Warning about ISessionSetEnv interface
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
I'm setting up a manhole with twisted.conch.manhole, and it works, but gives this warning: Can't handle environment variables for SSH avatar <twisted.conch.manhole_ssh.TerminalUser object at 0x7fef33174f60>: <twisted.conch.manhole_ssh.TerminalSession object at 0x7fef33174fd0> does not provide ISessionSetEnv interface. It should be decorated with @implementer(ISession, ISessionSetEnv) to support env variables. I've looked at the release notes about #9315 <https://twistedmatrix.com/trac/ticket/9315>, but can't see where in my code to add @implementer. Here's the code: def create_shell_server(inputs): import pwd # The manhole service from twisted.conch import manhole, manhole_ssh from twisted.conch.checkers import IAuthorizedKeysDB, SSHPublicKeyChecker, readAuthorizedKeyFile from twisted.conch.ssh import keys from twisted.cred import portal from twisted.python.filepath import FilePath from zope.interface import implementer # pylint: disable=no-name-in-module from twisted.application.internet import TCPServer # pylint: enable=no-name-in-module @implementer(IAuthorizedKeysDB) class RunbenchAuthorizedKeysFiles(object): """Object that provides SSH public keys. There is a central file readable only by services that run as users who have permissions to read it, and users are allowed to provide their own file for use during development. The files have fixed names and are not overrideable by inputs or the environment, because that would make it harder to see which files a service was actually using. """ def getAuthorizedKeys(self, username): try: passwd = pwd.getpwnam(bytes_to_native_str(username)) except KeyError: return () def read_keys(filepaths): for fp in filepaths: if fp.exists(): try: with fp.open() as f: for key in readAuthorizedKeyFile(f, keys.Key.fromString): yield key except (IOError, OSError): pass return read_keys([ FilePath(passwd.pw_dir).child('.ssh').child(b'runbench_manhole.pub'), FilePath(rb_site.runbench.keydir).child(b'manhole_authkeys') ]) checker = SSHPublicKeyChecker(RunbenchAuthorizedKeysFiles()) import gc from pprint import pprint namespace = {'sys': sys, 'time': time, 'datetime': datetime, 'gc': gc, 'os': os, 'reactor': reactor, 'runbench': runbench, 'execute': execute, 'pprint': pprint, 'inputs': inputs} class PF(ServerProtocol): # pylint: disable=E0202 def protocolFactory(self, *a, **kw): return manhole.Manhole(namespace) realm = manhole_ssh.TerminalRealm() realm.chainedProtocolFactory = PF mh_portal = portal.Portal(realm) mh_portal.registerChecker(checker) cf = manhole_ssh.ConchFactory(mh_portal) public, private = get_rsa_keys(os.path.join(os.path.dirname(__file__), 'rb_host_rsa')) cf.publicKeys = {b'ssh-rsa': public} cf.privateKeys = {b'ssh-rsa': private} manhole_service = TCPServer(0, cf) manhole_service.startService() print('Started manhole service on port', manhole_service._port._realPortNumber) What do I need to change to make this work? Peter.
![](https://secure.gravatar.com/avatar/eba6eb871de2549c7447a8701352cd35.jpg?s=120&d=mm&r=g)
On Tue, 24 May 2022 at 14:35, Peter Westlake <peter.westlake@pobox.com> wrote:
Hi Peter, I don't think there is anything wrong with your code. The issue is with manhole supoprt for SSH - twisted.conch.manhole_ssh.TerminalSession You can ignore it, or try to send a fix for https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/manhole_ssh.... to implement or ignore the setEnv command. I guess that for manhole just ignoring the setEnv requests is ok. I am not sure what use case you can have for remote environment control via manhole. [snip] Cheers -- Adi Roiban
![](https://secure.gravatar.com/avatar/607cfd4a5b41fe6c886c978128b9c03e.jpg?s=120&d=mm&r=g)
On Tue, May 24, 2022 at 9:50 AM Adi Roiban <adiroiban@gmail.com> wrote:
Conch shouldn't even emit this warning. The fallback behavior of ignoring the env request is fine. There's no reason to bother people about their session not implementing this interface if they don't need to support environment variables. A good PR would be one that just deletes the log.warn call. Jean-Paul
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
The ticket is #10347 <https://twistedmatrix.com/trac/ticket/10347>. I've assigned myself, if that's okay. Peter. On Tue, 24 May 2022, at 18:44, Peter Westlake wrote:
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
On Tue, 24 May 2022, at 19:15, Peter Westlake wrote:
The ticket is #10347 <https://twistedmatrix.com/trac/ticket/10347>. I've assigned myself, if that's okay.
Running the tests with tox -e nocov gives an error, builtins.ModuleNotFoundError: No module named 'hamcrest'. This is on Ubuntu 20.04, Python 3.8.10, and I did install python-hamcrest. Python 3 can import it. Running just tox instead of tox -e nocov gives several "Connection reset by peer" and a huge number of "Cannot find link target" errors. How should I run the tests? Peter.
![](https://secure.gravatar.com/avatar/e1554622707bedd9202884900430b838.jpg?s=120&d=mm&r=g)
`nocov` by itself isn't really a valid environment. You probably want `tox -e alldeps-nocov`. (In general although you have lots of options for how to compose an environment depending on what you want to test, start with the stuff in `tox -l` for most projects.)
This is on Ubuntu 20.04, Python 3.8.10, and I did install python-hamcrest. Python 3 can import it.
Note that the python3 environment you're in as you set up `tox` is not itself the environment `tox` is running tests in. You need to run ./.tox/{env}/bin/python, so in this case ./.tox/nocov/bin/python.
Running just tox instead of tox -e nocov gives several "Connection reset by peer" and a huge number of "Cannot find link target" errors.
`tox` itself will try to run (among other things) the release preparation environment, which will probably mess things up.
How should I run the tests?
Something like "tox -r -p auto -e lint -e mypy -e alldeps-nocov -e nodeps-nocov" probably :-). -g
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
On Wed, 25 May 2022, at 00:18, Glyph wrote:
On May 24, 2022, at 2:20 PM, Peter Westlake <peter.westlake@pobox.com> wrote:
How should I run the tests?
Something like "tox -r -p auto -e lint -e mypy -e alldeps-nocov -e nodeps-nocov" probably :-).
That;s a lot better, thanks! Everything passes except for three errors right at the end, "builtins.TypeError: a bytes-like object is required, not 'str'" in pydoctor/model.py, line 634. Those look sufficiently unrelated to the change for me to put in the pull request. The PR is https://github.com/twisted/twisted/pull/1733. Peter.
![](https://secure.gravatar.com/avatar/eba6eb871de2549c7447a8701352cd35.jpg?s=120&d=mm&r=g)
On Tue, 24 May 2022 at 14:35, Peter Westlake <peter.westlake@pobox.com> wrote:
Hi Peter, I don't think there is anything wrong with your code. The issue is with manhole supoprt for SSH - twisted.conch.manhole_ssh.TerminalSession You can ignore it, or try to send a fix for https://github.com/twisted/twisted/blob/trunk/src/twisted/conch/manhole_ssh.... to implement or ignore the setEnv command. I guess that for manhole just ignoring the setEnv requests is ok. I am not sure what use case you can have for remote environment control via manhole. [snip] Cheers -- Adi Roiban
![](https://secure.gravatar.com/avatar/607cfd4a5b41fe6c886c978128b9c03e.jpg?s=120&d=mm&r=g)
On Tue, May 24, 2022 at 9:50 AM Adi Roiban <adiroiban@gmail.com> wrote:
Conch shouldn't even emit this warning. The fallback behavior of ignoring the env request is fine. There's no reason to bother people about their session not implementing this interface if they don't need to support environment variables. A good PR would be one that just deletes the log.warn call. Jean-Paul
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
The ticket is #10347 <https://twistedmatrix.com/trac/ticket/10347>. I've assigned myself, if that's okay. Peter. On Tue, 24 May 2022, at 18:44, Peter Westlake wrote:
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
On Tue, 24 May 2022, at 19:15, Peter Westlake wrote:
The ticket is #10347 <https://twistedmatrix.com/trac/ticket/10347>. I've assigned myself, if that's okay.
Running the tests with tox -e nocov gives an error, builtins.ModuleNotFoundError: No module named 'hamcrest'. This is on Ubuntu 20.04, Python 3.8.10, and I did install python-hamcrest. Python 3 can import it. Running just tox instead of tox -e nocov gives several "Connection reset by peer" and a huge number of "Cannot find link target" errors. How should I run the tests? Peter.
![](https://secure.gravatar.com/avatar/e1554622707bedd9202884900430b838.jpg?s=120&d=mm&r=g)
`nocov` by itself isn't really a valid environment. You probably want `tox -e alldeps-nocov`. (In general although you have lots of options for how to compose an environment depending on what you want to test, start with the stuff in `tox -l` for most projects.)
This is on Ubuntu 20.04, Python 3.8.10, and I did install python-hamcrest. Python 3 can import it.
Note that the python3 environment you're in as you set up `tox` is not itself the environment `tox` is running tests in. You need to run ./.tox/{env}/bin/python, so in this case ./.tox/nocov/bin/python.
Running just tox instead of tox -e nocov gives several "Connection reset by peer" and a huge number of "Cannot find link target" errors.
`tox` itself will try to run (among other things) the release preparation environment, which will probably mess things up.
How should I run the tests?
Something like "tox -r -p auto -e lint -e mypy -e alldeps-nocov -e nodeps-nocov" probably :-). -g
![](https://secure.gravatar.com/avatar/e0114f22fcde3deed8ebe94c70652140.jpg?s=120&d=mm&r=g)
On Wed, 25 May 2022, at 00:18, Glyph wrote:
On May 24, 2022, at 2:20 PM, Peter Westlake <peter.westlake@pobox.com> wrote:
How should I run the tests?
Something like "tox -r -p auto -e lint -e mypy -e alldeps-nocov -e nodeps-nocov" probably :-).
That;s a lot better, thanks! Everything passes except for three errors right at the end, "builtins.TypeError: a bytes-like object is required, not 'str'" in pydoctor/model.py, line 634. Those look sufficiently unrelated to the change for me to put in the pull request. The PR is https://github.com/twisted/twisted/pull/1733. Peter.
participants (4)
-
Adi Roiban
-
Glyph
-
Jean-Paul Calderone
-
Peter Westlake