object exported through manager from multiprocess module
Hi all,
have troubles with exporting objects through managers from multiprocess
module, see example:
Worker.py:
###
from multiprocessing import Process
from multiprocessing.managers import BaseManager
import pcapy
from impacket.ImpactDecoder import EthDecoder
__all__ = ['Worker']
class Worker(Process):
'''
Class for sniffing packets, runnig as root
'''
public = ['go', 'terminate']
def __init__(self):
super(Worker, self).__init__()
self.iface = ''
self.expr = ''
self.pcap = ''
# define packet decoder
self.decoder = EthDecoder()
# key for queue daemon, remotely on localhost:5000
self._keyQ = '10b222970537b97919db36ec757370d2'
class QueueManager(BaseManager): pass
QueueManager.register('get_dataQueue')
self._m = QueueManager(address=('127.0.0.1', 5000),
authkey=self._keyQ)
self._m.connect()
self.dataQueue = self._m.get_dataQueue()
def go(self, iface, expr):
'''
start sniffer
'''
print Starting sniffer
self.iface = iface
self.expr = expr
super(Worker, self).start()
def terminate(self):
'''
terminate sniffer
'''
super(Worker, self).terminate()
def run(self):
print sniffing ...
print self.iface
print self.expr
self.pcap = pcapy.open_live(self.iface, 1500, 1, 0)
self.pcap.setfilter(self.expr)
self.pcap.loop(0, self.__packetHandler)
print ... done
def __packetHandler(self, hdr, data):
'''
handles packets and put them in to the queue
'''
print Handling packets
#print data
print Queue size: %i % self.dataQueue.qsize()
print self.decoder.decode(data)
self.dataQueue.put(data)
Export object (Worker):
###
from Worker import Worker
class SniffManager(BaseManager): pass
SniffManager.register('Worker', callable=Worker)
Sm = SniffManager(address=('127.0.0.1', 5001),
authkey='f1f16683f3e0208131b46d37a79c8921')
Ss = Sm.get_server()
Ss.serve_forever()
Call object methods remotely:
###
# get remote object
class WorkerManager(BaseManager): pass
WorkerManager.register('Worker')
w = WorkerManager(address=('127.0.0.1', 5001),
authkey='f1f16683f3e0208131b46d37a79c8921')
w.connect()
worker = w.Worker()
worker.go(iface=ethx, expr=whatever) # WORKS FINE
but
worker.terminate()
File /home/tom/web2py/applications/init/controllers/sniffer.py, line
143, in index
worker.terminate()
File string, line 2, in terminate
File /usr/lib/python2.6/multiprocessing/managers.py, line 740, in
_callmethod
raise convert_to_error(kind, result)
AttributeError: 'NoneType' object has no attribute 'terminate'
Which is strange from my point of view, don't you think?
Thanks for advices,
cheers
--
Tomas Pelka
--
http://mail.python.org/mailman/listinfo/python-list
Re: how to run part of my python code as root
sjdevn...@yahoo.com wrote: On Feb 4, 2:05 pm, Tomas Pelka tompe...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey, is there possibility how to run part of my code (function for example) as superuser. Or only way how to do this is create a wrapper and run is with Popen through sudo (but I have to configure sudo to run whole python as root). thank you for excellent explanation. In decreasing order of desirability: 1. Find a way to not need root access (e.g. grant another user or group access to whatever resource you're trying to access). 2. Isolate the stuff that needs root access into a small helper program that does strict validation of all input (including arguments, environment, etc); when needed, run that process under sudo or similar. I thing this approach is the best for me. But how to connect two separated processes, one running with root privileges and second without superuser privileges? Is was thinking about Queues from multiprocessing, didn't you know if it is a good choice? 2a. Have some sort of well-verified helper daemon that has access to the resource you need and mediates use of that resource. 3. Run the process as root, using seteuid() to switch between user and root privs. The entire program must be heavily verified and do strict validation of all inputs. Any attacker who gets control over the process can easily switch to root privs and do damage. This is generally a bad idea. -- Tom Key fingerprint = 06C0 23C6 9EB7 0761 9807 65F4 7F6F 7EAB 496B 28AA -- http://mail.python.org/mailman/listinfo/python-list
how to run part of my python code as root
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hey, is there possibility how to run part of my code (function for example) as superuser. Or only way how to do this is create a wrapper and run is with Popen through sudo (but I have to configure sudo to run whole python as root). Thanks for advice. - -- Tom Key fingerprint = 06C0 23C6 9EB7 0761 9807 65F4 7F6F 7EAB 496B 28AA -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAktrGoYACgkQf29+q0lrKKqaNACdEvfg+g0n3DzFr/7R33y2Nesy hK8An3ZlpUEEibf0Q1wVET/KpXnsv/PO =JKro -END PGP SIGNATURE- -- http://mail.python.org/mailman/listinfo/python-list
subprocess troubles
Hey all, have a problem with following piece of code: -- import subprocess paattern = python cmd = /usr/bin/locate arg1 = -i arg2 = -d /var/www/books/mlocate.db arg3 = str( + pattern) p1 = subprocess.Popen([cmd, arg1, arg2, arg3], shell=False, stdout=subprocess.PIPE, stderr=subprocess.PIPE) (stdoutdata, stderrdata) = p1.communicate() print p1.returncode print %s -- %s % (stdoutdata, stderrdata) -- But return code is always 1 and command do not return any result/error (stdoutdata, stderrdata are None). If I run this command (/usr/bin/locate -i -d /var/www/books/mlocate.db python) from standard shell everything goes fine. Could you please give me an advice what I'm doing wrong? Thanks Cheers -- Tom -- http://mail.python.org/mailman/listinfo/python-list
Re: subprocess troubles
On 01/21/2010 11:39 AM, Javier Collado wrote:
Hello,
If you set shell=False, then I think that arg2 should be separated
into two different parts.
Also, arg3 could be set just to pattern (no need to add extra spaces
or using str function).
Best regards,
Javier
2010/1/21 Tomas Pelkatompe...@gmail.com:
Hey all,
have a problem with following piece of code:
--
import subprocess
paattern = python
cmd = /usr/bin/locate
arg1 = -i
arg2 = -d /var/www/books/mlocate.db
arg3 = str( + pattern)
p1 = subprocess.Popen([cmd, arg1, arg2, arg3], shell=False,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
(stdoutdata, stderrdata) = p1.communicate()
print p1.returncode
print %s -- %s % (stdoutdata, stderrdata)
--
But return code is always 1 and command do not return any result/error
(stdoutdata, stderrdata are None). If I run this command (/usr/bin/locate -i
-d /var/www/books/mlocate.db python) from standard shell everything goes
fine.
Could you please give me an advice what I'm doing wrong?
Thanks
Cheers
--
Tom
--
http://mail.python.org/mailman/listinfo/python-list
Thanks Javier for advice, but sill same result. I'm running this code as
cgi script from apache. Weird is that when i run it from shell as
apache user, like
# su -s /bin/bash -c /usr/bin/locate -i -d /var/www/books/mlocate.db
python; echo $? apache
0
---
I always get 0, but as cgi it returns 1. When I run this script by
other user (tom), I'll obtain nonzero output what is OK.
Additional info:
# su -s /bin/bash -c ls -l /var/www/books/mlocate.db apache
-rw-rw-r-- 1 tom books 1465653 Jan 20 13:33 /var/www/books/mlocate.db
so db is readable by apache
Whore source attached.
--
Tom
#!/usr/bin/python
import cgi
import cgitb; cgitb.enable() # for troubleshooting
import subprocess
import sys
import os
sys.stderr = sys.stdout
command =
result =
stdoutdata =
stderrdata =
# Create instance of FieldStorage
form = cgi.FieldStorage()
# Get data from field 'pattern'
pattern = form.getvalue('pattern', 'None')
# Get data from field 're'
re = form.getvalue('re')
cmd = /usr/bin/locate
arg1 = -i
arg2a = -d
arg2b = /var/www/books/mlocate.db
arg3 = -r
arg4 = str(pattern)
p1 = None
if re == re:
p1 = subprocess.Popen([cmd, arg1, arg2a, arg2b, arg3, arg4],
shell=False, \
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
command = %s %s %s %s %s %s % (cmd, arg1, arg2a, arg2b, arg3, arg4)
else:
p1 = subprocess.Popen([cmd, arg1, arg2a, arg2b, arg4], shell=False, \
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
command = %s %s %s %s %s % (cmd, arg1, arg2a, arg2b, arg4)
(stdoutdata, stderrdata) = p1.communicate()
print Content-type: text/html
print
# debug
print UID: %i br % os.getuid()
print Search pattern: %s br % pattern
print stdout: %s br
stderr: %s br
% (stdoutdata, stderrdata)
print Return code: %i % p1.returncode
print
html
headtitleHledej v books/title/head
p align=center
form name=input action=search.py method=get
Hledany vyraz:
input type=text name=pattern /
input type=submit value=Hledej /
br /
Hledat pomoci regularniho vyrazu?
input type=checkbox name=re value=re /
br /
/form
/p
hr
br /
if p1.returncode == 0:
if stdoutdata:
result = stdoutdata
else:
result = Nic takoveho sem nenasel :/
else:
result = 'font color=redbChyba/b/font: \
index souboru je bud zastaraly nebo doslo \
k chybe pri vyhledavani.br \smallcode%s/code \
br \code%s/code/small' % (command, stderrdata)
print
h1Hledany vyraz %s se nachazi v nasledujicich adresarich/h1
%s
/html
% (pattern, result)
--
http://mail.python.org/mailman/listinfo/python-list
