[Freedombox-discuss] Drop exmachina, use sudo instead - at least short term

Petter Reinholdtsen pere at hungry.com
Thu Sep 19 18:41:35 UTC 2013 

[Tim Retout]
> This sounds reasonable, so long as the helper scripts can be run in
> the background or return quickly.  I notice that /etc/sudoers.d
> exists (since 2009! I've never noticed it before) so the necessary
> privileges can be maintained in the plinth package.

I've tested, and it worked just fine to use sudo and call action
scripts instead of using exmachina.  Draft patch below.  To use it, a
module would place its privileged part in actions/scriptname, and have
code like this in the non-privileged part:

  from privilegedactions import privilegedaction_run
  privilegedaction_run("scriptname", ['options1', 'option2'])

I use it in my test setup to configure Tor using plinth.  Not working
yet, but the sudo part is doing its job.

> How is plinth being deployed long-term?  Presumably it will always
> run as a new 'plinth' user, not www-data?  (Currently I think it
> just runs the cherrypy server on port 8080?)  If the plinth
> packaging ever changes to run under Apache or nginx, then it would
> make sense to use FastCGI or mod_wsgi in daemon mode rather than
> CGI, to avoid having to use mod_suexec or grant these sudo rights to
> the web server.

At the moment it run as a new plinth user with its own cherrypy
server, and apache forwards to this port.

Here is the patch.  Not sure if this is the best way to do this,
thougth.

diff --git a/Makefile b/Makefile
index c9a6b4c..0ea60f0 100644
--- a/Makefile
+++ b/Makefile
@@ -29,6 +29,8 @@ install: default
   mkdir -p $(DESTDIR)$(PYDIR) $(DESTDIR)$(DATADIR) $(DESTDIR)/usr/bin \
   	 $(DESTDIR)/usr/share/doc/plinth $(DESTDIR)/usr/share/man/man1
 	 cp -a static themes $(DESTDIR)$(DATADIR)/
+	 cp -a actions $(DESTDIR)$(DATADIR)/
+	 cp -a sudoers.d $(DESTDIR)/etc/sudoers.d
 	 cp -a *.py modules templates $(DESTDIR)$(PYDIR)/
 	 mkdir -p $(DESTDIR)$(PYDIR)/exmachina
 	 cp -a vendor/exmachina/exmachina.py $(DESTDIR)$(PYDIR)/exmachina/.
diff --git a/privilegedactions.py b/privilegedactions.py
new file mode 100644
index 0000000..79e5cd5
--- /dev/null
+++ b/privilegedactions.py
@@ -0,0 +1,7 @@
+import subprocess
+
+def privilegedaction_run(action, options):
+    cmd = ['sudo', "/usr/share/plinth/actions/%s" % action]
+    if options:
+        cmd.extend(options)
+    subprocess.call(cmd)
diff --git a/sudoers.d/plinth b/sudoers.d/plinth
new file mode 100644
index 0000000..aaefc5e
--- /dev/null
+++ b/sudoers.d/plinth
@@ -0,0 +1,1 @@
+plinth    ALL=(ALL:ALL) NOPASSWD:/usr/share/plinth/actions/*

-- 
Happy hacking
Petter Reinholdtsen

More information about the Freedombox-discuss mailing list