X7ROOT File Manager
Current Path:
/opt/cloudlinux/venv/lib/python3.11/site-packages
opt
/
cloudlinux
/
venv
/
lib
/
python3.11
/
site-packages
/
📁
..
📁
GitPython-3.1.32.dist-info
📁
Jinja2-3.0.3.dist-info
📁
Mako-1.2.4.dist-info
📁
MarkupSafe-2.1.3.dist-info
📁
PyJWT-2.8.0.dist-info
📁
PyMySQL-1.1.0.dist-info
📁
PyVirtualDisplay-3.0.dist-info
📁
PyYAML-6.0.1.dist-info
📁
__pycache__
📄
_cffi_backend.cpython-311-x86_64-linux-gnu.so
(267.63 KB)
📁
_distutils_hack
📄
_pyrsistent_version.py
(23 B)
📁
_pytest
📁
_yaml
📁
aiohttp
📁
aiohttp-3.9.2.dist-info
📁
aiohttp_jinja2
📁
aiohttp_jinja2-1.5.dist-info
📁
aiohttp_security
📁
aiohttp_security-0.4.0.dist-info
📁
aiohttp_session
📁
aiohttp_session-2.9.0.dist-info
📁
aiosignal
📁
aiosignal-1.3.1.dist-info
📁
alembic
📁
alembic-1.11.1.dist-info
📁
annotated_types
📁
annotated_types-0.6.0.dist-info
📁
astroid
📁
astroid-2.15.6.dist-info
📁
attr
📁
attrs
📁
attrs-23.1.0.dist-info
📁
backports
📁
certifi
📁
certifi-2023.7.22.dist-info
📁
cffi
📁
cffi-1.15.1.dist-info
📁
chardet
📁
chardet-5.2.0.dist-info
📁
charset_normalizer
📁
charset_normalizer-2.1.1.dist-info
📁
cl_dom_collector
📄
cl_proc_hidepid.py
(4.53 KB)
📁
clcagefslib
📁
clcommon
📁
clconfig
📁
clconfigure
📄
clcontrollib.py
(51.73 KB)
📁
cldashboard
📄
cldetectlib.py
(18.13 KB)
📄
cldiaglib.py
(45.84 KB)
📁
clevents
📁
clflags
📄
clhooklib.py
(1.27 KB)
📄
cli_utils.py
(1.66 KB)
📁
cllicense
📄
cllicenselib.py
(9.1 KB)
📁
cllimits
📁
cllimits_validator
📁
cllimitslib_v2
📁
cllvectl
📁
clpackages
📁
clquota
📁
clselect
📁
clselector
📁
clsentry
📄
clsetuplib.py
(4.35 KB)
📄
clsudo.py
(14.42 KB)
📁
clsummary
📁
clveconfig
📁
clwizard
📁
configparser-5.0.2.dist-info
📄
configparser.py
(1.51 KB)
📁
contextlib2
📁
contextlib2-21.6.0.dist-info
📁
coverage
📁
coverage-7.2.7.dist-info
📁
cryptography
📁
cryptography-41.0.2.dist-info
📁
ddt-1.4.4.dist-info
📄
ddt.py
(12.43 KB)
📁
dill
📁
dill-0.3.7.dist-info
📁
distlib
📁
distlib-0.3.8.dist-info
📄
distutils-precedence.pth
(151 B)
📁
docopt-0.6.2.dist-info
📄
docopt.py
(19.48 KB)
📁
dodgy
📁
dodgy-0.2.1.dist-info
📁
filelock
📁
filelock-3.13.1.dist-info
📁
flake8
📁
flake8-5.0.4.dist-info
📁
flake8_polyfill
📁
flake8_polyfill-1.0.2.dist-info
📁
frozenlist
📁
frozenlist-1.4.0.dist-info
📁
future
📁
future-0.18.3.dist-info
📁
git
📁
gitdb
📁
gitdb-4.0.10.dist-info
📁
guppy
📁
guppy3-3.1.3.dist-info
📁
hc_json_rpc_client
📁
hc_json_rpc_client-1.0.1.dist-info
📄
hc_lve_profiler.py
(6.2 KB)
📁
idna
📁
idna-3.4.dist-info
📁
iniconfig
📁
iniconfig-2.0.0.dist-info
📁
isort
📁
isort-5.12.0.dist-info
📁
jinja2
📁
jsonschema
📁
jsonschema-3.2.0.dist-info
📁
jwt
📁
lazy_object_proxy
📁
lazy_object_proxy-1.9.0.dist-info
📁
libfuturize
📁
libpasteurize
📁
lve_stats-2.0.dist-info
📁
lve_utils
📄
lveapi.py
(19.53 KB)
📄
lvectllib.py
(102.55 KB)
📁
lvemanager
📄
lvestat.py
(6.83 KB)
📁
lvestats
📁
lxml
📁
lxml-4.9.2.dist-info
📁
mako
📁
markupsafe
📁
mccabe-0.7.0.dist-info
📄
mccabe.py
(10.4 KB)
📁
mock
📁
mock-5.1.0.dist-info
📁
multidict
📁
multidict-6.0.4.dist-info
📁
numpy
📁
numpy-1.25.1.dist-info
📁
numpy.libs
📁
packaging
📁
packaging-23.1.dist-info
📄
pam.py
(7.38 KB)
📁
past
📁
pep8_naming-0.10.0.dist-info
📄
pep8ext_naming.py
(18.61 KB)
📁
pip
📁
pip-25.0.1.dist-info
📁
pkg_resources
📁
platformdirs
📁
platformdirs-3.11.0.dist-info
📁
pluggy
📁
pluggy-1.2.0.dist-info
📁
prettytable
📁
prettytable-3.8.0.dist-info
📁
prometheus_client
📁
prometheus_client-0.8.0.dist-info
📁
prospector
📁
prospector-1.10.2.dist-info
📁
psutil
📁
psutil-5.9.5.dist-info
📁
psycopg2
📁
psycopg2_binary-2.9.6.dist-info
📁
psycopg2_binary.libs
📄
py.py
(263 B)
📁
pycodestyle-2.9.1.dist-info
📄
pycodestyle.py
(101.08 KB)
📁
pycparser
📁
pycparser-2.21.dist-info
📁
pydantic
📁
pydantic-2.4.2.dist-info
📁
pydantic_core
📁
pydantic_core-2.10.1.dist-info
📁
pydocstyle
📁
pydocstyle-6.3.0.dist-info
📁
pyfakefs
📁
pyfakefs-5.2.3.dist-info
📁
pyflakes
📁
pyflakes-2.5.0.dist-info
📁
pylint
📁
pylint-2.17.4.dist-info
📁
pylint_celery
📁
pylint_celery-0.3.dist-info
📁
pylint_django
📁
pylint_django-2.5.3.dist-info
📁
pylint_flask
📁
pylint_flask-0.6.dist-info
📁
pylint_plugin_utils
📁
pylint_plugin_utils-0.7.dist-info
📁
pylve-2.1-py3.11.egg-info
📄
pylve.cpython-311-x86_64-linux-gnu.so
(25.48 KB)
📁
pymysql
📁
pyparsing
📁
pyparsing-3.0.9.dist-info
📁
pyrsistent
📁
pyrsistent-0.19.3.dist-info
📁
pytest
📁
pytest-7.4.0.dist-info
📁
pytest_check
📁
pytest_check-2.5.3.dist-info
📁
pytest_snapshot
📁
pytest_snapshot-0.9.0.dist-info
📁
pytest_subprocess
📁
pytest_subprocess-1.5.0.dist-info
📁
pytest_tap
📁
pytest_tap-3.5.dist-info
📁
python_pam-1.8.4.dist-info
📁
pyvirtualdisplay
📁
raven
📁
raven-6.10.0.dist-info
📄
remove_ubc.py
(5.73 KB)
📁
requests
📁
requests-2.31.0.dist-info
📁
requirements_detector
📁
requirements_detector-1.2.2.dist-info
📁
schema-0.7.5.dist-info
📄
schema.py
(29.51 KB)
📄
secureio.py
(18.83 KB)
📁
semver
📁
semver-3.0.1.dist-info
📁
sentry_sdk
📁
sentry_sdk-1.29.2.dist-info
📁
setoptconf
📁
setoptconf_tmp-0.3.1.dist-info
📁
setuptools
📁
setuptools-78.1.0.dist-info
📄
simple_rpm.so
(11.29 KB)
📁
simplejson
📁
simplejson-3.19.1.dist-info
📁
six-1.16.0.dist-info
📄
six.py
(33.74 KB)
📁
smmap
📁
smmap-5.0.0.dist-info
📁
snowballstemmer
📁
snowballstemmer-2.2.0.dist-info
📁
sqlalchemy
📁
sqlalchemy-1.3.24.dist-info
📁
ssa
📁
svgwrite
📁
svgwrite-1.4.3.dist-info
📁
tap
📁
tap_py-3.2.1.dist-info
📁
testfixtures
📁
testfixtures-7.1.0.dist-info
📁
toml
📁
toml-0.10.2.dist-info
📁
tomlkit
📁
tomlkit-0.11.8.dist-info
📁
typing_extensions-4.7.1.dist-info
📁
typing_extensions-4.8.0.dist-info
📄
typing_extensions.py
(108.48 KB)
📁
unshare-0.22.dist-info
📄
unshare.cpython-311-x86_64-linux-gnu.so
(8.17 KB)
📁
urllib3
📁
urllib3-2.0.4.dist-info
📁
vendors_api
📁
virtualenv
📁
virtualenv-20.21.1.dist-info
📁
wcwidth
📁
wcwidth-0.2.6.dist-info
📁
wmt
📁
wrapt
📁
wrapt-1.15.0.dist-info
📁
yaml
📁
yarl
📁
yarl-1.9.2.dist-info
Editing: secureio.py
# coding=utf-8 # Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2018 All Rights Reserved # # Licensed under CLOUD LINUX LICENSE AGREEMENT # http://cloudlinux.com/docs/LICENSE.TXT # This module provides functions for secure I/O and filesystem operations import grp import sys import tempfile import contextlib import os from functools import lru_cache from typing import TYPE_CHECKING from ctypes import (cdll, c_long, Structure, c_ushort, c_ubyte, c_char, POINTER, c_int, c_void_p, c_char_p) from clcommon import ClPwd from clcommon.clpwd import drop_user_privileges def __getattr__(name): # NOTE(vlebedev): Delay shared libraries loading until they are actually used. # It makes module loadable even in case those shared libraries are not available # and that is useful for e.g. unit testing on local non-CL system. if name == 'libc': return _load_libc() elif name == 'liblve': return _load_liblve() raise AttributeError(f"module {__name__} has no attribute {name}") def __dir__(): return ['libc', 'liblve', *globals().keys()] # --- libc functions ----------------------------------------------- @lru_cache(maxsize=None) def _load_libc(): libc = cdll.LoadLibrary("libc.so.6") libc.fchown.argtypes = [c_int, c_int, c_int] libc.fchown.restype = c_int libc.fchmod.argtypes = [c_int, c_int] libc.fchmod.restype = c_int # accepts file/dir descriptor (integer) libc.fdopendir.argtypes = [c_int] # returns pointer to DIR structure libc.fdopendir.restype = c_void_p # accepts pointer to DIR structure libc.readdir.argtypes = [c_void_p] # returns pointer to DIRENTRY structure libc.readdir.restype = DIRENTRY_P # accepts pointer to DIR structure libc.rewinddir.argtypes = [c_void_p] # returns void libc.rewinddir.restype = None # accepts pointer to DIR structure libc.closedir.argtypes = [c_void_p] libc.closedir.restype = c_int return libc if TYPE_CHECKING: libc = _load_libc() ino_t = c_long off_t = c_long class DIRENTRY(Structure): _fields_ = [ ('d_ino', ino_t), # inode number ('d_off', off_t), # offset to the next dirent ('d_reclen', c_ushort), # length of this record ('d_type', c_ubyte), # type of file; not supported by all file system types ('d_name', c_char * 256), # filename ] DIRENTRY_P = POINTER(DIRENTRY) def fchown(fd, uid, gid): return _load_libc().fchown(fd, uid, gid) def fchmod(fd, mode): return _load_libc().fchmod(fd, mode) def fdopen(fd): return _load_libc().fdopen(fd) def readdir(dirp): return _load_libc().readdir(dirp) def rewinddir(dirp): return _load_libc().rewinddir(dirp) def closedir(dirp): return _load_libc().closedir(dirp) # --- liblve functions ----------------------------------------------- @lru_cache(maxsize=None) def _load_liblve(): try: liblve = cdll.LoadLibrary("libsecureio.so.0") except OSError: liblve = cdll.LoadLibrary("liblve.so.0") # Opens path for reading not following symlinks and verifies that opened path is inside parent_path # Returns: # descriptor if successful # -1 if path does not exist or is a symlink # -2 if opened path is NOT inside parent_path or cannot be determined # accepts path, parent_path liblve.open_not_symlink.argtypes = [c_char_p, c_char_p] liblve.open_not_symlink.restype = c_int # Closes descriptor (if it is not equal -1) # accepts file/dir descriptor (integer) liblve.closefd.argtypes = [c_int] # returns void liblve.closefd.restype = None # Tries to read first directory entry in order to ensure that descriptor is valid # Returns 0 if reading succeeded or -1 if error has occured # accepts descriptor liblve.check_dir.argtypes = [c_int] liblve.check_dir.restype = c_int # Checks if path is a directory (in secure manner) # Also opens path (if descriptor fd == -1) and then checks that opened path is inside parent_path # Returns descriptor if path refers to directory # Returns -1 if path does not exist or is not a directory # Returns -2 if opened path is NOT inside parent_path or cannot be determined # accepts path, descriptor, parent_path liblve.isdir.argtypes = [c_char_p, c_int, c_char_p] liblve.isdir.restype = c_int # Sets permissions to directory (in secure manner) # Returns descriptor if successful # Returns -1 if error has occured # Returns -2 if opened path is NOT inside parent_path or cannot be determined # accepts: const char *path, mode_t perm, int fd, const char *parent_path liblve.set_perm_dir_secure.argtypes = [c_char_p, c_int, c_int, c_char_p] liblve.set_perm_dir_secure.restype = c_int # Sets owner and group of directory (in secure manner) # Returns descriptor if successful # Returns -1 if error has occured # Returns -2 if opened path is NOT inside parent_path or cannot be determined # accepts: const char *path, uid_t uid, gid_t gid, int fd, const char *parent_path liblve.set_owner_dir_secure.argtypes = [c_char_p, c_int, c_int, c_int, c_char_p] liblve.set_owner_dir_secure.restype = c_int # Creates directory if it does not exist, sets permissions/owner otherwise # Returns descriptor if successful # Returns -1 if error has occured # accepts: const char *path, mode_t perm, uid_t uid, gid_t gid, int fd, const char *parent_path liblve.create_dir_secure.argtypes = [c_char_p, c_int, c_int, c_int, c_int, c_char_p] liblve.create_dir_secure.restype = c_int # Recursive directory creation function # Returns 0 if successful # Returns -1 if error has occured # accepts: const char *path, mode_t perm, uid_t uid, gid_t gid, const char *parent_path liblve.makedirs_secure.argtypes = [c_char_p, c_int, c_int, c_int, c_char_p] liblve.makedirs_secure.restype = c_int # Writes absolute path pointed by descriptor fd to buffer *buf # Returns buf if successful # Returns NULL if error has occured liblve.get_path_from_descriptor.argtypes = [c_int, c_char_p] liblve.get_path_from_descriptor.restype = c_char_p # Returns 1 if subdir is subdirectory of dir, 0 otherwise liblve.is_subdir.argtypes = [c_char_p, c_char_p] liblve.is_subdir.restype = c_int return liblve if TYPE_CHECKING: liblve = _load_liblve() def _open_not_symlink(path, parent_path): return _load_liblve().open_not_symlink(path, parent_path) def check_dir(fd): return _load_liblve().check_dir(fd) def isdir(path, descriptor, parent_path): return _load_liblve().isdir(path, descriptor, parent_path) def get_path_from_descriptor(fd, buf): return _load_liblve().get_path_from_descriptor(fd, buf) def is_subdir(dir, subdir): return _load_liblve().is_subdir(dir, subdir) # True : euid/egid == 0/0 # False : euid/egid == user/user # set by set_user_perm() and set_root_perm() functions root_flag = True LOGFILE = "/var/log/cagefs-update.log" MIN_UID = 500 SILENT_FLAG = False def open_not_symlink(path): return os.open(path, os.O_RDONLY | os.O_NOFOLLOW) def open_file_not_symlink(path): return os.fdopen(open_not_symlink(path), 'r') def flistdir(fd): """Returns list of entries of directory pointed by descriptor""" # Duplicate descriptor, because closedir() closes descriptor associated with directory stream fd2 = os.dup(fd) # Open directory stream dirp = fdopendir(fd2) # NOQA if not dirp: raise RuntimeError("fdopendir error") # Reset position of directory stream # (so it will be possible to read content of directory multiple times # via other descriptors that refer to the directory) rewinddir(dirp) dirlist = [] while True: entryp = readdir(dirp) if not entryp: break entry = entryp.contents dirlist.append(entry.d_name) rewinddir(dirp) closedir(dirp) return dirlist def closefd(fd): if fd is not None: try: os.close(fd) except OSError: pass def set_perm_dir_secure(path, perm, parent_path, fd=None, logger=None): """Sets permissions to directory (in secure manner) Returns descriptor if successful Returns None if error has occured""" if fd is None: fd = -1 fd = _load_liblve().set_perm_dir_secure(path.encode(), perm, fd, parent_path.encode()) if fd > 0: return fd if logger is not None: logger('Error: failed to set permissions of directory ' + path, False, True) return None def set_owner_dir_secure(path, uid, gid, parent_path, fd=None, logger=None): """Sets owner and group of directory (in secure manner) Returns descriptor if successful Returns None if error has occured""" if fd is None: fd = -1 fd = _load_liblve().set_owner_dir_secure(path.encode(), uid, gid, fd, parent_path.encode()) if fd > 0: return fd if logger is not None: logger('Error: failed to set owner of directory ' + path, False, True) return None def create_dir_secure(path, perm, uid, gid, parent_path, fd=None, logger=None): """Creates directory if it does not exist, sets permissions/owner otherwise Returns descriptor if successful Returns None if error has occured""" if fd is None: fd = -1 fd = _load_liblve().create_dir_secure(path.encode(), perm, uid, gid, fd, parent_path.encode()) if fd > 0: return fd if logger is not None: logger('Error : failed to create directory ' + path, False, True) return None def makedirs_secure(path, perm, uid, gid, parent_path, logger=None): """Recursive directory creation function Returns 0 if successful Returns -1 if error has occured""" res = _load_liblve().makedirs_secure(path.encode(), perm, uid, gid, parent_path.encode()) if res and logger: logger('Error : failed to create directory ' + path, False, True) return res def read_file_secure(filename, uid=None, gid=None, exit_on_error=True, write_log=True): """read file not following symlinks""" if (uid is None and gid is not None) or (uid is not None and gid is None): raise RuntimeError("read_file_secure: uid and gid should be both null or be both not null") drop_perm = (uid is not None) and (gid is not None) if drop_perm: set_user_perm(uid, gid) try: file_object = open_file_not_symlink(filename) content = file_object.readlines() file_object.close() if drop_perm: set_root_perm() return content except (OSError, IOError) as e: if drop_perm: set_root_perm() logging('Error: failed to read ' + filename + ' : ' + str(e), SILENT_FLAG, 1, write_log) if not exit_on_error: raise sys.exit(1) def write_file_secure(content, ini_path, uid, gid, drop_perm=True, perm=0o644, write_log=True): """Returns True if error has occured""" dirpath = os.path.dirname(ini_path) if drop_perm: set_user_perm(uid, gid) fd = None temp_path = None try: fd, temp_path = tempfile.mkstemp(prefix='cagefs_', dir=dirpath) file_object = os.fdopen(fd, 'w') file_object.write(''.join(content)) if not drop_perm and uid is not None and gid is not None: if fchown(fd, uid, gid): raise OSError('fchown failed') if fchmod(fd, perm): raise OSError('fchmod failed') file_object.close() except (IOError, OSError) as e: try: file_object.close() except Exception: pass try: os.close(fd) except Exception: pass try: os.unlink(temp_path) except Exception: pass if drop_perm: set_root_perm() logging( f"Error: failed to write file {ini_path} : {str(e).replace('Errno', 'Err code')}", SILENT_FLAG, 1, write_log, ) return True except Exception as e: logging(f'Error: {str(e)}', SILENT_FLAG, 1) sys.exit(1) error = False try: os.rename(temp_path, ini_path) except OSError as e: error = True logging('Error: failed to rename tempfile to ' + ini_path + ' : ' + str(e), SILENT_FLAG, 1, write_log) try: os.unlink(temp_path) except OSError: pass if drop_perm: set_root_perm() return error def write_file_via_tempfile( content, dest_path, perm, prefix='', suffix='', as_user=None): """ Safely write string content to a file :param content: str :param dest_path: str -> path to a file :param perm: int -> permissions for the file :param prefix: str -> add to temporary file name :param suffix: str -> add to temporary file name :param as_user: str -> name of the user to drop privileges to """ if as_user is not None: old_groups = os.getgroups() drop_user_privileges(as_user, effective_or_real=True, set_env=False) dirpath = os.path.dirname(dest_path) fd, temp_path = None, None try: fd, temp_path = tempfile.mkstemp( prefix=prefix, suffix=suffix, dir=dirpath) with os.fdopen(fd, 'w', errors='surrogateescape') as f_temp: f_temp.write(content) except (IOError, OSError): if fd is None or temp_path is None: raise try: os.close(fd) except (IOError, OSError): pass try: os.unlink(temp_path) except (IOError, OSError): pass raise try: os.chmod(temp_path, perm) os.rename(temp_path, dest_path) except (OSError, IOError, TypeError): try: os.unlink(temp_path) except (OSError, IOError): pass raise if as_user is not None: ruid = os.getuid() os.seteuid(ruid) os.setegid(os.getgid()) # All of the above can be called from user named as_user if ruid == 0: os.setgroups(old_groups) def set_user_perm(uid, gid, exit=True): global root_flag try: os.setegid(gid) except (OSError,) as e: if exit: print_error('failed to set egid to ' + str(gid) + ': ' + str(e)) sys.exit(1) else: return -1 groups = get_groups(uid, gid) try: os.setgroups(groups) except (OSError,) as e: if exit: print_error('failed to set supplementary groups to :', groups, str(e)) sys.exit(1) else: return -1 try: os.seteuid(uid) except (OSError,) as e: if exit: print_error('failed to set euid to ' + str(uid) + ': ' + str(e)) sys.exit(1) else: return -1 if uid == 0: root_flag = True else: # If it's possible, switch on CAP_SYS_RESOURCE _load_liblve().enable_quota_capability() root_flag = False def set_root_perm(exit=True): global root_flag try: os.seteuid(0) except (OSError,) as e: if exit: print_error('failed to set euid to 0 :', str(e)) sys.exit(1) else: return -1 try: os.setegid(0) except (OSError,) as e: if exit: print_error('Error: failed to set egid to 0 :', str(e)) sys.exit(1) else: return -1 groups = get_groups(0, 0) try: os.setgroups(groups) except (OSError,) as e: if exit: print_error('Error: failed to set supplementary groups to :', groups, str(e)) sys.exit(1) else: return -1 root_flag = True def print_error(*args): print("Error:", end=' ', file=sys.stderr) for a in args: print(a, end=' ', file=sys.stderr) print(file=sys.stderr) def get_groups(uid, gid): """Returns supplementary groups for uid""" gr = get_grp_dict() pw = get_pwd_dict() groups = set() for group in gr: members = gr[group].gr_mem for user in members: try: member_uid = pw[user].pw_uid except KeyError: continue if member_uid == uid: groups.add(gr[group].gr_gid) groups.add(gid) return list(groups) grp_dict = None def get_grp_dict(): global grp_dict if grp_dict is None: grp_dict = {} gr = grp.getgrall() for line in gr: grp_dict[line.gr_name] = line return grp_dict clpwd = ClPwd(min_uid=MIN_UID) def get_pwd_dict(): return clpwd.get_user_dict() log_file = None def logging(msg, silent=False, verbose=True, write_log=True): global log_file if not silent: if verbose: print(msg) if write_log: root_flag_saved = root_flag if not root_flag: uid, gid = get_perm() set_root_perm() try: if log_file is None: umask_saved = os.umask(0o22) # log_file is opened in "line buffered" mode log_file = open(LOGFILE, 'w', 1) # NOQA os.umask(umask_saved) log_file.write(msg) log_file.write("\n") except (OSError, IOError) as e: print_error("writing to ", LOGFILE, str(e)) sys.exit(1) if not root_flag_saved: set_user_perm(uid, gid) def get_perm(): try: uid = os.geteuid() gid = os.getegid() except (OSError,) as e: print_error('failed to get (euid,egid)', str(e)) sys.exit(1) return uid, gid def set_capability(clear=False): """ Set CAP_SYS_RESOURCE capability :param bool clear: Set on if it's true, set off otherwise :return: 0 for success, -1 otherwise :rtype: int """ return _load_liblve().disable_quota_capability() if clear \ else _load_liblve().enable_quota_capability() def change_uid(uid): """ Change effective uid of current process and set CAP_SYS_RESOURCE capbality to prevent "Disk quota exceeded" error :param int euid: User ID to set it as current effective UID :return: 0 if capability was set successfuly, -1 otherwise :rtype: int """ os.seteuid(uid) return set_capability() def _set_quota_checks_status(enabled): """ Disable quota kernel check to allow us to write more than user can by quota. """ if not enabled: _load_liblve().enable_quota_capability() else: _load_liblve().disable_quota_capability() @contextlib.contextmanager def disable_quota(): _set_quota_checks_status(enabled=False) try: yield finally: _set_quota_checks_status(enabled=True) @contextlib.contextmanager def set_umask(umask_value): saved_umask = os.umask(umask_value) try: yield finally: os.umask(saved_umask)
Upload File
Create Folder