Commit Graph

95 Commits (897bc07ea023244d2f2b557854f58cf81ab29b9d)

Author SHA1 Message Date
David Wilson 42f07466d2 setns: always assume a user identity, default to root.
Without this, an invocation like:

    sudo ansible-playbook foo.yml

Where foo.yml uses setns, could inherit the HOME environment variable
from the external non-root user, which broke /usr/bin/mysql_upgrade and
plenty more.
6 years ago
David Wilson c32b8d9728 docs: fix up doas documentation. 6 years ago
David Wilson bce4f59138 issue #345: disable IdentitiesOnly by default. 6 years ago
David Wilson 27b64a484b docs: document mitogen.core.CHUNK_SIZE. 6 years ago
David Wilson 442d88e3d7 docs: many more fixes/merges. 6 years ago
David Wilson a561fb79e5 docs: merge more docs back into mitogen/core.py. 6 years ago
David Wilson 81c8156965 Support LXD; closes #339. 6 years ago
David Wilson 196f76ff22 Remove staticmethod from docs.
Can re-add this later for 3.x, but it's pretty impossible in general for
2.x.

Closes #313.
6 years ago
David Wilson f977be2868 issue #291: permit supplying a full Python argv. 6 years ago
David Wilson 184104ce92 issue #303: add doas to the docs 6 years ago
David Wilson 0422a8c263 parent: python_path setting depends on local or remote
For local, we want to default to the same Python version as the current
process. For remote, we want whatever is on offer.
6 years ago
David Wilson 0eb77b5f7c utils: always enable microsecond logging.
It's too useful, and the logs are fairly out of control already, may as
well just capture everything in the first pass.
6 years ago
David Wilson 410016ff47 Initial Python 3.x port work.
* ansible: use unicode_literals everywhere since it only needs to be
  compatible back to 2.6.
* compat/collections.py: delete this entirely and rip out the parts of
  functools that require it.
* Introduce serializable Kwargs dict subclass that translates keys to
  Unicode on instantiation.
* enable_debug_logging() must set _v/_vv globals.
* cStringIO does not exist in 3.x.
* Treat IOLogger and LogForwarder input as latin-1.
* Avoid ResourceWarnings in first stage by explicitly closing fps.
* Fix preamble_size.py syntax errors.
6 years ago
David Wilson b58603c7a4 issue #278: ssh: support ssh_debug_level option and log TTY output.
Now debug logs may be captured all the way through the connection.
7 years ago
David Wilson 9e78c20eba core/parent: add Context.call_no_reply(). 7 years ago
David Wilson d2714752ee docs: tidy ups 7 years ago
David Wilson 61365236ad docs/select: fix up more references, fix headings. 7 years ago
David Wilson 4bf3d01104 select: add missing get(block=..) parameter. 7 years ago
David Wilson b0ce6eecd7 fork: support on_start= argument. 7 years ago
David Wilson 8a089e975d docs: Document Router.unidirectional. 7 years ago
David Wilson 2ee727f5c0 docs: typos and clarifications 7 years ago
David Wilson 4d1c6d2101 issue #127: ssh: reasonable solution to host key checking.
Ideally it would be possible to specify a callback function, but this is
not possible for proxied connections. So simply provide the 3 most
useful modes, defaulting to the most secure.

Closes #127. Closes #134.
7 years ago
David Wilson 3322eaef45 Basic "su" method. 7 years ago
David Wilson f5d22a3ca1 core: support deleting handlers, make Receiver.close() unregister 7 years ago
David Wilson ff7fb00569 parent: return latch to wait() caller to allow graceful timeout 7 years ago
David Wilson e8b4c4e683 issue #223: implement setns connection type
machinectl does not support any sensible form of pipe to the child
process, so it is necessary to bypass it when talking to a systemd
container (see systemd/systemd#8850).

This can also form the basis for issue #223, where the post-fork
namespace switching dance required to connect to the Pythonless
container will be the same.
7 years ago
David Wilson 3196b6e7f7 Add FreeBSD jail support. 7 years ago
David Wilson b3d352c601 Add lxc container support. 7 years ago
David Wilson 1fc7df5be5 Move canonical library version to __init__.py. 7 years ago
David Wilson 7c88e4d013 Move _DEAD into header, autogenerate dead messages
This change blocks off 2 common scenarios where a race condition is
upgraded to a hang, when the library could internally do better.

* Since we don't know whether the receiver of a `reply_to` is expecting
  a raw or pickled message, and since in the case of a raw reply, there
  is no way to signal "dead" to the receiver, override the reply_to
  field to explicitly mark a message as dead using a special handle.

  This replaces the serialized _DEAD sentinel value with a slightly
  neater interface, in the form of the reserved IS_DEAD handle, and
  enables an important subsequent change: when a context cannot route a
  message, it can send a generic 'dead' reply back towards the message
  source, ensuring any sleeping thread is woken with ChannelError.

  The use of this field could potentially be extended later on if
  additional flags are needed, but for now this seems to suffice.

* Teach Router._invoke() to reply with a dead message when it receives a
  message for an invalid local handle.

* Teach Router._async_route() to reply with a dead message when it
  receives an unroutable message.
7 years ago
David Wilson 6670cba41c Introduce handler policy functions; closes #138.
Now you can specify a function to add_handler() that authenticates the
message header, with has_parent_authority() and is_immediate_child()
built in.
7 years ago
David Wilson 80a97fbc9b core: Rename Sender.put() to Sender.send().
Been annoying me for months.
7 years ago
David Wilson b48d63f33b docs: add to_sender() and update serialization notes 7 years ago
David Wilson 8676c40674 core: make _start_transmit / _stop_transmit async-only
For now at least, these APIs are always used in an asynchronous context,
so stop using the defer mechanism.
7 years ago
David Wilson 4903052f42 fork: reseed Python/SSL PRNGs
Mac's SSL seems to have a pthread_atfork handler or similar that does
this for us, no clue if Linux is the same.
7 years ago
David Wilson 7f4368db87 docs: pad out signal handlers note 7 years ago
David Wilson 0dbb63ae3d docs: typo 7 years ago
David Wilson 2813d1a968 docs: update 7 years ago
David Wilson 5579ac936b issue #155: docs: more fork() liability warnings 7 years ago
David Wilson f457f54758 docs: fix formatting 7 years ago
David Wilson d370290687 docs: one more warning 7 years ago
David Wilson 03e08e25fd docs: put huge liability notice in fork() docs. 7 years ago
David Wilson 48351a1889 issue #155: parent: support Context.shutdown(), reap children on exit.
This permits graceful shutdown of individual contexts, without tearing
down everything.

Update mitogen.parent.Stream to also wait for the child to exit, to
prevent the buildup of zombie processes. This introduces a blocking wait
for process exit on the Broker thread, let's see if we can get away with
it. Chances are reasonable that it'll cause needless hangs on heavily
loaded machines.
7 years ago
David Wilson 6a74edce6b issue #155: parent: move master.Context into parent.
The Context and Router APIs for constructing children and making
function calls should be available in every parent context, as user code
wants to have access to the same API.
7 years ago
David Wilson 20780820a6 docs: typo 7 years ago
David Wilson 75b9e1d71e issue #155: docs: document behaviour of forked children 7 years ago
David Wilson 1a8ac9f4d1 issue #155: introduce mitogen.fork / Router.fork() 7 years ago
David Wilson f241eac5ce parent: allow Python to determine its install prefix from argv[0]
Fixes support for virtualenv. Closes #152.
7 years ago
David Wilson 4f361be7e7 issue #144: teach Select() to close its latch
Causes all threads sleeping on the select to wake.
7 years ago
David Wilson 8aada2646c core: support throwing LatchError in every sleeping thread
This is to allow Select() to be used as a generic queueing primitive
that supports graceful shutdown.
7 years ago