Multiple Python Modules #1845

Open
sword2100 opened this Issue Nov 14, 2016 · 7 comments

Projects

None yet

4 participants

@sword2100
sword2100 commented Nov 14, 2016 edited

Issue type

  • Defect

Defect description

Using SLES 12 SP1 with github source compiled version 3.0.13

radiusd: FreeRADIUS Version 3.0.13, for host x86_64-unknown-linux-gnu, built on Nov 14 2016 at 10:58:45
FreeRADIUS Version 3.0.13
Copyright (C) 1999-2016 The FreeRADIUS server project and contributors

Trying to use multiple python modules/files.
I have created two python files:

  • /usr/local/etc/raddb/mods-config/python/one.py

  • /usr/local/etc/raddb/mods-config/python/two.py

Changed the needed lines at python module

  • /usr/local/etc/raddb/mods-available/python
python one{
        python_path="/usr/local/etc/raddb/mods-config/python/:/usr/lib64/python2.7/:/usr/lib64/python2.7/site-packages/:/usr/lib64/python2.7/lib-dynload/"
        module = one

        mod_authorize = ${.module}
        func_authorize = authorize
}

python two{
        python_path="/usr/local/etc/raddb/mods-config/python/:/usr/lib64/python2.7/:/usr/lib64/python2.7/site-packages/:/usr/lib64/python2.7/lib-dynload/"
        module = two

        mod_authorize = ${.module}
        func_authorize = authorize
}

And added to the default server

  • /usr/local/etc/raddb/sites-available/default
authorize {
        filter_username
        preprocess
        auth_log
        one
        two
}

Running FreeRadius with radius -XXX and get this message

Debug:   # Instantiating module "one" from file /usr/local/etc/raddb/mods-enabled/python
Info: Python version: 2.7.9 (default, Dec 21 2014, 11:02:59) [GCC]
Debug:   # Instantiating module "two" from file /usr/local/etc/raddb/mods-enabled/python
Error: python_function_load - Module 'two' not found
Error: <type 'exceptions.SystemError'> (null argument to internal routine)
Error: python_function_load - Failed to import python function 'two.authorize'
Error: /usr/local/etc/raddb/mods-enabled/python[27]: Instantiation failed for module "two"

It looks like for the second module the python_path is not working.
I've already tried to export the PYTHONPATH="[as in module]" but same message.

@herwinw
Member
herwinw commented Nov 15, 2016

The code that sets the python path basicly looks like this:

path = talloc_strdup(NULL, inst->python_path);
PySys_SetPath(path);
talloc_free(path);

There is no reference to the actual interpreter that should be used here, so I guess this is a kind of global setting. I can't really find any information on how to set the path for a specific interpreter (which still would be flawed, because the cext_compat option allows you to reuse the main interpreter)

A possible option would to move the python path out of the instance config to a global setting, but this doesn't really fit well with the config format used in Freeradius.

Is it possible to set the Python path from within a script? In that case I guess the best solution here would be to encourage that, and eventually drop the python_path config option.

@arr2036
Member
arr2036 commented Nov 15, 2016

Yeah I remember it being global. Maybe just complain that it's already set?

@arr2036
Member
arr2036 commented Nov 15, 2016

...and yes Python really doesn't embed well.

@herwinw
Member
herwinw commented Nov 15, 2016

Yeah I remember it being global. Maybe just complain that it's already set?

That can still cause some unexpected behaviour. Imagine this config

python python_stable {
  module = blah
  ...
}
python python_testing {
  python_path = /somewhere/python/testing
  module = blah
 ....
}

This won't issue any complaints because we only set it once, but suddenly your python_stable call uses the testing libraries.

@arr2036
Member
arr2036 commented Nov 15, 2016

Refuse to start if it's not set to the same value across all instances.

@Deisuan
Contributor
Deisuan commented Nov 22, 2016

I'll have a look whether or not the python3 module still has the same issue, as soon as I've fixed some other issues.

@herwinw
Member
herwinw commented Nov 22, 2016

Refuse to start if it's not set to the same value across all instances.

I'm afraid that's the only working option left. Then again, I would probably start cursing at my monitor when I would get that as a config error, it would just feel a bit retarded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment