(Ab)using Samba and inotify to implement simple menu of privileged actions [Part 2: Proof of Concept Implementation]

In my last post, I ran through the design; this post is shows the result of my initial proof-of-concept. It was interesting to play with some new modules in Python I hadn't previously used, including Python's threading.Timer and of course pyinotify, and the subprocess and shlex modules, which I'm already familiar with, but it rates a mention.

Here's the code. Needless to say, it needs some tidying up, but I think the basic principles and threading correctness seem okay.


#!/usr/bin/env python

import pyinotify
import os
import time
from threading import Timer
import shlex
import subprocess

trigger_directory = '/home/cameron/tmp/fui/triggers/'
command = r''' /bin/echo 'Oh my gosh it was deleted' '''

def remove_resultant_moniker(trigger):
    print "Removing ressultant moniker from ", trigger

class EventHandler(pyinotify.ProcessEvent):
    def process_IN_DELETE(self, event):
        print "Removing ", event.pathname
        args = shlex.split(command)
        print "Args: ", args
        subprocess.Popen(args)
        Timer(2.0, remove_resultant_moniker, ['TODO']).start()
    def process_IN_CREATE(self, event):
        print "Created ", event.pathname
        Timer(2.0, remove_resultant_moniker, ['TODO']).start()

mask = pyinotify.IN_DELETE | pyinotify.IN_CREATE

watch_manager = pyinotify.WatchManager()

handler = EventHandler()
notifier = pyinotify.Notifier(watch_manager, handler)
wdd = watch_manager.add_watch(trigger_directory, mask, rec=True)
notifier.loop()
print 'Ending'

Running this in a terminal, with rm -f triggers/deleteme && sleep 3 && touch triggers/deleteme in another window, I get the following output (with output appearing at the times I expect)
Removing  /home/cameron/tmp/fui/triggers/deleteme
Args:  ['/bin/echo', 'Oh my gosh it was deleted']
Oh my gosh it was deleted
Removing ressultant moniker from  TODO
Created  /home/cameron/tmp/fui/triggers/deleteme
Removing ressultant moniker from  TODO
I haven't done anything Yaml at the moment, its too early for that. The next step is to verify that this works when the user deletes the trigger via SMB / CIFS. I'm already confident that it won't work if the trigger files are stored on SMB/CIFS, as Linux doesn't have inotify support for that. Samba should be able to pick up the changes (I hope) and (with a client that support Directory Change Notifications) have the client reflect any new state. But that is the prime objective of the next step: Proof of Concept

Comments

Popular posts from this blog

ORA-12170: TNS:Connect timeout — resolved

Getting MySQL server to run with SSL

From DNS Packet Capture to analysis in Kibana