登录
首页 >  Golang >  Go问答

权限被拒绝:Go中monkey.PatchInstanceMethod返回的错误

来源:stackoverflow

时间:2024-03-14 11:00:30 278浏览 收藏

学习知识要善于思考,思考,再思考!今天golang学习网小编就给大家带来《权限被拒绝:Go中monkey.PatchInstanceMethod返回的错误》,以下内容主要包含等知识点,如果你正在学习或准备学习Golang,就都不要错过本文啦~让我们一起来看看吧,能帮助到你就更好了!

问题内容

我试图提出一个简单、最小的示例来重现此错误,但无法做到(它只发生在一个私人存储库中),但我将首先展示我的尝试。假设我们有一个具有以下结构的 go 模块:

.
├── command
│   ├── command.go
│   └── command_test.go
├── go.mod
└── go.sum

go.mod 读取的位置

module github.com/kurtpeek/monkeypatching

go 1.12

require (
    bou.ke/monkey v1.0.2
    github.com/google/go-cmp v0.3.1 // indirect
    github.com/pkg/errors v0.8.1 // indirect
    github.com/stretchr/testify v1.4.0
    gotest.tools v2.2.0+incompatible
)

command.go 读取

package command

import "os/exec"

// runcommand runs a command
func runcommand() ([]byte, error) {
    return exec.command("profiles", "list", "-all").output()
}

command_test.go

package command

import (
    "os/exec"
    "reflect"
    "testing"

    "bou.ke/monkey"
    "github.com/stretchr/testify/assert"
    "github.com/stretchr/testify/require"
)

func testruncommand(t *testing.t) {
    var cmd *exec.cmd
    patchguard := monkey.patchinstancemethod(reflect.typeof(cmd), "output", func(_ *exec.cmd) ([]byte, error) {
        return []byte("foobar"), nil
    })
    defer patchguard.unpatch()

    output, err := runcommand()
    require.noerror(t, err)
    assert.equal(t, []byte("foobar"), output)
}

此测试通过。

现在,在我的“真实”存储库中,我有一个类似的单元测试

func testfindidentity(t *testing.t) {
    certpem, err := ioutil.readfile("testdata/6dc9bf91-37c6-4882-bfaf-301f118f7fac.pem")
    require.noerror(t, err)

    var cmd *exec.cmd
    patchguard := monkey.patchinstancemethod(reflect.typeof(cmd), "output", func(_ *exec.cmd) ([]byte, error) {
        output, err := ioutil.readfile("testdata/find_identity_match.txt")
        require.noerror(t, err)
        return output, nil
    })
    defer patchguard.unpatch()

    found, err := findidentity(certpem)

    assert.true(t, found)
}

findidentity() 读取的位置

// findidentity checks whether there is an identity (certificate + private key) for the given certificate in the system keychain
func findidentity(certpem []byte) (bool, error) {
    ctx, cancel := context.withtimeout(context.todo(), time.second*5)
    defer cancel()

    fingerprint, err := getfingerprint(certpem)
    if err != nil {
        return false, fmt.errorf("get cert fingerprint: %v", err)
    }

    output, err := exec.commandcontext(ctx, cmdsecurity, "find-identity", systemkeychain).output()
    if err != nil {
        return false, fmt.errorf("find identity: %v", err)
    }

    return strings.contains(string(output), fingerprint), nil
}

// getfingerprint generates a sha-1 fingerprint of a certificate, which is how it can be identified from the `security` command
func getfingerprint(certpem []byte) (string, error) {
    block, _ := pem.decode(certpem)
    if block == nil {
        return "", errors.new("failed to decode cert pem")
    }

    cert, err := x509.parsecertificate(block.bytes)
    if err != nil {
        return "", fmt.errorf("parse certificate: %v", err)
    }

    fingerprint := fmt.sprintf("%x", sha1.sum(cert.raw))
    fingerprint = strings.replace(fingerprint, " ", "", -1)
    return strings.toupper(fingerprint), nil
}

同样,它使用在单元测试中修补的 command 。但是,如果我尝试运行单元测试,则会收到此错误:

running tool: /usr/local/opt/[email protected]/bin/go test -timeout 30s github.com/fleetsmith/agent/agent/auth/defaultauth -run ^(testfindidentity)$

--- fail: testfindidentity (0.00s)
panic: permission denied [recovered]
    panic: permission denied

goroutine 25 [running]:
testing.trunner.func1(0xc000494100)
    /usr/local/cellar/[email protected]/1.12.12/libexec/src/testing/testing.go:830 +0x392
panic(0x48fede0, 0xc000554730)
    /usr/local/cellar/[email protected]/1.12.12/libexec/src/runtime/panic.go:522 +0x1b5
bou.ke/monkey.mprotectcrosspage(0x41c20e0, 0xc, 0x7)
    /users/kurt/go/pkg/mod/bou.ke/[email protected]/replace_unix.go:15 +0xe6
bou.ke/monkey.copytolocation(0x41c20e0, 0xc0000ebd2c, 0xc, 0xc)
    /users/kurt/go/pkg/mod/bou.ke/[email protected]/replace_unix.go:26 +0x6d
bou.ke/monkey.replacefunction(0x41c20e0, 0xc0001a2510, 0x13, 0x41c20e0, 0x48c3b00)
    /users/kurt/go/pkg/mod/bou.ke/[email protected]/replace.go:29 +0xe6
bou.ke/monkey.patchvalue(0x48c3b60, 0xc0000bc078, 0x13, 0x48c3b60, 0xc0001a2510, 0x13)
    /users/kurt/go/pkg/mod/bou.ke/[email protected]/monkey.go:87 +0x22f
bou.ke/monkey.patchinstancemethod(0x4b359a0, 0x4996280, 0x49d0699, 0x6, 0x48c3b60, 0xc0001a2510, 0x0)
    /users/kurt/go/pkg/mod/bou.ke/[email protected]/monkey.go:62 +0x160
github.com/fleetsmith/agent/agent/auth/defaultauth.testfindidentity(0xc000494100)
    /users/kurt/go/src/github.com/fleetsmith/agent/agent/auth/defaultauth/keychain_test.go:46 +0x146
testing.trunner(0xc000494100, 0x4a30260)
    /usr/local/cellar/[email protected]/1.12.12/libexec/src/testing/testing.go:865 +0xc0
created by testing.(*t).run
    /usr/local/cellar/[email protected]/1.12.12/libexec/src/testing/testing.go:916 +0x35a
fail    github.com/fleetsmith/agent/agent/auth/defaultauth  0.390s
error: tests failed.

具体来说,在这一行调用 monkey.patchinstancemethod 时,我收到 permission returned 恐慌:

patchGuard := monkey.PatchInstanceMethod(reflect.TypeOf(cmd), "Output", func(_ *exec.Cmd) ([]byte, error) {

})

知道什么可能导致这种情况吗?我的“真实”存储库和我的临时存储库之间肯定存在一些差异。


解决方案


您可以尝试这个:https://github.com/eisenxp/macos-golink-wrapper

这是在 macos catalina 10.15.x 上使用 gomonkey 或 gohook 时 golang 中“syscall.mprotect panic: permission denied”的解决方案。

  1. 下载该工具。
cd `go env gopath`
git clone https://github.com/eisenxp/macos-golink-wrapper.git
  1. 将文件 link 重命名为 original_link
mv `go env gotooldir`/link `go env gotooldir`/original_link
  1. 将工具复制到 gotooldir
cp `go env gopath`/macos-golink-wrapper/link  `go env gotooldir`/link
  1. link添加执行权限
chmod +x `go env GOTOOLDIR`/link

这解决了我的问题,希望对你有帮助。

好了,本文到此结束,带大家了解了《权限被拒绝:Go中monkey.PatchInstanceMethod返回的错误》,希望本文对你有所帮助!关注golang学习网公众号,给大家分享更多Golang知识!

声明:本文转载于:stackoverflow 如有侵犯,请联系study_golang@163.com删除
相关阅读
更多>
最新阅读
更多>
课程推荐
更多>