From 3fae6ada95a32bf1c070f13b99b43ff6a1552314 Mon Sep 17 00:00:00 2001 From: grossmj Date: Mon, 19 Nov 2018 17:33:17 +0700 Subject: [PATCH] Only require privileged access for uBridge when connecting a cloud to an Ethernet/TAP interface. Fixes #1461. --- gns3server/compute/base_node.py | 4 ++-- gns3server/compute/builtin/nodes/cloud.py | 4 +++- tests/compute/builtin/nodes/test_cloud.py | 18 +++++++++++------- 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/gns3server/compute/base_node.py b/gns3server/compute/base_node.py index 487ac1c4..706fb645 100644 --- a/gns3server/compute/base_node.py +++ b/gns3server/compute/base_node.py @@ -554,8 +554,8 @@ class BaseNode: if self.ubridge_path is None: raise NodeError("uBridge is not available, path doesn't exist, or you just installed GNS3 and need to restart your user session to refresh user permissions.") - if not self._manager.has_privileged_access(self.ubridge_path): - raise NodeError("uBridge requires root access or the capability to interact with network adapters") + #if not self._manager.has_privileged_access(self.ubridge_path): + # raise NodeError("uBridge requires root access or the capability to interact with network adapters") server_config = self._manager.config.get_section_config("Server") server_host = server_config.get("host") diff --git a/gns3server/compute/builtin/nodes/cloud.py b/gns3server/compute/builtin/nodes/cloud.py index 071066b0..27fd9d90 100644 --- a/gns3server/compute/builtin/nodes/cloud.py +++ b/gns3server/compute/builtin/nodes/cloud.py @@ -299,11 +299,13 @@ class Cloud(BaseNode): await self._ubridge_apply_filters(bridge_name, nio.filters) if port_info["type"] in ("ethernet", "tap"): + if not self.manager.has_privileged_access(self.ubridge_path): + raise NodeError("uBridge requires root access or the capability to interact with Ethernet and TAP adapters") + if sys.platform.startswith("win"): await self._add_ubridge_ethernet_connection(bridge_name, port_info["interface"]) else: - if port_info["type"] == "ethernet": network_interfaces = [interface["name"] for interface in self._interfaces()] if not port_info["interface"] in network_interfaces: diff --git a/tests/compute/builtin/nodes/test_cloud.py b/tests/compute/builtin/nodes/test_cloud.py index 4ff27263..19547a9b 100644 --- a/tests/compute/builtin/nodes/test_cloud.py +++ b/tests/compute/builtin/nodes/test_cloud.py @@ -160,9 +160,11 @@ def test_linux_ethernet_raw_add_nio(linux_platform, project, async_run, nio): cloud = Cloud("cloud1", str(uuid.uuid4()), project, MagicMock(), ports=ports) cloud.status = "started" - with asyncio_patch("gns3server.compute.builtin.nodes.cloud.Cloud._ubridge_send") as ubridge_mock: - with patch("gns3server.compute.builtin.nodes.cloud.Cloud._interfaces", return_value=[{"name": "eth0"}]): - async_run(cloud.add_nio(nio, 0)) + with patch("shutil.which", return_value="/bin/ubridge"): + with patch("gns3server.compute.base_manager.BaseManager.has_privileged_access", return_value=True): + with asyncio_patch("gns3server.compute.builtin.nodes.cloud.Cloud._ubridge_send") as ubridge_mock: + with patch("gns3server.compute.builtin.nodes.cloud.Cloud._interfaces", return_value=[{"name": "eth0"}]): + async_run(cloud.add_nio(nio, 0)) ubridge_mock.assert_has_calls([ call("bridge create {}-0".format(cloud._id)), @@ -188,10 +190,12 @@ def test_linux_ethernet_raw_add_nio_bridge(linux_platform, project, async_run, n cloud = Cloud("cloud1", str(uuid.uuid4()), project, MagicMock(), ports=ports) cloud.status = "started" - with asyncio_patch("gns3server.compute.builtin.nodes.cloud.Cloud._ubridge_send") as ubridge_mock: - with patch("gns3server.compute.builtin.nodes.cloud.Cloud._interfaces", return_value=[{"name": "bridge0"}]): - with patch("gns3server.utils.interfaces.is_interface_bridge", return_value=True): - async_run(cloud.add_nio(nio, 0)) + with patch("shutil.which", return_value="/bin/ubridge"): + with patch("gns3server.compute.base_manager.BaseManager.has_privileged_access", return_value=True): + with asyncio_patch("gns3server.compute.builtin.nodes.cloud.Cloud._ubridge_send") as ubridge_mock: + with patch("gns3server.compute.builtin.nodes.cloud.Cloud._interfaces", return_value=[{"name": "bridge0"}]): + with patch("gns3server.utils.interfaces.is_interface_bridge", return_value=True): + async_run(cloud.add_nio(nio, 0)) tap = "gns3tap0-0" ubridge_mock.assert_has_calls([