IQg (ddlZddlZddlZddlZdZdZGddeZGddeZGdd Z d Z dd Z ddZ ddZ dZdZdZddZdZdZdS)Nz/etc/cagefs/cagefs.mpz/usr/sbin/cagefsctlceZdZdZdZdS)CagefsMpConflictc2d|dtd|d|_dS)NzConflict in adding 'z' to z5 because of pre-existing alternative specification: '')CAGEFS_MP_FILENAME_msg)selfnew_item existing_items q/builddir/build/BUILD/imunify360-venv-2.5.0/opt/imunify360/venv/lib/python3.11/site-packages/clcommon/clcagefs.py__init__zCagefsMpConflict.__init__sE T8 T T2D T TCP T T T c|jSN)rr s r __str__zCagefsMpConflict.__str__s yrN)__name__ __module__ __qualname__r rrr rrs2   rrceZdZdZdZdS)CagefsNotSupportedErrorzCagefs Not Supported Exceptionc<t||dSr) Exceptionr )r messages r r z CagefsNotSupportedError.__init__ s4)))))rN)rrr__doc__r rrr rrs)((*****rrceZdZdZdZdZdZdZdZe dZ dZ d Z d Z e d Ze d Ze d ZdZdZdS) CagefsMpItemz@!%*!c|dddkr d|_dS|dkr d|_dS||_dS)zConstructor :param arg: Is either path to add to cagefs.mp or a raw line is read from cagefs.mp :param prefix: The same as adding prefix '!' to arg before passing it to ctorN#r) _path_specstrip)r args r r zCagefsMpItem.__init__*sI rr7c>>"DOOO YY[[B  "DOOO!DOOOrc^|dkr||jd|d|_|S)z%Specify mode as in fluent constructor@N,03o)prefixr$)r modes r r,zCagefsMpItem.mode7s; ;;==C  D$4!%==4===DO rc|jSrr$rs r rzCagefsMpItem.__str__?s rc8|dkrdS|ddkr|dzS|S)Nr/r)paths r _add_slashzCagefsMpItem._add_slashBs, 2::3 8s??#:  rcdt|}|s|rdSt|}t|}||SNF)r_adoptis_dummyr3r2 startswith)r anotheradopted this_pathtest_preexist_in_paths r pre_exist_inzCagefsMpItem.pre_exist_inJs%%g.. ==?? g..00 5 ++DIIKK88 , 7 7  G G##$9:::rct|}|s|rdS||krdStjtjgi}g}||||vS)NFT)rr6r7r+_PREFIX_MOUNT_RW_PREFIX_MOUNT_ROget)r existingr:prefix_compatibility_map null_optionss r is_compatible_by_prefix_withz)CagefsMpItem.is_compatible_by_prefix_withVs%%h// ==?? g..00 5 ;;==GNN,, , ,4%1%BlFcEd#f  {{}} 8 < >. ) ))rc|d}|d}tj|stj||tj||tj|||dS)Nr1)rWr2isdirmkdirchmodchown)r2r,owner_idgroup_ids r _mk_mount_dir_setup_permrcsm 7==     tHT8X&&&&&rFc tsdS| tddg}n td|g}|r-tj|tjtjdStj|tjtjddS)Nz --wait-lockz --remount-allz --remount)stdoutstderrFrerfcheck)rZrY subprocessPopenDEVNULLrun)userremount_in_backgroundcommands r _remount_cagefsrps    |!=/B!;5   %%       %%       rrc t||||tsdStjt s3t jtdgt j t j dttt dd5}t||z | d|D} fd | D} | sb|d d |&|}t!d || t! | |rt#|n1 | dst' | dddddS#1swxYwYdS)a Add mount point to /etc/cagefs/cagefs.mp :param path: Directory path to be added in cagefs.mp and mounted from within setup_mount_dir_cagefs(). If this directory does not exist, then it is created. :param added_by: package or component, mount dir relates to, or whatever will stay in cagefs.mp with "# added by..." comment :param mode: If is not None: Regardless of whether directory exists or not prior this call, it's permissions will be set to mode. :param owner_id: Regardless of whether directory exists or not prior this call, it's owner id will be set to. If None, the owner won't be changed. :param group_id: Regardless of whether directory exists or not prior this call, it's group id will be set to. If None, the group won't be changed. :param prefix: Mount point prefix. Default is mount as RW. Pass '!' to add read-only mount point. Refer CageFS section at http://docs.cloudlinux.com/ for more options. :param remount_cagefs: If True, cagefs skeleton will be automatically remounted to apply changes. :param remount_in_background: If True, cagefs remount will be done in separate background process, without waiting for completion :returns: None Propagates native EnvironmentError if no CageFS installed or something else goes wrong. Raises CagefsMpConflict if path is already specified in cagefs.mp, but in a way which is opposite to mount_as_readonly param. Nz --create-mpFrgzr+utf-8encodingc3>K|]}|VdSr)rstrip).0 file_lines r z)setup_mount_dir_cagefs..s.>>y ((**>>>>>>rc>g|]}||Sr)r=)rwrIr s r z*setup_mount_dir_cagefs..s,PPP!x7L7LQ7O7OPAPPPrrz# next line is added by )filernr1)rcrZrWr2rXrrirlrYrkadd_new_line_to_cagefs_mpopenrr,seekr%printrprEr) r2added_byr,rarbr+remount_cagefsrnf trim_nl_iterpre_exist_optionr s @r setup_mount_dir_cagefsrsRT48<<<    7>>, - -  ] +%%       $ 9 9 9CQ ..33D99>>A>>> PPPP|PPP C FF1aLLL##>>++0(CCCC ( # # # # M6KLLLL667G7KLL C"8-=b-ABB B'CCCCCCCCCCCCCCCCCCs CFF Fcttdd5}|cdddS#1swxYwYdS)Nrrrrs)rr readlines)rs r _get_cagefs_mp_linesrs  # 8 8 8A{{}}s 9==cttdd5}||cdddS#1swxYwYdS)Nwrrrs)rr writelines)linesrs r _write_cagefs_mp_linesrs  # 8 8 8#A||E""##################s :>>ct}|r?|ddkr5|dddkr%|dxxdz cc<t|dSdSdSdS)zR Add new line to the end of /etc/cagefs/cagefs.mp file if it is not there rrr1 N)rr)rs r rr ss ! " "E &qRE"IbMT$9$9 b T u%%%%%&&$9$9rc8t}tjdtjdtj|dfd|D}t |t |krdSt||rt|dSdS)af Remove mount points matching given path from cagefs.mp file :param str path: Path that should be removed from file. :param bool remount_cagefs: Remount cagefs skeleton or not :param remount_in_background: If True, cagefs remount will be done in separate background process, without waiting for completion :return: Nothing z^[z]?z(,\d+)?$c>g|]}||Sr)match)rwliners r r{z+remove_mount_dir_cagefs..$s(LLLaggdmmLLLLrNr~) rrecompilerrQescapelenrrp)r2rrnrlines_with_excluded_pathrs @r remove_mount_dir_cagefsrs ! " "E N1NNRYt__NNNOOALLLLLLL 5zzS122223444E.CDDDDDDEErc@tjdS)zEIf this folder /var/.cagefs exists, it means process is inside cagefsz /var/.cagefs)rWr2r]rrr in_cagefsr/s 7== ( ((rc d}|tjvrtj|ddl}n#t$rYdSwxYw ||sdSn"#t $r}td|d}~wwxYwdS)z, Check that cagefs enabled for user z/usr/share/cagefs/rNFz;ERROR: CageFS version is unsupported. Please update CageFS.T)sysr2append cagefsctl ImportErroris_user_enabledAttributeErrorr)rmcagefs_lib_dirres r _is_cagefs_enabledr4s-  ) ) HOON + + + uu((.. 5  % I    4s'36 AAA A?*A::A?)r[NNr5)Nr[NNrFF)FF)rWrrirrrYrrrrrZrcrprrrrrrrrrr rs  ,*     y   *****i*** ________D*** ' ' ' '     .UYRWOCOCOCOCd ### &&&EEEE.))) r