def check_polkit():
"""
Check if we have a running polkit agent and tries to launch an agent if
needed.
Show an error message if there is no agent and we couldn't run one.
:return: True if we have a polkit running (or if we started one), False
otherwise
:rtype: bool
"""
if LinuxPolicyChecker.is_up():
return True
try:
LinuxPolicyChecker.maybe_pkexec()
return True
except Exception:
logger.error("No polkit agent running.")
msg = QtGui.QMessageBox()
msg.setWindowTitle(msg.tr("No polkit agent running"))
msg.setText(
msg.tr('There is no polkit agent running and it is needed to run '
'the Bitmask services.<br>Take a look at the '
'<a href="https://leap.se/en/docs/client/known-issues">'
'known issues</a> page'))
msg.setIcon(QtGui.QMessageBox.Critical)
msg.exec_()
return False
def check_polkit():
"""
Check if we have a running polkit agent and tries to launch an agent if
needed.
Show an error message if there is no agent and we couldn't run one.
:return: True if we have a polkit running (or if we started one), False
otherwise
:rtype: bool
"""
if LinuxPolicyChecker.is_up():
return True
try:
LinuxPolicyChecker.maybe_pkexec()
return True
except Exception:
logger.error("No polkit agent running.")
msg = QtGui.QMessageBox()
msg.setWindowTitle(msg.tr("No polkit agent running"))
msg.setText(
msg.tr('There is no polkit agent running and it is needed to run '
'the Bitmask services.<br>Take a look at the '
'<a href="https://leap.se/en/docs/client/known-issues">'
'known issues</a> page'))
msg.setIcon(QtGui.QMessageBox.Critical)
msg.exec_()
return False
def _run(self, cmd):
"""
Run an email firewall command with bitmask-root
Might raise:
NoPkexecAvailable,
NoPolkitAuthAgentAvailable,
:param cmd: command to send to bitmask-root fw-email
:type cmd: [str]
:returns: exit code of bitmask-root
:rtype: int
"""
command = []
policyChecker = LinuxPolicyChecker()
pkexec = policyChecker.maybe_pkexec()
if pkexec:
command.append(first(pkexec))
command.append(force_eval(self.BITMASK_ROOT))
command.append("fw-email")
command += cmd
# XXX: will be nice to use twisted ProcessProtocol instead of
# subprocess to avoid blocking until it finish
return subprocess.call(command)
def _run(self, cmd):
"""
Run an email firewall command with bitmask-root
Might raise:
NoPkexecAvailable,
NoPolkitAuthAgentAvailable,
:param cmd: command to send to bitmask-root fw-email
:type cmd: [str]
:returns: exit code of bitmask-root
:rtype: int
"""
command = []
policyChecker = LinuxPolicyChecker()
pkexec = policyChecker.maybe_pkexec()
if pkexec:
command.append(first(pkexec))
command.append(force_eval(self.BITMASK_ROOT))
command.append("fw-email")
command += cmd
# XXX: will be nice to use twisted ProcessProtocol instead of
# subprocess to avoid blocking until it finish
return subprocess.call(command)
def get_vpn_command(kls,
eipconfig,
providerconfig,
socket_host,
socket_port="unix",
openvpn_verb=1):
"""
Returns the Linux implementation for the vpn launching command.
Might raise:
EIPNoPkexecAvailable,
EIPNoPolkitAuthAgentAvailable,
OpenVPNNotFoundException,
VPNLauncherException.
:param eipconfig: eip configuration object
:type eipconfig: EIPConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
:type socket_host: str
:param socket_port: either string "unix" if it's a unix socket,
or port otherwise
:type socket_port: str
:param openvpn_verb: the openvpn verbosity wanted
:type openvpn_verb: int
:return: A VPN command ready to be launched.
:rtype: list
"""
# we use `super` in order to send the class to use
command = super(LinuxVPNLauncher,
kls).get_vpn_command(eipconfig, providerconfig,
socket_host, socket_port,
openvpn_verb)
command.insert(0, force_eval(kls.BITMASK_ROOT))
command.insert(1, "openvpn")
command.insert(2, "start")
policyChecker = LinuxPolicyChecker()
try:
pkexec = policyChecker.maybe_pkexec()
except NoPolkitAuthAgentAvailable:
raise EIPNoPolkitAuthAgentAvailable()
except NoPkexecAvailable:
raise EIPNoPkexecAvailable()
if pkexec:
command.insert(0, first(pkexec))
return command
def get_vpn_command(kls, eipconfig, providerconfig, socket_host, socket_port="unix", openvpn_verb=1):
"""
Returns the Linux implementation for the vpn launching command.
Might raise:
EIPNoPkexecAvailable,
EIPNoPolkitAuthAgentAvailable,
OpenVPNNotFoundException,
VPNLauncherException.
:param eipconfig: eip configuration object
:type eipconfig: EIPConfig
:param providerconfig: provider specific configuration
:type providerconfig: ProviderConfig
:param socket_host: either socket path (unix) or socket IP
:type socket_host: str
:param socket_port: either string "unix" if it's a unix socket,
or port otherwise
:type socket_port: str
:param openvpn_verb: the openvpn verbosity wanted
:type openvpn_verb: int
:return: A VPN command ready to be launched.
:rtype: list
"""
# we use `super` in order to send the class to use
command = super(LinuxVPNLauncher, kls).get_vpn_command(
eipconfig, providerconfig, socket_host, socket_port, openvpn_verb
)
command.insert(0, force_eval(kls.BITMASK_ROOT))
command.insert(1, "openvpn")
command.insert(2, "start")
policyChecker = LinuxPolicyChecker()
try:
pkexec = policyChecker.maybe_pkexec()
except NoPolkitAuthAgentAvailable:
raise EIPNoPolkitAuthAgentAvailable()
except NoPkexecAvailable:
raise EIPNoPkexecAvailable()
if pkexec:
command.insert(0, first(pkexec))
return command
def _linux_install_missing_scripts(badexec, notfound):
"""
Try to install the missing helper files.
:param badexec: error for notifying execution error during command.
:type badexec: str
:param notfound: error for notifying missing path.
:type notfound: str
:returns: True if the files could be copied successfully.
:rtype: bool
"""
success = False
installer_path = os.path.abspath(
os.path.join(os.getcwd(), "..", "apps", "eip", "files"))
install_helper = "leap-install-helper.sh"
install_helper_path = os.path.join(installer_path, install_helper)
install_opts = ("--from-path %s --install-bitmask-root YES "
"--install-polkit-file YES --install-openvpn YES "
"--remove-old-files YES" % (installer_path,))
if os.path.isdir(installer_path):
try:
policyChecker = LinuxPolicyChecker()
pkexec = first(policyChecker.maybe_pkexec())
cmdline = ["%s %s %s" % (
pkexec, install_helper_path, install_opts)]
ret = subprocess.call(
cmdline, stdout=subprocess.PIPE,
shell=True)
success = ret == 0
if not success:
logger.error("Install of helpers failed.")
except Exception as exc:
logger.error(badexec)
logger.error("Error was: %r" % (exc,))
else:
logger.error(notfound)
logger.debug('path searched: %s' % (installer_path,))
return success
def _linux_install_missing_scripts(badexec, notfound):
"""
Try to install the missing helper files.
:param badexec: error for notifying execution error during command.
:type badexec: str
:param notfound: error for notifying missing path.
:type notfound: str
:returns: True if the files could be copied successfully.
:rtype: bool
"""
success = False
installer_path = os.path.abspath(
os.path.join(os.getcwd(), "..", "apps", "eip", "files"))
install_helper = "leap-install-helper.sh"
install_helper_path = os.path.join(installer_path, install_helper)
install_opts = ("--from-path %s --install-bitmask-root YES "
"--install-polkit-file YES --install-openvpn YES "
"--remove-old-files YES" % (installer_path, ))
if os.path.isdir(installer_path):
try:
policyChecker = LinuxPolicyChecker()
pkexec = first(policyChecker.maybe_pkexec())
cmdline = [
"%s %s %s" % (pkexec, install_helper_path, install_opts)
]
ret = subprocess.call(cmdline, stdout=subprocess.PIPE, shell=True)
success = ret == 0
if not success:
logger.error("Install of helpers failed.")
except Exception as exc:
logger.error(badexec)
logger.error("Error was: %r" % (exc, ))
else:
logger.error(notfound)
logger.debug('path searched: %s' % (installer_path, ))
return success
