bpo-36046: Add user and group parameters to subprocess #11950
Conversation
|
Hello, and thanks for your contribution! I'm a bot set up to make sure that the project can legally accept your contribution by verifying you have signed the PSF contributor agreement (CLA). Our records indicate we have not received your CLA. For legal reasons we need you to sign this before we can look at your contribution. Please follow the steps outlined in the CPython devguide to rectify this issue. If you have recently signed the CLA, please wait at least one business day You can check yourself to see if the CLA has been received. Thanks again for your contribution, we look forward to reviewing it! |
788067d to
06d99d5
Compare
|
fyi - we will need the CLA to be signed to accept this PR (see the early CLA bot comment) |
I signed the CLA right before submitting this PR, it just hasn't picked up on that yet. Hopefully it will pick it up soon. |
1781568 to
4121a81
Compare
|
Updated with all recommended changes, and fixed the documentation issue that was causing Travis and Azure to fail. |
463ed0d to
8e9ac28
Compare
8e9ac28 to
ce2ac40
Compare
|
Just pushed more changes based on feedback. This push does add |
e70bf5b to
2b90745
Compare
e094812 to
d0dad2d
Compare
|
Pushed another update based on the latest round of feedback. |
f9f8fce to
de8a836
Compare
|
Updated again, rebased against the current master. I addressed all the feedback so far. It now uses the feature check macros, and will raise ValueError if the features are missing. The groups parameter has been split to I also added negative tests to make sure that ValueError is raised on systems where these features are missing. I ran the tests locally with superuser privileges to make sure they actually work when As a side note, if we want to test the setgroups() in CI, It could potentially be possible to test privileged operations in CI by running the tests in a user namespace. |
de8a836 to
55393eb
Compare
izbyshev
left a comment
There was a problem hiding this comment.
Thank you for your work, Patrick. Looks good to me except for several small issues (mostly cosmetic) and the issue with uid_t/gid_t types.
Modules/_posixsubprocess.c
Outdated
There was a problem hiding this comment.
I think you don't need to go into trouble of raising an exception here. The availability of setgroups is checked on Python side, and AFAIK there is no public API to call into the C helper directly (@gpshead: is this right?), so you can remove #else clause and move the if statement under #ifdef (i.e. make it the same as when you call setgroups).
This applies to setregid and setreuid as well.
There was a problem hiding this comment.
It is still useful to raise in this situation as it helps debug internal API use problems.
There was a problem hiding this comment.
Maybe raise something more serious than a ValueError then? It's effectively an assertion failure if we got here.
There was a problem hiding this comment.
From the description in the docs, it looks like SystemError is probably appropriate here, since it's basically a bug in the library if it reaches this (or someone is doing something they shouldn't).
I could also use RuntimeError here as well, if SystemError is not appropriate.
There was a problem hiding this comment.
IMHO SystemError is appropriate. You may raise it via PyErr_BadInternalCall.
9751206 to
2e68e49
Compare
|
Updated again, rebased against current master.
|
….Popen This adds a `user` parameter to the Popen constructor that will call setreuid() in the child before calling exec(). This allows processes running as root to safely drop privileges before running the subprocess without having to use a preexec_fn. This also adds a `group` parameter that will call setregid() in the child process before calling exec(). Finally an `extra_groups` parameter was added that will call setgroups() to set the supplimental groups.
2e68e49 to
2528076
Compare
This adds
userandgroupsparameters to the subprocess.Popen constructor, which allows dropping privileges when running a subprocess.https://bugs.python.org/issue36046