/usr/lib/maas/maas-delete-file is in maas-common 2.4.0~beta2-6865-gec43e47e6-0ubuntu1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 | #!/usr/bin/env python3
# Copyright 2017 Canonical Ltd. This software is licensed under the
# GNU Affero General Public License version 3 (see the file LICENSE).
"""Atomically delete a file.
The filename is checked against an internal white list. As such it's intended
to be used behind `sudo`.
"""
import argparse
import os
import pipes
from provisioningserver.utils.fs import atomic_delete
whitelist = {
"/var/lib/maas/dhcpd.conf",
"/var/lib/maas/dhcpd6.conf",
}
# For DEVELOPMENT ONLY update the paths in the white list to all be prefixed
# with MAAS_ROOT, if defined. Check real and effective UIDs to be super extra
# paranoid (only the latter actually matters).
if os.getuid() != 0 and os.geteuid() != 0:
root = os.environ.get("MAAS_ROOT")
if root is not None:
whitelist = {
os.path.abspath(root + os.sep + path)
for path in whitelist
}
arg_parser = argparse.ArgumentParser(description=__doc__)
arg_parser.add_argument("filename", help="The file to delete.")
def main(args):
# Validate the filename here because using a `choices` argument in the
# parser results in ugly help and error text.
if args.filename not in whitelist:
arg_parser.error(
"Given filename %s is not in the white list. "
"Choose from: %s." % (
pipes.quote(args.filename), ", ".join(
map(pipes.quote, sorted(whitelist)))))
# Okay, good to go.
else:
try:
atomic_delete(args.filename)
except FileNotFoundError:
pass # Ignore; it's already gone.
if __name__ == "__main__":
main(arg_parser.parse_args())
|