add elijah's root-wrapper in python

author: Kali Kaneko <kali@leap.se> 2014-04-29 10:40:48 -0500
committer: Kali Kaneko <kali@leap.se> 2014-05-12 10:47:14 -0500
commit: a733e83ae0bcbcc9daa0cba0aa4704f499406394 (patch)
tree: 17c2776bc129ecebe36a1f30ad0668dc5825acbf /src/leap
parent: 2781cc604de74ad3d41c939fb807b5e689d435eb (diff)
2 files changed, 40 insertions, 13 deletions
diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
index 8747daa6..988970a5 100644
--- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
@@ -36,6 +36,8 @@ from leap.bitmask.util import first
 
 logger = logging.getLogger(__name__)
 
+COM = commands
+
 
 class EIPNoPolkitAuthAgentAvailable(VPNLauncherException):
     pass
@@ -64,12 +66,13 @@ def _is_auth_agent_running():
     """
     # the [x] thing is to avoid grep match itself
     polkit_options = [
-        'ps aux | grep polkit-[g]nome-authentication-agent-1',
-        'ps aux | grep polkit-[k]de-authentication-agent-1',
-        'ps aux | grep polkit-[m]ate-authentication-agent-1',
-        'ps aux | grep [l]xpolkit'
+        'ps aux | grep "polkit-[g]nome-authentication-agent-1"',
+        'ps aux | grep "polkit-[k]de-authentication-agent-1"',
+        'ps aux | grep "polkit-[m]ate-authentication-agent-1"',
+        'ps aux | grep "[l]xpolkit"'
     ]
     is_running = [commands.getoutput(cmd) for cmd in polkit_options]
+    print "IS RUNNING ->", is_running
     return any(is_running)
 
 
@@ -85,22 +88,23 @@ def _try_to_launch_agent():
         # will do "sh -c 'foo'", so if we do not quoute it we'll end
         # up with a invocation to the python interpreter. And that
         # is bad.
+        logger.debug("Trying to launch polkit agent")
         subprocess.call(["python -m leap.bitmask.util.polkit_agent"],
                         shell=True, env=env)
     except Exception as exc:
         logger.exception(exc)
 
 
+SYSTEM_CONFIG = "/etc/leap"
+leapfile = lambda f: "%s/%s" % (SYSTEM_CONFIG, f)
+
+
 class LinuxVPNLauncher(VPNLauncher):
     PKEXEC_BIN = 'pkexec'
     OPENVPN_BIN = 'openvpn'
     OPENVPN_BIN_PATH = os.path.join(
         get_path_prefix(), "..", "apps", "eip", OPENVPN_BIN)
 
-    SYSTEM_CONFIG = "/etc/leap"
-    UP_DOWN_FILE = "resolv-update"
-    UP_DOWN_PATH = "%s/%s" % (SYSTEM_CONFIG, UP_DOWN_FILE)
-
     # We assume this is there by our openvpn dependency, and
     # we will put it there on the bundle too.
     # TODO adapt to the bundle path.
@@ -110,10 +114,23 @@ class LinuxVPNLauncher(VPNLauncher):
         OPENVPN_DOWN_ROOT_BASE,
         OPENVPN_DOWN_ROOT_FILE)
 
-    UP_SCRIPT = DOWN_SCRIPT = UP_DOWN_PATH
-    UPDOWN_FILES = (UP_DOWN_PATH,)
+    UPDOWN_FILE = "vpn-updown"
+
+    # vpn-up and vpn-down are hard-links to vpn-updown
+    UP_FILE = "vpn-up"
+    DOWN_FILE = "vpn-down"
+    UP_SCRIPT = leapfile(UP_FILE)
+    DOWN_SCRIPT = leapfile(DOWN_FILE)
+
+    RESOLV_UPDATE_FILE = "resolv-update"
+    RESOLV_UPDATE_SCRIPT = leapfile(RESOLV_UPDATE_FILE)
+
+    RESOLVCONF_FILE = "update-resolv-conf"
+    RESOLVCONF_SCRIPT = leapfile(RESOLVCONF_FILE)
+
+    UPDOWN_FILES = (UP_SCRIPT, DOWN_SCRIPT)
     POLKIT_PATH = LinuxPolicyChecker.get_polkit_path()
-    OTHER_FILES = (POLKIT_PATH, )
+    OTHER_FILES = (POLKIT_PATH, RESOLV_UPDATE_SCRIPT, RESOLVCONF_SCRIPT)
 
     @classmethod
     def maybe_pkexec(kls):
@@ -131,7 +148,7 @@ class LinuxVPNLauncher(VPNLauncher):
         if _is_pkexec_in_system():
             if not _is_auth_agent_running():
                 _try_to_launch_agent()
-                time.sleep(0.5)
+                time.sleep(2)
             if _is_auth_agent_running():
                 pkexec_possibilities = which(kls.PKEXEC_BIN)
                 leap_assert(len(pkexec_possibilities) > 0,
@@ -158,6 +175,7 @@ class LinuxVPNLauncher(VPNLauncher):
         """
         # we use `super` in order to send the class to use
         missing = super(LinuxVPNLauncher, kls).missing_other_files()
+        print "MISSING OTHER", missing
 
         if flags.STANDALONE:
             polkit_file = LinuxPolicyChecker.get_polkit_path()
@@ -221,7 +239,11 @@ class LinuxVPNLauncher(VPNLauncher):
 
         cmd = '#!/bin/sh\n'
         cmd += 'mkdir -p "%s"\n' % (to, )
-        cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.UP_DOWN_FILE, to)
+        cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.UPDOWN_FILE, to)
+        cmd += 'ln -f %s/%s %s/%s\n' % (to, kls.UPDOWN_FILE, to, kls.UP_FILE)
+        cmd += 'ln -f %s/%s %s/%s\n' % (to, kls.UPDOWN_FILE, to, kls.DOWN_FILE)
+        cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.RESOLVCONF_FILE, to)
+        cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.RESOLV_UDATE_FILE, to)
         cmd += 'cp "%s" "%s"\n' % (pol_file, kls.POLKIT_PATH)
         cmd += 'chmod 644 "%s"\n' % (kls.POLKIT_PATH, )
 
diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index 99cae7f9..ab423bcd 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -226,6 +226,11 @@ class VPNLauncher(object):
                     '--down', '\"%s\"' % (kls.DOWN_SCRIPT,)
                 ]
 
+        args += [
+            '--up-restart',
+            '--persist-tun'
+        ]
+
         ###########################################################
         # For the time being we are disabling the usage of the
         # down-root plugin, because it doesn't quite work as
author	Kali Kaneko <kali@leap.se>	2014-04-29 10:40:48 -0500
committer	Kali Kaneko <kali@leap.se>	2014-05-12 10:47:14 -0500
commit	a733e83ae0bcbcc9daa0cba0aa4704f499406394 (patch)
tree	17c2776bc129ecebe36a1f30ad0668dc5825acbf /src/leap
parent	2781cc604de74ad3d41c939fb807b5e689d435eb (diff)