From 05f2b9d2b72139df56f67e88aeb7ceb6d8ec4e69 Mon Sep 17 00:00:00 2001 From: "Kali Kaneko (leap communications)" Date: Mon, 5 Jun 2017 17:31:37 +0200 Subject: [feature] run vpn directly if user is root - Improve tests too: add entry in resolv.conf, not done without resolvconf --- src/leap/bitmask/vpn/fw/firewall.py | 14 +++++++------- src/leap/bitmask/vpn/launchers/linux.py | 9 +++++---- 2 files changed, 12 insertions(+), 11 deletions(-) (limited to 'src/leap/bitmask') diff --git a/src/leap/bitmask/vpn/fw/firewall.py b/src/leap/bitmask/vpn/fw/firewall.py index 95130b25..73eccb99 100644 --- a/src/leap/bitmask/vpn/fw/firewall.py +++ b/src/leap/bitmask/vpn/fw/firewall.py @@ -23,12 +23,12 @@ import commands import os import subprocess -from twisted.logger import getLogger +from twisted.logger import Logger from leap.bitmask.vpn.constants import IS_MAC from leap.common.events import catalog, emit_async -log = getLogger() +log = Logger() # TODO -- subclass it for osx/windows, not only for linux. @@ -43,7 +43,6 @@ NOT_ROOT = os.getuid() != 0 def check_root(cmd): if NOT_ROOT: cmd = ['pkexec'] + cmd - print "COMMAND IS >>>", cmd return cmd @@ -86,13 +85,14 @@ class FirewallManager(object): if restart: cmd.append("restart") + result = '' try: - result = subprocess.check_output( - cmd + gateways, - stderr=subprocess.STDOUT) + retcode, result = commands.getstatusoutput( + ' '.join(cmd + gateways)) + #stderr=subprocess.STDOUT) except Exception: log.failure('Error launching the firewall') - else: + finally: log.debug(result) emit_async(catalog.VPN_STATUS_CHANGED) return True diff --git a/src/leap/bitmask/vpn/launchers/linux.py b/src/leap/bitmask/vpn/launchers/linux.py index d68d6ef1..00423ab8 100644 --- a/src/leap/bitmask/vpn/launchers/linux.py +++ b/src/leap/bitmask/vpn/launchers/linux.py @@ -99,10 +99,11 @@ class LinuxVPNLauncher(VPNLauncher): command.insert(1, "openvpn") command.insert(2, "start") - policyChecker = LinuxPolicyChecker() - pkexec = policyChecker.maybe_pkexec() - if pkexec: - command.insert(0, first(pkexec)) + if os.getuid() != 0: + policyChecker = LinuxPolicyChecker() + pkexec = policyChecker.maybe_pkexec() + if pkexec: + command.insert(0, first(pkexec)) return command -- cgit v1.2.3