2017-04-16 03:17:53 +02:00
|
|
|
# -*- encoding: utf8 -*-
|
|
|
|
#
|
|
|
|
# The Qubes OS Project, http://www.qubes-os.org
|
|
|
|
#
|
|
|
|
# Copyright (C) 2017 Marek Marczykowski-Górecki
|
|
|
|
# <marmarek@invisiblethingslab.com>
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU Lesser General Public License as published by
|
|
|
|
# the Free Software Foundation; either version 2.1 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU Lesser General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU Lesser General Public License along
|
|
|
|
# with this program; if not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
''' qvm-run tool'''
|
2018-12-07 04:22:05 +01:00
|
|
|
import contextlib
|
2017-04-16 03:17:53 +02:00
|
|
|
import os
|
2018-12-07 04:22:05 +01:00
|
|
|
import signal
|
2017-05-17 11:06:56 +02:00
|
|
|
import subprocess
|
2017-08-08 23:48:52 +02:00
|
|
|
import sys
|
2017-04-16 03:17:53 +02:00
|
|
|
|
2017-06-14 10:35:20 +02:00
|
|
|
import multiprocessing
|
|
|
|
|
2017-11-07 17:56:56 +01:00
|
|
|
import select
|
2017-08-08 23:48:52 +02:00
|
|
|
|
2017-05-11 23:21:04 +02:00
|
|
|
import qubesadmin.tools
|
|
|
|
import qubesadmin.exc
|
2017-04-16 03:17:53 +02:00
|
|
|
|
2017-08-06 20:44:55 +02:00
|
|
|
parser = qubesadmin.tools.QubesArgumentParser()
|
2017-04-16 03:17:53 +02:00
|
|
|
|
|
|
|
parser.add_argument('--user', '-u', metavar='USER',
|
|
|
|
help='run command in a qube as USER (available only from dom0)')
|
|
|
|
|
|
|
|
parser.add_argument('--autostart', '--auto', '-a',
|
|
|
|
action='store_true', default=True,
|
|
|
|
help='option ignored, this is default')
|
|
|
|
|
|
|
|
parser.add_argument('--no-autostart', '--no-auto', '-n',
|
2017-10-19 14:55:33 +02:00
|
|
|
action='store_false', dest='autostart',
|
2017-04-16 03:17:53 +02:00
|
|
|
help='do not autostart qube')
|
|
|
|
|
|
|
|
parser.add_argument('--pass-io', '-p',
|
|
|
|
action='store_true', dest='passio', default=False,
|
|
|
|
help='pass stdio from remote program')
|
|
|
|
|
|
|
|
parser.add_argument('--localcmd', metavar='COMMAND',
|
|
|
|
help='with --pass-io, pass stdio to the given program')
|
|
|
|
|
|
|
|
parser.add_argument('--gui',
|
|
|
|
action='store_true', default=True,
|
|
|
|
help='run the command with GUI (default on)')
|
|
|
|
|
|
|
|
parser.add_argument('--no-gui', '--nogui',
|
|
|
|
action='store_false', dest='gui',
|
|
|
|
help='run the command without GUI')
|
|
|
|
|
|
|
|
parser.add_argument('--colour-output', '--color-output', metavar='COLOUR',
|
|
|
|
action='store', dest='color_output', default=None,
|
|
|
|
help='mark the qube output with given ANSI colour (ie. "31" for red)')
|
|
|
|
|
|
|
|
parser.add_argument('--colour-stderr', '--color-stderr', metavar='COLOUR',
|
|
|
|
action='store', dest='color_stderr', default=None,
|
|
|
|
help='mark the qube stderr with given ANSI colour (ie. "31" for red)')
|
|
|
|
|
|
|
|
parser.add_argument('--no-colour-output', '--no-color-output',
|
|
|
|
action='store_false', dest='color_output',
|
|
|
|
help='disable colouring the stdio')
|
|
|
|
|
|
|
|
parser.add_argument('--no-colour-stderr', '--no-color-stderr',
|
|
|
|
action='store_false', dest='color_stderr',
|
|
|
|
help='disable colouring the stderr')
|
|
|
|
|
|
|
|
parser.add_argument('--filter-escape-chars',
|
|
|
|
action='store_true', dest='filter_esc',
|
|
|
|
default=os.isatty(sys.stdout.fileno()),
|
|
|
|
help='filter terminal escape sequences (default if output is terminal)')
|
|
|
|
|
|
|
|
parser.add_argument('--no-filter-escape-chars',
|
|
|
|
action='store_false', dest='filter_esc',
|
|
|
|
help='do not filter terminal escape sequences; DANGEROUS when output is a'
|
|
|
|
' terminal emulator')
|
|
|
|
|
2017-05-19 19:41:39 +02:00
|
|
|
parser.add_argument('--service',
|
|
|
|
action='store_true', dest='service',
|
|
|
|
help='run a qrexec service (named by COMMAND) instead of shell command')
|
|
|
|
|
2017-08-06 20:44:55 +02:00
|
|
|
target_parser = parser.add_mutually_exclusive_group()
|
|
|
|
|
|
|
|
target_parser.add_argument('--dispvm', action='store', nargs='?',
|
|
|
|
const=True, metavar='BASE_APPVM',
|
|
|
|
help='start a service in new Disposable VM; '
|
|
|
|
'optionally specify base AppVM for DispVM')
|
|
|
|
target_parser.add_argument('VMNAME',
|
|
|
|
nargs='?',
|
|
|
|
action=qubesadmin.tools.VmNameAction)
|
|
|
|
|
|
|
|
# add those manually instead of vmname_args, because of mutually exclusive
|
|
|
|
# group with --dispvm; parsing is still handled by QubesArgumentParser
|
|
|
|
target_parser.add_argument('--all', action='store_true', dest='all_domains',
|
|
|
|
help='run command on all running qubes')
|
|
|
|
|
|
|
|
parser.add_argument('--exclude', action='append', default=[],
|
|
|
|
help='exclude the qube from --all')
|
|
|
|
|
2017-04-16 03:17:53 +02:00
|
|
|
parser.add_argument('cmd', metavar='COMMAND',
|
2017-09-20 22:53:30 +02:00
|
|
|
help='command or service to run')
|
2017-04-16 03:17:53 +02:00
|
|
|
|
2017-06-14 10:35:20 +02:00
|
|
|
def copy_stdin(stream):
|
2017-07-18 01:32:06 +02:00
|
|
|
'''Copy stdin to *stream*'''
|
2017-08-08 23:48:52 +02:00
|
|
|
# multiprocessing.Process have sys.stdin connected to /dev/null, use fd 0
|
|
|
|
# directly
|
2017-11-07 17:56:56 +01:00
|
|
|
while True:
|
2018-12-07 04:22:05 +01:00
|
|
|
try:
|
|
|
|
# select so this code works even if fd 0 is non-blocking
|
|
|
|
select.select([0], [], [])
|
|
|
|
data = os.read(0, 65536)
|
|
|
|
if data is None or data == b'':
|
|
|
|
break
|
|
|
|
stream.write(data)
|
|
|
|
stream.flush()
|
|
|
|
except KeyboardInterrupt:
|
2017-07-18 01:12:43 +02:00
|
|
|
break
|
2017-06-14 10:35:20 +02:00
|
|
|
stream.close()
|
2017-05-22 10:54:51 +02:00
|
|
|
|
2018-12-07 04:53:15 +01:00
|
|
|
def print_no_color(msg, file, color):
|
|
|
|
'''Print a *msg* to *file* without coloring it.
|
|
|
|
Namely reset to base color first, print a message, then restore color.
|
|
|
|
'''
|
|
|
|
if color:
|
|
|
|
print('\033[0m{}\033[0;{}m'.format(msg, color), file=file)
|
|
|
|
else:
|
|
|
|
print(msg, file=file)
|
|
|
|
|
|
|
|
|
2018-12-08 00:40:24 +01:00
|
|
|
def run_command_single(args, vm):
|
|
|
|
'''Handle a single VM to run the command in'''
|
2017-04-16 03:17:53 +02:00
|
|
|
run_kwargs = {}
|
|
|
|
if not args.passio:
|
2017-05-17 11:06:56 +02:00
|
|
|
run_kwargs['stdout'] = subprocess.DEVNULL
|
|
|
|
run_kwargs['stderr'] = subprocess.DEVNULL
|
tools: fix qvm-run --pass-io --localcmd=... vmname command
qubes.VMShell service, used by qvm-run, expects the command on the first
input line. Previously, when --localcmd was used, the command wasn't
written anywhere and the local command was connected directly to
qubes.VMShell service. And the first line of its output was interpreted
as a command.
Fix this by starting the local command separately, after sending the
command to qubes.VMShell service.
While at it, unify handling shell command and service calls in the process.
vm.run_service(..., localcmd= ) isn't that useful in general case,
because for qubes.VMShell the caller first need to send the command
before starting local process. Since the qvm-run tool needs to implement
manual starting localcmd anyway, don't use localcmd= run_service's
argument at all to unify calling methods.
There is slight behavior change: previously localcmd was started only
after establishing service connection (for example only if qrexec policy
allows), now it is started in all the cases.
Fixes QubesOS/qubes-issues#4040
2018-12-06 23:46:20 +01:00
|
|
|
elif args.localcmd:
|
|
|
|
run_kwargs['stdin'] = subprocess.PIPE
|
|
|
|
run_kwargs['stdout'] = subprocess.PIPE
|
|
|
|
run_kwargs['stderr'] = None
|
2017-04-16 03:17:53 +02:00
|
|
|
else:
|
|
|
|
# connect process output to stdout/err directly if --pass-io is given
|
|
|
|
run_kwargs['stdout'] = None
|
|
|
|
run_kwargs['stderr'] = None
|
tools: fix qvm-run --pass-io --localcmd=... vmname command
qubes.VMShell service, used by qvm-run, expects the command on the first
input line. Previously, when --localcmd was used, the command wasn't
written anywhere and the local command was connected directly to
qubes.VMShell service. And the first line of its output was interpreted
as a command.
Fix this by starting the local command separately, after sending the
command to qubes.VMShell service.
While at it, unify handling shell command and service calls in the process.
vm.run_service(..., localcmd= ) isn't that useful in general case,
because for qubes.VMShell the caller first need to send the command
before starting local process. Since the qvm-run tool needs to implement
manual starting localcmd anyway, don't use localcmd= run_service's
argument at all to unify calling methods.
There is slight behavior change: previously localcmd was started only
after establishing service connection (for example only if qrexec policy
allows), now it is started in all the cases.
Fixes QubesOS/qubes-issues#4040
2018-12-06 23:46:20 +01:00
|
|
|
if args.filter_esc:
|
2017-08-11 15:04:10 +02:00
|
|
|
run_kwargs['filter_esc'] = True
|
2017-04-16 03:17:53 +02:00
|
|
|
|
2017-05-19 17:30:46 +02:00
|
|
|
if isinstance(args.app, qubesadmin.app.QubesLocal) and \
|
2017-08-06 20:44:55 +02:00
|
|
|
not args.passio and \
|
|
|
|
not args.localcmd and \
|
|
|
|
args.service and \
|
|
|
|
not args.dispvm:
|
2017-05-19 17:30:46 +02:00
|
|
|
# wait=False works only in dom0; but it's still useful, to save on
|
|
|
|
# simultaneous vchan connections
|
|
|
|
run_kwargs['wait'] = False
|
|
|
|
|
2018-12-08 00:40:24 +01:00
|
|
|
copy_proc = None
|
|
|
|
local_proc = None
|
|
|
|
if args.service:
|
|
|
|
service = args.cmd
|
|
|
|
else:
|
|
|
|
service = 'qubes.VMShell'
|
|
|
|
if args.gui and args.dispvm:
|
|
|
|
service += '+WaitForSession'
|
|
|
|
proc = vm.run_service(service,
|
|
|
|
user=args.user,
|
|
|
|
**run_kwargs)
|
|
|
|
if not args.service:
|
|
|
|
proc.stdin.write(vm.prepare_input_for_vmshell(args.cmd))
|
|
|
|
proc.stdin.flush()
|
|
|
|
if args.localcmd:
|
|
|
|
local_proc = subprocess.Popen(args.localcmd,
|
|
|
|
shell=True,
|
|
|
|
stdout=proc.stdin,
|
|
|
|
stdin=proc.stdout)
|
|
|
|
# stdin is closed below
|
|
|
|
proc.stdout.close()
|
|
|
|
elif args.passio:
|
|
|
|
copy_proc = multiprocessing.Process(target=copy_stdin,
|
|
|
|
args=(proc.stdin,))
|
|
|
|
copy_proc.start()
|
|
|
|
# keep the copying process running
|
|
|
|
proc.stdin.close()
|
|
|
|
return proc, copy_proc, local_proc
|
|
|
|
|
|
|
|
|
|
|
|
def main(args=None, app=None):
|
|
|
|
'''Main function of qvm-run tool'''
|
|
|
|
args = parser.parse_args(args, app=app)
|
|
|
|
if args.color_output is None and args.filter_esc:
|
|
|
|
args.color_output = '31'
|
|
|
|
|
|
|
|
if args.color_stderr is None and os.isatty(sys.stderr.fileno()):
|
|
|
|
args.color_stderr = 31
|
|
|
|
|
|
|
|
if len(args.domains) > 1 and args.passio and not args.localcmd:
|
|
|
|
parser.error('--passio cannot be used when more than 1 qube is chosen '
|
|
|
|
'and no --localcmd is used')
|
|
|
|
if args.localcmd and not args.passio:
|
|
|
|
parser.error('--localcmd have no effect without --pass-io')
|
|
|
|
if args.color_output and not args.filter_esc:
|
|
|
|
parser.error('--color-output must be used with --filter-escape-chars')
|
|
|
|
|
|
|
|
retcode = 0
|
|
|
|
|
2017-05-17 11:10:06 +02:00
|
|
|
verbose = args.verbose - args.quiet
|
|
|
|
if args.passio:
|
|
|
|
verbose -= 1
|
|
|
|
|
2017-08-06 20:44:55 +02:00
|
|
|
# --all and --exclude are handled by QubesArgumentParser
|
|
|
|
domains = args.domains
|
|
|
|
dispvm = None
|
|
|
|
if args.dispvm:
|
|
|
|
if args.exclude:
|
|
|
|
parser.error('Cannot use --exclude with --dispvm')
|
|
|
|
dispvm = qubesadmin.vm.DispVM.from_appvm(args.app,
|
|
|
|
None if args.dispvm is True else args.dispvm)
|
|
|
|
domains = [dispvm]
|
|
|
|
elif args.all_domains:
|
|
|
|
# --all consider only running VMs
|
|
|
|
domains = [vm for vm in domains if vm.is_running()]
|
2017-04-16 03:17:53 +02:00
|
|
|
if args.color_output:
|
|
|
|
sys.stdout.write('\033[0;{}m'.format(args.color_output))
|
|
|
|
sys.stdout.flush()
|
|
|
|
if args.color_stderr:
|
|
|
|
sys.stderr.write('\033[0;{}m'.format(args.color_stderr))
|
|
|
|
sys.stderr.flush()
|
2017-06-14 10:35:20 +02:00
|
|
|
copy_proc = None
|
2017-04-16 03:17:53 +02:00
|
|
|
try:
|
|
|
|
procs = []
|
2017-08-06 20:44:55 +02:00
|
|
|
for vm in domains:
|
2017-04-16 03:17:53 +02:00
|
|
|
if not args.autostart and not vm.is_running():
|
2018-12-07 04:53:57 +01:00
|
|
|
if verbose > 0:
|
|
|
|
print_no_color('Qube \'{}\' not started'.format(vm.name),
|
|
|
|
file=sys.stderr, color=args.color_stderr)
|
|
|
|
retcode = max(retcode, 1)
|
2017-04-16 03:17:53 +02:00
|
|
|
continue
|
|
|
|
try:
|
2017-05-17 11:10:06 +02:00
|
|
|
if verbose > 0:
|
2018-12-07 04:53:15 +01:00
|
|
|
print_no_color(
|
|
|
|
'Running \'{}\' on {}'.format(args.cmd, vm.name),
|
|
|
|
file=sys.stderr, color=args.color_stderr)
|
2017-08-06 20:44:55 +02:00
|
|
|
if args.gui and not args.dispvm:
|
2017-05-17 11:07:48 +02:00
|
|
|
wait_session = vm.run_service('qubes.WaitForSession',
|
|
|
|
stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
|
2018-12-07 04:22:05 +01:00
|
|
|
try:
|
|
|
|
wait_session.communicate(vm.default_user.encode())
|
|
|
|
except KeyboardInterrupt:
|
|
|
|
with contextlib.suppress(ProcessLookupError):
|
|
|
|
wait_session.send_signal(signal.SIGINT)
|
|
|
|
break
|
2018-12-08 00:40:24 +01:00
|
|
|
proc, copy_proc, local_proc = run_command_single(args, vm)
|
2018-12-07 04:54:47 +01:00
|
|
|
procs.append((vm, proc))
|
2018-12-08 00:40:24 +01:00
|
|
|
if local_proc:
|
|
|
|
procs.append((vm, local_proc))
|
2017-05-11 23:21:04 +02:00
|
|
|
except qubesadmin.exc.QubesException as e:
|
2017-04-16 03:17:53 +02:00
|
|
|
if args.color_output:
|
|
|
|
sys.stdout.write('\033[0m')
|
|
|
|
sys.stdout.flush()
|
|
|
|
vm.log.error(str(e))
|
|
|
|
return -1
|
2018-12-07 04:22:05 +01:00
|
|
|
try:
|
2018-12-07 04:54:47 +01:00
|
|
|
for vm, proc in procs:
|
|
|
|
this_retcode = proc.wait()
|
2018-12-16 05:51:41 +01:00
|
|
|
if this_retcode and verbose > 0:
|
2018-12-07 04:54:47 +01:00
|
|
|
print_no_color(
|
|
|
|
'{}: command failed with code: {}'.format(
|
|
|
|
vm.name, this_retcode),
|
|
|
|
file=sys.stderr, color=args.color_stderr)
|
2018-12-07 04:22:05 +01:00
|
|
|
retcode = max(retcode, proc.wait())
|
|
|
|
except KeyboardInterrupt:
|
2018-12-07 04:54:47 +01:00
|
|
|
for vm, proc in procs:
|
2018-12-07 04:22:05 +01:00
|
|
|
with contextlib.suppress(ProcessLookupError):
|
|
|
|
proc.send_signal(signal.SIGINT)
|
2018-12-07 04:54:47 +01:00
|
|
|
for vm, proc in procs:
|
2018-12-07 04:22:05 +01:00
|
|
|
retcode = max(retcode, proc.wait())
|
2017-04-16 03:17:53 +02:00
|
|
|
finally:
|
2017-08-06 20:44:55 +02:00
|
|
|
if dispvm:
|
|
|
|
dispvm.cleanup()
|
2017-04-16 03:17:53 +02:00
|
|
|
if args.color_output:
|
|
|
|
sys.stdout.write('\033[0m')
|
|
|
|
sys.stdout.flush()
|
|
|
|
if args.color_stderr:
|
|
|
|
sys.stderr.write('\033[0m')
|
|
|
|
sys.stderr.flush()
|
2017-06-14 10:35:20 +02:00
|
|
|
if copy_proc is not None:
|
|
|
|
copy_proc.terminate()
|
2017-04-16 03:17:53 +02:00
|
|
|
|
|
|
|
return retcode
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
sys.exit(main())
|