This file is indexed.

/usr/bin/rainbow-sugarize is in rainbow 0.8.7-2.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/usr/bin/python

import sys
import pwd

from os import getuid, getgid, environ, chmod, chown, symlink, listdir
from os.path import join, isdir, dirname, exists
from optparse import OptionParser
from shutil import copyfile

from rainbow.util import make_reporter, enable_verbose_tracebacks, make_dirs

enable_verbose_tracebacks()

def main():
    parser = OptionParser(version='0.1')
    parser.add_option('-v', '--verbose', default=0, action='count',
                      help='Verbosity. Repeat for more verbose output.')
    parser.add_option('-q', '--quiet', default=False, action='store_true',
                      help='Quiet. Disable all output.')
    parser.add_option('-u', '--user', default=None,
                      help="Isolated user.")
    parser.add_option('-e', '--envdir', default=None,
                      help="Envdir to be used for launching.")
    opts, args = parser.parse_args()
    if not opts.user or not opts.envdir:
        parser.print_help()
        exit(1)

    report = make_reporter(opts.verbose, opts.quiet, sys.stdout)

    def check_user(report, opts):
        report(1, 'Sugarizing isolated uid %s.', opts.user)
        return opts.user

    def check_envdir(report, envdir):
        report(1, 'Sugarizing envdir %s.', envdir)
        assert isdir(envdir)
        def write_envvar(k, v):
            report(1, '-E %s=%s', k, v)
            open(join(envdir, k), 'w').write(v)
        return write_envvar

    user = check_user(report, opts)
    write_envvar = check_envdir(report, opts.envdir)

    o = pwd.getpwuid(getuid())
    i = pwd.getpwnam(user)
    h_o = o.pw_dir
    h_i = i.pw_dir

    # We want to use xauth generate $DISPLAY . untrusted, but we don't have
    # XSECURITY enabled. <MS>
    environ.setdefault('XAUTHORITY', join(h_o, '.Xauthority'))
    environ.setdefault('ICEAUTHORITY', join(h_o, '.ICEauthority'))

    x_cookie_path = join(h_i, '.Xauthority')
    make_dirs(dirname(x_cookie_path), getuid(), getgid(), 0777)
    copyfile(environ['XAUTHORITY'], x_cookie_path)
    chmod(x_cookie_path, 0666)
    chown(x_cookie_path, o.pw_uid, i.pw_gid)

    ice_cookie_path = join(h_i, '.ICEauthority')
    make_dirs(dirname(ice_cookie_path), getuid(), getgid(), 0777)
    copyfile(environ['ICEAUTHORITY'], ice_cookie_path)
    chmod(ice_cookie_path, 0666)
    chown(ice_cookie_path, o.pw_uid, i.pw_gid)

    corba_socket_path = join('/tmp', 'orbit-' + o.pw_name)
    if exists(corba_socket_path):
        chmod(corba_socket_path, 0750)
        for socket_name in listdir(corba_socket_path):
            chmod(join(corba_socket_path, socket_name), 0660)

    for frag in ['owner.key.pub']:
        path = join('.sugar/default/', frag)
        make_dirs(dirname(join(h_i, path)), getuid(), getgid(), 0777)
        copyfile(join(h_o, path), join(h_i, path))
        chmod(join(h_i, path), 0666)

    write_envvar('USER', i.pw_name)
    write_envvar('HOME', h_i)
    write_envvar('XAUTHORITY', x_cookie_path)
    write_envvar('ICEAUTHORITY', ice_cookie_path)
    write_envvar('SUGAR_ACTIVITY_ROOT', h_i)
    write_envvar('TMPDIR', join(h_i, 'tmp'))
    write_envvar('DISPLAY', environ['DISPLAY'])

    symlink(".", join(h_i, "instance"))
    symlink(environ["SUGAR_BUNDLE_ID"], join(h_i, "data"))
    symlink(environ.get("TMPDIR", "/tmp"), join(h_i, "tmp"))

if __name__ == '__main__':
    main()

# vim : et sw=4 ts=4 sts=4 :