| 1 |
#!/usr/bin/perl -w |
| 2 |
# $Id: $ |
| 3 |
# |
| 4 |
# Wrapper script to wrap the current environment into a single |
| 5 |
# environment variable GLEXEC_ENV. This variable is passed |
| 6 |
# onto the glexec child process, where it can be unpacked to |
| 7 |
# restore the environment variables that were lost when the |
| 8 |
# set-uid glexec was invoked. |
| 9 |
# |
| 10 |
# Intended usage: |
| 11 |
# export GLEXEC_ENV=`glexec_wrapenv.pl` |
| 12 |
# /opt/glite/sbin/glexec glexec_unwrapenv.pl -- <YOUR-COMMAND> |
| 13 |
# |
| 14 |
# By default the following environment variables are NOT wrapped: |
| 15 |
# HOME LOGNAME USER X509_USER_PROXY _ (yes that's '_' !) |
| 16 |
# A user can add more env vars to be excluded using either |
| 17 |
# --exclude=A --exclude=B |
| 18 |
# or |
| 19 |
# --exclude=A,B,... |
| 20 |
# |
| 21 |
# Copyright (c) 2009 by |
| 22 |
# Jan Just Keijser (janjust@nikhef.nl) |
| 23 |
# Nikhef |
| 24 |
# Amsterdam |
| 25 |
# The Netherlands |
| 26 |
|
| 27 |
use strict; |
| 28 |
use warnings; |
| 29 |
|
| 30 |
use Compress::Zlib qw(deflateInit Z_OK); |
| 31 |
use Getopt::Long qw(GetOptions); |
| 32 |
use MIME::Base64 qw(encode_base64); |
| 33 |
|
| 34 |
# These variables are excluded by default |
| 35 |
my @env_blacklist = ( "HOME", "LOGNAME", "USER", "X509_USER_PROXY", "_" ); |
| 36 |
|
| 37 |
my @exclude_env; |
| 38 |
my $key; |
| 39 |
my $buf; |
| 40 |
my $encoded_buf = ''; |
| 41 |
my $output = ''; |
| 42 |
|
| 43 |
GetOptions ("exclude=s" => \@exclude_env); |
| 44 |
@exclude_env = split( /,/, join( ',', @exclude_env, @env_blacklist) ); |
| 45 |
|
| 46 |
# go through all environment variables and encode them as separate |
| 47 |
# key-value pair entities. This will enable us to later unpack them. |
| 48 |
foreach $key (keys(%ENV)) |
| 49 |
{ |
| 50 |
if ( ! grep { /$key/ } @exclude_env ) |
| 51 |
{ |
| 52 |
$buf = $key . "=" . $ENV{$key}; |
| 53 |
$encoded_buf .= encode_base64($buf, '') . " "; |
| 54 |
} |
| 55 |
else |
| 56 |
{ |
| 57 |
printf STDERR "Skipping $key\n"; |
| 58 |
} |
| 59 |
} |
| 60 |
|
| 61 |
# Compress the encoded env vars to save some memory |
| 62 |
my $x = deflateInit() |
| 63 |
or die "Cannot create a deflation stream\n" ; |
| 64 |
|
| 65 |
my ($deflated_buf, $status) = $x->deflate( $encoded_buf ); |
| 66 |
$status == Z_OK or die "deflation failed\n"; |
| 67 |
$output = $deflated_buf; |
| 68 |
|
| 69 |
($deflated_buf, $status) = $x->flush(); |
| 70 |
$status == Z_OK or die "deflation failed\n"; |
| 71 |
$output .= $deflated_buf; |
| 72 |
|
| 73 |
# Finally, encode the compressed stream again and print it out |
| 74 |
print encode_base64( $output, '' ); |
| 75 |
|
Parent Directory
| 
Revision Log