diff options
author | r5d <s@ricketyspace.net> | 2017-09-16 02:55:05 +0300 |
---|---|---|
committer | Brad Warren <bmw@users.noreply.github.com> | 2017-09-16 02:55:05 +0300 |
commit | 7c16e0da26d8e0757ea580f372a94cd2803b34fe (patch) | |
tree | f06fdee19b4a2d32b5feed65276455a50b3537bd | |
parent | 03624fa9dbe1a0dbb74e324a35ee0cda44234bc8 (diff) |
certbot: Let plugins_cmd be run as un-priviliged user. (#5103)
* certbot: Let plugins_cmd be run as un-priviliged user.
* certbot/main.py (main): Update function.
Addresses issue #4350.
* * Add test certbot.tests.main_testMainTest.test_plugins_no_args_unpriviliged
-rw-r--r-- | certbot/main.py | 10 | ||||
-rw-r--r-- | certbot/tests/main_test.py | 20 |
2 files changed, 28 insertions, 2 deletions
diff --git a/certbot/main.py b/certbot/main.py index d1ed6fe2b..9d33d6059 100644 --- a/certbot/main.py +++ b/certbot/main.py @@ -743,8 +743,14 @@ def main(cli_args=sys.argv[1:]): config = configuration.NamespaceConfig(args) zope.component.provideUtility(config) - log.post_arg_parse_setup(config) - make_or_verify_needed_dirs(config) + try: + log.post_arg_parse_setup(config) + make_or_verify_needed_dirs(config) + except errors.Error: + # Let plugins_cmd be run as un-privileged user. + if config.func != plugins_cmd: + raise + set_displayer(config) # Reporter diff --git a/certbot/tests/main_test.py b/certbot/tests/main_test.py index f0b055d4c..4b9e4cf67 100644 --- a/certbot/tests/main_test.py +++ b/certbot/tests/main_test.py @@ -547,6 +547,26 @@ class MainTest(test_util.ConfigTestCase): # pylint: disable=too-many-public-met @mock.patch('certbot.main.plugins_disco') @mock.patch('certbot.main.cli.HelpfulArgumentParser.determine_help_topics') + def test_plugins_no_args_unprivileged(self, _det, mock_disco): + ifaces = [] + plugins = mock_disco.PluginsRegistry.find_all() + + def throw_error(directory, mode, uid, strict): + """Raises error.Error.""" + _, _, _, _ = directory, mode, uid, strict + raise errors.Error() + + with mock.patch('certbot.util.set_up_core_dir') as mock_set_up_core_dir: + mock_set_up_core_dir.side_effect = throw_error + + _, stdout, _, _ = self._call(['plugins']) + plugins.visible.assert_called_once_with() + plugins.visible().ifaces.assert_called_once_with(ifaces) + filtered = plugins.visible().ifaces() + self.assertEqual(stdout.getvalue().strip(), str(filtered)) + + @mock.patch('certbot.main.plugins_disco') + @mock.patch('certbot.main.cli.HelpfulArgumentParser.determine_help_topics') def test_plugins_init(self, _det, mock_disco): ifaces = [] plugins = mock_disco.PluginsRegistry.find_all() |