Skip to content

C
codejail
Commit 5e7ff73c by J. Cliff Dyer
Options

Include TMPDIR in the environment, rather than on the commandline

parent 6b17c33a
Showing with 47 additions and 10 deletions
codejail/jail_code.py
......@@ -179,6 +179,7 @@ def jail_code(command, code=None, files=None, extra_files=None, argv=None,
os.chmod(tmptmp, 0777)
argv = argv or []
env = {'TMPDIR': 'tmp'}
# All the supporting files are copied into our directory.
for filename in files or ():
......@@ -209,11 +210,9 @@ def jail_code(command, code=None, files=None, extra_files=None, argv=None,
user = COMMANDS[command]['user']
if user:
# Run as the specified user
cmd.extend(['sudo', '-u', user])
cmd.extend(['sudo', '-u', user, 'TMPDIR=tmp'])
rm_cmd.extend(['sudo', '-u', user])
# Point TMPDIR at our temp directory.
cmd.extend(['TMPDIR=tmp'])
# Start with the command line dictated by "python" or whatever.
cmd.extend(COMMANDS[command]['cmdline_start'])
......@@ -232,7 +231,7 @@ def jail_code(command, code=None, files=None, extra_files=None, argv=None,
# Run the subprocess.
status, stdout, stderr = run_subprocess_fn(
cmd=cmd, cwd=homedir, env={}, slug=slug,
cmd=cmd, cwd=homedir, env=env, slug=slug,
stdin=stdin,
realtime=LIMITS["REALTIME"], rlimits=create_rlimits(),
)
......
codejail/tests/helpers.py 0 → 100644
"""
Helper code to facilitate testing
"""
from contextlib import contextmanager
from codejail import jail_code
SAME = object()
@contextmanager
def override_configuration(command, bin_path, user):
"""
Context manager to temporarily alter the configuration of a codejail
command.
"""
old = jail_code.COMMANDS.get(command)
if bin_path is SAME:
bin_path = old['cmdline_start'][0]
if user is SAME:
user = old['user']
try:
jail_code.configure(command, bin_path, user)
yield
finally:
if old is None:
del jail_code.COMMANDS[command]
else:
jail_code.COMMANDS[command] = old
codejail/tests/test_jail_code.py
"""Test jail_code.py"""
import json
import logging
import os
import os.path
import shutil
import signal
import textwrap
import sys
import tempfile
import textwrap
import time
import unittest
......@@ -16,6 +16,7 @@ from nose.plugins.skip import SkipTest
from codejail.jail_code import jail_code, is_configured, set_limit, LIMITS
from codejail import proxy
from . import helpers
def jailpy(code=None, *args, **kwargs):
......@@ -44,8 +45,8 @@ def text_of_logs(mock_calls):
"""
text = ""
for m in mock_calls:
level, msg, args = m[1]
for call in mock_calls:
level, msg, args = call[1]
msg_formatted = msg % args
text += "%s: %s\n" % (logging.getLevelName(level), msg_formatted)
return text
......@@ -74,6 +75,13 @@ class TestFeatures(JailCodeHelpers, unittest.TestCase):
self.assertResultOk(res)
self.assertEqual(res.stdout, 'Hello, world!\n')
def test_hello_world_without_user(self):
# The default jail executable might not grant execute permission to the
# current user, but we know the current python executable does, so use
# that to test userless execution.
with helpers.override_configuration("python", bin_path=sys.executable, user=None):
self.test_hello_world()
def test_argv(self):
res = jailpy(
code="import sys; print ':'.join(sys.argv[1:])",
......@@ -227,7 +235,7 @@ class TestFeatures(JailCodeHelpers, unittest.TestCase):
@mock.patch("codejail.subproc.log._log")
def test_slugs_get_logged(self, log_log):
res = jailpy(code="print 'Hello, world!'", slug="HELLO")
jailpy(code="print 'Hello, world!'", slug="HELLO")
log_text = text_of_logs(log_log.mock_calls)
self.assertRegexpMatches(log_text, r"INFO: Executed jailed code HELLO in .*, with PID .*")
......
pylintrc
......@@ -169,7 +169,7 @@ notes=FIXME,XXX,TODO
[FORMAT]
# Maximum number of characters on a single line.
max-line-length=79
max-line-length=120
# Maximum number of lines in a module
max-module-lines=1000
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment