summaryrefslogtreecommitdiff
path: root/src/leap/bitmask/vpn/fw
diff options
context:
space:
mode:
Diffstat (limited to 'src/leap/bitmask/vpn/fw')
-rw-r--r--src/leap/bitmask/vpn/fw/firewall.py17
1 files changed, 15 insertions, 2 deletions
diff --git a/src/leap/bitmask/vpn/fw/firewall.py b/src/leap/bitmask/vpn/fw/firewall.py
index 9cd65ed6..63aac36e 100644
--- a/src/leap/bitmask/vpn/fw/firewall.py
+++ b/src/leap/bitmask/vpn/fw/firewall.py
@@ -44,6 +44,10 @@ def check_root(cmd):
return cmd
+class FirewallError(Exception):
+ pass
+
+
class _OSXFirewallManager(object):
def __init__(self, remotes):
self._remotes = list(remotes)
@@ -83,7 +87,11 @@ class _LinuxFirewallManager(object):
This allows us to achieve fail close on a vpn connection.
"""
- BITMASK_ROOT = "/usr/local/sbin/bitmask-root"
+ _SYSTEM_BITMASK_ROOT = '/usr/sbin/bitmask-root'
+ if os.path.isfile(_SYSTEM_BITMASK_ROOT):
+ BITMASK_ROOT = _SYSTEM_BITMASK_ROOT
+ else:
+ BITMASK_ROOT = "/usr/local/sbin/bitmask-root"
def __init__(self, remotes):
"""
@@ -114,11 +122,16 @@ class _LinuxFirewallManager(object):
if restart:
cmd.append("restart")
result = '<did not run>'
+ if not os.path.isfile(self.BITMASK_ROOT):
+ raise FirewallError('Could not find bitmask-root!')
try:
retcode, result = commands.getstatusoutput(
' '.join(cmd + gateways))
except Exception:
- log.failure('Error launching the firewall')
+ msg = 'Error launching the firewall'
+ log.failure(msg)
+ if NOT_ROOT:
+ raise FirewallError(msg)
finally:
log.debug(result)
emit_async(catalog.VPN_STATUS_CHANGED)