Administration/pmbootstrap-meow
2
0
Fork 0
forked from Mirror/pmbootstrap
Code Pull requests Activity Actions
pmbootstrap-meow/pmb/build/menuconfig.py
Oliver Smith 3666388619
Properly escape commands in pmb.chroot.user() (#1316) 
## Introduction
In #1302 we noticed that `pmb.chroot.user()` does not escape commands
properly: When passing one string with spaces, it would pass them as
two strings to the chroot. The use case is passing a description with
a space inside to `newapkbuild` with `pmboostrap newapkbuild`.

This is not a security issue, as we don't pass strings from untrusted
input to this function.

## Functions for running commands in pmbootstrap
To put the rest of the description in context: We have four high level
functions that run commands:
* `pmb.helpers.run.user()`
* `pmb.helpers.run.root()`
* `pmb.chroot.root()`
* `pmb.chroot.user()`

In addition, one low level function that the others invoke:
* `pmb.helpers.run.core()`

## Flawed test case
The issue described above did not get detected for so long, because we
have a test case in place since day one, which verifies that all of the
functions above escape everything properly:
* `test/test_shell_escape.py`

So the test case ran a given command through all these functions, and
compared the result each time. However, `pmb.chroot.root()`
modified the command variable (passed by reference) and did the
escaping already, which means `pmb.chroot.user()` running directly
afterwards only returns the right output when *not* doing any escaping.

Without questioning the accuracy of the test case, I've escaped
commands and environment variables with `shlex.quote()` *before*
passing them to `pmb.chroot.user()`. In retrospective this does not
make sense at all and is reverted with this commit.

## Environment variables
By coincidence, we have only passed custom environment variables to
`pmb.chroot.user()`, never to the other high level functions. This only
worked, because we did not do any escaping and the passed line gets
executed as shell command:
```
$ MYENV=test echo test2
test 2
```
If it was properly escaped as one shell command:
```
$ 'MYENV=test echo test2'
sh: MYENV=test echo test2: not found
```
So doing that clearly doesn't work anymore. I have added a new `env`
parameter to `pmb.chroot.user()` (and to all other high level functions
for consistency), where environment variables can be passed as a
dictionary. Then the function knows what to do and we end up with
properly escaped commands and environment variables.

## Details
* Add new `env` parameter to all high level command execution functions
* New `pmb.helpers.run.flat_cmd()` function, that takes a command as
  list and environment variables as dict, and creates a properly escaped
  flat string from the input.
* Use that function for proper escaping in all high level exec funcs
* Don't escape commands *before* passing them to `pmb.chroot.user()`
* Describe parameters of the command execution functions
* `pmbootstrap -v` writes the exact command to the log that was
  executed (in addition to the simplified form we always write down for
  readability)
* `test_shell_escape.py`: verify that the command passed by reference
  has not been modified, add a new test for strings with spaces, add
  tests for new function `pmb.helpers.run.flat_cmd()`
* Remove obsolete commend in `pmb.chroot.distccd` about environment
  variables, because we don't use any there anymore
* Add `TERM=xterm` to default environment variables in the chroot,
  so running ncurses applications like `menuconfig` and `nano` works out of
  the box
2018-03-10 22:58:39 +00:00

100 lines
3.6 KiB
Python
Raw Blame History

"""
Copyright 2018 Oliver Smith
This file is part of pmbootstrap.
pmbootstrap is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
pmbootstrap is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with pmbootstrap. If not, see <http://www.gnu.org/licenses/>.
"""
import os
import logging
import pmb.build
import pmb.build.autodetect
import pmb.build.checksum
import pmb.chroot
import pmb.chroot.apk
import pmb.helpers.run
import pmb.parse
def get_arch(args, apkbuild):
"""
Get the architecture, that the user wants to run menuconfig on, depending on
the APKBUILD and on the --arch parameter.
:param apkbuild: looks like: {"pkgname": "linux-...",
"arch": ["x86_64", "armhf", "aarch64"]}
or: {"pkgname": "linux-...", "arch": ["armhf"]}
"""
pkgname = apkbuild["pkgname"]
# Multiple architectures (requires --arch)
if len(apkbuild["arch"]) > 1:
if args.arch is None:
raise RuntimeError("Package '" + pkgname + "' supports multiple"
" architectures, please use '--arch' to specify"
" the desired architecture.")
return args.arch
# Single architecture (--arch must be unset or match)
if args.arch is None or args.arch == apkbuild["arch"][0]:
return apkbuild["arch"][0]
raise RuntimeError("Package '" + pkgname + "' only supports the '" +
apkbuild["arch"][0] + "' architecture.")
def menuconfig(args, pkgname):
# Pkgname: allow omitting "linux-" prefix
if pkgname.startswith("linux-"):
pkgname_ = pkgname.split("linux-")[1]
logging.info("PROTIP: You can simply do 'pmbootstrap menuconfig " +
pkgname_ + "'")
else:
pkgname = "linux-" + pkgname
# Read apkbuild
aport = pmb.build.find_aport(args, pkgname)
apkbuild = pmb.parse.apkbuild(args, aport + "/APKBUILD")
arch = get_arch(args, apkbuild)
# Set up build tools and makedepends
pmb.build.init(args)
depends = apkbuild["makedepends"] + ["ncurses-dev"]
pmb.chroot.apk.install(args, depends)
# Patch and extract sources
pmb.build.copy_to_buildpath(args, pkgname)
logging.info("(native) extract kernel source")
pmb.chroot.user(args, ["abuild", "unpack"], "native", "/home/pmos/build")
logging.info("(native) apply patches")
pmb.chroot.user(args, ["abuild", "prepare"], "native",
"/home/pmos/build", log=False, env={"CARCH": arch})
# Run abuild menuconfig
logging.info("(native) run menuconfig")
pmb.chroot.user(args, ["abuild", "-d", "menuconfig"], "native",
"/home/pmos/build", log=False, env={"CARCH": arch})
# Update config + checksums
config = "config-" + apkbuild["_flavor"] + "." + arch
logging.info("Copy kernel config back to aport-folder")
source = args.work + "/chroot_native/home/pmos/build/" + config
if not os.path.exists(source):
raise RuntimeError("No kernel config generated: " + source)
target = aport + "/" + config
pmb.helpers.run.user(args, ["cp", source, target])
pmb.build.checksum(args, pkgname)
# Check config
pmb.parse.kconfig.check(args, apkbuild["_flavor"], details=True)
View git blame Copy permalink