Qubes/core-admin-client
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
7f269770d5
core-admin-client/qubesadmin/tools/qvm_run.py
Marek Marczykowski-Górecki 8981e71b88
tools: fix handling qvm-run --no-autostart 
Fixes QubesOS/qubes-issues#3083
2017-10-19 14:55:33 +02:00

250 lines
9.0 KiB
Python
Raw Blame History

# -*- encoding: utf8 -*-
#
# The Qubes OS Project, http://www.qubes-os.org
#
# Copyright (C) 2017 Marek Marczykowski-Górecki
# <marmarek@invisiblethingslab.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with this program; if not, see <http://www.gnu.org/licenses/>.
''' qvm-run tool'''
import os
import subprocess
import sys
import multiprocessing
import fcntl
import qubesadmin.tools
import qubesadmin.exc
parser = qubesadmin.tools.QubesArgumentParser()
parser.add_argument('--user', '-u', metavar='USER',
help='run command in a qube as USER (available only from dom0)')
parser.add_argument('--autostart', '--auto', '-a',
action='store_true', default=True,
help='option ignored, this is default')
parser.add_argument('--no-autostart', '--no-auto', '-n',
action='store_false', dest='autostart',
help='do not autostart qube')
parser.add_argument('--pass-io', '-p',
action='store_true', dest='passio', default=False,
help='pass stdio from remote program')
parser.add_argument('--localcmd', metavar='COMMAND',
help='with --pass-io, pass stdio to the given program')
parser.add_argument('--gui',
action='store_true', default=True,
help='run the command with GUI (default on)')
parser.add_argument('--no-gui', '--nogui',
action='store_false', dest='gui',
help='run the command without GUI')
parser.add_argument('--colour-output', '--color-output', metavar='COLOUR',
action='store', dest='color_output', default=None,
help='mark the qube output with given ANSI colour (ie. "31" for red)')
parser.add_argument('--colour-stderr', '--color-stderr', metavar='COLOUR',
action='store', dest='color_stderr', default=None,
help='mark the qube stderr with given ANSI colour (ie. "31" for red)')
parser.add_argument('--no-colour-output', '--no-color-output',
action='store_false', dest='color_output',
help='disable colouring the stdio')
parser.add_argument('--no-colour-stderr', '--no-color-stderr',
action='store_false', dest='color_stderr',
help='disable colouring the stderr')
parser.add_argument('--filter-escape-chars',
action='store_true', dest='filter_esc',
default=os.isatty(sys.stdout.fileno()),
help='filter terminal escape sequences (default if output is terminal)')
parser.add_argument('--no-filter-escape-chars',
action='store_false', dest='filter_esc',
help='do not filter terminal escape sequences; DANGEROUS when output is a'
' terminal emulator')
parser.add_argument('--service',
action='store_true', dest='service',
help='run a qrexec service (named by COMMAND) instead of shell command')
target_parser = parser.add_mutually_exclusive_group()
target_parser.add_argument('--dispvm', action='store', nargs='?',
const=True, metavar='BASE_APPVM',
help='start a service in new Disposable VM; '
'optionally specify base AppVM for DispVM')
target_parser.add_argument('VMNAME',
nargs='?',
action=qubesadmin.tools.VmNameAction)
# add those manually instead of vmname_args, because of mutually exclusive
# group with --dispvm; parsing is still handled by QubesArgumentParser
target_parser.add_argument('--all', action='store_true', dest='all_domains',
help='run command on all running qubes')
parser.add_argument('--exclude', action='append', default=[],
help='exclude the qube from --all')
parser.add_argument('cmd', metavar='COMMAND',
help='command or service to run')
def copy_stdin(stream):
'''Copy stdin to *stream*'''
# multiprocessing.Process have sys.stdin connected to /dev/null, use fd 0
# directly
flags = fcntl.fcntl(0, fcntl.F_GETFL)
flags &= ~os.O_NONBLOCK
fcntl.fcntl(0, fcntl.F_SETFL, flags)
for data in iter(lambda: os.read(0, 65536), b''):
if data is None:
break
stream.write(data)
stream.flush()
stream.close()
def main(args=None, app=None):
'''Main function of qvm-run tool'''
args = parser.parse_args(args, app=app)
if args.color_output is None and args.filter_esc:
args.color_output = '31'
if args.color_output is None and os.isatty(sys.stderr.fileno()):
args.color_stderr = 31
if len(args.domains) > 1 and args.passio and not args.localcmd:
parser.error('--passio cannot be used when more than 1 qube is chosen '
'and no --localcmd is used')
if args.localcmd and not args.passio:
parser.error('--localcmd have no effect without --pass-io')
if args.color_output and not args.filter_esc:
parser.error('--color-output must be used with --filter-escape-chars')
retcode = 0
run_kwargs = {}
if not args.passio:
run_kwargs['stdout'] = subprocess.DEVNULL
run_kwargs['stderr'] = subprocess.DEVNULL
else:
# connect process output to stdout/err directly if --pass-io is given
run_kwargs['stdout'] = None
run_kwargs['stderr'] = None
if not args.localcmd and args.filter_esc:
run_kwargs['filter_esc'] = True
if isinstance(args.app, qubesadmin.app.QubesLocal) and \
not args.passio and \
not args.localcmd and \
args.service and \
not args.dispvm:
# wait=False works only in dom0; but it's still useful, to save on
# simultaneous vchan connections
run_kwargs['wait'] = False
verbose = args.verbose - args.quiet
if args.passio:
verbose -= 1
# --all and --exclude are handled by QubesArgumentParser
domains = args.domains
dispvm = None
if args.dispvm:
if args.exclude:
parser.error('Cannot use --exclude with --dispvm')
dispvm = qubesadmin.vm.DispVM.from_appvm(args.app,
None if args.dispvm is True else args.dispvm)
domains = [dispvm]
elif args.all_domains:
# --all consider only running VMs
domains = [vm for vm in domains if vm.is_running()]
if args.color_output:
sys.stdout.write('\033[0;{}m'.format(args.color_output))
sys.stdout.flush()
if args.color_stderr:
sys.stderr.write('\033[0;{}m'.format(args.color_stderr))
sys.stderr.flush()
copy_proc = None
try:
procs = []
for vm in domains:
if not args.autostart and not vm.is_running():
continue
try:
if verbose > 0:
if args.color_output:
print('\033[0mRunning \'{}\' on {}\033[0;{}m'.format(
args.cmd, vm.name, args.color_output),
file=sys.stderr)
else:
print('Running \'{}\' on {}'.format(args.cmd, vm.name),
file=sys.stderr)
if args.gui and not args.dispvm:
wait_session = vm.run_service('qubes.WaitForSession',
stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
wait_session.communicate(vm.default_user.encode())
if args.service:
proc = vm.run_service(args.cmd,
user=args.user,
localcmd=args.localcmd,
**run_kwargs)
else:
proc = vm.run_service('qubes.VMShell',
user=args.user,
localcmd=args.localcmd,
**run_kwargs)
proc.stdin.write(vm.prepare_input_for_vmshell(args.cmd))
proc.stdin.flush()
if args.passio and not args.localcmd:
copy_proc = multiprocessing.Process(target=copy_stdin,
args=(proc.stdin,))
copy_proc.start()
# keep the copying process running
proc.stdin.close()
procs.append(proc)
except qubesadmin.exc.QubesException as e:
if args.color_output:
sys.stdout.write('\033[0m')
sys.stdout.flush()
vm.log.error(str(e))
return -1
for proc in procs:
retcode = max(retcode, proc.wait())
finally:
if dispvm:
dispvm.cleanup()
if args.color_output:
sys.stdout.write('\033[0m')
sys.stdout.flush()
if args.color_stderr:
sys.stderr.write('\033[0m')
sys.stderr.flush()
if copy_proc is not None:
copy_proc.terminate()
return retcode
if __name__ == '__main__':
sys.exit(main())
Reference in New Issue View Git Blame Copy Permalink