Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qubespolicy: use separate arguments for original target type and value

Browse Source 
Provide original target as two arguments: type, value
This will ease handling special keywords without risking hitting shell
special characters or other problems.
This commit is contained in:
Marek Marczykowski-Górecki 2018-02-16 04:36:42 +01:00
parent 7c50bd5104
commit c87fcd7e2e
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
2 changed files with 25 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
qubespolicy/__init__.py
View File

@ -58,6 +58,10 @@ class Action(enum.Enum):
deny = 2 deny = 2
ask = 3 ask = 3
def is_special_value(value):
'''Check if given source/target specification is special (keyword) value
'''
return value.startswith('$')
def verify_target_value(system_info, value): def verify_target_value(system_info, value):
''' Check if given value names valid target ''' Check if given value names valid target
@ -449,11 +453,16 @@ class PolicyAction(object):
if self.target == '$adminvm': if self.target == '$adminvm':
self.target = 'dom0' self.target = 'dom0'
if self.target == 'dom0': if self.target == 'dom0':
original_target_type = \
'keyword' if is_special_value(self.original_target) else 'name'
original_target = self.original_target.lstrip('$')
cmd = \ cmd = \
'QUBESRPC {service} {source} {original_target}'.format( 'QUBESRPC {service} {source} {original_target_type} ' \
'{original_target}'.format(
service=self.service, service=self.service,
source=self.source, source=self.source,
original_target=self.original_target) original_target_type=original_target_type,
original_target=original_target)
else: else:
cmd = '{user}:QUBESRPC {service} {source}'.format( cmd = '{user}:QUBESRPC {service} {source}'.format(
user=(self.rule.override_user or 'DEFAULT'), user=(self.rule.override_user or 'DEFAULT'),

16
qubespolicy/tests/__init__.py
View File

@ -514,8 +514,20 @@ class TC_10_PolicyAction(qubes.tests.QubesTestCase):
self.assertEqual(mock_subprocess.mock_calls, self.assertEqual(mock_subprocess.mock_calls,
[unittest.mock.call([qubespolicy.QREXEC_CLIENT, '-d', 'dom0', [unittest.mock.call([qubespolicy.QREXEC_CLIENT, '-d', 'dom0',
'-c', 'some-ident', '-c', 'some-ident',
qubespolicy.QUBES_RPC_MULTIPLEXER_PATH + 'QUBESRPC test.service test-vm1 name dom0'])])
' test.service test-vm1 dom0'])])
@unittest.mock.patch('qubespolicy.qubesd_call')
@unittest.mock.patch('subprocess.call')
def test_021_execute_dom0_keyword(self, mock_subprocess, mock_qubesd_call):
rule = qubespolicy.PolicyRule('$anyvm dom0 allow')
action = qubespolicy.PolicyAction('test.service', 'test-vm1',
'dom0', rule, '$adminvm')
action.execute('some-ident')
self.assertEqual(mock_qubesd_call.mock_calls, [])
self.assertEqual(mock_subprocess.mock_calls,
[unittest.mock.call([qubespolicy.QREXEC_CLIENT, '-d', 'dom0',
'-c', 'some-ident',
'QUBESRPC test.service test-vm1 keyword adminvm'])])
@unittest.mock.patch('qubespolicy.qubesd_call') @unittest.mock.patch('qubespolicy.qubesd_call')
@unittest.mock.patch('subprocess.call') @unittest.mock.patch('subprocess.call')