Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_setuid_no_perms():
cfile = create_config(("user=testuser",))
with mock.patch(
"pwd.getpwnam", side_effect=PermissionError
), pytest.raises(SystemExit) as err:
Config(cfile).load()
setuid()
assert err.value.code == 77
def test_setuid_invalid_user():
cfile = create_config(("user=testuser",))
with mock.patch("pwd.getpwnam", side_effect=KeyError), pytest.raises(
SystemExit
) as exc:
Config(cfile).load()
setuid()
assert exc.value.code == 64
def test_setuid_same_user():
cfile = create_config(("",))
with mock.patch("os.setuid"):
Config(cfile).load()
assert setuid() is None
def test_setuid():
cfile = create_config(("user=abc",))
with mock.patch("pwd.getpwnam") as mock_getpwnam, mock.patch(
"os.setuid"
) as mock_setuid:
Config(cfile).load()
setuid()
assert mock_getpwnam.called is True
assert mock_setuid.called is True
exits cleanly.
"""
args = parse_cmd_args(sys.argv[1:])
configure_logs(args)
logger = logging.getLogger("blackhole")
if args.test:
config_test(args)
try:
config = Config(args.config_file).load().test()
config.args = args
warn_options(config)
daemon = Daemon(config.pidfile)
supervisor = Supervisor()
pid_permissions()
setgid()
setuid()
except (ConfigException, DaemonException) as err:
logger.critical(err)
raise SystemExit(os.EX_USAGE)
except BlackholeRuntimeException as err:
logger.critical(err)
raise SystemExit(os.EX_NOPERM)
if args.background:
try:
daemon.daemonize()
except DaemonException as err:
supervisor.close_socks()
logger.critical(err)
raise SystemExit(os.EX_NOPERM)
try:
supervisor.run()
except KeyboardInterrupt:
def setup_child(self):
"""Basic setup for the child process and starting it."""
setgid()
setuid()
asyncio.set_event_loop(None)
if setproctitle:
setproctitle.setproctitle("blackhole: worker")
process = Child(self.up_read, self.down_write, self.socks, self.idx)
process.start()