diff options
author | Kali Kaneko <kali@leap.se> | 2018-02-28 22:43:02 +0100 |
---|---|---|
committer | Kali Kaneko <kali@leap.se> | 2018-03-02 03:54:17 +0100 |
commit | b3549ae8cd496bbb16b7aa67e35717b60378dbf7 (patch) | |
tree | a82dcfd852d4419c8d712e3297756687c200a7bb /src/leap/bitmask/vpn | |
parent | 64a159436428450aec8170b49d5b3ae895560d79 (diff) |
[bug] fix launching of vpn for snaps
Diffstat (limited to 'src/leap/bitmask/vpn')
-rw-r--r-- | src/leap/bitmask/vpn/constants.py | 2 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/helpers/__init__.py | 11 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/launchers/linux.py | 33 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/privilege.py | 5 |
4 files changed, 36 insertions, 15 deletions
diff --git a/src/leap/bitmask/vpn/constants.py b/src/leap/bitmask/vpn/constants.py index 086d700f..32f35e93 100644 --- a/src/leap/bitmask/vpn/constants.py +++ b/src/leap/bitmask/vpn/constants.py @@ -18,6 +18,7 @@ """ System constants """ +import os import platform _system = platform.system() @@ -26,6 +27,7 @@ IS_LINUX = _system == "Linux" IS_MAC = _system == "Darwin" IS_UNIX = IS_MAC or IS_LINUX IS_WIN = _system == "Windows" +IS_SNAP = os.environ.get('SNAP') if IS_LINUX: BITMASK_ROOT_SYSTEM = '/usr/sbin/bitmask-root' diff --git a/src/leap/bitmask/vpn/helpers/__init__.py b/src/leap/bitmask/vpn/helpers/__init__.py index 8ec50999..3249456c 100644 --- a/src/leap/bitmask/vpn/helpers/__init__.py +++ b/src/leap/bitmask/vpn/helpers/__init__.py @@ -4,11 +4,15 @@ from hashlib import sha512 import os.path import sys +from twisted.logger import Logger + from leap.bitmask.vpn.constants import IS_LINUX, IS_MAC from leap.bitmask.vpn import _config from leap.bitmask.util import STANDALONE +log = Logger() + if IS_LINUX: from leap.bitmask.vpn.constants import BITMASK_ROOT_SYSTEM @@ -60,18 +64,25 @@ if IS_LINUX: _check_openvpn()) def _check_helper(): + log.debug('Checking whether helper exists') helper_path = _config.get_bitmask_helper_path() if not _exists_and_can_read(helper_path): + log.debug('Cannot read helpers') return True helper_path_digest = digest(helper_path) if (_exists_and_can_read(BITMASK_ROOT_SYSTEM) and helper_path_digest == digest(BITMASK_ROOT_SYSTEM)): + log.debug('global bitmask-root: %s' % os.path.isfile(BITMASK_ROOT_SYSTEM)) + log.debug('global bitmask-root: %s' % digest(BITMASK_ROOT_SYSTEM)) return True if (_exists_and_can_read(BITMASK_ROOT_LOCAL) and helper_path_digest == digest(BITMASK_ROOT_LOCAL)): + log.debug('local bitmask-root: %s' % os.path.isfile(BITMASK_ROOT_LOCAL)) + log.debug('local bitmask-root: %s' % digest(BITMASK_ROOT_LOCAL)) return True + log.debug('No valid bitmask-root found') return False def _check_openvpn(): diff --git a/src/leap/bitmask/vpn/launchers/linux.py b/src/leap/bitmask/vpn/launchers/linux.py index 48977835..3b541d33 100644 --- a/src/leap/bitmask/vpn/launchers/linux.py +++ b/src/leap/bitmask/vpn/launchers/linux.py @@ -35,6 +35,7 @@ from leap.bitmask.vpn.privilege import LinuxPolicyChecker from leap.bitmask.vpn.management import ManagementProtocol from leap.bitmask.vpn.launcher import VPNLauncher +IS_SNAP = os.environ.get('SNAP') TERMINATE_MAXTRIES = 10 TERMINATE_WAIT = 1 # secs @@ -86,15 +87,19 @@ class LinuxVPNLauncher(VPNLauncher): class BITMASK_ROOT(object): def __call__(self): - current_version = self._version(_config.get_bitmask_helper_path()) + current_version = self._version(_config.get_bitmask_helper_path()) _sys = constants.BITMASK_ROOT_SYSTEM _sys_version = 0 + _local = constants.BITMASK_ROOT_LOCAL + _local_version = 0 + + if IS_SNAP: + return _local + if os.path.isfile(_sys): _sys_version = self._version(_sys) - _local = constants.BITMASK_ROOT_LOCAL - _local_version = 0 if os.path.isfile(_local): _local_version = self._version(_local) @@ -120,6 +125,12 @@ class LinuxVPNLauncher(VPNLauncher): class OPENVPN_BIN_PATH(object): def __call__(self): + + #if IS_SNAP: + # this should change when bitmask is also a snap. for now, + # snap means RiseupVPN + # return '/snap/bin/riseup-vpn/bin/riseup-vpn.openvpn' + _sys = constants.OPENVPN_SYSTEM _local = constants.OPENVPN_LOCAL # XXX this implies that, for the time being, we prefer the system @@ -165,37 +176,31 @@ class LinuxVPNLauncher(VPNLauncher): :return: A VPN command ready to be launched. :rtype: list """ + print ">>> GET VPN COMMAND" + command = [] # we use `super` in order to send the class to use command = super(LinuxVPNLauncher, kls).get_vpn_command( vpnconfig, providerconfig, socket_host, socket_port, remotes, openvpn_verb) - print("command super %s" % command) + #print(">>>command super %s" % str(command)) # XXX DEBUG local variable command referenced before assignment # this was breaking the snap. re-do in a more robust way. - command = ["pkexec", "/usr/local/sbin/bitmask-root", "openvpn", "start"] + command + #command = ["pkexec", "/usr/local/sbin/bitmask-root", "openvpn", "start"] + command - """ command.insert(0, force_eval(kls.BITMASK_ROOT)) command.insert(1, "openvpn") command.insert(2, "start") - """ - print("Inserted: %s" % command) + print(">>>Inserted: %s" % str(command)) - """ if os.getuid() != 0: - print("OS UID != 0") policyChecker = LinuxPolicyChecker() - print("checker %s", policyChecker) pkexec = policyChecker.get_usable_pkexec() if pkexec: command.insert(0, first(pkexec)) - """ - - print("Final: %s" % command) return command def terminate_or_kill(self, terminatefun, killfun, proc): diff --git a/src/leap/bitmask/vpn/privilege.py b/src/leap/bitmask/vpn/privilege.py index 9c9ce130..afbca6f0 100644 --- a/src/leap/bitmask/vpn/privilege.py +++ b/src/leap/bitmask/vpn/privilege.py @@ -29,7 +29,7 @@ from twisted.logger import Logger from twisted.python.procutils import which from leap.bitmask.util import STANDALONE, here -from .constants import IS_LINUX +from .constants import IS_LINUX, IS_SNAP from . import polkit log = Logger() @@ -52,6 +52,9 @@ def _helper_installer(action): raise Exception('Wrong action: %s' % action) if IS_LINUX: + if IS_SNAP: + log.debug('Skipping install of helpers, snap should have done that') + return cmd = 'bitmask_helpers ' + action if STANDALONE: binary_path = os.path.join(here(), "bitmask") |