Source code for qubes.tools

#
# The Qubes OS Project, https://www.qubes-os.org/
#
# Copyright (C) 2015  Joanna Rutkowska <joanna@invisiblethingslab.com>
# Copyright (C) 2015  Wojtek Porczyk <woju@invisiblethingslab.com>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, see <https://www.gnu.org/licenses/>.
#

"""Qubes' command line tools
"""

import argparse
import importlib
import logging
import os
import subprocess
import sys
import textwrap

import qubes.log

#: constant returned when some action should be performed on all qubes
VM_ALL = object()




[docs]
class QubesAction(argparse.Action):
    """Interface providing a convinience method to be called, after
    `namespace.app` is instantiated.
    """

    # pylint: disable=too-few-public-methods


[docs]
    def parse_qubes_app(self, parser, namespace):
        """This method is called by :py:class:`qubes.tools.QubesArgumentParser`
        after the `namespace.app` is instantiated. Oerwrite this method when
        extending :py:class:`qubes.tools.QubesAction` to initialized values
        based on the `namespace.app`
        """
        raise NotImplementedError








[docs]
class PropertyAction(argparse.Action):
    """Action for argument parser that stores a property."""

    # pylint: disable=redefined-builtin,too-few-public-methods
    def __init__(
        self,
        option_strings,
        dest,
        metavar="NAME=VALUE",
        required=False,
        help="set property to a value",
    ):
        super().__init__(
            option_strings, "properties", metavar=metavar, default={}, help=help
        )

    def __call__(self, parser, namespace, values, option_string=None):
        try:
            prop, value = values.split("=", 1)
        except ValueError:
            parser.error("invalid property token: {!r}".format(values))

        getattr(namespace, self.dest)[prop] = value






[docs]
class SinglePropertyAction(argparse.Action):
    """Action for argument parser that stores a property."""

    # pylint: disable=redefined-builtin,too-few-public-methods
    # pylint: disable=too-many-positional-arguments
    def __init__(
        self,
        option_strings,
        dest,
        metavar="VALUE",
        const=None,
        nargs=None,
        required=False,
        help=None,
    ):
        if help is None:
            help = "set {!r} property to a value".format(dest)
            if const is not None:
                help += " {!r}".format(const)

        if const is not None:
            nargs = 0

        super().__init__(
            option_strings,
            "properties",
            metavar=metavar,
            help=help,
            default={},
            const=const,
            nargs=nargs,
        )

        self.name = dest

    def __call__(self, parser, namespace, values, option_string=None):
        getattr(namespace, self.dest)[self.name] = (
            values if self.const is None else self.const
        )






[docs]
class HelpPropertiesAction(argparse.Action):
    """Action for argument parser that displays all properties and exits."""

    # pylint: disable=redefined-builtin,too-few-public-methods
    def __init__(
        self,
        option_strings,
        klass=None,
        dest=argparse.SUPPRESS,
        default=argparse.SUPPRESS,
        help="list all available properties with short descriptions"
        " and exit",
    ):
        super().__init__(
            option_strings=option_strings,
            dest=dest,
            default=default,
            nargs=0,
            help=help,
        )

        # late import because of circular dependency
        import qubes  # pylint: disable=redefined-outer-name

        self._klass = klass if klass is not None else qubes.Qubes

    def __call__(self, parser, namespace, values, option_string=None):
        # pylint: disable=redefined-outer-name
        properties = self._klass.property_list()
        width = max(len(prop.__name__) for prop in properties)
        wrapper = textwrap.TextWrapper(
            width=80, initial_indent="  ", subsequent_indent=" " * (width + 6)
        )

        text = "Common properties:\n" + "\n".join(
            wrapper.fill(
                "{name:{width}s}  {doc}".format(
                    name=prop.__name__,
                    doc=(
                        qubes.utils.format_doc(prop.__doc__)
                        if prop.__doc__
                        else ""
                    ),
                    width=width,
                )
            )
            for prop in sorted(properties)
        )
        if self._klass is not qubes.Qubes:
            text += (
                "\n\n"
                "There may be more properties in specific domain classes.\n"
            )
        parser.exit(message=text)






[docs]
class VmNameAction(QubesAction):
    """Action for parsing one ore multiple domains from provided VMNAMEs"""

    # pylint: disable=too-few-public-methods,redefined-builtin
    def __init__(
        self, option_strings, nargs=1, dest="vmnames", help=None, **kwargs
    ):
        if help is None:
            if nargs == argparse.OPTIONAL:
                help = "at most one domain name"
            elif nargs == 1:
                help = "a domain name"
            elif nargs == argparse.ZERO_OR_MORE:
                help = "zero or more domain names"
            elif nargs == argparse.ONE_OR_MORE:
                help = "one or more domain names"
            elif nargs > 1:
                help = "%s domain names" % nargs
            else:
                raise argparse.ArgumentError(
                    nargs,
                    "Passed unexpected value {!s} as {!s} nargs ".format(
                        nargs, dest
                    ),
                )

        super().__init__(
            option_strings, dest=dest, help=help, nargs=nargs, **kwargs
        )

    def __call__(self, parser, namespace, values, option_string=None):
        """Set ``namespace.vmname`` to ``values``"""
        setattr(namespace, self.dest, values)



[docs]
    def parse_qubes_app(self, parser, namespace):
        assert hasattr(namespace, "app")
        setattr(namespace, "domains", [])
        app = namespace.app
        if hasattr(namespace, "all_domains") and namespace.all_domains:
            namespace.domains = [
                vm
                for vm in app.domains
                if vm.qid != 0 and vm.name not in namespace.exclude
            ]
        else:
            if hasattr(namespace, "exclude") and namespace.exclude:
                parser.error("--exclude can only be used with --all")

            for vm_name in getattr(namespace, self.dest):
                try:
                    namespace.domains += [app.domains[vm_name]]
                except KeyError:
                    parser.error("no such domain: {!r}".format(vm_name))








[docs]
class RunningVmNameAction(VmNameAction):
    """Action for argument parser that gets a running domain from VMNAME"""

    # pylint: disable=too-few-public-methods

    def __init__(
        self, option_strings, nargs=1, dest="vmnames", help=None, **kwargs
    ):
        # pylint: disable=redefined-builtin
        if help is None:
            if nargs == argparse.OPTIONAL:
                help = "at most one running domain"
            elif nargs == 1:
                help = "running domain name"
            elif nargs == argparse.ZERO_OR_MORE:
                help = "zero or more running domains"
            elif nargs == argparse.ONE_OR_MORE:
                help = "one or more running domains"
            elif nargs > 1:
                help = "%s running domains" % nargs
            else:
                raise argparse.ArgumentError(
                    nargs,
                    "Passed unexpected value {!s} as {!s} nargs ".format(
                        nargs, dest
                    ),
                )
        super().__init__(
            option_strings, dest=dest, help=help, nargs=nargs, **kwargs
        )



[docs]
    def parse_qubes_app(self, parser, namespace):
        super().parse_qubes_app(parser, namespace)
        for vm in namespace.domains:
            if not vm.is_running():
                parser.error_runtime(
                    "domain {!r} is not running".format(vm.name)
                )








[docs]
class VolumeAction(QubesAction):
    """Action for argument parser that gets the
    :py:class:``qubes.storage.Volume`` from a POOL_NAME:VOLUME_ID string.
    """

    # pylint: disable=too-few-public-methods

    def __init__(
        self, help="A pool & volume id combination", required=True, **kwargs
    ):
        # pylint: disable=redefined-builtin
        super().__init__(help=help, required=required, **kwargs)

    def __call__(self, parser, namespace, values, option_string=None):
        """Set ``namespace.vmname`` to ``values``"""
        setattr(namespace, self.dest, values)



[docs]
    def parse_qubes_app(self, parser, namespace):
        """Acquire the :py:class:``qubes.storage.Volume`` object from
        ``namespace.app``.
        """
        assert hasattr(namespace, "app")
        app = namespace.app

        try:
            pool_name, vid = getattr(namespace, self.dest).split(":")
            try:
                pool = app.pools[pool_name]
                volume = [v for v in pool.volumes if v.vid == vid]
                assert len(volume) == 1, "Duplicate vids in pool %s" % pool_name
                if not volume:
                    parser.error_runtime(
                        "no volume with id {!r} pool: {!r}".format(
                            vid, pool_name
                        )
                    )
                else:
                    setattr(namespace, self.dest, volume[0])
            except KeyError:
                parser.error_runtime("no pool {!r}".format(pool_name))
        except ValueError:
            parser.error("expected a pool & volume id combination like foo:bar")








[docs]
class PoolsAction(QubesAction):
    """Action for argument parser to gather multiple pools"""

    # pylint: disable=too-few-public-methods

    def __call__(self, parser, namespace, values, option_string=None):
        """Set ``namespace.vmname`` to ``values``"""
        if hasattr(namespace, self.dest) and getattr(namespace, self.dest):
            names = getattr(namespace, self.dest)
        else:
            names = []
        names += [values]
        setattr(namespace, self.dest, names)



[docs]
    def parse_qubes_app(self, parser, namespace):
        app = namespace.app
        pool_names = getattr(namespace, self.dest)
        if pool_names:
            try:
                pools = [app.get_pool(name) for name in pool_names]
                setattr(namespace, self.dest, pools)
            except qubes.exc.QubesException as e:
                parser.error(str(e))
                sys.exit(2)








[docs]
class QubesArgumentParser(argparse.ArgumentParser):
    """Parser preconfigured for use in most of the Qubes command-line tools.

    :param bool want_app: instantiate :py:class:`qubes.Qubes` object
    :param bool want_app_no_instance: don't actually instantiate \
        :py:class:`qubes.Qubes` object, just add argument for custom xml file
    :param bool want_force_root: add ``--force-root`` option
    :param mixed vmname_nargs: The number of ``VMNAME`` arguments that should be
        consumed. Values include:

            - N (an integer) consumes N arguments (and produces a list)
            - '?' consumes zero or one arguments
            - '*' consumes zero or more arguments (and produces a list)
            - '+' consumes one or more arguments (and produces a list)

    *kwargs* are passed to :py:class:`argparser.ArgumentParser`.

    Currenty supported options:
        ``--force-root`` (optional)
        ``--qubesxml`` location of :file:`qubes.xml` (help is suppressed)
        ``--offline-mode`` do not talk to hypervisor (help is suppressed)
        ``--verbose`` and ``--quiet``
    """

    def __init__(
        self,
        want_app=True,
        want_app_no_instance=False,
        want_force_root=False,
        vmname_nargs=None,
        **kwargs
    ):

        super().__init__(**kwargs)

        self._want_app = want_app
        self._want_app_no_instance = want_app_no_instance
        self._want_force_root = want_force_root
        self._vmname_nargs = vmname_nargs
        if self._want_app:
            self.add_argument(
                "--qubesxml",
                metavar="FILE",
                action="store",
                dest="app",
                help=argparse.SUPPRESS,
            )
            self.add_argument(
                "--offline-mode",
                action="store_true",
                default=None,
                dest="offline_mode",
                help=argparse.SUPPRESS,
            )

        self.add_argument(
            "--verbose", "-v", action="count", help="increase verbosity"
        )

        self.add_argument(
            "--quiet", "-q", action="count", help="decrease verbosity"
        )

        if self._want_force_root:
            self.add_argument(
                "--force-root",
                action="store_true",
                default=False,
                help="force to run as root",
            )

        if self._vmname_nargs in [argparse.ZERO_OR_MORE, argparse.ONE_OR_MORE]:
            vm_name_group = VmNameGroup(self, self._vmname_nargs)
            self._mutually_exclusive_groups.append(vm_name_group)
        elif self._vmname_nargs is not None:
            self.add_argument(
                "VMNAME", nargs=self._vmname_nargs, action=VmNameAction
            )

        self.set_defaults(verbose=1, quiet=0)

    def parse_args(self, args=None, namespace=None):
        namespace = super().parse_args(args, namespace)

        if self._want_app and not self._want_app_no_instance:
            self.set_qubes_verbosity(namespace)
            namespace.app = qubes.Qubes(
                namespace.app, offline_mode=namespace.offline_mode
            )

        if self._want_force_root:
            self.dont_run_as_root(namespace)

        for action in self._actions:
            # pylint: disable=protected-access
            if issubclass(action.__class__, QubesAction):
                action.parse_qubes_app(self, namespace)
            elif issubclass(
                action.__class__, argparse._SubParsersAction
            ):  # pylint: disable=no-member
                assert hasattr(namespace, "command")
                command = namespace.command
                subparser = action._name_parser_map[command]
                for subaction in subparser._actions:
                    if issubclass(subaction.__class__, QubesAction):
                        subaction.parse_qubes_app(self, namespace)

        return namespace



[docs]
    def error_runtime(self, message):
        """Runtime error, without showing usage.

        :param str message: message to show
        """
        self.exit(1, "{}: error: {}\n".format(self.prog, message))





[docs]
    def dont_run_as_root(self, namespace):
        """Prevent running as root.

        :param argparse.Namespace args: if there is ``.force_root`` attribute \
            set to true, run anyway
        """
        try:
            euid = os.geteuid()
        except AttributeError:  # no geteuid(), probably NT
            return

        if euid == 0 and not namespace.force_root:
            self.error_runtime(
                "refusing to run as root; add --force-root to override"
            )





[docs]
    @staticmethod
    def set_qubes_verbosity(namespace):
        """Apply a verbosity setting.

        This is done by configuring global logging.
        :param argparse.Namespace args: args as parsed by parser
        """

        verbose = namespace.verbose - namespace.quiet

        if verbose >= 2:
            qubes.log.enable_debug()
        elif verbose >= 1:
            qubes.log.enable()





[docs]
    def print_error(self, *args, **kwargs):
        """Print to ``sys.stderr``"""
        print(*args, file=sys.stderr, **kwargs)








[docs]
class AliasedSubParsersAction(argparse._SubParsersAction):
    # source https://gist.github.com/sampsyo/471779
    # pylint: disable=protected-access,too-few-public-methods
    class _AliasedPseudoAction(argparse.Action):
        # pylint: disable=redefined-builtin,arguments-differ
        def __init__(self, name, aliases, help):
            dest = name
            if aliases:
                dest += " (%s)" % ",".join(aliases)
            super().__init__(option_strings=[], dest=dest, help=help)

        def __call__(self, parser, namespace, values, option_string=None):
            raise NotImplementedError

    def add_parser(self, name, **kwargs):
        if "aliases" in kwargs:
            aliases = kwargs["aliases"]
            del kwargs["aliases"]
        else:
            aliases = []

        local_parser = super().add_parser(name, **kwargs)

        # Make the aliases work.
        for alias in aliases:
            self._name_parser_map[alias] = local_parser
        # Make the help text reflect them, first removing old help entry.
        if "help" in kwargs:
            self._choices_actions.pop()
            pseudo_action = self._AliasedPseudoAction(
                name, aliases, kwargs.pop("help")
            )
            self._choices_actions.append(pseudo_action)

        return local_parser






[docs]
def get_parser_for_command(command):
    """Get parser for given qvm-tool.

    :param str command: command name
    :rtype: argparse.ArgumentParser
    :raises ImportError: when command's module is not found
    :raises AttributeError: when parser was not found
    """

    module = importlib.import_module(
        "." + command.replace("-", "_"), "qubes.tools"
    )

    try:
        parser = module.parser
    except AttributeError:
        try:
            parser = module.get_parser()
        except AttributeError:
            raise AttributeError("cannot find parser in module")

    return parser




# pylint: disable=protected-access


[docs]
class VmNameGroup(argparse._MutuallyExclusiveGroup):
    """Adds an a VMNAME, --all & --exclude parameters to a
    :py:class:``argparse.ArgumentParser```.
    """

    def __init__(self, container, required, vm_action=VmNameAction, help=None):
        # pylint: disable=redefined-builtin
        super().__init__(container, required=required)
        if not help:
            help = "perform the action on all qubes"
        self.add_argument(
            "--all", action="store_true", dest="all_domains", help=help
        )
        container.add_argument(
            "--exclude",
            action="append",
            default=[],
            help="exclude the qube from --all",
        )

        #  ⚠ the default parameter below is important! ⚠
        #  See https://stackoverflow.com/questions/35044288 and
        #  `argparse.ArgumentParser.parse_args()` implementation
        self.add_argument("VMNAME", action=vm_action, nargs="*", default=[])