diff options
-rw-r--r-- | src/leap/bitmask/vpn/fw/firewall.py | 17 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/launchers/darwin.py | 9 | ||||
-rw-r--r-- | src/leap/bitmask/vpn/privilege.py | 2 |
3 files changed, 24 insertions, 4 deletions
diff --git a/src/leap/bitmask/vpn/fw/firewall.py b/src/leap/bitmask/vpn/fw/firewall.py index 9cd65ed6..63aac36e 100644 --- a/src/leap/bitmask/vpn/fw/firewall.py +++ b/src/leap/bitmask/vpn/fw/firewall.py @@ -44,6 +44,10 @@ def check_root(cmd): return cmd +class FirewallError(Exception): + pass + + class _OSXFirewallManager(object): def __init__(self, remotes): self._remotes = list(remotes) @@ -83,7 +87,11 @@ class _LinuxFirewallManager(object): This allows us to achieve fail close on a vpn connection. """ - BITMASK_ROOT = "/usr/local/sbin/bitmask-root" + _SYSTEM_BITMASK_ROOT = '/usr/sbin/bitmask-root' + if os.path.isfile(_SYSTEM_BITMASK_ROOT): + BITMASK_ROOT = _SYSTEM_BITMASK_ROOT + else: + BITMASK_ROOT = "/usr/local/sbin/bitmask-root" def __init__(self, remotes): """ @@ -114,11 +122,16 @@ class _LinuxFirewallManager(object): if restart: cmd.append("restart") result = '<did not run>' + if not os.path.isfile(self.BITMASK_ROOT): + raise FirewallError('Could not find bitmask-root!') try: retcode, result = commands.getstatusoutput( ' '.join(cmd + gateways)) except Exception: - log.failure('Error launching the firewall') + msg = 'Error launching the firewall' + log.failure(msg) + if NOT_ROOT: + raise FirewallError(msg) finally: log.debug(result) emit_async(catalog.VPN_STATUS_CHANGED) diff --git a/src/leap/bitmask/vpn/launchers/darwin.py b/src/leap/bitmask/vpn/launchers/darwin.py index 08772dca..05c3ee22 100644 --- a/src/leap/bitmask/vpn/launchers/darwin.py +++ b/src/leap/bitmask/vpn/launchers/darwin.py @@ -74,11 +74,18 @@ class DarwinVPNLauncher(VPNLauncher): # Hardcode the installation path for OSX for security, openvpn is # run as root INSTALL_PATH = "/Applications/Bitmask.app/" - INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../") OPENVPN_BIN = 'openvpn.leap' OPENVPN_PATH = "%s/Contents/Resources/openvpn" % (INSTALL_PATH,) + try: + INSTALL_PATH_ESCAPED = os.path.realpath(os.getcwd() + "/../../") + except OSError as exc: + # this might happen if os.getcwd() was deleted under our feet. We do + # not want to raise the Exception at import time. + logger.error('Error while setting openvpn paths: %r' % exc) + INSTALL_PATH_ESCAPED="/Applications/Bitmask.app/" OPENVPN_PATH_ESCAPED = "%s/Contents/Resources/openvpn" % ( INSTALL_PATH_ESCAPED,) + OTHER_FILES = [] _openvpn_bin_path = "%s/Contents/Resources/%s" % ( diff --git a/src/leap/bitmask/vpn/privilege.py b/src/leap/bitmask/vpn/privilege.py index 1a2ddde9..c7296878 100644 --- a/src/leap/bitmask/vpn/privilege.py +++ b/src/leap/bitmask/vpn/privilege.py @@ -63,7 +63,7 @@ def _helper_installer(action): if retcode != 0: log.error('Error installing/uninstalling helpers: %s' % output) log.error('Command was: %s' % cmd) - raise Exception('Could not install/install helpers') + raise Exception('Could not install/uninstall helpers') else: raise Exception('No install mechanism for this platform') |