* Initial release.
!/usr/bin/env python3
from __future__ import print_function
import tempfile
import io
import sys
import os
import errno
import shutil
import subprocess
from datetime import datetime
def sanitize_line(untrusted_line):
line = bytearray(untrusted_line)
for i, c in enumerate(line):
if c >= 0x20 and c <= 0x7e:
pass
else:
line[i] = 0x2e
return bytearray(line).decode('ascii')
stdin = sys.stdin.buffer python3
start = datetime.utcnow()
tmp_log = tempfile.NamedTemporaryFile(prefix="qubes-log_", delete=False)
qrexec_remote = "qubes:"
def log(msg, remote=True, now=None):
if now is None:
now = datetime.utcnow()
if remote:
remote_str = '{}:'.format(qrexec_remote)
else:
remote_str = '>'
line = '{:%F %T.%f} +0000 {} {}\n'.format(now, remote_str, msg)
tmp_log.write(line.encode('utf-8'))
tmp_log.flush()
log('starting log', now=start, remote=False)
the first line is always the remote vm name
untrusted_line = stdin.readline()
qrexec_remote = untrusted_line.rstrip(b'\n').decode('utf-8')
while True:
untrusted_line = stdin.readline()
if untrusted_line == b'':
break
log(sanitize_line(untrusted_line.rstrip(b'\n')))
log('closing log', remote=False)
tmp_log.close()
file_name_base = os.path.join(
os.getenv('HOME', '/'),
'QubesIncomingLogs',
'{remote}',
'log_{time:%Y-%m-%d_%H-%M-%S}').format(
remote=qrexec_remote,
time=start)
try:
os.makedirs(os.path.dirname(file_name_base))
except OSError as err:
if err.errno != errno.EEXIST:
raise
try_no = 0
file_name = file_name_base
while True:
if try_no > 0:
file_name = '{}.{}'.format(file_name_base, try_no)
try:
fd = os.open(file_name, os.O_CREAT | os.O_EXCL, 0o664)
except OSError as err:
if err.errno == errno.EEXIST:
try_no += 1
continue
raise
os.close(fd)
break
shutil.move(tmp_log.name, file_name)
/usr/sbin/securedrop-log