← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/interpret.py

  • Committer: William Grant
  • Date: 2009-05-26 04:06:33 UTC
  • Revision ID: grantw@unimelb.edu.au-20090526040633-m1a2sya7ig3o9arl
Move ivle.conf.ivle_version to ivle.__version__.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ivle/interpret.py
21
21
 
22
22
# Runs a student script in a safe execution environment.
23
23
 
24
 
import ivle
25
24
from ivle import studpath
26
25
from ivle.util import IVLEError, IVLEJailError, split_path
 
26
import ivle.conf
27
27
 
28
28
import functools
29
29
 
73
73
    # (Note that paths "relative" to the jail actually begin with a '/' as
74
74
    # they are absolute in the jailspace)
75
75
 
76
 
    return interpreter(owner, jail_dir, working_dir, filename_abs, req,
 
76
    return interpreter(owner.unixid, jail_dir, working_dir, filename_abs, req,
77
77
                       gentle)
78
78
 
79
79
class CGIFlags:
88
88
        self.linebuf = ""
89
89
        self.headers = {}       # Header names : values
90
90
 
91
 
def execute_cgi(interpreter, owner, jail_dir, working_dir, script_path,
92
 
                req, gentle):
 
91
def execute_cgi(interpreter, trampoline, uid, jail_dir, working_dir,
 
92
                script_path, req, gentle):
93
93
    """
94
94
    trampoline: Full path on the local system to the CGI wrapper program
95
95
        being executed.
96
 
    owner: User object of the owner of the file.
 
96
    uid: User ID of the owner of the file.
97
97
    jail_dir: Absolute path of owner's jail directory.
98
98
    working_dir: Directory containing the script file relative to owner's
99
99
        jail.
105
105
    its environment.
106
106
    """
107
107
 
108
 
    trampoline = os.path.join(req.config['paths']['lib'], 'trampoline')
109
 
 
110
108
    # Support no-op trampoline runs.
111
109
    if interpreter is None:
112
110
        interpreter = '/bin/true'
136
134
        del os.environ[k]
137
135
    for (k,v) in req.get_cgi_environ().items():
138
136
        os.environ[k] = v
139
 
    fixup_environ(req, script_path, owner)
 
137
    fixup_environ(req, script_path)
140
138
 
141
139
    # usage: tramp uid jail_dir working_dir script_path
142
 
    cmd_line = [trampoline, str(owner.unixid),
143
 
            req.config['paths']['jails']['mounts'],
144
 
            req.config['paths']['jails']['src'],
145
 
            req.config['paths']['jails']['template'],
146
 
            jail_dir, working_dir, interpreter, script_path]
147
 
    # Popen doesn't like unicode strings. It hateses them.
148
 
    cmd_line = [(s.encode('utf-8') if isinstance(s, unicode) else s)
149
 
                for s in cmd_line]
150
 
    pid = subprocess.Popen(cmd_line,
 
140
    pid = subprocess.Popen(
 
141
        [trampoline, str(uid), ivle.conf.jail_base, ivle.conf.jail_src_base,
 
142
         ivle.conf.jail_system, jail_dir, working_dir, interpreter,
 
143
        script_path],
151
144
        stdin=f, stdout=subprocess.PIPE, stderr=subprocess.STDOUT,
152
145
        cwd=tramp_dir)
153
146
 
349
342
    <pre>
350
343
""" % (warning, text))
351
344
 
 
345
location_cgi_python = os.path.join(ivle.conf.lib_path, "trampoline")
 
346
 
352
347
# Mapping of interpreter names (as given in conf/app/server.py) to
353
348
# interpreter functions.
354
349
 
355
350
interpreter_objects = {
356
351
    'cgi-python'
357
 
        : functools.partial(execute_cgi, "/usr/bin/python"),
 
352
        : functools.partial(execute_cgi, "/usr/bin/python",
 
353
            location_cgi_python),
358
354
    'noop'
359
 
        : functools.partial(execute_cgi, None),
 
355
        : functools.partial(execute_cgi, None,
 
356
            location_cgi_python),
360
357
    # Should also have:
361
358
    # cgi-generic
362
359
    # python-server-page
363
360
}
364
361
 
365
 
def fixup_environ(req, script_path, user):
 
362
def fixup_environ(req, script_path):
366
363
    """Assuming os.environ has been written with the CGI variables from
367
364
    apache, make a few changes for security and correctness.
368
365
 
419
416
    env['SERVER_SOFTWARE'] = "IVLE/" + ivle.__version__
420
417
 
421
418
    # Additional environment variables
422
 
    username = user.login
 
419
    username = split_path(req.path)[0]
423
420
    env['HOME'] = os.path.join('/home', username)
424
421
 
425
422
class ExecutionError(Exception):
426
423
    pass
427
424
 
428
 
def execute_raw(config, user, jail_dir, working_dir, binary, args):
 
425
def execute_raw(user, jail_dir, working_dir, binary, args):
429
426
    '''Execute a binary in a user's jail, returning the raw output.
430
427
 
431
428
    The binary is executed in the given working directory with the given
432
429
    args. A tuple of (stdout, stderr) is returned.
433
430
    '''
434
431
 
435
 
    tramp = os.path.join(config['paths']['lib'], 'trampoline')
436
 
    tramp_dir = os.path.split(tramp)[0]
 
432
    tramp = location_cgi_python
 
433
    tramp_dir = os.path.split(location_cgi_python)[0]
437
434
 
438
435
    # Fire up trampoline. Vroom, vroom.
439
 
    cmd_line = [tramp, str(user.unixid), config['paths']['jails']['mounts'],
440
 
         config['paths']['jails']['src'],
441
 
         config['paths']['jails']['template'],
442
 
         jail_dir, working_dir, binary] + args
443
 
    # Popen doesn't like unicode strings. It hateses them.
444
 
    cmd_line = [(s.encode('utf-8') if isinstance(s, unicode) else s)
445
 
                for s in cmd_line]
446
 
    proc = subprocess.Popen(cmd_line,
 
436
    proc = subprocess.Popen(
 
437
        [tramp, str(user.unixid), ivle.conf.jail_base,
 
438
         ivle.conf.jail_src_base, ivle.conf.jail_system, jail_dir,
 
439
         working_dir, binary] + args,
447
440
        stdin=subprocess.PIPE, stdout=subprocess.PIPE,
448
 
        stderr=subprocess.PIPE, cwd=tramp_dir, close_fds=True,
449
 
        env={'HOME': os.path.join('/home', user.login),
450
 
             'PATH': os.environ['PATH'],
451
 
             'USER': user.login,
452
 
             'LOGNAME': user.login})
 
441
        stderr=subprocess.PIPE, cwd=tramp_dir, close_fds=True)
453
442
 
454
443
    (stdout, stderr) = proc.communicate()
455
444
    exitcode = proc.returncode
456
445
 
457
446
    if exitcode != 0:
458
 
        raise ExecutionError('subprocess ended with code %d, stderr: "%s"' %
459
 
                             (exitcode, stderr))
 
447
        raise ExecutionError('subprocess ended with code %d, stderr %s' %
 
448
                             (exitcode, proc.stderr.read()))
460
449
    return (stdout, stderr)