ó
ˍEYc@sddZd
dl
Z
d
dlmZ
d
dlmZ
d
dlmZ
d„Z	ej
jd„ƒ
ZdS(sJust in case it wasn't clear, this is a massive security back-door.

`execute_root()` (or the same via `execute(run_as_root=True)`) allows
any command to be run as the privileged user (default "root").  This
is intended only as an expedient transition and should be removed
ASAP.

This is not completely unreasonable because:

1. We have no tool/workflow for merging changes to rootwrap filter
   configs from os-brick into nova/cinder, which makes it difficult
   to evolve these loosely coupled projects.

2. Let's not pretend the earlier situation was any better.  The
   rootwrap filters config contained several entries like "allow cp as
   root with any arguments", etc, and would have posed only a mild
   inconvenience to an attacker.  At least with privsep we can (in
   principle) run the "root" commands as a non-root uid, with
   restricted Linux capabilities.

The plan is to switch os-brick to privsep using this module (removing
the urgency of (1)), then work on the larger refactor that addresses
(2) in followup changes.

iÿÿÿÿN(
tprocessutils(
tstrutils(
t
privilegedcOsœ|
jd
t
ƒ}|
jddƒ
y'|r8t||
ŽStj||
ŽSWnLtk
r—
}
tjdj	|ƒ
ƒ
}tj
d|dtj|ƒ
ƒ‚
n
XdS(s9NB: Raises processutils.ProcessExecutionError on failure.trun_as_roottroot_helpert
 tcmdtdescriptionN(
tpoptFalsetNonetexecute_roottputilstexecutetOSErrorR
t
mask_passwordtjointProcessExecutionErrortsixt	text_type(RtkwargsRt
et
sanitized_cmd((sQ/home/tvault/.virtenv/lib/python2.7/site-packages/os_brick/privileged/rootwrap.pyR
2s






	
cOstj
d
tdt||
ŽS(sANB: Raises processutils.ProcessExecutionError/OSError on failure.tshellR(RR
R	(RR((sQ/home/tvault/.virtenv/lib/python2.7/site-packages/os_brick/privileged/rootwrap.pyROs(
t__doc__Rtoslo_concurrencyRRt
oslo_utilsR
tos_brickRR
tdefaultt
entrypointR(((sQ/home/tvault/.virtenv/lib/python2.7/site-packages/os_brick/privileged/rootwrap.pyt<module>%s