22
22
# Runs a student script in a safe execution environment.
24
25
from ivle import studpath
25
from ivle.util import IVLEError, IVLEJailError
26
from ivle.util import IVLEError, IVLEJailError, split_path
89
89
self.headers = {} # Header names : values
91
def execute_cgi(interpreter, trampoline, uid, jail_dir, working_dir,
92
script_path, req, gentle):
91
def execute_cgi(interpreter, uid, jail_dir, working_dir, script_path,
94
94
trampoline: Full path on the local system to the CGI wrapper program
139
141
# usage: tramp uid jail_dir working_dir script_path
140
142
pid = subprocess.Popen(
141
[trampoline, str(uid), ivle.conf.jail_base, ivle.conf.jail_src_base,
142
ivle.conf.jail_system, jail_dir, working_dir, interpreter,
143
[trampoline, str(uid), req.config['paths']['jails']['mounts'],
144
req.config['paths']['jails']['src'],
145
req.config['paths']['jails']['template'],
146
jail_dir, working_dir, interpreter, script_path],
144
147
stdin=f, stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
343
346
""" % (warning, text))
345
location_cgi_python = os.path.join(ivle.conf.lib_path, "trampoline")
347
348
# Mapping of interpreter names (as given in conf/app/server.py) to
348
349
# interpreter functions.
350
351
interpreter_objects = {
352
: functools.partial(execute_cgi, "/usr/bin/python",
353
location_cgi_python),
353
: functools.partial(execute_cgi, "/usr/bin/python"),
355
: functools.partial(execute_cgi, None,
356
location_cgi_python),
355
: functools.partial(execute_cgi, None),
357
356
# Should also have:
359
358
# python-server-page
404
403
if script_path and script_path.startswith('/home'):
405
404
normscript = os.path.normpath(script_path)
407
uri_into_jail = studpath.url_to_jailpaths(os.path.normpath(req.path))[2]
406
uri_into_jail = studpath.to_home_path(os.path.normpath(req.path))
409
408
# PATH_INFO is wrong because the script doesn't physically exist.
410
409
env['PATH_INFO'] = uri_into_jail[len(normscript):]
414
413
# SERVER_SOFTWARE is actually not Apache but IVLE, since we are
415
414
# custom-making the CGI request.
416
env['SERVER_SOFTWARE'] = "IVLE/" + str(ivle.conf.ivle_version)
415
env['SERVER_SOFTWARE'] = "IVLE/" + ivle.__version__
418
417
# Additional environment variables
419
username = studpath.url_to_jailpaths(req.path)[0]
418
username = split_path(req.path)[0]
420
419
env['HOME'] = os.path.join('/home', username)
422
421
class ExecutionError(Exception):
425
def execute_raw(user, jail_dir, working_dir, binary, args):
424
def execute_raw(config, user, jail_dir, working_dir, binary, args):
426
425
'''Execute a binary in a user's jail, returning the raw output.
428
427
The binary is executed in the given working directory with the given
429
428
args. A tuple of (stdout, stderr) is returned.
432
tramp = location_cgi_python
433
tramp_dir = os.path.split(location_cgi_python)[0]
431
tramp = os.path.join(config['paths']['lib'], 'trampoline')
432
tramp_dir = os.path.split(tramp)[0]
435
434
# Fire up trampoline. Vroom, vroom.
436
435
proc = subprocess.Popen(
437
[tramp, str(user.unixid), ivle.conf.jail_base,
438
ivle.conf.jail_src_base, ivle.conf.jail_system, jail_dir,
439
working_dir, binary] + args,
436
[tramp, str(user.unixid), config['paths']['jails']['mounts'],
437
config['paths']['jails']['src'],
438
config['paths']['jails']['template'],
439
jail_dir, working_dir, binary] + args,
440
440
stdin=subprocess.PIPE, stdout=subprocess.PIPE,
441
441
stderr=subprocess.PIPE, cwd=tramp_dir, close_fds=True)