Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qubes-rpc/policy.RegisterArgument: readability fixes

Browse Source 
Thanks, @rootkovska and @marmarek.
This commit is contained in:
Wojtek Porczyk 2017-11-30 16:05:06 +01:00
parent 61c164e1c3
commit bdaf92f9dc
1 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
qubes-rpc/policy.RegisterArgument
View File

@ -18,6 +18,38 @@
# License along with this library; if not, see <https://www.gnu.org/licenses/>. # License along with this library; if not, see <https://www.gnu.org/licenses/>.
# #
'''policy.RegisterArgument
This qrexec is meant for services, which require some kind of "registering"
before use (say ``example.Register`` and ``example.Perform+ARGUMENT``). After
registering, the backend should invoke this call with frontend as the intended
destination, with the actual service in argument of this call and the argument
as the payload. The policy generated will be a single line with explicit
frontend and backend domain names, and a plain "allow", without further
qualifiers.
The call allows for registering an argument only once, for one frontend domain.
There is not possibility of deregistering or reregistering for another frontend.
The backend can always register another argument for any frontend, including
one that is already registered for some other argument.
By default this qrexec is disabled by policy. To actually use it you should
drop a policy for an exact call you want to register which will redirect the
call to dom0.
.. code-block:: none
:caption: /etc/qubes-rpc/policy/policy.RegisterArgument+example.Perform
backendvm $anyvm allow,target=dom0
It will generate, for argument ``EXAMPLE``:
.. code-bloc:: none
:caption: /etc/qubes-rpc/policy/example.Perform+EXAMPLE
frontendvm backendvm allow
'''
import logging import logging
import os import os
import string import string
@ -72,14 +104,14 @@ def main():
argument = untrusted_argument argument = untrusted_argument
del untrusted_argument del untrusted_argument
argument = argument.decode('ascii') argument = argument.decode('ascii', errors='strict')
filename = '{}+{}'.format(rpcname, argument) filename = '{}+{}'.format(rpcname, argument)
logging.debug('%s %s → %s argument %s filename %s', logging.debug('%s %s → %s argument %s filename %s',
rpcname, frontend, backend, argument, filename) rpcname, frontend, backend, argument, filename)
try: try:
# the 'x' is critical # the 'x' enforces that argument cannot be registered twice
with open(str(POLICY_PATH / filename), 'x') as file: with open(str(POLICY_PATH / filename), 'x') as file:
rule = POLICY_RULE.format(frontend=frontend, backend=backend) rule = POLICY_RULE.format(frontend=frontend, backend=backend)
logging.warning('%s: %s → %s %s argument allowed', logging.warning('%s: %s → %s %s argument allowed',