I'm building an application that needs to use the Linux group keyring to share some sensitive data between processes with different owners. Whenever I try to access the group keyring (e.g."#g" or "-6") using either the keyctl command or the underlying API, I get an error.
I'm guessing I have to set some kind of state to let it know which of my groups to get the keyring for, but documentation on this kernel feature is sparse. Anybody know how to make it work for groups?
The method call (currently using Python's ctypes, which will directly call shared library functions, which works fine for all other keyrings):
>>> import ctypes
>>> keyutils = ctypes.CDLL('libkeyutils.so.1')
>>> key_id = 'foo'
>>> key_value = 'bar'
>>> keyutils.add_key('user', key_id, key_value, len(key_value), -5)
268186515
>>> keyutils.add_key('user', key_id, key_value, len(key_value), -6)
-1
Based on looking at the man page for keyctl it would seem that group based keyrings aren't implemented in the kernel yet.
(*) Group specific keyring: #g or -6
This is a place holder for a group specific keyring, but is not actually implemented yet in the kernel.
Taking a look at the most recent stable kernel source it also backs up what the man page says:
http://lxr.linux.no/#linux+v3.2.9/security/keys/process_keys.c#L641
So your code is correct... but it's attempting to use functionality that isn't there yet.
Related
Using the DRMAA interface to Son of Grid Engine I would like to get the name of a host running a particular job. I would like something like the following (using the drmaa-python interface)
>>> import drmaa
>>> s = drmaa.Session()
>>> s.initialize()
>>> jt = s.createJobTemplate()
>>> jt.remoteCommand = 'sleep'
>>> jt.args = ['100']
>>> jobid = s.runJob(jt)
>>> jobid
'1'
>>> s.jobStatus(jobid)
'running'
>>> s.the_function_I_want(jobid)
'worker-host-123'
Questions
Is this possible through the DRMAA interface? Looking at the spec it seems not, but I thought I'd ask anyway
If so, how?
Short answer: You are right, this is not possible.
Long answer:
The drmaa-python library acts as wrapper for an underlying C implementation of the DRMAAv1 API (see https://www.ogf.org/documents/GFD.130.pdf). Such a C library usually comes together with your cluster framework. DRMAAv1 does not support a standardized monitoring of jobs, and therefore both the DRMAAv1 C and Python library can't get this information.
If you wonder about that lack of functionality, please note that the original API design is from 2004.
The second version of DRMAA (https://www.ogf.org/documents/GFD.231.pdf) does support monitoring. At the time of writing, the only known implementation comes with Univa GridEngine, and there is no existing Python wrapper implementation for it.
You could try to parse the job log file by yourself to extract the execution host name. If you need to pass special options to qsub for getting such a file, you can use the nativeSpecification field in the job template.
I am currently implementing the Aerospike Python Client in order to benchmark it along with our Redis implementation, to see which is faster and/or more stable.
I'm still on baby steps, currently Unit-Testing basic functionality, for example if I correctly add records in my Set. For that reason, I want to create a function to count them.
I saw in Aerospike's Documentation, that :
"to perform an aggregation on query, you first need to register a UDF
with the database".
It seems that this is the suggested way that aggregations, counting and other custom functionality should be run in Aerospike.
Therefore, to count the records in a set I have, I created the following module:
# "counter.lua"
function count(s)
return s : map(function() return 1 end) : reduce (function(a,b) return a+b end)
end
I'm trying to use aerospike python client's function to register a UDF(User Defined Function) module:
udf_put(filename, udf_type, policy)
My code is as follows:
# aerospike_client.py:
# "udf_put" parameters
policy = {'timeout': 1000}
lua_module = os.path.join(os.path.dirname(os.path.realpath(__file__)), "counter.lua") #same folder
udf_type = aerospike.UDF_TYPE_LUA # equals to "0", which is for "Lua"
self.client.udf_put(lua_module, udf_type, policy) # Exception is thrown here
query = self.client.query(self.aero_namespace, self.aero_set)
query.select()
result = query.apply('counter', 'count')
an exception is thrown:
exceptions.Exception: (-2L, 'Filename should be a string', 'src/main/client/udf.c', 82)
Is there anything I'm missing or doing wrong?
Is there a way to "debug" it without compiling C code?
Is there any other suggested way to count the records in my set? Or I'm fine with the Lua module?
First, I'm not seeing that exception, but I am seeing a bug with udf_put where the module is registered but the python process hangs. I can see the module appear on the server using AQL's show modules.
I opened a bug with the Python client's repo on Github, aerospike/aerospike-client-python.
There's a best practices document regarding UDF development here: https://www.aerospike.com/docs/udf/best_practices.html
In general using the stream-UDF to aggregate the records through the count function is the correct way to go about it. There are examples here and here.
Straight to the meat, I've been searching for a way to use the Windows LogonUser function within Python.
Having seen the usage of this function by a friend using C, I wanted to attempt a similar process with Python. Is there a way? or do I need to try to make that portion of script within C then somehow make my Python script call it?
You can call the Windows API directly using ctypes:
import ctypes
import ctypes.wintypes
# create variable that will be filled with a token that represents the user
token = ctypes.wintypes.HANDLE()
# 3 is LOGON32_LOGON_NETWORK, 0 is LOGON32_PROVIDER_DEFAULT
if ctypes.windll.advapi32.LogonUserW(u"username", u"domain", u"password", 3, 0, ctypes.byref(token)) == 0:
# failed to login if we get 0
failed_to_login()
# close the handle to avoid leaking it
ctypes.windll.kernel32.CloseHandle(token)
You can also call ctypes.windll.kernel32.GetLastError() after a failure to see what the error code was, which you can look up via net helpmsg nnnn in a command prompt.
C:\>net helpmsg 1326
Logon failure: unknown user name or bad password.
If you are working on Linux, then the rough equivalent to Windows' LogonUser function is peercred, as in SO_PEERCRED. (Thanks to Grawity on Super User peercred).
I am developing fuse fs at python (with fuse-python bindings). What method I need to implement that touch correctly work? At present I have next output:
$ touch m/My\ files/d3elete1.me
touch: setting times of `m/My files/d3elete1.me': Invalid argument
File exists "d3elete1.me":
$ ls -l m/My\ files/d3elete1.me
-rw-rw-rw- 1 root root 0 Jul 28 15:28 m/My files/d3elete1.me
Also I was trying to trace system calls:
$ strace touch m/My\ files/d3elete1.me
...
open("m/My files/d3elete1.me", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK|O_LARGEFILE, 0666) = 3
dup2(3, 0) = 0
close(3) = 0
utimensat(0, NULL, NULL, 0) = -1 EINVAL (Invalid argument)
close(0) = 0
...
As you see utimensat failed. I was trying to implement empty utimens and utime but its are not even called.
Try launching fuse with the -f option. Fuse will stay in foreground and you can see errors in the console.
You must implement utimens and getattr. Not all the system calls necessarily map directly to the C calls you might be expecting. Many of them are used internally by FUSE to check and navigate your filesystem, depending on which FUSE options are set.
I believe in your case FUSE is preceding it's interpretation of utimesat to utimens, with a getattr check to verify that the requested file is present, and has the expected attributes.
Update0
This is a great coincidence. There is a comment below suggestion that the issue likes with the fact that FUSE does not support utimensat. This is not the case. I had the exact same traceback you've provided while using fuse-python on Ubuntu 10.04. I poked around a little, it would appear that the fuse-python 0.2 bindings are for FUSE 2.6, it may be that a slight change has introduced this error (FUSE is now at version 2.8). My solution was to stop using fuse-python (the code is an ugly mess), and I found an alternate binding fusepy. I've not looked back, and had no trouble since.
I highly recommend you take a look, your initialization code will be cleaner, and minimal changes are required to adapt to to the new binding. Best of all, it's only one module, and an easy read.
I'm trying to create a python program (using pyUNO ) to make some changes on a OpenOffice calc sheet.
I've launched previously OpenOffice on "accept" mode to be able to connect from an external program. Apparently, should be as easy as:
import uno
# get the uno component context from the PyUNO runtime
localContext = uno.getComponentContext()
# create the UnoUrlResolver
resolver = localContext.ServiceManager.createInstanceWithContext(
"com.sun.star.bridge.UnoUrlResolver", localContext)
# connect to the running office
ctx = resolver.resolve("uno:socket,host=localhost,port=2002;"
"urp;StarOffice.ComponentContext")
smgr = ctx.ServiceManager
# get the central desktop object
DESKTOP =smgr.createInstanceWithContext("com.sun.star.frame.Desktop", ctx)
#The calling it's not exactly this way, just to simplify the code
DESKTOP.loadComponentFromURL('file.ods')
But I get an AttributeError when I try to access loadComponentFromURL. If I make a dir(DESKTOP), I've see only the following attributes/methods:
['ActiveFrame', 'DispatchRecorderSupplier', 'ImplementationId', 'ImplementationName',
'IsPlugged', 'PropertySetInfo', 'SupportedServiceNames', 'SuspendQuickstartVeto',
'Title', 'Types', 'addEventListener', 'addPropertyChangeListener',
'addVetoableChangeListener', 'dispose', 'disposing', 'getImplementationId',
'getImplementationName', 'getPropertySetInfo', 'getPropertyValue',
'getSupportedServiceNames', 'getTypes', 'handle', 'queryInterface',
'removeEventListener', 'removePropertyChangeListener', 'removeVetoableChangeListener',
'setPropertyValue', 'supportsService']
I've read that there are where a bug doing the same, but on OpenOffice 3.0 (I'm using OpenOffice 3.1 over Red Hat5.3). I've tried to use the workaround stated here, but they don't seems to be working.
Any ideas?
It has been a long time since I did anything with PyUNO, but looking at the code that worked last time I ran it back in '06, I did my load document like this:
def urlify(path):
return uno.systemPathToFileUrl(os.path.realpath(path))
desktop.loadComponentFromURL(
urlify(tempfilename), "_blank", 0, ())
Your example is a simplified version, and I'm not sure if you've removed the extra arguments intentionally or not intentionally.
If loadComponentFromURL isn't there, then the API has changed or there's something else wrong, I've read through your code and it looks like you're doing all the same things I have.
I don't believe that the dir() of the methods on the desktop object will be useful, as I think there's a __getattr__ method being used to proxy through the requests, and all the methods you've printed out are utility methods used for the stand-in object for the com.sun.star.frame.Desktop.
I think perhaps the failure could be that there's no method named loadComponentFromURL that has exactly 1 argument. Perhaps giving the 4 argument version will result in the method being found and used. This could simply be an impedance mismatch between Python and Java, where Java has call-signature method overloading.
This looks like issue 90701: http://www.openoffice.org/issues/show_bug.cgi?id=90701
See also http://piiis.blogspot.com/2008/10/pyuno-broken-in-ooo-30-with-system.html and http://udk.openoffice.org/python/python-bridge.html