plugins/python/plugin_common: add a default search path for python plugins

If the ModulePath is relative, assume it is under "/usr/local/libexec/sudo/python" or wherever the sudo plugins are in a "python" subdirectory.
2020-02-26 15:51:30 +01:00
parent 34972e834f
commit 5c96b4407d
4 changed files with 37 additions and 14 deletions
--- a/doc/sudo_plugin_python.man.in
+++ b/doc/sudo_plugin_python.man.in
@@ -16,7 +16,6 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.TH "SUDO_PLUGIN_PYTHON" "5" "December 21, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .TH "SUDO_PLUGIN_PYTHON" "5" "February 19, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
@@ -183,6 +182,8 @@ The plugin arguments are as follows:
 .TP 6n
 ModulePath
 The path of a python file which contains the class of the sudo Python plugin.
+It must be either an absolute path or a path relative to the sudo Python plugin
+directory: "@plugindir@/python".
 .TP 6n
 ClassName
 The name of the class implementing the sudo Python plugin.
--- a/doc/sudo_plugin_python.mdoc.in
+++ b/doc/sudo_plugin_python.mdoc.in
@@ -153,6 +153,8 @@ The plugin arguments are as follows:
 .Bl -tag -width 4n
 .It ModulePath
 The path of a python file which contains the class of the sudo Python plugin.
+It must be either an absolute path or a path relative to the sudo Python plugin
+directory: "@plugindir@/python".
 .It ClassName
 The name of the class implementing the sudo Python plugin.
 .El
--- a/plugins/python/Makefile.in
+++ b/plugins/python/Makefile.in
@@ -51,7 +51,7 @@ LIBS = $(LT_LIBS)
 LIBPYTHONPLUGIN = python_plugin.la

 # C preprocessor flags
-CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) -DSRC_DIR=\"$(abs_srcdir)\" @CPPFLAGS@ @PYTHON_INCLUDE@
+CPPFLAGS = -I$(incdir) -I$(top_builddir) -I$(top_srcdir) -DPLUGIN_DIR=\"$(plugindir)\" -DSRC_DIR=\"$(abs_srcdir)\" @CPPFLAGS@ @PYTHON_INCLUDE@

 # Usually -O and/or -g
 CFLAGS = @CFLAGS@
--- a/plugins/python/python_plugin_common.c
+++ b/plugins/python/python_plugin_common.c
@@ -33,6 +33,10 @@
 static struct _inittab * python_inittab_copy = NULL;
 static size_t python_inittab_copy_len = 0;

+#ifndef PLUGIN_DIR
+#define PLUGIN_DIR ""
+#endif
+
 const char *
 _lookup_value(char * const keyvalues[], const char *key)
 {
@@ -371,6 +375,30 @@ _python_plugin_register_plugin_in_py_ctx(void)
    debug_return_int(SUDO_RC_OK);
 }

+int
+_python_plugin_set_path(struct PluginContext *plugin_ctx, const char *path)
+{
+    if (path == NULL) {
+        py_sudo_log(SUDO_CONV_ERROR_MSG, "No python module path is specified. "
+                                         "Use 'ModulePath' plugin config option in 'sudo.conf'\n");
+        return SUDO_RC_ERROR;
+    }
+
+    if (*path == '/') { // absolute path
+        plugin_ctx->plugin_path = strdup(path);
+    } else {
+        if (asprintf(&plugin_ctx->plugin_path, PLUGIN_DIR "/python/%s", path) < 0)
+            plugin_ctx->plugin_path = NULL;
+    }
+
+    if (plugin_ctx->plugin_path == NULL) {
+        py_sudo_log(SUDO_CONV_ERROR_MSG, "Failed to allocate memory");
+        return SUDO_RC_ERROR;
+    }
+
+    return SUDO_RC_OK;
+}
+
 int
 python_plugin_init(struct PluginContext *plugin_ctx, char * const plugin_options[],
                   unsigned int version)
@@ -395,20 +423,12 @@ python_plugin_init(struct PluginContext *plugin_ctx, char * const plugin_options
        debug_return_int(SUDO_RC_ERROR);
    }

-    const char *module_path = _lookup_value(plugin_options, "ModulePath");
-    if (module_path == NULL) {
-        py_sudo_log(SUDO_CONV_ERROR_MSG, "No python module path is specified. "
-                                         "Use 'ModulePath' plugin config option in 'sudo.conf'\n", module_path);
-        goto cleanup;
-    }
-    plugin_ctx->plugin_path = strdup(module_path);
-    if (plugin_ctx->plugin_path == NULL) {
-        py_sudo_log(SUDO_CONV_ERROR_MSG, "Failed to allocate memory");
+    if (_python_plugin_set_path(plugin_ctx, _lookup_value(plugin_options, "ModulePath")) != SUDO_RC_OK) {
        goto cleanup;
    }

-    sudo_debug_printf(SUDO_DEBUG_DEBUG, "Loading python module from path '%s'", module_path);
-    plugin_ctx->py_module = _import_module(module_path);
+    sudo_debug_printf(SUDO_DEBUG_DEBUG, "Loading python module from path '%s'", plugin_ctx->plugin_path);
+    plugin_ctx->py_module = _import_module(plugin_ctx->plugin_path);
    if (plugin_ctx->py_module == NULL) {
        goto cleanup;
    }
@@ -416,7 +436,7 @@ python_plugin_init(struct PluginContext *plugin_ctx, char * const plugin_options
    const char *plugin_class = _lookup_value(plugin_options, "ClassName");
    if (plugin_class == NULL) {
        py_sudo_log(SUDO_CONV_ERROR_MSG, "No plugin class is specified for python module '%s'. "
-                    "Use 'ClassName' configuration option in 'sudo.conf'\n", module_path);
+                    "Use 'ClassName' configuration option in 'sudo.conf'\n", plugin_ctx->plugin_path);
        goto cleanup;
    }