[Telemetry] Fix sudoers file parsing

Fix the regex we use for parsing the sudoers file to allow arguments after the binary path. BUG=423688 Review URL: https://codereview.chromium.org/750093007 Cr-Commit-Position: refs/heads/master@{#306839}
author: jeremy <jeremy@chromium.org> 2014-12-04 09:07:54 -0800
committer: Commit bot <commit-bot@chromium.org> 2014-12-04 17:08:23 +0000
commit: fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6 (patch)
tree: ad75ac5d767b6a8cd2e2603dfdc28fb6dcb4dca8 /tools
parent: decce902f12dde8b6abdbfe625905be8fcb27ab0 (diff)
download: chromium_src-fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6.zip
chromium_src-fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6.tar.gz
chromium_src-fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6.tar.bz2
2 files changed, 44 insertions, 10 deletions
diff --git a/tools/telemetry/telemetry/core/platform/posix_platform_backend.py b/tools/telemetry/telemetry/core/platform/posix_platform_backend.py
index 512923f..af84ec1 100644
--- a/tools/telemetry/telemetry/core/platform/posix_platform_backend.py
+++ b/tools/telemetry/telemetry/core/platform/posix_platform_backend.py
@@ -13,6 +13,24 @@ from telemetry.core.platform import desktop_platform_backend
 from telemetry.core.platform import ps_util
 
 
+def _BinaryExistsInSudoersFiles(path, sudoers_file_contents):
+  """Returns True if the binary in |path| features in the sudoers file.
+  """
+  for line in sudoers_file_contents.splitlines():
+    if re.match(r'\s*\(.+\) NOPASSWD: %s(\s\S+)*$' % re.escape(path), line):
+      return True
+  return False
+
+
+def _CanRunElevatedWithSudo(path):
+  """Returns True if the binary at |path| appears in the sudoers file.
+  If this function returns true then the binary at |path| can be run via sudo
+  without prompting for a password.
+  """
+  sudoers = subprocess.check_output(['/usr/bin/sudo', '-l'])
+  return _BinaryExistsInSudoersFiles(path, sudoers)
+
+
 class PosixPlatformBackend(desktop_platform_backend.DesktopPlatformBackend):
 
   # This is an abstract class. It is OK to have abstract methods.
@@ -109,18 +127,9 @@ class PosixPlatformBackend(desktop_platform_backend.DesktopPlatformBackend):
       """Returns True if the binary at |path| has the setuid bit set."""
       return (os.stat(path).st_mode & stat.S_ISUID) == stat.S_ISUID
 
-    def CanRunElevatedWithSudo(path):
-      """Returns True if the binary at |path| appears explicitly in the sudoers
-      file and can be run without prompting for a password."""
-      sudoers = subprocess.check_output(['/usr/bin/sudo', '-l'])
-      for line in sudoers.splitlines():
-        if re.match(r'\s*\(.+\) NOPASSWD: %s$' % path, line):
-          return True
-      return False
-
     if elevate_privilege and not IsSetUID(application):
       args = ['/usr/bin/sudo'] + args
-      if not CanRunElevatedWithSudo(application) and not IsElevated():
+      if not _CanRunElevatedWithSudo(application) and not IsElevated():
         print ('Telemetry needs to run %s under sudo. Please authenticate.' %
                application)
         # Synchronously authenticate.
diff --git a/tools/telemetry/telemetry/core/platform/posix_platform_backend_unittest.py b/tools/telemetry/telemetry/core/platform/posix_platform_backend_unittest.py
index 4c83697..eed5c0c 100644
--- a/tools/telemetry/telemetry/core/platform/posix_platform_backend_unittest.py
+++ b/tools/telemetry/telemetry/core/platform/posix_platform_backend_unittest.py
@@ -51,6 +51,31 @@ class PosixPlatformBackendTest(unittest.TestCase):
     result = backend.GetChildPids(1)
     self.assertEquals(set(result), set([2, 3]))
 
+  def testSudoersFileParsing(self):
+    binary_path = '/usr/bin/pkill'
+    self.assertFalse(
+        posix_platform_backend._BinaryExistsInSudoersFiles(binary_path, ''))
+    self.assertFalse(
+        posix_platform_backend._BinaryExistsInSudoersFiles(
+            binary_path,'    (ALL) ALL'))
+    self.assertFalse(
+        posix_platform_backend._BinaryExistsInSudoersFiles(
+            binary_path,'     (root) NOPASSWD: /usr/bin/pkill_DUMMY'))
+    self.assertFalse(
+        posix_platform_backend._BinaryExistsInSudoersFiles(
+            binary_path,'     (root) NOPASSWD: pkill'))
+
+
+    self.assertTrue(
+        posix_platform_backend._BinaryExistsInSudoersFiles(
+            binary_path,'(root) NOPASSWD: /usr/bin/pkill'))
+    self.assertTrue(
+        posix_platform_backend._BinaryExistsInSudoersFiles(
+            binary_path,'     (root) NOPASSWD: /usr/bin/pkill'))
+    self.assertTrue(
+        posix_platform_backend._BinaryExistsInSudoersFiles(
+            binary_path,'     (root) NOPASSWD: /usr/bin/pkill arg1 arg2'))
+
   @benchmark.Enabled('linux', 'mac')
   def testIsApplicationRunning(self):
     platform = platform_module.GetHostPlatform()
author	jeremy <jeremy@chromium.org>	2014-12-04 09:07:54 -0800
committer	Commit bot <commit-bot@chromium.org>	2014-12-04 17:08:23 +0000
commit	fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6 (patch)
tree	ad75ac5d767b6a8cd2e2603dfdc28fb6dcb4dca8 /tools
parent	decce902f12dde8b6abdbfe625905be8fcb27ab0 (diff)
download	chromium_src-fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6.zip chromium_src-fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6.tar.gz chromium_src-fe5b98e23b5cfd2bce79edc7a92069fbbe3b9fe6.tar.bz2