Couldn't execute jailed code: stdout: b'', stderr: b'sudo: /home/niraj/Workspace/codejail/sandbox/bin/: command not found\n' with status code: 1
Can any one share any video or steps, how to execute this?

This ticket is to track the analysis of feasibility of supporting CodeJail as a Debian Package, that could endup being included by Debian, Ubuntu and other Deb based distributions.

Many softwares, such as GlobaLeaks (https://github.com/globaleaks/globaleaks) and TxTorCon (meejah/txtorcon#102), that may benefit from CodeJail uses, could use it only if it's going to be "debian packagable".

So, as a pre-requisite it would be interesting an analysis for implementing a debian package for CodeJail

Hi,
I'm trying to install codejail.
I followed all the instructions but when i run this code

import codejail.jail_code
codejail.jail_code.configure('python', '/home/jail/env/sandenv/bin/python', 'sandbox')
import codejail.safe_exec
codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})

It runs but doesn't raise any exceptions or error.
Here is my configurations:

ls -al
total 16
drwxrwxr-x 4 jail jail 4096 19 18:37 .
drwxr-xr-x 22 jail jail 4096 19 18:39 ..
drwxrwxr-x 7 jail jail 4096 19 18:37 main
drwxr-xr-x 7 jail jail 4096 19 14:49 sandenv

/etc/apparmor.d/home.jail.env.sandenv.bin.python

#include <tunables/global>

/home/jail/env/sandenv/bin/python {
    #include <abstractions/base>
    #include <abstractions/python>

    /home/jail/env/sandenv/** mr,
    # If you have code that the sandbox must be able to access, add lines
    # pointing to those directories:
    /home/jail/env/sandenv/lib/python2.7/site-packages/** r,

    /tmp/codejail-*/ rix,
    /tmp/codejail-*/** wrix,
}

/etc/sudoers.d/01-sandbox

jail ALL=(sandbox) SETENV:NOPASSWD:/home/jail/env/sandenv/bin/python
jail ALL=(sandbox) SETENV:NOPASSWD:/usr/bin/find
jail ALL=(ALL) NOPASSWD:/usr/bin/pkill

Any idea?

It isn't a great way to coordinate with Django, since it doesn't get invoked for manage.py commands. It isn't testable in this repo.

Description

For some tasks it is required to run code in edxapp-sandbox through codejail and the settings are read with the middleware, but in edxapp async the middlewares are not run and it uses the default settings and in my case it is very little, this happens for example in the rescore of a loncapa problem.

I got this PR with an idea to solve the problem: #98

📌 But I am not quite sure how to continue that work or if there is another way or a better approach to solve this problem.

How to replicate the problem

• Have a course with an loncapa problem (such as advance problem > python-evaluated input)
• Have celery workers running in the devstack
  Taken from the following pr: openedx/edx-platform#28019

It took me a while to figure out how to run celery workers on the docker devstack - am I missing some documentation?

First, use make lms-shell then edit /edx/etc/lms.yml . Make sure CELERY_QUEUES is as follows:

CELERY_QUEUES:
- edx.lms.core.default
- edx.lms.core.high
- edx.lms.core.high_mem

(for some reason, on my devstack, these all had wrong values like edx.lms.core.defaultedx.lms.core. , while CELERY_DEFAULT_QUEUE had a correct value, resulting in the worker never seeing the tasks)

Second, add this to lms/envs/private.py :

CELERY_ALWAYS_EAGER = False
BROKER_URL = 'redis://:[email protected]:6379/'

Third, start Redis with make redis-up

Fourth, restart the LMS.

Fifth: from make lms-shell , start a celery worker with

DJANGO_SETTINGS_MODULE=lms.envs.devstack_with_worker celery worker --app=lms.celery:APP

• Put a print in codejail plugin
  https://github.com/openedx/codejail/blob/master/codejail/jail_code.py#L293

print("#"*30)
print(effective_limits)

• Do a rescore in Instructor > Student Admin and see that changes in devstack.py or common.py don’t change the codejail settings

Other info

Discuss: https://discuss.openedx.org/t/problem-loading-the-codejail-settings-in-async-tasks/6545

Hi Ned, could you please add sandbox-requirements.txt to the repo?

I have following error. Please help me to solve this problem.

Staff debug info: Traceback (most recent call last): File "/opt/bitnami/apps/edx/edx-platform/common/lib/xmodule/xmodule/capa_base.py", line 1151, in submit_problem correct_map = self.lcp.grade_answers(answers) File "/opt/bitnami/apps/edx/edx-platform/common/lib/capa/capa/capa_problem.py", line 400, in grade_answers return self._grade_answers(answers) File "/opt/bitnami/apps/edx/edx-platform/common/lib/capa/capa/capa_problem.py", line 462, in _grade_answers results = responder.evaluate_answers(self.student_answers, oldcmap) File "/opt/bitnami/apps/edx/edx-platform/common/lib/capa/capa/responsetypes.py", line 306, in evaluate_answers new_cmap = self.get_score(student_answers) File "/opt/bitnami/apps/edx/edx-platform/common/lib/capa/capa/responsetypes.py", line 3283, in get_score raise ResponseError(msg) ResponseError: Error in evaluating SchematicResponse. The error was: Couldn't execute jailed code: stdout: '', stderr: '/opt/bitnami/apps/edx/venvs/edxapp-sandbox/bin/python: 3: exec: /opt/bitnami/apps/edx/venvs/edxapp-sandbox/bin/.python2.7.bin: Permission denied\n' with status code: 126

Problem: codejail tests and quality checks are run on edX's https://build.testeng.edx.org Jenkins instance. Moving the tests is non-trivial because they involve setting up and testing an AppArmor profile. It isn't clear whether that'd be doable with GitHub Actions.

Some Discovery Notes (copied from https://github.com/openedx/decoupling/issues/100):

It's possible to startup a github actions runner with a specific ApArmor profile: https://docs.docker.com/engine/security/apparmor/

However, there is no way currently to specify an AppArmor profile on a container-job in github actions: https://docs.github.com/en/actions/using-containerized-services/about-service-containers

We could do this on custom github action runners that we operate if we go down that route but there is currently no way to validate the AppArmor side of the codejail framework without some custom test runner.

There is an argument to be made that codejail has some features and AppArmor has some features and we should just test them independently. While that feels technically correct, I'm not sure if we have enough other gates to ensure that the overall expectation of security when operating codejail in production can be guaranteed.

Further notes:

After speaking about this with @feanil @nedbat @kdmccormick @Carlos-Muniz and @ormsbee . We decided to defer this until after the repo has move to the openedx org. It should still be done as a part of the decoupling but we no longer consider it a blocker for the repository transfer. Once the repository has moved to the openedx org, we can re-visit this and figure out how we want to maintain this repo and its tests moving forward.

not_safe_exec is for running tests that use CodeJail but don't want to require an actual CodeJail configured. Now, it runs the code directly in the current process. This is bad because it monkey-patches random without attempting to clean it up. To better emulate CodeJail, it should run the code in a subprocess.

Codejail has a global variable at codejail.jail_code.COMMANDS. It's a dictionary that maps command names (like "python") to safe shell commands. An example value is:

{'python': {'cmdline_start': ['/edx/app/edxapp/venvs/edxapp-sandbox/bin/python', '-E', '-B'], 'user': 'sandbox'}}

The dictionary is populated by calling codejail.jail_code.configure, which is generally done via the codejail.django_integration middleware.

This all works fine, but the fact that COMMANDS is a global variable is not idiomatic Python. More concretely, it's a pain in the neck for unit tests: the order and timing with which unit tests are run will affect whether .configure has been called or not. This could also cause problems across Python processes in production, leading to situations where codejail is configured in one process but effectively disabled in another process without anyone knowing. Not good.

This stateful system also forces us to use a middleware in order to configure codejail in Django--that's another layer where something could go wrong.

I recommend replacing COMMANDS with either:

• a stateless function named load_commands(), which is safe to call over and over again, which does something like this:

   try:
      from django.conf import settings
   except ImportError, AttributeError
       settings = {}
    if settings.get('CODE_JAIL'):
        return _load_command_from_django_settings(settings)
    else:
        # .... load alternative/fallback configuration options, if we're not using Django

• putting the entire Codejail interface behind a class, so clients would need to pass the settings into it, like this:

  from django.conf import settings
  codejail = CodeJail(some_setting=settings.CODEJAIL[...], etc..)
  codejail.safe_exec(...)

Hi Ned,

Something I ran into while setting up the load test:

Django's memcache backend seems to accept only certain keys. When I try using safe_exec with spaces or newlines, it raises "MemcachedKeyCharacterError: Control characters not allowed" which causes LoncapaProblem to re-raise the exception in init()

For example, this key causes the exception:
"safe_exec -613400940 \ndef check_func(expect, answer_given):\n return {'ok': answer_given == expect, 'msg': 'Message text'}\n [(u'seed', -613400940)]"

The tests we have for capa mock out the cache, and the local dev settings don't use memcache, which is why they've been passing.

-- Will

This code will run outside of a sandbox:

  import codejail.jail_code
  import codejail.safe_exec
  codejail.jail_code.configure('python', '/home/pmitros/jail/jailbox/bin/python')
  codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})

This code will run in a sandbox:

  import codejail.jail_code
  codejail.jail_code.configure('python', '/home/pmitros/jail/jailbox/bin/python')
  import codejail.safe_exec
  codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})

The only difference is the order of the calls.

The code which specifically breaks is:

UNSAFE = ALWAYS_BE_UNSAFE or not jail_code.is_configured("python")

This runs on import, and if UNSAFE is set, it overrides safe_exec with an unsafe version. The code attempts to log a warning, but fails unless loggers are configured the edX way (simply stating 'No handlers could be found for logger "codejail.safe_exec"').

If codejail is not configured with a user to run commands as, jailed code execution will fail. Effectively, this makes the user config option mandatory rather than optional.

This probably hasn't come up much because most users would configure it with a user. One possibility is to just make the option mandatory.

Details:

jail_code.py builds up a list to pass to subprocess.Popen. This is run as a command with arguments, rather than a shell command string. However, one of the arguments is 'TMPDIR=tmp', a construction to set an environment variable for a process in Bash. TMPDIR=tmp python ... works fine in Bash, but subprocess.Popen(['TMPDIR=tmp', 'python', ...]) does not work because TMPDIR=tmp is not a valid executable.

The reason it works with a user configured is that the command array will then first be prefixed with ['sudo', '-u', user]. The sudo command interprets the remainder of its arguments as a shell string rather than a command and arguments.

Hello,
I would like to execute this python code (containing a print statement and a sleep call for 1 second for each iteration of the range(5)).

The idea was to test and see if PROXY is working as desired. I was excepting to see while executing jail_code.jail_code(...) in the stdout of my terminal progressively displayed the numbers second by second:

1
2
3
4
full-output
- 0
- 1
- 2
- 3
- 4

but didn't happened..
First one should be the output printed by the proxy, and the second one is when I iterate on the result object stdout.

from codejail import jail_code
jail_code.set_limit("REALTIME", 20)
jail_code.set_limit("CPU", 100)
jail_code.set_limit("FSIZE", 10000)
jail_code.set_limit("PROXY", 1)

code = """
import time
for i in range(5):
    print(i)
    time.sleep(1)
"""

res = jail_code.jail_code(
    "python",
    code
)
print("full-output")
for line in res.stdout.decode('utf-8').split('\n'):
    print("-", line)

The issue here is that during this execution of jail_code.jail_code(...) the PROXY didn't seems to print anything in the output is that normal, I'm missing something ?
Thanks in advance.
PS: I have CODEJAIL_TEST_USER/ENV and CODEJAIL_PROXY configured in my ENV.

With the Python 3 upgrade firmly in the rear view mirror, the future package is now both unmaintained and probably unnecessary. Try removing the package and make sure nothing breaks.

Hi,

I followed the installation instructions but I keep getting this error:

SafeExecException: Couldn't execute jailed code: sudo: no tty present and no askpass program specified

Do you have any idea?

Thanks,

Laszlo

Hi,

I'm trying to follow the installation guide but when I tried to run the using codejail code on xserver devstack vangrat server:

import codejail.jail_code
codejail.jail_code.configure('python', '/bin/python')
import codejail.safe_exec
codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})

I got (OSError: [Errno 2] No such file or directory) error:

(xserver)xserver@precise64:/edx/app/xserver/xserver$ python
Python 2.7.3 (default, Feb 27 2014, 19:58:35) 
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import codejail.jail_code                                                                                                                         
>>> codejail.jail_code.configure('python', '/edx/app/xserver/venvs/xserver/bin/python')                                                   
>>> import codejail.safe_exec
>>> codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/edx/app/edxapp/venvs/edxapp/src/codejail/codejail/safe_exec.py", line 137, in safe_exec
    "python", code=jailed_code, stdin=stdin, files=files, slug=slug,
  File "/edx/app/edxapp/venvs/edxapp/src/codejail/codejail/jail_code.py", line 208, in jail_code
    stdout=subprocess.PIPE, stderr=subprocess.PIPE,
  File "/usr/lib/python2.7/subprocess.py", line 679, in __init__
    errread, errwrite)
  File "/usr/lib/python2.7/subprocess.py", line 1249, in _execute_child
    raise child_exception
OSError: [Errno 2] No such file or directory

Debugging codejail I found that if user is None at def configure(command, bin_path, user=None): master/codejail/jail_code.py#L26

The commands cmd at subproc = subprocess.Popen master/codejail/jail_code.py#L219 is ['TMPDIR=tmp', '/edx/app/xserver/venvs/xserver/bin/python', '-E', '-B', 'jailed_code']. Because 'TMPDIR=tmp' is the first parameter to subprocess.Popen subprocess return OSError: [Errno 2] No such file or directory.

Otherwise if I add an user (sandbox) it seems to work:

>>> codejail.jail_code.configure('python', '/edx/app/xserver/venvs/xserver/bin/python', 'sandbox')
>>> codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})

cmd at subproc = subprocess.Popenmaster/codejail/jail_code.py#L219 is ['sudo', '-u', 'sandbox', 'TMPDIR=tmp', '/edx/app/xserver/venvs/xserver-sandbox/bin/python', '-E', '-B', 'jailed_code']

Is codejail work without an user?

On Ubuntu, sitecustomize.py is linked to /etc/python2.7/sitecustomize.py, which tries to import apport_python_hook. This fails due to the AppArmor profile, but I would rather not import it at all.

I tried writing an empty sitecustomize.py into the sandbox directory, but it didn't get imported, not sure why.

I just added provisional python 3 support to my fork of codejail -- https://github.com/VikParuchuri/codejail . There are some other changes in there as well, though.

If there is interest, I could refactor the python 3 compatibility changes and submit a PR here at some point.

This repository is a depedency of edx-platform and needs to be upgraded to Python 3.11 before
the Readwood release is cut (mid-April).

• Requirements are compiled with Python 3.8
• Tests are run on Python 3.8 and 3.11
• (Optional) Tests are also run with 3.12 and passing or 3.12 issues are ticketed.
• Classifiers in setup.py setup.cfg or pyproject.toml indicate Python 3.11 support
• A new version is release to PyPI
• A PR is merged to edx-platform to use the new version

I was following the readme for this and under the Using CodeJail section it mentions that the unsafe code should throw an exception. When I tried it the code did not print out the files in /etc, but it didn't throw an exception either. I didn't know if I'm incorrectly configured or if things have changed. One thing I had to do was

codejail.jail_code.configure('python', '<SANDENV>/bin/python','sandbox')

instead of the written

codejail.jail_code.configure('python', '<SANDENV>/bin/python')

Hi,

Thanks a lot for making this code open source.

I have problems when creating the AppArmor profile. I am using a fresh installation of Ubuntu 14.04 LTS in a machine hosted at Linode.

When I try to run the apparmor_parser, I get the error Warning: unable to find a suitable fs in /proc/mounts, is it mounted?.

Here is my AppArmor profile:

(prueba-sandbox)pepe@li911:~$ cat /etc/apparmor.d/home.pepe.prueba-sandbox.bin.python 
#include <tunables/global>

/home/pepe/prueba-sandbox/bin/python {
    #include <abstractions/base>
    #include <abstractions/python>

    /home/pepe/prueba-sandbox/** mr,
    # If you have code that the sandbox must be able to access, add lines
    # pointing to those directories:
    #/the/path/to/your/sandbox-packages/** r,

    /tmp/codejail-*/ rix,
    /tmp/codejail-*/** wrix,
}

And the error:

(prueba-sandbox)pepe@li911:~$ sudo apparmor_parser /etc/apparmor.d/home.pepe.prueba-sandbox.bin.python 
Warning: unable to find a suitable fs in /proc/mounts, is it mounted?
Use --subdomainfs to override.

Also, when I try to use aa-enforce I get this error.

pepe@li911:~$ sudo aa-enforce /etc/apparmor.d/home.pepe.prueba-sandbox.bin.python 
Setting /etc/apparmor.d/home.pepe.prueba-sandbox.bin.python to enforce mode.
Traceback (most recent call last):
  File "/usr/sbin/aa-enforce", line 30, in <module>
    tool.cmd_enforce()
  File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 166, in cmd_enforce
    raise apparmor.AppArmorException(cmd_info[1])
apparmor.common.AppArmorException: 'Warning: unable to find a suitable fs in /proc/mounts, is it mounted?\nUse --subdomainfs to override.\n'

Note that apparmor is using "/usr/lib/python3/" instead of "/usr/lib/python2.7". Could this be the reason of the error?

Finally, when I try to run the example code I get an error, but I guess that it is related with the previous error:

>>> import codejail.jail_code
>>> codejail.jail_code.configure('python', '/home/pepe/prueba-sandbox/bin/python')
>>> import codejail.safe_exec
>>> codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/pepe/prueba/local/lib/python2.7/site-packages/codejail/safe_exec.py", line 151, in safe_exec
    extra_files=extra_files,
  File "/home/pepe/prueba/local/lib/python2.7/site-packages/codejail/jail_code.py", line 237, in jail_code
    realtime=LIMITS["REALTIME"], rlimits=create_rlimits(),
  File "/home/pepe/prueba/local/lib/python2.7/site-packages/codejail/subproc.py", line 42, in run_subprocess
    stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE,
  File "/usr/lib/python2.7/subprocess.py", line 710, in __init__
    errread, errwrite)
  File "/usr/lib/python2.7/subprocess.py", line 1327, in _execute_child
    raise child_exception

The only related issue that I found is: https://github.com/edx/configuration/issues/1312

Any help would be very much appreciated! Thanks!

See #138, which I opened from my personal fork of codejail.

When trying to run tests, GHA shows:

Error: Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers

This is probably because my fork doesn't have access to secrets from the openedx organization.

This is not an issue from 2U or for most of tCRIL, but is an issue for anyone trying to contribute from an external organization.

https://github.com/edx/codejail/blob/64e0ed418252d583f35a363853a01c0a2920d29a/codejail/jail.py#L216

https://stackoverflow.com/questions/1837874/invalid-token-when-using-octal-numbers

Try using "0o" instead of "0"

Hello !

When I run the following commands:

import codejail.jail_code
codejail.jail_code.configure('python', '/home/klei/ex/sandboxenv/bin/python', 'klei')
import codejail.safe_exec
codejail.safe_exec.safe_exec("import os\nos.system('ls /etc')", {})

I get no output (no matter what code I try to execute).
If I execute in the safe_exec function the following: print(res.stdout, res.status, res.stderr), I get this result:
('{}', 0, '')

Thanks in advance

It would be really interesting if the README in the github wiki would list the software projects that are using CodeJail, to get example of uses and references for integration.