CryptoBoxRootActions
* improve structure * allow to distinguish betweeen "execution return failure" and "program does not exist"
This commit is contained in:
parent
0eccca7d22
commit
ecf056709e
2 changed files with 35 additions and 11 deletions
|
@ -35,6 +35,14 @@ Syntax:
|
|||
plugin PLUGIN_NAME [ARGS]
|
||||
- call a root_action script of a plugin
|
||||
|
||||
|
||||
Exitcodes:
|
||||
0 - execution was ok
|
||||
1 - the executed program or action returned a failure exitcode
|
||||
100 - improper calling or misconfiguration
|
||||
of CryptoBoxRootAction (wrong arguments, wrong uid)
|
||||
101 - failed to execute the given program - maybe it does not exist?
|
||||
|
||||
For more detailed information take a look at the manpage:
|
||||
"man CryptoBoxRootActions"
|
||||
"""
|
||||
|
@ -456,13 +464,13 @@ def getUserInfo(user):
|
|||
# prevent import
|
||||
if __name__ == "__main__":
|
||||
|
||||
# do we have root privileges (effective uid is zero)?
|
||||
## do we have root privileges (effective uid is zero)?
|
||||
if os.geteuid() != 0:
|
||||
sys.stderr.write("the effective uid is not zero - you should use " \
|
||||
+ "'super' to call this script (%s)" % sys.argv[0])
|
||||
sys.exit(100)
|
||||
|
||||
# remove program name
|
||||
## remove program name
|
||||
args = sys.argv[1:]
|
||||
|
||||
# do not allow to use root permissions (real uid may not be zero)
|
||||
|
@ -470,23 +478,29 @@ if __name__ == "__main__":
|
|||
# sys.stderr.write("the uid of the caller is zero (root) - this is not allowed\n")
|
||||
# sys.exit(100)
|
||||
|
||||
# check if there were arguments
|
||||
## check if there were arguments
|
||||
if (len(args) == 0):
|
||||
sys.stderr.write("No arguments supplied\n")
|
||||
sys.exit(100)
|
||||
|
||||
# did the user call the "check" action?
|
||||
## did the user call the "check" action?
|
||||
if (len(args) == 1) and (args[0].lower() == "check"):
|
||||
# exit silently
|
||||
sys.exit(0)
|
||||
|
||||
## all of the following actions require at least two arguments
|
||||
if len(args) < 2:
|
||||
sys.stderr.write("No program/plugin/event specified for execution\n")
|
||||
sys.exit(100)
|
||||
|
||||
## call a plugin root_action script
|
||||
if args[0].lower() == "plugin":
|
||||
del args[0]
|
||||
try:
|
||||
isOK = call_plugin(args)
|
||||
except Exception, errMsg:
|
||||
sys.stderr.write("Execution of plugin failed: %s\n" % errMsg)
|
||||
sys.stderr.write("Execution of plugin '%s' failed: %s\n" \
|
||||
% (args[0], errMsg))
|
||||
sys.exit(100)
|
||||
if isOK:
|
||||
sys.exit(0)
|
||||
|
@ -499,7 +513,8 @@ if __name__ == "__main__":
|
|||
try:
|
||||
isOK = call_event(args)
|
||||
except Exception, errMsg:
|
||||
sys.stderr.write("Execution of event script failed: %s\n" % errMsg)
|
||||
sys.stderr.write("Execution of event '%s' failed: %s\n" \
|
||||
% (args[0], errMsg))
|
||||
sys.exit(100)
|
||||
if isOK:
|
||||
sys.exit(0)
|
||||
|
@ -510,9 +525,6 @@ if __name__ == "__main__":
|
|||
if args[0].lower() == "program":
|
||||
del args[0]
|
||||
|
||||
if len(args) < 1:
|
||||
sys.stderr.write("No program specified for execution\n")
|
||||
sys.exit(100)
|
||||
progRequest = args[0]
|
||||
del args[0]
|
||||
|
||||
|
@ -533,7 +545,9 @@ if __name__ == "__main__":
|
|||
sys.exit(0)
|
||||
else:
|
||||
sys.exit(1)
|
||||
except "WrongArguments", errstr:
|
||||
except OSErrror, errstr:
|
||||
sys.stderr.write("Execution failed: %s\n" % errstr)
|
||||
sys.exit(101)
|
||||
except "WrongArguments", errstr:
|
||||
sys.stderr.write("Invalid arguments: %s\n" % errstr)
|
||||
sys.exit(100)
|
||||
|
||||
|
|
|
@ -82,6 +82,16 @@ The directory of the script must also contain a file called
|
|||
Very few selected programs may be called via CryptoBoxRootActions. Examples
|
||||
are \fBcryptsetup\fR and \fBmount\fR. Refer to the source of
|
||||
CryptoBoxRootActions for details.
|
||||
.SH EXIT CODES
|
||||
The program can return the following exit codes:
|
||||
.TP
|
||||
\fI0\fR - the action finished successfully
|
||||
.TP
|
||||
\fI1\fR - the executed action returned a failure code (exit code > 0)
|
||||
.TP
|
||||
\fI100\fR - improper calling or misconfiguration (wrong arguments, wrong uid, ...)
|
||||
.TP
|
||||
\fI101\fR - failed to execute the given program (maybe it does not exist?)
|
||||
.SH AUTHOR
|
||||
Written by Lars Kruse
|
||||
.SH REPORTING BUGS
|
||||
|
|
Loading…
Reference in a new issue