diff options
Diffstat (limited to 'src/leap/bitmask/vpn/helpers')
| -rw-r--r-- | src/leap/bitmask/vpn/helpers/__init__.py | 21 | ||||
| -rw-r--r-- | src/leap/bitmask/vpn/helpers/linux/se.leap.bitmask.riseupvpn.policy | 23 |
2 files changed, 37 insertions, 7 deletions
diff --git a/src/leap/bitmask/vpn/helpers/__init__.py b/src/leap/bitmask/vpn/helpers/__init__.py index e932422d..96ec4f2e 100644 --- a/src/leap/bitmask/vpn/helpers/__init__.py +++ b/src/leap/bitmask/vpn/helpers/__init__.py @@ -18,13 +18,15 @@ if IS_LINUX: from leap.bitmask.vpn.constants import BITMASK_ROOT_SYSTEM from leap.bitmask.vpn.constants import BITMASK_ROOT_LOCAL + from leap.bitmask.vpn.constants import BITMASK_ROOT_SNAP from leap.bitmask.vpn.constants import OPENVPN_SYSTEM, OPENVPN_LOCAL from leap.bitmask.vpn.constants import OPENVPN_SNAP - from leap.bitmask.vpn.constants import POLKIT_SYSTEM, POLKIT_LOCAL + from leap.bitmask.vpn.constants import POLKIT_SYSTEM, POLKIT_LOCAL, POLKIT_SNAP from leap.bitmask.vpn.privilege import is_pkexec_in_system from leap.bitmask.vpn.privilege import LinuxPolicyChecker def install(): + print('installing bitmask helpers...') helper_from = _config.get_bitmask_helper_path() polkit_from = _config.get_bitmask_polkit_policy_path() openvpn_from = _config.get_bitmask_openvpn_path() @@ -86,7 +88,7 @@ if IS_LINUX: return True if IS_SNAP: - if os.path.isfile(BITMASK_ROOT_LOCAL): + if os.path.isfile(BITMASK_ROOT_SNAP): return True log.error('Cannot find bitmask-root in snap') return False @@ -131,12 +133,17 @@ if IS_LINUX: return False def _check_polkit_file_exist(): - # XXX: we are just checking if there is any policy file installed not - # if it's valid or if it's the correct one that will be used. - # (if LOCAL is used if /usr/local/sbin/bitmask-root is used and SYSTEM - # if /usr/sbin/bitmask-root) + """ + We are just checking if there is any policy file installed not + if it's valid or if it's the correct one that will be used. + + If LOCAL: we use /usr/local/sbin/bitmask-root + If SYSTEM: we use /usr/sbin/bitmask-root, and + if SNAP: we use /snap/bin/riseup-vpn.bitmask-root + """ return (os.path.exists(POLKIT_LOCAL) or - os.path.exists(POLKIT_SYSTEM)) + os.path.exists(POLKIT_SYSTEM) or + os.path.exists(POLKIT_SNAP)) def _exists_and_can_read(file_path): return access(file_path, R_OK) diff --git a/src/leap/bitmask/vpn/helpers/linux/se.leap.bitmask.riseupvpn.policy b/src/leap/bitmask/vpn/helpers/linux/se.leap.bitmask.riseupvpn.policy new file mode 100644 index 00000000..3bdf06a6 --- /dev/null +++ b/src/leap/bitmask/vpn/helpers/linux/se.leap.bitmask.riseupvpn.policy @@ -0,0 +1,23 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE policyconfig PUBLIC + "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" + "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd"> +<policyconfig> + + <vendor>LEAP Project</vendor> + <vendor_url>http://leap.se/</vendor_url> + + <action id="se.leap.bitmask.riseupvpn.policy"> + <description>Runs bitmask helper to launch firewall and openvpn (RiseupVPN)</description> + <description xml:lang="es">Ejecuta el asistente de bitmask para lanzar el firewall y openvpn (RiseupVPN)</description> + <message>RiseupVPN needs that you authenticate to start</message> + <message xml:lang="es">RiseupVPN necesita autorizacion para comenzar</message> + <icon_name>package-x-generic</icon_name> + <defaults> + <allow_any>yes</allow_any> + <allow_inactive>yes</allow_inactive> + <allow_active>yes</allow_active> + </defaults> + <annotate key="org.freedesktop.policykit.exec.path">/snap/bin/riseup-vpn.bitmask-root</annotate> + </action> +</policyconfig> |