diff options
author | Kali Kaneko <kali@leap.se> | 2018-04-03 02:45:34 +0200 |
---|---|---|
committer | Ruben Pollan <meskio@sindominio.net> | 2018-04-11 16:40:10 +0200 |
commit | 3169015c5f5eaed5f2ad48e486b1fe96e1eb6bbe (patch) | |
tree | 6394836b65afb6be4768504474964e677c75210a /src/leap/bitmask/vpn/fw/firewall.py | |
parent | 309ea9c35743c11dd29d809e713274840fb0b145 (diff) |
several fixes for riseupvpn snap
- move snap folder to root folder, to allow automated builds
- install only polkit file outside of snap
- change path of bitmask-root accordingly in bitmask
- fix check for polkit file inside snap
- change and document the algorithm for picking bitmask-root in linux
- add LD_LIBRARY_PATH as an environment entry for bitmask-systray
Diffstat (limited to 'src/leap/bitmask/vpn/fw/firewall.py')
-rw-r--r-- | src/leap/bitmask/vpn/fw/firewall.py | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/src/leap/bitmask/vpn/fw/firewall.py b/src/leap/bitmask/vpn/fw/firewall.py index 98b317b0..cc5d76d0 100644 --- a/src/leap/bitmask/vpn/fw/firewall.py +++ b/src/leap/bitmask/vpn/fw/firewall.py @@ -25,7 +25,10 @@ import subprocess from twisted.logger import Logger -from leap.bitmask.system import IS_MAC, IS_LINUX +from leap.bitmask.system import IS_MAC, IS_LINUX, IS_SNAP +from leap.bitmask.vpn.constants import BITMASK_ROOT_SYSTEM +from leap.bitmask.vpn.constants import BITMASK_ROOT_LOCAL +from leap.bitmask.vpn.constants import BITMASK_ROOT_SNAP from leap.common.events import catalog, emit_async from leap.bitmask.vpn.launchers import darwin @@ -87,11 +90,23 @@ class _LinuxFirewallManager(object): This allows us to achieve fail close on a vpn connection. """ - _SYSTEM_BITMASK_ROOT = '/usr/sbin/bitmask-root' - if os.path.isfile(_SYSTEM_BITMASK_ROOT): - BITMASK_ROOT = _SYSTEM_BITMASK_ROOT + # TODO factor out choosing a version of bitmask-root. + # together with linux vpnlauncher. + + if IS_SNAP: + # snap has its own version under /snap + BITMASK_ROOT = BITMASK_ROOT_SNAP + elif IS_STANDALONE and os.path.isfile(BITMASK_ROOT_LOCAL): + # if this is a bundle, we pick local. bundles ask to install it there. + BITMASK_ROOT = BITMASK_ROOT_LOCAL else: - BITMASK_ROOT = "/usr/local/sbin/bitmask-root" + if os.path.isfile(BITMASK_ROOT_SYSTEM): + # we can be running from the debian package, + # or some other distro. it's the maintainer responsibility to put bitmask-root there. + BITMASK_ROOT = BITMASK_ROOT_SYSTEM + else: + # as a last case, we fall back to installing into the /usr/local/sbin version. + BITMASK_ROOT = BITMASK_ROOT_LOCAL def __init__(self, remotes): """ |