jeans/supervisor
jeans/supervisor
1
0
Fork 0
mirror of https://github.com/home-assistant/supervisor.git synced 2025-07-23 09:06:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for SYS_MODULE (#889)

Browse Source 
* Add support for SYS_MODULE

* Update flake stuff

* Fix lint

* Fix lint

* Fix lint

* Fix lint
This commit is contained in:
Pascal Vizeli 2019-01-15 00:56:07 +01:00 committed by GitHub
parent e78385e7ea
commit aa1c765c4b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 21 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hassio/addons/build.py
View File

@ -20,7 +20,6 @@ class AddonBuild(JsonConfig, CoreSysAttributes):
def save_data(self): def save_data(self):
"""Ignore save function.""" """Ignore save function."""
pass
@property @property
def addon(self): def addon(self):

22
hassio/addons/utils.py
View File

@ -7,7 +7,8 @@ import re
from ..const import ( from ..const import (
SECURITY_DISABLE, SECURITY_PROFILE, PRIVILEGED_NET_ADMIN, SECURITY_DISABLE, SECURITY_PROFILE, PRIVILEGED_NET_ADMIN,
PRIVILEGED_SYS_ADMIN, PRIVILEGED_SYS_RAWIO, PRIVILEGED_SYS_PTRACE, PRIVILEGED_SYS_ADMIN, PRIVILEGED_SYS_RAWIO, PRIVILEGED_SYS_PTRACE,
PRIVILEGED_DAC_READ_SEARCH, ROLE_ADMIN, ROLE_MANAGER) PRIVILEGED_DAC_READ_SEARCH, PRIVILEGED_SYS_MODULE, ROLE_ADMIN,
ROLE_MANAGER)
RE_SHA1 = re.compile(r"[a-f0-9]{8}") RE_SHA1 = re.compile(r"[a-f0-9]{8}")
@ -33,10 +34,17 @@ def rating_security(addon):
rating += 1 rating += 1
# Privileged options # Privileged options
if any(privilege in addon.privileged if any(
for privilege in (PRIVILEGED_NET_ADMIN, PRIVILEGED_SYS_ADMIN, privilege in addon.privileged
PRIVILEGED_SYS_RAWIO, PRIVILEGED_SYS_PTRACE, for privilege in (
PRIVILEGED_DAC_READ_SEARCH)): PRIVILEGED_NET_ADMIN,
PRIVILEGED_SYS_ADMIN,
PRIVILEGED_SYS_RAWIO,
PRIVILEGED_SYS_PTRACE,
PRIVILEGED_SYS_MODULE,
PRIVILEGED_DAC_READ_SEARCH,
)
):
rating += -1 rating += -1
# API Hass.io role # API Hass.io role
@ -81,6 +89,7 @@ def extract_hash_from_path(path):
def check_installed(method): def check_installed(method):
"""Wrap function with check if add-on is installed.""" """Wrap function with check if add-on is installed."""
async def wrap_check(addon, *args, **kwargs): async def wrap_check(addon, *args, **kwargs):
"""Return False if not installed or the function.""" """Return False if not installed or the function."""
if not addon.is_installed: if not addon.is_installed:
@ -95,8 +104,7 @@ async def remove_data(folder):
"""Remove folder and reset privileged.""" """Remove folder and reset privileged."""
try: try:
proc = await asyncio.create_subprocess_exec( proc = await asyncio.create_subprocess_exec(
"rm", "-rf", str(folder), "rm", "-rf", str(folder), stdout=asyncio.subprocess.DEVNULL
stdout=asyncio.subprocess.DEVNULL
) )
_, error_msg = await proc.communicate() _, error_msg = await proc.communicate()

4
hassio/addons/validate.py
View File

@ -24,7 +24,8 @@ from ..const import (
PRIVILEGED_NET_ADMIN, PRIVILEGED_SYS_ADMIN, PRIVILEGED_SYS_RAWIO, PRIVILEGED_NET_ADMIN, PRIVILEGED_SYS_ADMIN, PRIVILEGED_SYS_RAWIO,
PRIVILEGED_IPC_LOCK, PRIVILEGED_SYS_TIME, PRIVILEGED_SYS_NICE, PRIVILEGED_IPC_LOCK, PRIVILEGED_SYS_TIME, PRIVILEGED_SYS_NICE,
PRIVILEGED_SYS_RESOURCE, PRIVILEGED_SYS_PTRACE, PRIVILEGED_DAC_READ_SEARCH, PRIVILEGED_SYS_RESOURCE, PRIVILEGED_SYS_PTRACE, PRIVILEGED_DAC_READ_SEARCH,
ROLE_DEFAULT, ROLE_HOMEASSISTANT, ROLE_MANAGER, ROLE_ADMIN, ROLE_BACKUP) PRIVILEGED_SYS_MODULE, ROLE_DEFAULT, ROLE_HOMEASSISTANT, ROLE_MANAGER,
ROLE_ADMIN, ROLE_BACKUP)
from ..validate import ( from ..validate import (
NETWORK_PORT, DOCKER_PORTS, ALSA_DEVICE, UUID_MATCH, SHA256) NETWORK_PORT, DOCKER_PORTS, ALSA_DEVICE, UUID_MATCH, SHA256)
from ..services.validate import DISCOVERY_SERVICES from ..services.validate import DISCOVERY_SERVICES
@ -82,6 +83,7 @@ PRIVILEGED_ALL = [
PRIVILEGED_SYS_NICE, PRIVILEGED_SYS_NICE,
PRIVILEGED_SYS_RESOURCE, PRIVILEGED_SYS_RESOURCE,
PRIVILEGED_SYS_PTRACE, PRIVILEGED_SYS_PTRACE,
PRIVILEGED_SYS_MODULE,
PRIVILEGED_DAC_READ_SEARCH, PRIVILEGED_DAC_READ_SEARCH,
] ]

1
hassio/const.py
View File

@ -244,6 +244,7 @@ PRIVILEGED_SYS_RAWIO = "SYS_RAWIO"
PRIVILEGED_IPC_LOCK = "IPC_LOCK" PRIVILEGED_IPC_LOCK = "IPC_LOCK"
PRIVILEGED_SYS_TIME = "SYS_TIME" PRIVILEGED_SYS_TIME = "SYS_TIME"
PRIVILEGED_SYS_NICE = "SYS_NICE" PRIVILEGED_SYS_NICE = "SYS_NICE"
PRIVILEGED_SYS_MODULE = "SYS_MODULE"
PRIVILEGED_SYS_RESOURCE = "SYS_RESOURCE" PRIVILEGED_SYS_RESOURCE = "SYS_RESOURCE"
PRIVILEGED_SYS_PTRACE = "SYS_PTRACE" PRIVILEGED_SYS_PTRACE = "SYS_PTRACE"
PRIVILEGED_DAC_READ_SEARCH = "DAC_READ_SEARCH" PRIVILEGED_DAC_READ_SEARCH = "DAC_READ_SEARCH"

25
hassio/exceptions.py
View File

@ -3,118 +3,98 @@
class HassioError(Exception): class HassioError(Exception):
"""Root exception.""" """Root exception."""
pass
class HassioNotSupportedError(HassioError): class HassioNotSupportedError(HassioError):
"""Function is not supported.""" """Function is not supported."""
pass
# HomeAssistant # HomeAssistant
class HomeAssistantError(HassioError): class HomeAssistantError(HassioError):
"""Home Assistant exception.""" """Home Assistant exception."""
pass
class HomeAssistantUpdateError(HomeAssistantError): class HomeAssistantUpdateError(HomeAssistantError):
"""Error on update of a Home Assistant.""" """Error on update of a Home Assistant."""
pass
class HomeAssistantAPIError(HomeAssistantError): class HomeAssistantAPIError(HomeAssistantError):
"""Home Assistant API exception.""" """Home Assistant API exception."""
pass
class HomeAssistantAuthError(HomeAssistantAPIError): class HomeAssistantAuthError(HomeAssistantAPIError):
"""Home Assistant Auth API exception.""" """Home Assistant Auth API exception."""
pass
# HassOS # HassOS
class HassOSError(HassioError): class HassOSError(HassioError):
"""HassOS exception.""" """HassOS exception."""
pass
class HassOSUpdateError(HassOSError): class HassOSUpdateError(HassOSError):
"""Error on update of a HassOS.""" """Error on update of a HassOS."""
pass
class HassOSNotSupportedError(HassioNotSupportedError): class HassOSNotSupportedError(HassioNotSupportedError):
"""Function not supported by HassOS.""" """Function not supported by HassOS."""
pass
# Updater # Updater
class HassioUpdaterError(HassioError): class HassioUpdaterError(HassioError):
"""Error on Updater.""" """Error on Updater."""
pass
# Auth # Auth
class AuthError(HassioError): class AuthError(HassioError):
"""Auth errors.""" """Auth errors."""
pass
# Host # Host
class HostError(HassioError): class HostError(HassioError):
"""Internal Host error.""" """Internal Host error."""
pass
class HostNotSupportedError(HassioNotSupportedError): class HostNotSupportedError(HassioNotSupportedError):
"""Host function is not supprted.""" """Host function is not supprted."""
pass
class HostServiceError(HostError): class HostServiceError(HostError):
"""Host service functions fails.""" """Host service functions fails."""
pass
class HostAppArmorError(HostError): class HostAppArmorError(HostError):
"""Host apparmor functions fails.""" """Host apparmor functions fails."""
pass
# API # API
class APIError(HassioError, RuntimeError): class APIError(HassioError, RuntimeError):
"""API errors.""" """API errors."""
pass
class APIForbidden(APIError): class APIForbidden(APIError):
"""API forbidden error.""" """API forbidden error."""
pass
# Service / Discovery # Service / Discovery
class DiscoveryError(HassioError): class DiscoveryError(HassioError):
"""Discovery Errors.""" """Discovery Errors."""
pass
class ServicesError(HassioError): class ServicesError(HassioError):
"""Services Errors.""" """Services Errors."""
pass
# utils/gdbus # utils/gdbus
class DBusError(HassioError): class DBusError(HassioError):
"""DBus generic error.""" """DBus generic error."""
pass
class DBusNotConnectedError(HostNotSupportedError): class DBusNotConnectedError(HostNotSupportedError):
@ -123,26 +103,21 @@ class DBusNotConnectedError(HostNotSupportedError):
class DBusFatalError(DBusError): class DBusFatalError(DBusError):
"""DBus call going wrong.""" """DBus call going wrong."""
pass
class DBusParseError(DBusError): class DBusParseError(DBusError):
"""DBus parse error.""" """DBus parse error."""
pass
# util/apparmor # util/apparmor
class AppArmorError(HostAppArmorError): class AppArmorError(HostAppArmorError):
"""General AppArmor error.""" """General AppArmor error."""
pass
class AppArmorFileError(AppArmorError): class AppArmorFileError(AppArmorError):
"""AppArmor profile file error.""" """AppArmor profile file error."""
pass
class AppArmorInvalidError(AppArmorError): class AppArmorInvalidError(AppArmorError):
"""AppArmor profile validate error.""" """AppArmor profile validate error."""
pass

4
tox.ini
View File

@ -4,8 +4,8 @@ envlist = lint, tests
[testenv] [testenv]
deps = deps =
flake8==3.6.0 flake8==3.6.0
pylint==2.1.1 pylint==2.2.2
pytest==4.0.0 pytest==4.1.1
-r{toxinidir}/requirements.txt -r{toxinidir}/requirements.txt
[testenv:lint] [testenv:lint]