[bug] properly check for local openvpn path

- Resolves: #9099
author: Kali Kaneko <kali@leap.se> 2017-10-07 00:51:13 +0200
committer: Kali Kaneko <kali@leap.se> 2017-10-09 17:14:25 +0200
commit: ff1d9805b71cf3d0e74724cdd89ebb1537cffbba (patch)
tree: a360eec5bd6dfde953da87950fd10fa494e34337
parent: 2d58e0e8e04404b5e7ed9ce1c2165b428586fb94 (diff)
5 files changed, 49 insertions, 27 deletions
diff --git a/docs/changelog.rst b/docs/changelog.rst
index 78c0fc71..c3a40f2f 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -6,6 +6,11 @@ Changelog
 
 .. note:: This version is not yet released and is under active development.
 
+Bugfixes
+~~~~~~~~
+- `#9099 <https://0xacab.org/leap/bitmask-dev/issues/9099>`_: properly check for openvpn binary path in bundles.
+
+
 0.10.1
 ---------------------
 
diff --git a/src/leap/bitmask/vpn/constants.py b/src/leap/bitmask/vpn/constants.py
index c7a5147b..086d700f 100644
--- a/src/leap/bitmask/vpn/constants.py
+++ b/src/leap/bitmask/vpn/constants.py
@@ -1,6 +1,6 @@
 # -*- coding: utf-8 -*-
 # constants.py
-# Copyright (C) 2015 LEAP
+# Copyright (C) 2015-2017 LEAP
 #
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -26,3 +26,11 @@ IS_LINUX = _system == "Linux"
 IS_MAC = _system == "Darwin"
 IS_UNIX = IS_MAC or IS_LINUX
 IS_WIN = _system == "Windows"
+
+if IS_LINUX:
+    BITMASK_ROOT_SYSTEM = '/usr/sbin/bitmask-root'
+    BITMASK_ROOT_LOCAL = '/usr/local/sbin/bitmask-root'
+    OPENVPN_SYSTEM = '/usr/sbin/openvpn'
+    OPENVPN_LOCAL = '/usr/local/sbin/leap-openvpn'
+    POLKIT_LOCAL = '/usr/share/polkit-1/actions/se.leap.bitmask-bundle.policy'
+    POLKIT_SYSTEM = '/usr/share/polkit-1/actions/se.leap.bitmask.policy'
diff --git a/src/leap/bitmask/vpn/helpers/__init__.py b/src/leap/bitmask/vpn/helpers/__init__.py
index 51feb7ad..17281a52 100644
--- a/src/leap/bitmask/vpn/helpers/__init__.py
+++ b/src/leap/bitmask/vpn/helpers/__init__.py
@@ -4,19 +4,15 @@ import os.path
 import sys
 
 from leap.bitmask.vpn.constants import IS_LINUX, IS_MAC
+from leap.bitmask.vpn.constants import BITMASK_ROOT_SYSTEM, BITMASK_ROOT_LOCAL
+from leap.bitmask.vpn.constants import OPENVPN_SYSTEM, OPENVPN_LOCAL
+from leap.bitmask.vpn.constants import POLKIT_SYSTEM, POLKIT_LOCAL
 from leap.bitmask.vpn.privilege import is_pkexec_in_system
 from leap.bitmask.vpn import _config
 
 from leap.bitmask.util import STANDALONE
 
 if IS_LINUX:
-
-    helper_to = '/usr/local/sbin/bitmask-root'
-    deb_helper_to = '/usr/sbin/bitmask-root'
-    polkit_to = '/usr/share/polkit-1/actions/se.leap.bitmask-bundle.policy'
-    deb_polkit_to = '/usr/share/polkit-1/actions/se.leap.bitmask.policy'
-    openvpn_to = '/usr/local/sbin/leap-openvpn'
-
     def install():
         helper_from = _config.get_bitmask_helper_path()
         polkit_from = _config.get_bitmask_polkit_policy_path()
@@ -26,26 +22,31 @@ if IS_LINUX:
         if not os.path.isdir(sbin):
             os.makedirs(sbin)
 
-        copyfile(helper_from, helper_to)
-        chmod(helper_to, 0744)
+        copyfile(helper_from, BITMASK_ROOT_LOCAL)
+        chmod(BITMASK_ROOT_LOCAL, 0744)
 
-        copyfile(polkit_from, polkit_to)
+        copyfile(polkit_from, POLKIT_LOCAL)
 
         if STANDALONE:
-            copyfile(openvpn_from, openvpn_to)
-            chmod(openvpn_to, 0700)
+            copyfile(openvpn_from, OPENVPN_LOCAL)
+            chmod(OPENVPN_LOCAL, 0700)
 
     def uninstall():
-        remove(helper_to)
-        remove(polkit_to)
+        remove(BITMASK_ROOT_LOCAL)
+        remove(POLKIT_LOCAL)
 
     def check():
-        helper = os.path.exists(helper_to) or os.path.isfile(
-            deb_helper_to)
+        helper = (
+            os.path.exists(BITMASK_ROOT_LOCAL) or
+            os.path.isfile(BITMASK_ROOT_SYSTEM))
         polkit = (
-            os.path.exists(polkit_to) or
-            os.path.exists(deb_polkit_to))
-        return is_pkexec_in_system() and helper and polkit
+            os.path.exists(POLKIT_LOCAL) or
+            os.path.exists(POLKIT_SYSTEM))
+        openvpn = (
+            os.path.exists(OPENVPN_LOCAL) or
+            os.path.exists(OPENVPN_SYSTEM))
+
+        return is_pkexec_in_system() and helper and polkit and openvpn
 
 if IS_MAC:
 
diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py
index 14c51550..a8e7c1f5 100644
--- a/src/leap/bitmask/vpn/launcher.py
+++ b/src/leap/bitmask/vpn/launcher.py
@@ -139,7 +139,6 @@ class VPNLauncher(object):
             log.warn('Could not find openvpn bin in path %s' % (
                      openvpn_path))
             err = OpenVPNNotFoundException()
-            err.expected = True
             raise err
 
         args = []
diff --git a/src/leap/bitmask/vpn/launchers/linux.py b/src/leap/bitmask/vpn/launchers/linux.py
index 052040dc..bff2d8cb 100644
--- a/src/leap/bitmask/vpn/launchers/linux.py
+++ b/src/leap/bitmask/vpn/launchers/linux.py
@@ -29,6 +29,7 @@ from twisted.logger import Logger
 
 from leap.bitmask.util import STANDALONE
 from leap.bitmask.vpn.utils import first, force_eval
+from leap.bitmask.vpn import constants
 from leap.bitmask.vpn.privilege import LinuxPolicyChecker
 from leap.bitmask.vpn.management import ManagementProtocol
 from leap.bitmask.vpn.launcher import VPNLauncher
@@ -84,10 +85,10 @@ class LinuxVPNLauncher(VPNLauncher):
 
     class BITMASK_ROOT(object):
         def __call__(self):
-            _global = '/usr/sbin/bitmask-root'
-            _local = '/usr/local/sbin/bitmask-root'
-            if os.path.isfile(_global):
-                return _global
+            _sys = constants.BITMASK_ROOT_SYSTEM
+            _local = constants.BITMASK_ROOT_LOCAL
+            if os.path.isfile(_sys):
+                return _sys
             elif os.path.isfile(_local):
                 return _local
             else:
@@ -95,8 +96,16 @@ class LinuxVPNLauncher(VPNLauncher):
 
     class OPENVPN_BIN_PATH(object):
         def __call__(self):
-            return ("/usr/local/sbin/leap-openvpn" if STANDALONE else
-                    "/usr/sbin/openvpn")
+            _sys = constants.OPENVPN_SYSTEM
+            _local = constants.OPENVPN_LOCAL
+            # XXX this implies that, for the time being, we prefer the system
+            # openvpn if there is any. We assume that the system is kept
+            # up-to-date, since we still do not have a safe way of upgrading
+            # the bundle binaries. See #9101
+            if os.path.exists(_sys):
+                return _sys
+            else:
+                return _local
 
     class POLKIT_PATH(object):
         def __call__(self):
author	Kali Kaneko <kali@leap.se>	2017-10-07 00:51:13 +0200
committer	Kali Kaneko <kali@leap.se>	2017-10-09 17:14:25 +0200
commit	ff1d9805b71cf3d0e74724cdd89ebb1537cffbba (patch)
tree	a360eec5bd6dfde953da87950fd10fa494e34337
parent	2d58e0e8e04404b5e7ed9ce1c2165b428586fb94 (diff)