/[pdpsoft]/trunk/grid-mw-security/glexec/util/wrap-env-var/glexec_wrapenv.pl
ViewVC logotype

Contents of /trunk/grid-mw-security/glexec/util/wrap-env-var/glexec_wrapenv.pl

Parent Directory Parent Directory | Revision Log Revision Log


Revision 388 - (show annotations) (download) (as text)
Thu Jun 4 09:25:29 2009 UTC (13 years, 3 months ago) by okoeroo
File MIME type: text/x-prolog
File size: 2089 byte(s)
Added the wrap and unwrap scripts from Jan Just which are using Perl to shine the light.



1 #!/usr/bin/perl -w
2 # $Id: $
3 #
4 # Wrapper script to wrap the current environment into a single
5 # environment variable GLEXEC_ENV. This variable is passed
6 # onto the glexec child process, where it can be unpacked to
7 # restore the environment variables that were lost when the
8 # set-uid glexec was invoked.
9 # Intended usage:
10 # export GLEXEC_ENV=`glexec_wrapenv.pl`
11 # /opt/glite/sbin/glexec glexec_unwrapenv.pl <YOUR-COMMAND>
12 # By default the following environment variables are NOT wrapped:
13 # HOME LOGNAME USER X509_USER_PROXY _ (yes that's '_' !)
14 # A user can add more env vars to be excluded using either
15 # --exclude=A --exclude=B
16 # or
17 # --exclude=A,B,...
18 #
19 # Copyright (c) 2009 by
20 # Jan Just Keijser (janjust@nikhef.nl)
21 # Nikhef
22 # Amsterdam
23 # The Netherlands
24
25 use strict;
26 use warnings;
27
28 use Compress::Zlib qw(deflateInit Z_OK);
29 use Getopt::Long qw(GetOptions);
30 use MIME::Base64 qw(encode_base64);
31
32 # These variables are excluded by default
33 my @env_blacklist = ( "HOME", "LOGNAME", "USER", "X509_USER_PROXY", "_" );
34
35 my @exclude_env;
36 my $key;
37 my $buf;
38 my $encoded_buf = '';
39 my $output = '';
40
41 GetOptions ("exclude=s" => \@exclude_env);
42 @exclude_env = split( /,/, join( ',', @exclude_env, @env_blacklist) );
43
44 # go through all environment variables and encode them as separate
45 # key-value pair entities. This will enable us to later unpack them.
46 foreach $key (keys(%ENV))
47 {
48 if ( ! grep { /$key/ } @exclude_env )
49 {
50 $buf = $key . "=" . $ENV{$key};
51 $encoded_buf .= encode_base64($buf, '') . " ";
52 }
53 else
54 {
55 printf STDERR "Skipping $key\n";
56 }
57 }
58
59 # Compress the encoded env vars to save some memory
60 my $x = deflateInit()
61 or die "Cannot create a deflation stream\n" ;
62
63 my ($deflated_buf, $status) = $x->deflate( $encoded_buf );
64 $status == Z_OK or die "deflation failed\n";
65 $output = $deflated_buf;
66
67 ($deflated_buf, $status) = $x->flush();
68 $status == Z_OK or die "deflation failed\n";
69 $output .= $deflated_buf;
70
71 # Finally, encode the compressed stream again and print it out
72 print encode_base64( $output, '' );
73

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28