def get_vpn_command(kls, vpnconfig, providerconfig, socket_host, remotes, socket_port="unix", openvpn_verb=1): """ Returns the Linux implementation for the vpn launching command. Might raise: NoPkexecAvailable, NoPolkitAuthAgentAvailable, OpenVPNNotFoundException, VPNLauncherException. :param vpnconfig: vpn configuration object :type vpnconfig: VPNConfig :param providerconfig: provider specific configuration :type providerconfig: ProviderConfig :param socket_host: either socket path (unix) or socket IP :type socket_host: str :param socket_port: either string "unix" if it's a unix socket, or port otherwise :type socket_port: str :param openvpn_verb: the openvpn verbosity wanted :type openvpn_verb: int :return: A VPN command ready to be launched. :rtype: list """ command = [] # we use `super` in order to send the class to use command = super(LinuxVPNLauncher, kls).get_vpn_command(vpnconfig, providerconfig, socket_host, socket_port, remotes, openvpn_verb) if IS_SNAP: return [ "pkexec", "/usr/local/sbin/bitmask-root", "openvpn", "start" ] + command command.insert(0, force_eval(kls.BITMASK_ROOT)) command.insert(1, "openvpn") command.insert(2, "start") if os.getuid() != 0: policyChecker = LinuxPolicyChecker() pkexec = policyChecker.get_usable_pkexec() if pkexec: command.insert(0, first(pkexec)) return command
def privcheck(timeout=5): has_pkexec = is_pkexec_in_system() running = LinuxPolicyChecker.is_up() if not running: try: LinuxPolicyChecker.get_usable_pkexec(timeout=timeout) running = LinuxPolicyChecker.is_up() except Exception: running = False result = has_pkexec and running log.debug('Privilege check: %s' % result) return result
def __call__(self): # LinuxPolicyChecker will give us the right path if standalone. return LinuxPolicyChecker.get_polkit_path()
def get_vpn_command(kls, vpnconfig, providerconfig, socket_host, remotes, socket_port="unix", openvpn_verb=1): """ Returns the Linux implementation for the vpn launching command. Might raise: NoPkexecAvailable, NoPolkitAuthAgentAvailable, OpenVPNNotFoundException, VPNLauncherException. :param vpnconfig: vpn configuration object :type vpnconfig: VPNConfig :param providerconfig: provider specific configuration :type providerconfig: ProviderConfig :param socket_host: either socket path (unix) or socket IP :type socket_host: str :param socket_port: either string "unix" if it's a unix socket, or port otherwise :type socket_port: str :param openvpn_verb: the openvpn verbosity wanted :type openvpn_verb: int :return: A VPN command ready to be launched. :rtype: list """ command = [] # we use `super` in order to send the class to use command = super(LinuxVPNLauncher, kls).get_vpn_command(vpnconfig, providerconfig, socket_host, socket_port, remotes, openvpn_verb) if IS_SNAP: # cannot reference bitmask_root because 'local variable command # referenced before assignment' XXX bug! # this should change when bitmask is also a snap. for now, # snap means RiseupVPN return ["pkexec", constants.BITMASK_ROOT_SNAP, "openvpn", "start" ] + command bitmask_root = force_eval(kls.BITMASK_ROOT) command.insert(0, bitmask_root) command.insert(1, "openvpn") command.insert(2, "start") # this is a workaround for integration tests, since it's not # trivial to run polkit inside docker containers. # however, you might want to run bitmask as root under certain # environments, like embedded devices. if os.getuid() != 0: policyChecker = LinuxPolicyChecker() pkexec = policyChecker.get_usable_pkexec() if pkexec: command.insert(0, first(pkexec)) return command