use bitmask-root with pkexec

3 files changed, 14 insertions, 6 deletions

diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
index e1c8e680..791c318c 100644
--- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
@@ -72,7 +72,6 @@ def _is_auth_agent_running():
         'ps aux | grep "[l]xpolkit"'
     ]
     is_running = [commands.getoutput(cmd) for cmd in polkit_options]
-    print "IS RUNNING ->", is_running
     return any(is_running)
 
 
@@ -180,7 +179,6 @@ class LinuxVPNLauncher(VPNLauncher):
         """
         # we use `super` in order to send the class to use
         missing = super(LinuxVPNLauncher, kls).missing_other_files()
-        print "MISSING OTHER", missing
 
         if flags.STANDALONE:
             polkit_file = LinuxPolicyChecker.get_polkit_path()
@@ -220,7 +218,10 @@ class LinuxVPNLauncher(VPNLauncher):
         # we use `super` in order to send the class to use
         command = super(LinuxVPNLauncher, kls).get_vpn_command(
             eipconfig, providerconfig, socket_host, socket_port, openvpn_verb)
-        command.insert(0, kls.BITMASK_ROOT + "openvpn start")
+
+        command.insert(0, kls.BITMASK_ROOT)
+        command.insert(1, "openvpn")
+        command.insert(2, "start")
 
         pkexec = kls.maybe_pkexec()
         if pkexec:
diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index c95545a2..20b4d87d 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -125,8 +125,11 @@ class VPNLauncher(object):
         domain = providerconfig.get_domain()
         gateway_conf = leap_settings.get_selected_gateway(domain)
 
+        print "GETTING GATEWAYS -----"
+
         if gateway_conf == leap_settings.GATEWAY_AUTOMATIC:
             gateway_selector = VPNGatewaySelector(eipconfig)
+            print "auto: getting from selector"
             gateways = gateway_selector.get_gateways()
         else:
             gateways = [gateway_conf]
@@ -187,7 +190,7 @@ class VPNLauncher(object):
         if openvpn_verb is not None:
             args += ['--verb', '%d' % (openvpn_verb,)]
 
-        gateways = kls.get_gateways(providerconfig)
+        gateways = kls.get_gateways(eipconfig, providerconfig)
 
         for gw in gateways:
             args += ['--remote', gw, '1194', 'udp']
diff --git a/src/leap/bitmask/services/eip/vpnprocess.py b/src/leap/bitmask/services/eip/vpnprocess.py
index cbcdd5c6..beb33db8 100644
--- a/src/leap/bitmask/services/eip/vpnprocess.py
+++ b/src/leap/bitmask/services/eip/vpnprocess.py
@@ -226,8 +226,11 @@ class VPN(object):
         # XXX could check for wrapper existence, check it's root owned etc.
         # XXX could check that the iptables rules are in place.
 
+        print "LAUNCHING FIREWALL --",  gateways
+
         BM_ROOT = linuxvpnlauncher.LinuxVPNLauncher.BITMASK_ROOT
-        exitCode = subprocess.call([BM_ROOT, "firewall", "start"] + gateways)
+        exitCode = subprocess.call(["pkexec",
+                                    BM_ROOT, "firewall", "start"] + gateways)
         return True if exitCode is 0 else False
 
     def _kill_if_left_alive(self, tries=0):
@@ -862,7 +865,8 @@ class VPNProcess(protocol.ProcessProtocol, VPNManager):
             if not isinstance(c, str):
                 command[i] = c.encode(encoding)
 
-        logger.debug("Running VPN with command: {0}".format(command))
+        logger.debug("Running VPN with command: ")
+        logger.debug("{0}".format(" ".join(command)))
         return command
 
     def getGateways(self):