22
22
# Runs a student script in a safe execution environment.
25
24
from ivle import studpath
26
from ivle.util import IVLEError, IVLEJailError, split_path
25
from ivle.util import IVLEError, IVLEJailError
89
89
self.headers = {} # Header names : values
91
def execute_cgi(interpreter, uid, jail_dir, working_dir, script_path,
91
def execute_cgi(interpreter, trampoline, uid, jail_dir, working_dir,
92
script_path, req, gentle):
94
94
trampoline: Full path on the local system to the CGI wrapper program
141
139
# usage: tramp uid jail_dir working_dir script_path
142
140
pid = subprocess.Popen(
143
[trampoline, str(uid), req.config['paths']['jails']['mounts'],
144
req.config['paths']['jails']['src'],
145
req.config['paths']['jails']['template'],
146
jail_dir, working_dir, interpreter, script_path],
141
[trampoline, str(uid), ivle.conf.jail_base, ivle.conf.jail_src_base,
142
ivle.conf.jail_system, jail_dir, working_dir, interpreter,
147
144
stdin=f, stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
346
343
""" % (warning, text))
345
location_cgi_python = os.path.join(ivle.conf.lib_path, "trampoline")
348
347
# Mapping of interpreter names (as given in conf/app/server.py) to
349
348
# interpreter functions.
351
350
interpreter_objects = {
353
: functools.partial(execute_cgi, "/usr/bin/python"),
352
: functools.partial(execute_cgi, "/usr/bin/python",
353
location_cgi_python),
355
: functools.partial(execute_cgi, None),
355
: functools.partial(execute_cgi, None,
356
location_cgi_python),
356
357
# Should also have:
358
359
# python-server-page
403
404
if script_path and script_path.startswith('/home'):
404
405
normscript = os.path.normpath(script_path)
406
uri_into_jail = studpath.to_home_path(os.path.normpath(req.path))
407
uri_into_jail = studpath.url_to_jailpaths(os.path.normpath(req.path))[2]
408
409
# PATH_INFO is wrong because the script doesn't physically exist.
409
410
env['PATH_INFO'] = uri_into_jail[len(normscript):]
413
414
# SERVER_SOFTWARE is actually not Apache but IVLE, since we are
414
415
# custom-making the CGI request.
415
env['SERVER_SOFTWARE'] = "IVLE/" + ivle.__version__
416
env['SERVER_SOFTWARE'] = "IVLE/" + str(ivle.conf.ivle_version)
417
418
# Additional environment variables
418
username = split_path(req.path)[0]
419
username = studpath.url_to_jailpaths(req.path)[0]
419
420
env['HOME'] = os.path.join('/home', username)
421
422
class ExecutionError(Exception):
424
def execute_raw(config, user, jail_dir, working_dir, binary, args):
425
def execute_raw(user, jail_dir, working_dir, binary, args):
425
426
'''Execute a binary in a user's jail, returning the raw output.
427
428
The binary is executed in the given working directory with the given
428
429
args. A tuple of (stdout, stderr) is returned.
431
tramp = os.path.join(config['paths']['lib'], 'trampoline')
432
tramp_dir = os.path.split(tramp)[0]
432
tramp = location_cgi_python
433
tramp_dir = os.path.split(location_cgi_python)[0]
434
435
# Fire up trampoline. Vroom, vroom.
435
436
proc = subprocess.Popen(
436
[tramp, str(user.unixid), config['paths']['jails']['mounts'],
437
config['paths']['jails']['src'],
438
config['paths']['jails']['template'],
439
jail_dir, working_dir, binary] + args,
437
[tramp, str(user.unixid), ivle.conf.jail_base,
438
ivle.conf.jail_src_base, ivle.conf.jail_system, jail_dir,
439
working_dir, binary] + args,
440
440
stdin=subprocess.PIPE, stdout=subprocess.PIPE,
441
441
stderr=subprocess.PIPE, cwd=tramp_dir, close_fds=True)