26 lines
637 B
Python
Executable File
26 lines
637 B
Python
Executable File
#!/usr/bin/env python3
|
|
|
|
import os
|
|
import pwd
|
|
import subprocess
|
|
import sys
|
|
|
|
|
|
# You can optionally add logging, etc. to log attempts that fail to verify the command enforcement,
|
|
# client IPs, etc. via environment variables, etc.
|
|
|
|
cur_user = os.geteuid()
|
|
homedir = pwd.getpwuid(cur_user).pw_dir
|
|
os.chdir(homedir)
|
|
|
|
orig_cmd = sys.argv[1:]
|
|
if orig_cmd.pop(0) != 'borg':
|
|
raise PermissionError('That command is not allowed')
|
|
if orig_cmd.pop(0) != 'serve':
|
|
raise PermissionError('That command is not allowed')
|
|
new_cmd = ['borg', 'serve', '--restrict-to-path', homedir]
|
|
new_cmd.extend(orig_cmd)
|
|
|
|
os.chdir(homedir)
|
|
subprocess.run(new_cmd)
|