def get_vpn_command(kls,
vpnconfig,
providerconfig,
socket_host,
remotes,
socket_port="unix",
openvpn_verb=1):
"""
Returns the Linux implementation for the vpn launching command.
Might raise:
NoPkexecAvailable,
NoPolkitAuthAgentAvailable,
OpenVPNNotFoundException,
VPNLauncherException.
:param vpnconfig: vpn configuration object
:type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
:type socket_host: str
:param socket_port: either string "unix" if it's a unix socket,
or port otherwise
:type socket_port: str
:param openvpn_verb: the openvpn verbosity wanted
:type openvpn_verb: int
:return: A VPN command ready to be launched.
:rtype: list
"""
command = []
# we use `super` in order to send the class to use
command = super(LinuxVPNLauncher,
kls).get_vpn_command(vpnconfig, providerconfig,
socket_host, socket_port, remotes,
openvpn_verb)
if IS_SNAP:
return [
"pkexec", "/usr/local/sbin/bitmask-root", "openvpn", "start"
] + command
command.insert(0, force_eval(kls.BITMASK_ROOT))
command.insert(1, "openvpn")
command.insert(2, "start")
if os.getuid() != 0:
policyChecker = LinuxPolicyChecker()
pkexec = policyChecker.get_usable_pkexec()
if pkexec:
command.insert(0, first(pkexec))
return command
def privcheck(timeout=5):
has_pkexec = is_pkexec_in_system()
running = LinuxPolicyChecker.is_up()
if not running:
try:
LinuxPolicyChecker.get_usable_pkexec(timeout=timeout)
running = LinuxPolicyChecker.is_up()
except Exception:
running = False
result = has_pkexec and running
log.debug('Privilege check: %s' % result)
return result
def __call__(self):
# LinuxPolicyChecker will give us the right path if standalone.
return LinuxPolicyChecker.get_polkit_path()
def get_vpn_command(kls,
vpnconfig,
providerconfig,
socket_host,
remotes,
socket_port="unix",
openvpn_verb=1):
"""
Returns the Linux implementation for the vpn launching command.
Might raise:
NoPkexecAvailable,
NoPolkitAuthAgentAvailable,
OpenVPNNotFoundException,
VPNLauncherException.
:param vpnconfig: vpn configuration object
:type vpnconfig: VPNConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
:type socket_host: str
:param socket_port: either string "unix" if it's a unix socket,
or port otherwise
:type socket_port: str
:param openvpn_verb: the openvpn verbosity wanted
:type openvpn_verb: int
:return: A VPN command ready to be launched.
:rtype: list
"""
command = []
# we use `super` in order to send the class to use
command = super(LinuxVPNLauncher,
kls).get_vpn_command(vpnconfig, providerconfig,
socket_host, socket_port, remotes,
openvpn_verb)
if IS_SNAP:
# cannot reference bitmask_root because 'local variable command
# referenced before assignment' XXX bug!
# this should change when bitmask is also a snap. for now,
# snap means RiseupVPN
return ["pkexec", constants.BITMASK_ROOT_SNAP, "openvpn", "start"
] + command
bitmask_root = force_eval(kls.BITMASK_ROOT)
command.insert(0, bitmask_root)
command.insert(1, "openvpn")
command.insert(2, "start")
# this is a workaround for integration tests, since it's not
# trivial to run polkit inside docker containers.
# however, you might want to run bitmask as root under certain
# environments, like embedded devices.
if os.getuid() != 0:
policyChecker = LinuxPolicyChecker()
pkexec = policyChecker.get_usable_pkexec()
if pkexec:
command.insert(0, first(pkexec))
return command