(args, arch):
|
|
|
|
"""
|
|
|
|
:returns: a dictionary suitable for pmb.chroot.user(), to start the distccd
|
2017-12-21 16:42:29 +00:00
|
|
|
with all options set.
|
|
|
|
NOTE: The distcc client of the foreign arch chroot passes the
|
|
|
|
absolute path to the compiler, which points to
|
|
|
|
"/usr/lib/arch-bin-masquerade/armhf/gcc" for example. This also
|
|
|
|
exists in the native chroot, and points to the armhf cross-
|
|
|
|
compiler there (both the native and foreign chroot have the
|
|
|
|
arch-bin-masquerade package installed, which creates the
|
|
|
|
wrapper scripts).
|
2017-07-21 16:25:52 +00:00
|
|
|
"""
|
2017-12-21 16:42:29 +00:00
|
|
|
ret = ["distccd",
|
2017-10-12 20:08:10 +00:00
|
|
|
"--pid-file", "/home/pmos/distccd.pid",
|
2017-07-21 16:25:52 +00:00
|
|
|
"--listen", "127.0.0.1",
|
|
|
|
"--allow", "127.0.0.1",
|
|
|
|
"--port", args.port_distccd,
|
2017-10-12 20:08:10 +00:00
|
|
|
"--log-file", "/home/pmos/distccd.log",
|
2017-07-21 16:25:52 +00:00
|
|
|
"--jobs", args.jobs,
|
|
|
|
"--nice", "19",
|
|
|
|
"--job-lifetime", "60",
|
|
|
|
"--daemon"
|
|
|
|
]
|
|
|
|
if args.verbose:
|
|
|
|
ret.append("--verbose")
|
|
|
|
return ret
|
2017-05-26 20:08:45 +00:00
|
|
|
|
|
|
|
|
2017-06-14 17:10:21 +00:00
|
|
|
def start(args, arch):
|
2017-07-21 16:25:52 +00:00
|
|
|
# Skip when already running with the same cmdline
|
|
|
|
cmdline = generate_cmdline(args, arch)
|
|
|
|
info = is_running(args)
|
|
|
|
if info and info["cmdline"] == " ".join(cmdline):
|
2017-05-26 20:08:45 +00:00
|
|
|
return
|
2017-06-14 17:10:21 +00:00
|
|
|
stop(args)
|
2017-12-21 16:42:29 +00:00
|
|
|
pmb.chroot.apk.install(args, ["distcc", "arch-bin-masquerade"])
|
2017-05-26 20:08:45 +00:00
|
|
|
|
|
|
|
# Start daemon with cross-compiler in path
|
2017-07-21 16:25:52 +00:00
|
|
|
logging.info("(native) start distccd (" + arch + ") on 127.0.0.1:" +
|
|
|
|
args.port_distccd)
|
|
|
|
pmb.chroot.user(args, cmdline)
|
|
|
|
|
Properly escape commands in pmb.chroot.user() (#1316)
## Introduction
In #1302 we noticed that `pmb.chroot.user()` does not escape commands
properly: When passing one string with spaces, it would pass them as
two strings to the chroot. The use case is passing a description with
a space inside to `newapkbuild` with `pmboostrap newapkbuild`.
This is not a security issue, as we don't pass strings from untrusted
input to this function.
## Functions for running commands in pmbootstrap
To put the rest of the description in context: We have four high level
functions that run commands:
* `pmb.helpers.run.user()`
* `pmb.helpers.run.root()`
* `pmb.chroot.root()`
* `pmb.chroot.user()`
In addition, one low level function that the others invoke:
* `pmb.helpers.run.core()`
## Flawed test case
The issue described above did not get detected for so long, because we
have a test case in place since day one, which verifies that all of the
functions above escape everything properly:
* `test/test_shell_escape.py`
So the test case ran a given command through all these functions, and
compared the result each time. However, `pmb.chroot.root()`
modified the command variable (passed by reference) and did the
escaping already, which means `pmb.chroot.user()` running directly
afterwards only returns the right output when *not* doing any escaping.
Without questioning the accuracy of the test case, I've escaped
commands and environment variables with `shlex.quote()` *before*
passing them to `pmb.chroot.user()`. In retrospective this does not
make sense at all and is reverted with this commit.
## Environment variables
By coincidence, we have only passed custom environment variables to
`pmb.chroot.user()`, never to the other high level functions. This only
worked, because we did not do any escaping and the passed line gets
executed as shell command:
```
$ MYENV=test echo test2
test 2
```
If it was properly escaped as one shell command:
```
$ 'MYENV=test echo test2'
sh: MYENV=test echo test2: not found
```
So doing that clearly doesn't work anymore. I have added a new `env`
parameter to `pmb.chroot.user()` (and to all other high level functions
for consistency), where environment variables can be passed as a
dictionary. Then the function knows what to do and we end up with
properly escaped commands and environment variables.
## Details
* Add new `env` parameter to all high level command execution functions
* New `pmb.helpers.run.flat_cmd()` function, that takes a command as
list and environment variables as dict, and creates a properly escaped
flat string from the input.
* Use that function for proper escaping in all high level exec funcs
* Don't escape commands *before* passing them to `pmb.chroot.user()`
* Describe parameters of the command execution functions
* `pmbootstrap -v` writes the exact command to the log that was
executed (in addition to the simplified form we always write down for
readability)
* `test_shell_escape.py`: verify that the command passed by reference
has not been modified, add a new test for strings with spaces, add
tests for new function `pmb.helpers.run.flat_cmd()`
* Remove obsolete commend in `pmb.chroot.distccd` about environment
variables, because we don't use any there anymore
* Add `TERM=xterm` to default environment variables in the chroot,
so running ncurses applications like `menuconfig` and `nano` works out of
the box
2018-03-10 22:58:39 +00:00
|
|
|
# Write down the arch and cmdline
|
2017-07-21 16:25:52 +00:00
|
|
|
info = configparser.ConfigParser()
|
|
|
|
info["distccd"] = {}
|
|
|
|
info["distccd"]["arch"] = arch
|
|
|
|
info["distccd"]["cmdline"] = " ".join(cmdline)
|
|
|
|
with open(args.work + "/chroot_native/tmp/distccd_running_info", "w") as handle:
|
|
|
|
info.write(handle)
|
2017-06-14 17:10:21 +00:00
|
|
|
|
2017-05-26 20:08:45 +00:00
|
|
|
|
|
|
|
def stop(args):
|
2017-07-21 16:25:52 +00:00
|
|
|
info = is_running(args)
|
|
|
|
if info:
|
|
|
|
logging.info("(native) stop distccd (" + info["arch"] + ")")
|
2017-06-14 17:10:21 +00:00
|
|
|
pmb.chroot.user(args, ["kill", str(get_running_pid(args))])
|