certbot.compat.os module

This compat modules is a wrapper of the core os module that forbids usage of specific operations (e.g. chown, chmod, getuid) that would be harmful to the Windows file security model of Certbot. This module is intended to replace standard os module throughout certbot projects (except acme).

isort:skip_file

certbot.compat.os.chmod(*unused_args, **unused_kwargs)[source]

Method os.chmod() is forbidden

certbot.compat.os.chown(*unused_args, **unused_kwargs)[source]

Method os.chown() is forbidden

certbot.compat.os.open(*unused_args, **unused_kwargs)[source]

Method os.open() is forbidden

certbot.compat.os.mkdir(*unused_args, **unused_kwargs)[source]

Method os.mkdir() is forbidden

certbot.compat.os.makedirs(*unused_args, **unused_kwargs)[source]

Method os.makedirs() is forbidden

certbot.compat.os.rename(*unused_args, **unused_kwargs)[source]

Method os.rename() is forbidden

certbot.compat.os.access(*unused_args, **unused_kwargs)[source]

Method os.access() is forbidden

certbot.compat.os.stat(*unused_args, **unused_kwargs)[source]

Method os.stat() is forbidden

certbot.compat.os.fstat(*unused_args, **unused_kwargs)[source]

Method os.stat() is forbidden

certbot.compat.os.WCOREDUMP(status) → bool

Return True if the process returning ‘status’ was dumped to a core file.

certbot.compat.os.WEXITSTATUS(status) → integer

Return the process return code from ‘status’.

certbot.compat.os.WIFCONTINUED(status) → bool

Return True if the process returning ‘status’ was continued from a job control stop.

certbot.compat.os.WIFEXITED(status) → bool

Return true if the process returning ‘status’ exited using the exit() system call.

certbot.compat.os.WIFSIGNALED(status) → bool

Return True if the process returning ‘status’ was terminated by a signal.

certbot.compat.os.WIFSTOPPED(status) → bool

Return True if the process returning ‘status’ was stopped.

certbot.compat.os.WSTOPSIG(status) → integer

Return the signal that stopped the process that provided the ‘status’ value.

certbot.compat.os.WTERMSIG(status) → integer

Return the signal that terminated the process that provided the ‘status’ value.

certbot.compat.os.abort() → does not return!

Abort the interpreter immediately. This ‘dumps core’ or otherwise fails in the hardest way possible on the hosting operating system.

certbot.compat.os.chdir(path)

Change the current working directory to the specified path.

certbot.compat.os.chroot(path)

Change root directory to path.

certbot.compat.os.close(fd)

Close a file descriptor (for low level IO).

certbot.compat.os.closerange(fd_low, fd_high)

Closes all file descriptors in [fd_low, fd_high), ignoring errors.

certbot.compat.os.confstr(name) → string

Return a string-valued system configuration variable.

certbot.compat.os.ctermid() → string

Return the name of the controlling terminal for this process.

certbot.compat.os.dup(fd) → fd2

Return a duplicate of a file descriptor.

certbot.compat.os.dup2(old_fd, new_fd)

Duplicate file descriptor.

certbot.compat.os.error

alias of exceptions.OSError

certbot.compat.os.execv(path, args)

Execute an executable path with arguments, replacing current process.

path: path of executable file args: tuple or list of strings
certbot.compat.os.execve(path, args, env)

Execute a path with arguments and environment, replacing current process.

path: path of executable file args: tuple or list of arguments env: dictionary of strings mapping to strings
certbot.compat.os.fchdir(fildes)

Change to the directory of the given file descriptor. fildes must be opened on a directory, not a file.

certbot.compat.os.fchmod(fd, mode)

Change the access permissions of the file given by file descriptor fd.

certbot.compat.os.fchown(fd, uid, gid)

Change the owner and group id of the file given by file descriptor fd to the numeric uid and gid.

certbot.compat.os.fdatasync(fildes)
force write of file with filedescriptor to disk.
does not force update of metadata.
certbot.compat.os.fdopen(fd[, mode='r'[, bufsize]]) → file_object

Return an open file object connected to a file descriptor.

certbot.compat.os.fork() → pid

Fork a child process. Return 0 to child process and PID of child to parent process.

certbot.compat.os.forkpty() -> (pid, master_fd)

Fork a new process with a new pseudo-terminal as controlling tty.

Like fork(), return 0 as pid to child process, and PID of child to parent. To both, return fd of newly opened pseudo-terminal.

certbot.compat.os.fpathconf(fd, name) → integer

Return the configuration limit name for the file descriptor fd. If there is no limit, return -1.

certbot.compat.os.fstatvfs(fd) → statvfs result

Perform an fstatvfs system call on the given fd.

certbot.compat.os.fsync(fildes)

force write of file with filedescriptor to disk.

certbot.compat.os.ftruncate(fd, length)

Truncate a file to a specified length.

certbot.compat.os.getcwd() → path

Return a string representing the current working directory.

certbot.compat.os.getcwdu() → path

Return a unicode string representing the current working directory.

certbot.compat.os.getegid() → egid

Return the current process’s effective group id.

certbot.compat.os.geteuid() → euid

Return the current process’s effective user id.

certbot.compat.os.getgid() → gid

Return the current process’s group id.

certbot.compat.os.getgroups() → list of group IDs

Return list of supplemental group IDs for the process.

certbot.compat.os.getloadavg() -> (float, float, float)

Return the number of processes in the system run queue averaged over the last 1, 5, and 15 minutes or raises OSError if the load average was unobtainable

certbot.compat.os.getlogin() → string

Return the actual login name.

certbot.compat.os.getpgid(pid) → pgid

Call the system call getpgid().

certbot.compat.os.getpgrp() → pgrp

Return the current process group id.

certbot.compat.os.getpid() → pid

Return the current process id

certbot.compat.os.getppid() → ppid

Return the parent’s process id.

certbot.compat.os.getresgid() -> (rgid, egid, sgid)

Get tuple of the current process’s real, effective, and saved group ids.

certbot.compat.os.getresuid() -> (ruid, euid, suid)

Get tuple of the current process’s real, effective, and saved user ids.

certbot.compat.os.getsid(pid) → sid

Call the system call getsid().

certbot.compat.os.getuid() → uid

Return the current process’s user id.

certbot.compat.os.initgroups(username, gid) → None

Call the system initgroups() to initialize the group access list with all of the groups of which the specified username is a member, plus the specified group id.

certbot.compat.os.isatty(fd) → bool

Return True if the file descriptor ‘fd’ is an open file descriptor connected to the slave end of a terminal.

certbot.compat.os.kill(pid, sig)

Kill a process with a signal.

certbot.compat.os.killpg(pgid, sig)

Kill a process group with a signal.

certbot.compat.os.lchown(path, uid, gid)

Change the owner and group id of path to the numeric uid and gid. This function will not follow symbolic links.

Create a hard link to a file.

certbot.compat.os.listdir(path) → list_of_strings

Return a list containing the names of the entries in the directory.

path: path of directory to list

The list is in arbitrary order. It does not include the special entries ‘.’ and ‘..’ even if they are present in the directory.

certbot.compat.os.lseek(fd, pos, how) → newpos

Set the current position of a file descriptor. Return the new cursor position in bytes, starting from the beginning.

certbot.compat.os.lstat(path) → stat result

Like stat(path), but do not follow symbolic links.

certbot.compat.os.major(device) → major number

Extracts a device major number from a raw device number.

certbot.compat.os.makedev(major, minor) → device number

Composes a raw device number from the major and minor device numbers.

certbot.compat.os.minor(device) → minor number

Extracts a device minor number from a raw device number.

certbot.compat.os.mkfifo(filename[, mode=0666])

Create a FIFO (a POSIX named pipe).

certbot.compat.os.mknod(filename[, mode=0600, device])

Create a filesystem node (file, device special file or named pipe) named filename. mode specifies both the permissions to use and the type of node to be created, being combined (bitwise OR) with one of S_IFREG, S_IFCHR, S_IFBLK, and S_IFIFO. For S_IFCHR and S_IFBLK, device defines the newly created device special file (probably using os.makedev()), otherwise it is ignored.

certbot.compat.os.nice(inc) → new_priority

Decrease the priority of process by inc and return the new priority.

certbot.compat.os.openpty() -> (master_fd, slave_fd)

Open a pseudo-terminal, returning open fd’s for both master and slave end.

certbot.compat.os.pathconf(path, name) → integer

Return the configuration limit name for the file or directory path. If there is no limit, return -1.

certbot.compat.os.pipe() -> (read_end, write_end)

Create a pipe.

certbot.compat.os.popen(command[, mode='r'[, bufsize]]) → pipe

Open a pipe to/from a command returning a file object.

certbot.compat.os.putenv(key, value)

Change or add an environment variable.

certbot.compat.os.read(fd, buffersize) → string

Read a file descriptor.

Return a string representing the path to which the symbolic link points.

certbot.compat.os.remove(path)

Remove a file (same as unlink(path)).

certbot.compat.os.rmdir(path)

Remove a directory.

certbot.compat.os.setegid(gid)

Set the current process’s effective group id.

certbot.compat.os.seteuid(uid)

Set the current process’s effective user id.

certbot.compat.os.setgid(gid)

Set the current process’s group id.

certbot.compat.os.setgroups(list)

Set the groups of the current process to list.

certbot.compat.os.setpgid(pid, pgrp)

Call the system call setpgid().

certbot.compat.os.setpgrp()

Make this process the process group leader.

certbot.compat.os.setregid(rgid, egid)

Set the current process’s real and effective group ids.

certbot.compat.os.setresgid(rgid, egid, sgid)

Set the current process’s real, effective, and saved group ids.

certbot.compat.os.setresuid(ruid, euid, suid)

Set the current process’s real, effective, and saved user ids.

certbot.compat.os.setreuid(ruid, euid)

Set the current process’s real and effective user ids.

certbot.compat.os.setsid()

Call the system call setsid().

certbot.compat.os.setuid(uid)

Set the current process’s user id.

certbot.compat.os.stat_float_times([newval]) → oldval

Determine whether os.[lf]stat represents time stamps as float objects. If newval is True, future calls to stat() return floats, if it is False, future calls return ints. If newval is omitted, return the current setting.

class certbot.compat.os.stat_result

Bases: object

stat_result: Result from stat or lstat.

This object may be accessed either as a tuple of
(mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime)

or via the attributes st_mode, st_ino, st_dev, st_nlink, st_uid, and so on.

Posix/windows: If your platform supports st_blksize, st_blocks, st_rdev, or st_flags, they are available as attributes only.

See os.stat for more information.

n_fields = 16
n_sequence_fields = 10
n_unnamed_fields = 3
st_atime

time of last access

st_blksize

blocksize for filesystem I/O

st_blocks

number of blocks allocated

st_ctime

time of last change

st_dev

device

st_gid

group ID of owner

st_ino

inode

st_mode

protection bits

st_mtime

time of last modification

number of hard links

st_rdev

device type (if inode device)

st_size

total size, in bytes

st_uid

user ID of owner

certbot.compat.os.statvfs(path) → statvfs result

Perform a statvfs system call on the given path.

class certbot.compat.os.statvfs_result

Bases: object

statvfs_result: Result from statvfs or fstatvfs.

This object may be accessed either as a tuple of
(bsize, frsize, blocks, bfree, bavail, files, ffree, favail, flag, namemax),

or via the attributes f_bsize, f_frsize, f_blocks, f_bfree, and so on.

See os.statvfs for more information.

f_bavail
f_bfree
f_blocks
f_bsize
f_favail
f_ffree
f_files
f_flag
f_frsize
f_namemax
n_fields = 10
n_sequence_fields = 10
n_unnamed_fields = 0
certbot.compat.os.strerror(code) → string

Translate an error code to a message string.

Create a symbolic link pointing to src named dst.

certbot.compat.os.sysconf(name) → integer

Return an integer-valued system configuration variable.

certbot.compat.os.system(command) → exit_status

Execute the command (a string) in a subshell.

certbot.compat.os.tcgetpgrp(fd) → pgid

Return the process group associated with the terminal given by a fd.

certbot.compat.os.tcsetpgrp(fd, pgid)

Set the process group associated with the terminal given by a fd.

certbot.compat.os.tempnam([dir[, prefix]]) → string

Return a unique name for a temporary file. The directory and a prefix may be specified as strings; they may be omitted or None if not needed.

certbot.compat.os.times() -> (utime, stime, cutime, cstime, elapsed_time)

Return a tuple of floating point numbers indicating process times.

certbot.compat.os.tmpfile() → file object

Create a temporary file with no directory entries.

certbot.compat.os.tmpnam() → string

Return a unique name for a temporary file.

certbot.compat.os.ttyname(fd) → string

Return the name of the terminal device connected to ‘fd’.

certbot.compat.os.umask(new_mask) → old_mask

Set the current numeric umask and return the previous umask.

certbot.compat.os.uname() -> (sysname, nodename, release, version, machine)

Return a tuple identifying the current operating system.

Remove a file (same as remove(path)).

certbot.compat.os.unsetenv(key)

Delete an environment variable.

certbot.compat.os.urandom(n) → str

Return n random bytes suitable for cryptographic use.

certbot.compat.os.utime(path, (atime, mtime))

utime(path, None)

Set the access and modified time of the file to the given values. If the second form is used, set the access and modified times to the current time.

certbot.compat.os.wait() -> (pid, status)

Wait for completion of a child process.

certbot.compat.os.wait3(options) -> (pid, status, rusage)

Wait for completion of a child process.

certbot.compat.os.wait4(pid, options) -> (pid, status, rusage)

Wait for completion of a given child process.

certbot.compat.os.waitpid(pid, options) -> (pid, status)

Wait for completion of a given child process.

certbot.compat.os.write(fd, string) → byteswritten

Write a string to a file descriptor.

certbot.compat.os.removedirs(path)[source]

Super-rmdir; remove a leaf directory and all empty intermediate ones. Works like rmdir except that, if the leaf directory is successfully removed, directories corresponding to rightmost path segments will be pruned away until either the whole path is consumed or an error occurs. Errors during this latter phase are ignored – they generally mean that a directory was not empty.

certbot.compat.os.renames(old, new)[source]

Super-rename; create directories as necessary and delete any left empty. Works like rename, except creation of any intermediate directories needed to make the new pathname good is attempted first. After the rename, directories corresponding to rightmost path segments of the old name will be pruned until either the whole path is consumed or a nonempty directory is found.

Note: this function can fail with the new directory structure made if you lack permissions needed to unlink the leaf directory or file.

certbot.compat.os.walk(top, topdown=True, onerror=None, followlinks=False)[source]

Directory tree generator.

For each directory in the directory tree rooted at top (including top itself, but excluding ‘.’ and ‘..’), yields a 3-tuple

dirpath, dirnames, filenames

dirpath is a string, the path to the directory. dirnames is a list of the names of the subdirectories in dirpath (excluding ‘.’ and ‘..’). filenames is a list of the names of the non-directory files in dirpath. Note that the names in the lists are just names, with no path components. To get a full path (which begins with top) to a file or directory in dirpath, do os.path.join(dirpath, name).

If optional arg ‘topdown’ is true or not specified, the triple for a directory is generated before the triples for any of its subdirectories (directories are generated top down). If topdown is false, the triple for a directory is generated after the triples for all of its subdirectories (directories are generated bottom up).

When topdown is true, the caller can modify the dirnames list in-place (e.g., via del or slice assignment), and walk will only recurse into the subdirectories whose names remain in dirnames; this can be used to prune the search, or to impose a specific order of visiting. Modifying dirnames when topdown is false is ineffective, since the directories in dirnames have already been generated by the time dirnames itself is generated. No matter the value of topdown, the list of subdirectories is retrieved before the tuples for the directory and its subdirectories are generated.

By default errors from the os.listdir() call are ignored. If optional arg ‘onerror’ is specified, it should be a function; it will be called with one argument, an os.error instance. It can report the error to continue with the walk, or raise the exception to abort the walk. Note that the filename is available as the filename attribute of the exception object.

By default, os.walk does not follow symbolic links to subdirectories on systems that support them. In order to get this functionality, set the optional argument ‘followlinks’ to true.

Caution: if you pass a relative pathname for top, don’t change the current working directory between resumptions of walk. walk never changes the current directory, and assumes that the client doesn’t either.

Example:

import os from os.path import join, getsize for root, dirs, files in os.walk(‘python/Lib/email’):

print root, “consumes”, print sum([getsize(join(root, name)) for name in files]), print “bytes in”, len(files), “non-directory files” if ‘CVS’ in dirs:

dirs.remove(‘CVS’) # don’t visit CVS directories
certbot.compat.os.execl(file, *args)[source]

Execute the executable file with argument list args, replacing the current process.

certbot.compat.os.execle(file, *args, env)[source]

Execute the executable file with argument list args and environment env, replacing the current process.

certbot.compat.os.execlp(file, *args)[source]

Execute the executable file (which is searched for along $PATH) with argument list args, replacing the current process.

certbot.compat.os.execlpe(file, *args, env)[source]

Execute the executable file (which is searched for along $PATH) with argument list args and environment env, replacing the current process.

certbot.compat.os.execvp(file, args)[source]

Execute the executable file (which is searched for along $PATH) with argument list args, replacing the current process. args may be a list or tuple of strings.

certbot.compat.os.execvpe(file, args, env)[source]

Execute the executable file (which is searched for along $PATH) with argument list args and environment env , replacing the current process. args may be a list or tuple of strings.

certbot.compat.os.getenv(key, default=None)[source]

Get an environment variable, return None if it doesn’t exist. The optional second argument can specify an alternate default.

certbot.compat.os.spawnv(mode, file, args) → integer[source]

Execute file with arguments from args in a subprocess. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnve(mode, file, args, env) → integer[source]

Execute file with arguments from args in a subprocess with the specified environment. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnl(mode, file, *args) → integer[source]

Execute file with arguments from args in a subprocess. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnle(mode, file, *args, env) → integer[source]

Execute file with arguments from args in a subprocess with the supplied environment. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnvp(mode, file, args) → integer[source]

Execute file (which is looked for along $PATH) with arguments from args in a subprocess. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnvpe(mode, file, args, env) → integer[source]

Execute file (which is looked for along $PATH) with arguments from args in a subprocess with the supplied environment. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnlp(mode, file, *args) → integer[source]

Execute file (which is looked for along $PATH) with arguments from args in a subprocess with the supplied environment. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.spawnlpe(mode, file, *args, env) → integer[source]

Execute file (which is looked for along $PATH) with arguments from args in a subprocess with the supplied environment. If mode == P_NOWAIT return the pid of the process. If mode == P_WAIT return the process’s exit code if it exits normally; otherwise return -SIG, where SIG is the signal that killed it.

certbot.compat.os.popen2(cmd, mode='t', bufsize=-1)[source]

Execute the shell command ‘cmd’ in a sub-process. On UNIX, ‘cmd’ may be a sequence, in which case arguments will be passed directly to the program without shell intervention (as with os.spawnv()). If ‘cmd’ is a string it will be passed to the shell (as with os.system()). If ‘bufsize’ is specified, it sets the buffer size for the I/O pipes. The file objects (child_stdin, child_stdout) are returned.

certbot.compat.os.popen3(cmd, mode='t', bufsize=-1)[source]

Execute the shell command ‘cmd’ in a sub-process. On UNIX, ‘cmd’ may be a sequence, in which case arguments will be passed directly to the program without shell intervention (as with os.spawnv()). If ‘cmd’ is a string it will be passed to the shell (as with os.system()). If ‘bufsize’ is specified, it sets the buffer size for the I/O pipes. The file objects (child_stdin, child_stdout, child_stderr) are returned.

certbot.compat.os.popen4(cmd, mode='t', bufsize=-1)[source]

Execute the shell command ‘cmd’ in a sub-process. On UNIX, ‘cmd’ may be a sequence, in which case arguments will be passed directly to the program without shell intervention (as with os.spawnv()). If ‘cmd’ is a string it will be passed to the shell (as with os.system()). If ‘bufsize’ is specified, it sets the buffer size for the I/O pipes. The file objects (child_stdin, child_stdout_stderr) are returned.