From ff1d9805b71cf3d0e74724cdd89ebb1537cffbba Mon Sep 17 00:00:00 2001 From: Kali Kaneko Date: Sat, 7 Oct 2017 00:51:13 +0200 Subject: [bug] properly check for local openvpn path - Resolves: #9099 --- src/leap/bitmask/vpn/constants.py | 10 +++++++- src/leap/bitmask/vpn/helpers/__init__.py | 39 ++++++++++++++++---------------- src/leap/bitmask/vpn/launcher.py | 1 - src/leap/bitmask/vpn/launchers/linux.py | 21 ++++++++++++----- 4 files changed, 44 insertions(+), 27 deletions(-) (limited to 'src/leap') diff --git a/src/leap/bitmask/vpn/constants.py b/src/leap/bitmask/vpn/constants.py index c7a5147b..086d700f 100644 --- a/src/leap/bitmask/vpn/constants.py +++ b/src/leap/bitmask/vpn/constants.py @@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- # constants.py -# Copyright (C) 2015 LEAP +# Copyright (C) 2015-2017 LEAP # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -26,3 +26,11 @@ IS_LINUX = _system == "Linux" IS_MAC = _system == "Darwin" IS_UNIX = IS_MAC or IS_LINUX IS_WIN = _system == "Windows" + +if IS_LINUX: + BITMASK_ROOT_SYSTEM = '/usr/sbin/bitmask-root' + BITMASK_ROOT_LOCAL = '/usr/local/sbin/bitmask-root' + OPENVPN_SYSTEM = '/usr/sbin/openvpn' + OPENVPN_LOCAL = '/usr/local/sbin/leap-openvpn' + POLKIT_LOCAL = '/usr/share/polkit-1/actions/se.leap.bitmask-bundle.policy' + POLKIT_SYSTEM = '/usr/share/polkit-1/actions/se.leap.bitmask.policy' diff --git a/src/leap/bitmask/vpn/helpers/__init__.py b/src/leap/bitmask/vpn/helpers/__init__.py index 51feb7ad..17281a52 100644 --- a/src/leap/bitmask/vpn/helpers/__init__.py +++ b/src/leap/bitmask/vpn/helpers/__init__.py @@ -4,19 +4,15 @@ import os.path import sys from leap.bitmask.vpn.constants import IS_LINUX, IS_MAC +from leap.bitmask.vpn.constants import BITMASK_ROOT_SYSTEM, BITMASK_ROOT_LOCAL +from leap.bitmask.vpn.constants import OPENVPN_SYSTEM, OPENVPN_LOCAL +from leap.bitmask.vpn.constants import POLKIT_SYSTEM, POLKIT_LOCAL from leap.bitmask.vpn.privilege import is_pkexec_in_system from leap.bitmask.vpn import _config from leap.bitmask.util import STANDALONE if IS_LINUX: - - helper_to = '/usr/local/sbin/bitmask-root' - deb_helper_to = '/usr/sbin/bitmask-root' - polkit_to = '/usr/share/polkit-1/actions/se.leap.bitmask-bundle.policy' - deb_polkit_to = '/usr/share/polkit-1/actions/se.leap.bitmask.policy' - openvpn_to = '/usr/local/sbin/leap-openvpn' - def install(): helper_from = _config.get_bitmask_helper_path() polkit_from = _config.get_bitmask_polkit_policy_path() @@ -26,26 +22,31 @@ if IS_LINUX: if not os.path.isdir(sbin): os.makedirs(sbin) - copyfile(helper_from, helper_to) - chmod(helper_to, 0744) + copyfile(helper_from, BITMASK_ROOT_LOCAL) + chmod(BITMASK_ROOT_LOCAL, 0744) - copyfile(polkit_from, polkit_to) + copyfile(polkit_from, POLKIT_LOCAL) if STANDALONE: - copyfile(openvpn_from, openvpn_to) - chmod(openvpn_to, 0700) + copyfile(openvpn_from, OPENVPN_LOCAL) + chmod(OPENVPN_LOCAL, 0700) def uninstall(): - remove(helper_to) - remove(polkit_to) + remove(BITMASK_ROOT_LOCAL) + remove(POLKIT_LOCAL) def check(): - helper = os.path.exists(helper_to) or os.path.isfile( - deb_helper_to) + helper = ( + os.path.exists(BITMASK_ROOT_LOCAL) or + os.path.isfile(BITMASK_ROOT_SYSTEM)) polkit = ( - os.path.exists(polkit_to) or - os.path.exists(deb_polkit_to)) - return is_pkexec_in_system() and helper and polkit + os.path.exists(POLKIT_LOCAL) or + os.path.exists(POLKIT_SYSTEM)) + openvpn = ( + os.path.exists(OPENVPN_LOCAL) or + os.path.exists(OPENVPN_SYSTEM)) + + return is_pkexec_in_system() and helper and polkit and openvpn if IS_MAC: diff --git a/src/leap/bitmask/vpn/launcher.py b/src/leap/bitmask/vpn/launcher.py index 14c51550..a8e7c1f5 100644 --- a/src/leap/bitmask/vpn/launcher.py +++ b/src/leap/bitmask/vpn/launcher.py @@ -139,7 +139,6 @@ class VPNLauncher(object): log.warn('Could not find openvpn bin in path %s' % ( openvpn_path)) err = OpenVPNNotFoundException() - err.expected = True raise err args = [] diff --git a/src/leap/bitmask/vpn/launchers/linux.py b/src/leap/bitmask/vpn/launchers/linux.py index 052040dc..bff2d8cb 100644 --- a/src/leap/bitmask/vpn/launchers/linux.py +++ b/src/leap/bitmask/vpn/launchers/linux.py @@ -29,6 +29,7 @@ from twisted.logger import Logger from leap.bitmask.util import STANDALONE from leap.bitmask.vpn.utils import first, force_eval +from leap.bitmask.vpn import constants from leap.bitmask.vpn.privilege import LinuxPolicyChecker from leap.bitmask.vpn.management import ManagementProtocol from leap.bitmask.vpn.launcher import VPNLauncher @@ -84,10 +85,10 @@ class LinuxVPNLauncher(VPNLauncher): class BITMASK_ROOT(object): def __call__(self): - _global = '/usr/sbin/bitmask-root' - _local = '/usr/local/sbin/bitmask-root' - if os.path.isfile(_global): - return _global + _sys = constants.BITMASK_ROOT_SYSTEM + _local = constants.BITMASK_ROOT_LOCAL + if os.path.isfile(_sys): + return _sys elif os.path.isfile(_local): return _local else: @@ -95,8 +96,16 @@ class LinuxVPNLauncher(VPNLauncher): class OPENVPN_BIN_PATH(object): def __call__(self): - return ("/usr/local/sbin/leap-openvpn" if STANDALONE else - "/usr/sbin/openvpn") + _sys = constants.OPENVPN_SYSTEM + _local = constants.OPENVPN_LOCAL + # XXX this implies that, for the time being, we prefer the system + # openvpn if there is any. We assume that the system is kept + # up-to-date, since we still do not have a safe way of upgrading + # the bundle binaries. See #9101 + if os.path.exists(_sys): + return _sys + else: + return _local class POLKIT_PATH(object): def __call__(self): -- cgit v1.2.3