diff options
| author | Isis Lovecruft <isis@torproject.org> | 2013-02-19 05:57:50 +0000 |
|---|---|---|
| committer | Isis Lovecruft <isis@torproject.org> | 2013-02-19 05:57:50 +0000 |
| commit | 16d8c7ea31105846bfb118dcff9a9bf29b676422 (patch) | |
| tree | 3617aa66a615b78232b0247ed0e5ebea6cc72d59 | |
| parent | 66d60a58ef752f9c9692dd8bdb0f61a5c1dfdb17 (diff) | |
| parent | a7b6446dd82ccedad2b16c9a7deae58d701ab2d7 (diff) | |
Merge branch 'fix/no-suid-for-virtualenv' into develop
| -rw-r--r-- | README.md | 66 | ||||
| -rwxr-xr-x | bootstrap | 59 | ||||
| -rwxr-xr-x | test_bootstrap | 39 |
3 files changed, 150 insertions, 14 deletions
@@ -1,31 +1,69 @@ leap_mx ======= +**Note:** Currently in development. Feel free to test, and please [report + bugs](mailto:isis@leap.se). -**Note:** Currently in development. Feel free to test, and please [report bugs](mailto:isis@leap.se). +An asynchronous, transparently-encrypting remailer for the LEAP platform, +using BigCouch/CouchDB and PGP/GnuPG, written in Twisted Python. -An asynchronous, transparently-encrypting remailer for the LEAP platform, using BigCouch/CouchDB and PGP/GnuPG, written in Twisted Python. - -## [install](#install) {#install} ## +## [install](#install) ## ========================= +[tl;dr](#tl;dr) + +### [virtualenv](#virtualenv) ### +================================= +Virtualenv is somewhat equivalent to fakeroot for python packages, and -- due +to being packaged with copies of pip and python -- can be used to bootstrap +its own install process, allowing pip and python to be used with sudo. + +#### [installing without sudo] #### -**tl;dr:** To get started quickly do: +To install without using sudo, a bootstrap script to handle the setup process +is provided. It does the following: - # pip install -r requirements.txt + 1. Download, over SSL, the latest tarballs for virtualenv and + virtualenvwrapper from pypi. + 2. Unpack the tarballs, use the system python interpreter to call the + virtualenv.py script to setup a bootstrap virtual environment. + 3. Use the pip installed in the bootstrap virtualenv to install + virtualenvwrapper in the bootstrap virtualenv. + 4. Obtain a copy of leap_mx with git clone. + 5. Use ```mkvirtualenv``` included in the virtualenvwrapper inside the + bootstrap virtualenv to install a project virtualenv for leap_mx. + +To use the bootstrap script, do: +~~~ +$ wget -O bootstrap https://raw.github.com/isislovecruft/leap_mx/fix/no-suid-for-virtualenv/bootstrap +$ ./bootstrap +$ workon leap_mx +~~~ -Although, **it is advised** to install inside a python virtualenv. To install python, virtualenv, and get started, do: +#### [installing in a regular virtualenv] ### +To install python, virtualenv, and get started, do: ~~~ -$ sudo apt-get install python2.7 python-pip python-virtualenv python-dev -$ pip install virtualenvwrapper -$ cd +$ sudo apt-get install python2.7 python-dev python-virtualenv virtualenvwrapper $ git clone https://github.com/isislovecruft/leap_mx.git leap_mx -$ export WORKON_LEAPMX=~/leap_mx +$ export WORKON_LEAPMX=${PWD}/leap_mx $ source /usr/local/bin/virtualenvwrapper.sh -$ mkvirtualenv -a $WORKON_LEAPMX -r ${WORKON_LEAPMX}/requirements.txt \ +$ mkvirtualenv -a $WORKON_LEAPMX -r ${WORKON_LEAPMX}/pkg/mx-requirements.pip \ --no-site-packages --setuptools --unzip-setuptools leap_mx ~~~ -## [running](#running) {#running} ## +### [tl;dr](#tl;dr) ### +To get started quickly, without virtualenv, do: +~~~ +$ sudo apt-get install python git +$ git clone https://github.com/isislovecruft/leap_mx.git +# pip install -r ./leap_mx/pkg/mx-requirements.pip +~~~ +Although, **it is advised** to install inside a python virtualenv. + +## [running](#running) ## ========================= -Hold your horses, boy. This isn't ready yet -- check back later! +To get running, clone this repo, and (assuming you've already set up your virtualenv and obtained all the requirements) do: + +~~~ +$ ./start_mx.py --help +~~~
\ No newline at end of file diff --git a/bootstrap b/bootstrap new file mode 100755 index 0000000..b76a572 --- /dev/null +++ b/bootstrap @@ -0,0 +1,59 @@ +#!/bin/bash +############################################################################## +# +# bootstrap +# ----------------------- +# Setup a virtualenv, without ever using sudo. +# +# @author Isis Agora Lovecruft, 0x2cdb8b35 +# @date 18 February 2013 +# @version 0.0.1 +############################################################################## + +set -ex -- + +PYTHON=$(which python) +GIT=$(which git) + +VENV_VERSION=1.8.4 +VENV_URL=https://pypi.python.org/packages/source/v/virtualenv +VENV_TARBALL=virtualenv-${VENV_VERSION}.tar.gz + +VENV_WRAPPER_VERSION=3.6 +VENV_WRAPPER_URL=https://pypi.python.org/packages/source/v/virtualenvwrapper +VENV_WRAPPER_TARBALL=virtualenvwrapper-${VENV_WRAPPER_VERSION}.tar.gz + +BOOTSTRAP_ENV=.bootstrap +BOOTSTRAP_OPTS='--no-site-packages --setuptools --unzip-setuptools --never-download' + +PACKAGE_NAME=leap_mx +PACKAGE_URL=https://github.com/isislovecruft/leap_mx.git +PACKAGE_WORKON=${PWD}/${PACKAGE_NAME} +PACKAGE_REQUIREMENTS=${PACKAGE_WORKON}/pkg/mx-requirements.pip +PACKAGE_OPTS=${BOOTSTRAP_OPTS}'' ## xxx add parameter for extra options + +echo 'Downloading virtualenv source from' +echo "${VENV_URL}..." +\wget -O ${VENV_TARBALL} ${VENV_URL}/${VENV_TARBALL} +tar xvzf ${VENV_TARBALL} + +echo 'Downloading virtualenv-wrapper source from:' +echo "${VENV_WRAPPER_URL}" +\wget -O $VENV_WRAPPER_TARBALL ${VENV_WRAPPER_URL}/${VENV_WRAPPER_TARBALL} +tar xvzf virtualenvwrapper-${VENV_WRAPPER_VERSION}.tar.gz + + +echo 'Creating initial virtualenv bootstrap environment, called "bootstrap"' +echo 'in which we will install virtualenv, to avoid using sudo.' +$PYTHON virtualenv-${VENV_VERSION}/virtualenv.py $BOOTSTRAP_OPTS $BOOTSTRAP_ENV +rm -rf virtualenv-${VENV_VERSION} +${BOOTSTRAP_ENV}/bin/pip install ${VENV_TARBALL} +echo 'Installing virtualenvwrapper in "bootstrap" virtualenv...' +${BOOTSTRAP_ENV}/bin/pip install ${VENV_WRAPPER_TARBALL} + +echo 'Using "bootstrap" virtualenv to create project virtualenv...' +source ${BOOTSTRAP_ENV}/local/bin/virtualenvwrapper.sh +echo "Cloning from ${PACKAGE_URL}..." +${GIT} clone ${PACKAGE_URL} ${PACKAGE_NAME} +mkvirtualenv -a $PROJECT_WORKON -r ${PACKAGE_REQUIREMENTS} \ + ${PACKAGE_OPTS} ${PACKAGE_NAME} diff --git a/test_bootstrap b/test_bootstrap new file mode 100755 index 0000000..f072d10 --- /dev/null +++ b/test_bootstrap @@ -0,0 +1,39 @@ +#!/bin/bash +############################################################################## +# +# test_bootstrap +# -------------- +# Test that the bootstrap script works correctly by making a temporary new +# user. +# +# @author Isis Agora Lovecruft, 0x2cdb8b35 +# @date 18 February 2013 +# @version 0.0.1 +############################################################################## + +set -ex - + +HERE=$(pwd) +TEST_USER=bootstraptester + +echo "Creating new user: "'"'"${TEST_USER}"'"'"" +sudo adduser --home /home/${TEST_USER} --shell /bin/bash ${TEST_USER} && \ + echo -e "notsecure\nnotsecure\n" | sudo passwd ${TEST_USER} + +echo 'Copying boostrap script to new user home directory...' +sudo cp ${HERE}/bootstrap /home/${TEST_USER}/bootstrap && \ + sudo chown ${TEST_USER}:${TEST_USER} /home/${TEST_USER}/bootstrap + +echo 'Logging in as new user and executing bootstrap script...' +echo 'Executing test of bootstrap script...' +## -S pulls password from stdin +echo -e "notsecure\n" | sudo -S -H -u ${TEST_USER} -i /home/${TEST_USER}/bootstrap + +if [[ "$?" != 0 ]] ; then + echo 'Error while testing bootstrap...' +else + echo 'Test of bootstrap successful.' +fi + +echo "Deleting user: "'"'"${TEST_USER}"'"'"" +sudo deluser --remove-home ${TEST_USER} |