commit f21ca5534fbc0e2d128fd964b474c62e5442bfbc Author: teor teor@torproject.org Date: Wed Dec 11 14:11:38 2019 +1000
torrc: Allow the user to disable the tor Sandbox
* Set the default for Sandbox based on the platform: 1 for Linux, 0 for everything else. * Allow the user to override it with --sandbox or CHUTNEY_TOR_SANDBOX
This feature can be used when tor's sandbox doesn't work with the local glibc version.
Closes ticket 32721. --- README | 19 ++++++++++++-- lib/chutney/TorNet.py | 68 +++++++++++++++++++++++++++++++++++++++--------- tools/test-network.sh | 9 +++++++ torrc_templates/common.i | 18 ++++++++----- 4 files changed, 94 insertions(+), 20 deletions(-)
diff --git a/README b/README index c828e1d..0475b2f 100644 --- a/README +++ b/README @@ -70,6 +70,10 @@ Address/DNS Options: # Use tor's compile-time default for ServerDNSResolvConfFile --dns-conf-default CHUTNEY_DNS_CONF=""
+Sandbox Options: + + --sandbox CHUTNEY_TOR_SANDBOX=N (0 or 1) + Warning Options: --all-warnings CHUTNEY_WARNINGS_IGNORE_EXPECTED=false CHUTNEY_WARNINGS_SUMMARY=false @@ -214,15 +218,26 @@ Using DNS: provides a local resolv.conf file containing IPv4, IPv6, and "localhost". Use --dns-conf resolv.conf (relative paths work).
+The tor sandbox: + + Chutney can run with the tor seccomp sandbox enabled. But if tor's sandbox + is broken on your local version of glibc, you can set CHUTNEY_TOR_SANDBOX=0 + to disable the sandbox. If CHUTNEY_TOR_SANDBOX is unset, Sandbox defaults + to 1 on Linux, and 0 on other platforms. + The configuration files:
networks/basic holds the configuration for the network you're configuring above. It refers to some torrc template files in torrc_templates/.
+ Chutney uses a templating system to produce torrc files from the templates. + These torrc files can be modified using various chutney options. + The working files:
- chutney sticks its working files, including all data directories, log - files, etc, in ./net/. Each tor instance gets a subdirectory of net/nodes. + chutney sticks its working files, including all generated torrc files, + data directories, log files, etc, in ./net/. Each tor instance gets a + subdirectory of net/nodes.
You can override the directory "./net" with the CHUTNEY_DATA_DIR environment variable. diff --git a/lib/chutney/TorNet.py b/lib/chutney/TorNet.py index e9cf8f4..2b91dfb 100644 --- a/lib/chutney/TorNet.py +++ b/lib/chutney/TorNet.py @@ -11,15 +11,16 @@ from __future__ import print_function from __future__ import with_statement
import cgitb +import errno +import importlib import os +import platform +import re import signal +import shutil import subprocess import sys -import re -import errno import time -import shutil -import importlib
from chutney.Debug import debug_flag, debug
@@ -42,22 +43,55 @@ cgitb.enable(format="plain") class MissingBinaryException(Exception): pass
-def getenv_int(envvar, default): +def getenv_type(env_var, default, type_, type_name=None): """ - Return the value of the environment variable 'envar' as an integer, + Return the value of the environment variable 'envar' as type_, or 'default' if no such variable exists.
- Raise ValueError if the environment variable is set, but not to - an integer. + Raise ValueError using type_name if the environment variable is set, + but type_() raises a ValueError on its value. (If type_name is None + or empty, the ValueError uses type_'s string representation instead.) """ - # TODO: Use this function in more places. - strval = os.environ.get(envvar) + strval = os.environ.get(env_var) if strval is None: return default try: - return int(strval) + return type_(strval) + except ValueError: + if not type_name: + type_name = str(type_) + raise ValueError(("Invalid value for environment variable '{}': " + "expected {}, but got '{}'") + .format(env_var, typename, strval)) + +def getenv_int(env_var, default): + """ + Return the value of the environment variable 'envar' as an int, + or 'default' if no such variable exists. + + Raise ValueError if the environment variable is set, but is not an int. + """ + return getenv_type(env_var, default, int, type_name='an int') + +def getenv_bool(env_var, default): + """ + Return the value of the environment variable 'envar' as a bool, + or 'default' if no such variable exists. + + Unlike bool(), converts 0, "False", and "No" to False. + + Raise ValueError if the environment variable is set, but is not a bool. + """ + try: + # Handle integer values + return bool(getenv_int(env_var, default)) except ValueError: - raise ValueError("Invalid value for environment variable %s: expected an integer, but got %r"%(envvar,strval)) + # Handle values that the user probably expects to be False + strval = os.environ.get(env_var) + if strval.lower() in ['false', 'no']: + return False + else: + return getenv_type(env_var, default, bool, type_name='a bool')
def mkdir_p(d, mode=448): """Create directory 'd' and all of its parents as needed. Unlike @@ -1032,6 +1066,11 @@ DEFAULTS = {
'CUR_CONFIG_PHASE': getenv_int('CHUTNEY_CONFIG_PHASE', 1), 'CUR_LAUNCH_PHASE': getenv_int('CHUTNEY_LAUNCH_PHASE', 1), + + # the Sandbox torrc option value + # defaults to 1 on Linux, and 0 otherwise + 'sandbox': int(getenv_bool('CHUTNEY_TOR_SANDBOX', + platform.system() == 'Linux')), }
@@ -1055,6 +1094,11 @@ class TorEnviron(chutney.Templating.Environ): disabled if tor should use the default DNS conf. If the dns_conf file is missing, this option is also disabled: otherwise, exits would not work due to tor bug #21900. + sandbox: Sets Sandbox to the value of CHUTNEY_TOR_SANDBOX. + The default is 1 on Linux, and 0 on other platforms. + Chutney users can disable the sandbox using: + export CHUTNEY_TOR_SANDBOX=0 + if it doesn't work on their version of glibc.
Environment fields used: nodenum: chutney's internal node number for the node diff --git a/tools/test-network.sh b/tools/test-network.sh index 4571499..81b57de 100755 --- a/tools/test-network.sh +++ b/tools/test-network.sh @@ -22,6 +22,10 @@ export CHUTNEY_ALLOW_FAILURES=${CHUTNEY_ALLOW_FAILURES:-0} # If a custom test expects DNS, it needs to set CHUTNEY_DNS_CONF export CHUTNEY_DNS_CONF=${CHUTNEY_DNS_CONF:-/dev/null}
+# Chutney changes the sandbox default, based on the platform. It's set to 1 on +# Linux, which is the only tor platform with a supported sandbox. +#export CHUTNEY_TOR_SANDBOX=1 + # what we say when we fail UPDATE_YOUR_CHUTNEY="Please update your chutney using 'git pull'."
@@ -131,6 +135,11 @@ do --dns-conf-default) export CHUTNEY_DNS_CONF="" ;; + # Enable or disable tor's sandbox, overriding the default + --sandbox) + export CHUTNEY_TOR_SANDBOX="$2" + shift + ;; # Warning Options # we summarise unexpected warnings by default # this shows all warnings per-node diff --git a/torrc_templates/common.i b/torrc_templates/common.i index 9f71fd3..8d5394c 100644 --- a/torrc_templates/common.i +++ b/torrc_templates/common.i @@ -23,8 +23,6 @@ TestingMinExitFlagThreshold 0 #Default VoteOnHidServDirectoriesV2 1
## Options that we always want to test ## -Sandbox 1 - DataDirectory $dir RunAsDaemon 1 ConnLimit $connlimit @@ -38,10 +36,6 @@ ControlPort $controlport ControlSocket ${dir}/control CookieAuthentication 1 PidFile ${dir}/pid -# Ask all child tor processes to exit when chutney's test-network.sh exits -# (if the CHUTNEY_*_TIME options leave the network running, this option is -# disabled) -${owning_controller_process}
Log notice file ${dir}/notice.log Log info file ${dir}/info.log @@ -51,4 +45,16 @@ ProtocolWarnings 1 SafeLogging 0 LogTimeGranularity 1
+# Options that we can disable at runtime, based on env vars + +# Use tor's sandbox. Defaults to 1 on Linux, and 0 on other platforms. +# Use CHUTNEY_TOR_SANDBOX=0 to disable, if tor's sandbox doesn't work with +# your glibc. +Sandbox ${sandbox} + +# Ask all child tor processes to exit when chutney's test-network.sh exits +# (if the CHUTNEY_*_TIME options leave the network running, this option is +# disabled) +${owning_controller_process} + ${authorities}