qubespolicy: use separate arguments for original target type and value

Provide original target as two arguments: type, value This will ease handling special keywords without risking hitting shell special characters or other problems.
2018-02-16 04:36:42 +01:00 · 2018-02-16 04:36:42 +01:00 · c87fcd7e2e
commit c87fcd7e2e
parent 7c50bd5104
2 changed files with 25 additions and 4 deletions
--- a/qubespolicy/init.py
+++ b/qubespolicy/init.py
@ -58,6 +58,10 @@ class Action(enum.Enum):
    deny = 2
    ask = 3

+def is_special_value(value):
+    '''Check if given source/target specification is special (keyword) value
+    '''
+    return value.startswith('$')

 def verify_target_value(system_info, value):
    ''' Check if given value names valid target
@ -449,11 +453,16 @@ class PolicyAction(object):
        if self.target == '$adminvm':
            self.target = 'dom0'
        if self.target == 'dom0':
+            original_target_type = \
+                'keyword' if is_special_value(self.original_target) else 'name'
+            original_target = self.original_target.lstrip('$')
            cmd = \
-                'QUBESRPC {service} {source} {original_target}'.format(
+                'QUBESRPC {service} {source} {original_target_type} ' \
+                '{original_target}'.format(
                    service=self.service,
                    source=self.source,
-                    original_target=self.original_target)
+                    original_target_type=original_target_type,
+                    original_target=original_target)
        else:
            cmd = '{user}:QUBESRPC {service} {source}'.format(
                user=(self.rule.override_user or 'DEFAULT'),
--- a/qubespolicy/tests/init.py
+++ b/qubespolicy/tests/init.py
@ -514,8 +514,20 @@ class TC_10_PolicyAction(qubes.tests.QubesTestCase):
        self.assertEqual(mock_subprocess.mock_calls,
            [unittest.mock.call([qubespolicy.QREXEC_CLIENT, '-d', 'dom0',
             '-c', 'some-ident',
-             qubespolicy.QUBES_RPC_MULTIPLEXER_PATH +
-             ' test.service test-vm1 dom0'])])
+             'QUBESRPC test.service test-vm1 name dom0'])])
+
+    @unittest.mock.patch('qubespolicy.qubesd_call')
+    @unittest.mock.patch('subprocess.call')
+    def test_021_execute_dom0_keyword(self, mock_subprocess, mock_qubesd_call):
+        rule = qubespolicy.PolicyRule('$anyvm dom0 allow')
+        action = qubespolicy.PolicyAction('test.service', 'test-vm1',
+            'dom0', rule, '$adminvm')
+        action.execute('some-ident')
+        self.assertEqual(mock_qubesd_call.mock_calls, [])
+        self.assertEqual(mock_subprocess.mock_calls,
+            [unittest.mock.call([qubespolicy.QREXEC_CLIENT, '-d', 'dom0',
+             '-c', 'some-ident',
+             'QUBESRPC test.service test-vm1 keyword adminvm'])])

    @unittest.mock.patch('qubespolicy.qubesd_call')
    @unittest.mock.patch('subprocess.call')