summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/leap/bitmask/vpn/fw/firewall.py17
-rw-r--r--src/leap/bitmask/vpn/launchers/darwin.py9
-rw-r--r--src/leap/bitmask/vpn/privilege.py2
3 files changed, 24 insertions, 4 deletions
diff --git a/src/leap/bitmask/vpn/fw/firewall.py b/src/leap/bitmask/vpn/fw/firewall.py
index 9cd65ed6..63aac36e 100644
--- a/src/leap/bitmask/vpn/fw/firewall.py
+++ b/src/leap/bitmask/vpn/fw/firewall.py
@@ -44,6 +44,10 @@ def check_root(cmd):
return cmd
+class FirewallError(Exception):
+ pass
+
+
class _OSXFirewallManager(object):
def __init__(self, remotes):
self._remotes = list(remotes)
@@ -83,7 +87,11 @@ class _LinuxFirewallManager(object):
This allows us to achieve fail close on a vpn connection.
"""
- BITMASK_ROOT = "/usr/local/sbin/bitmask-root"
+ _SYSTEM_BITMASK_ROOT = '/usr/sbin/bitmask-root'
+ if os.path.isfile(_SYSTEM_BITMASK_ROOT):
+ BITMASK_ROOT = _SYSTEM_BITMASK_ROOT
+ else:
+ BITMASK_ROOT = "/usr/local/sbin/bitmask-root"
def __init__(self, remotes):
"""
@@ -114,11 +122,16 @@ class _LinuxFirewallManager(object):
if restart:
cmd.append("restart")
result = '<did not run>'
+ if not os.path.isfile(self.BITMASK_ROOT):
+ raise FirewallError('Could not find bitmask-root!')
try:
retcode, result = commands.getstatusoutput(
' '.join(cmd + gateways))
except Exception:
- log.failure('Error launching the firewall')
+ msg = 'Error launching the firewall'
+ log.failure(msg)
+ if NOT_ROOT:
+ raise FirewallError(msg)
finally:
log.debug(result)
emit_async(catalog.VPN_STATUS_CHANGED)
diff --git a/src/leap/bitmask/vpn/launchers/darwin.py b/src/leap/bitmask/vpn/launchers/darwin.py
index 08772dca..05c3ee22 100644
--- a/src/leap/bitmask/vpn/launchers/darwin.py
+++ b/src/leap/bitmask/vpn/launchers/darwin.py
@@ -74,11 +74,18 @@ class DarwinVPNLauncher(VPNLauncher):
# Hardcode the installation path for OSX for security, openvpn is
# run as root
INSTALL_PATH = "/Applications/Bitmask.app/"
- INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../")
OPENVPN_BIN = 'openvpn.leap'
OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,)
+ try:
+ INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../")
+ except OSError as exc:
+ # this might happen if os.getcwd() was deleted under our feet. We do
+ # not want to raise the Exception at import time.
+ logger.error('Error while setting openvpn paths: %r' % exc)
+ INSTALL_PATH_ESCAPED="/Applications/Bitmask.app/"
OPENVPN_PATH_ESCAPED = "%s/Contents/Resources/openvpn" % (
INSTALL_PATH_ESCAPED,)
+
OTHER_FILES = []
_openvpn_bin_path = "%s/Contents/Resources/%s" % (
diff --git a/src/leap/bitmask/vpn/privilege.py b/src/leap/bitmask/vpn/privilege.py
index 1a2ddde9..c7296878 100644
--- a/src/leap/bitmask/vpn/privilege.py
+++ b/src/leap/bitmask/vpn/privilege.py
@@ -63,7 +63,7 @@ def _helper_installer(action):
if retcode != 0:
log.error('Error installing/uninstalling helpers: %s' % output)
log.error('Command was: %s' % cmd)
- raise Exception('Could not install/install helpers')
+ raise Exception('Could not install/uninstall helpers')
else:
raise Exception('No install mechanism for this platform')