summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2014-04-29 10:40:48 -0500
committerKali Kaneko <kali@leap.se>2014-05-12 10:47:14 -0500
commita733e83ae0bcbcc9daa0cba0aa4704f499406394 (patch)
tree17c2776bc129ecebe36a1f30ad0668dc5825acbf /src
parent2781cc604de74ad3d41c939fb807b5e689d435eb (diff)
add elijah's root-wrapper in python
Diffstat (limited to 'src')
-rw-r--r--src/leap/bitmask/services/eip/linuxvpnlauncher.py48
-rw-r--r--src/leap/bitmask/services/eip/vpnlauncher.py5
2 files changed, 40 insertions, 13 deletions
diff --git a/src/leap/bitmask/services/eip/linuxvpnlauncher.py b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
index 8747daa6..988970a5 100644
--- a/src/leap/bitmask/services/eip/linuxvpnlauncher.py
+++ b/src/leap/bitmask/services/eip/linuxvpnlauncher.py
@@ -36,6 +36,8 @@ from leap.bitmask.util import first
logger = logging.getLogger(__name__)
+COM = commands
+
class EIPNoPolkitAuthAgentAvailable(VPNLauncherException):
pass
@@ -64,12 +66,13 @@ def _is_auth_agent_running():
"""
# the [x] thing is to avoid grep match itself
polkit_options = [
- 'ps aux | grep polkit-[g]nome-authentication-agent-1',
- 'ps aux | grep polkit-[k]de-authentication-agent-1',
- 'ps aux | grep polkit-[m]ate-authentication-agent-1',
- 'ps aux | grep [l]xpolkit'
+ 'ps aux | grep "polkit-[g]nome-authentication-agent-1"',
+ 'ps aux | grep "polkit-[k]de-authentication-agent-1"',
+ 'ps aux | grep "polkit-[m]ate-authentication-agent-1"',
+ 'ps aux | grep "[l]xpolkit"'
]
is_running = [commands.getoutput(cmd) for cmd in polkit_options]
+ print "IS RUNNING ->", is_running
return any(is_running)
@@ -85,22 +88,23 @@ def _try_to_launch_agent():
# will do "sh -c 'foo'", so if we do not quoute it we'll end
# up with a invocation to the python interpreter. And that
# is bad.
+ logger.debug("Trying to launch polkit agent")
subprocess.call(["python -m leap.bitmask.util.polkit_agent"],
shell=True, env=env)
except Exception as exc:
logger.exception(exc)
+SYSTEM_CONFIG = "/etc/leap"
+leapfile = lambda f: "%s/%s" % (SYSTEM_CONFIG, f)
+
+
class LinuxVPNLauncher(VPNLauncher):
PKEXEC_BIN = 'pkexec'
OPENVPN_BIN = 'openvpn'
OPENVPN_BIN_PATH = os.path.join(
get_path_prefix(), "..", "apps", "eip", OPENVPN_BIN)
- SYSTEM_CONFIG = "/etc/leap"
- UP_DOWN_FILE = "resolv-update"
- UP_DOWN_PATH = "%s/%s" % (SYSTEM_CONFIG, UP_DOWN_FILE)
-
# We assume this is there by our openvpn dependency, and
# we will put it there on the bundle too.
# TODO adapt to the bundle path.
@@ -110,10 +114,23 @@ class LinuxVPNLauncher(VPNLauncher):
OPENVPN_DOWN_ROOT_BASE,
OPENVPN_DOWN_ROOT_FILE)
- UP_SCRIPT = DOWN_SCRIPT = UP_DOWN_PATH
- UPDOWN_FILES = (UP_DOWN_PATH,)
+ UPDOWN_FILE = "vpn-updown"
+
+ # vpn-up and vpn-down are hard-links to vpn-updown
+ UP_FILE = "vpn-up"
+ DOWN_FILE = "vpn-down"
+ UP_SCRIPT = leapfile(UP_FILE)
+ DOWN_SCRIPT = leapfile(DOWN_FILE)
+
+ RESOLV_UPDATE_FILE = "resolv-update"
+ RESOLV_UPDATE_SCRIPT = leapfile(RESOLV_UPDATE_FILE)
+
+ RESOLVCONF_FILE = "update-resolv-conf"
+ RESOLVCONF_SCRIPT = leapfile(RESOLVCONF_FILE)
+
+ UPDOWN_FILES = (UP_SCRIPT, DOWN_SCRIPT)
POLKIT_PATH = LinuxPolicyChecker.get_polkit_path()
- OTHER_FILES = (POLKIT_PATH, )
+ OTHER_FILES = (POLKIT_PATH, RESOLV_UPDATE_SCRIPT, RESOLVCONF_SCRIPT)
@classmethod
def maybe_pkexec(kls):
@@ -131,7 +148,7 @@ class LinuxVPNLauncher(VPNLauncher):
if _is_pkexec_in_system():
if not _is_auth_agent_running():
_try_to_launch_agent()
- time.sleep(0.5)
+ time.sleep(2)
if _is_auth_agent_running():
pkexec_possibilities = which(kls.PKEXEC_BIN)
leap_assert(len(pkexec_possibilities) > 0,
@@ -158,6 +175,7 @@ class LinuxVPNLauncher(VPNLauncher):
"""
# we use `super` in order to send the class to use
missing = super(LinuxVPNLauncher, kls).missing_other_files()
+ print "MISSING OTHER", missing
if flags.STANDALONE:
polkit_file = LinuxPolicyChecker.get_polkit_path()
@@ -221,7 +239,11 @@ class LinuxVPNLauncher(VPNLauncher):
cmd = '#!/bin/sh\n'
cmd += 'mkdir -p "%s"\n' % (to, )
- cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.UP_DOWN_FILE, to)
+ cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.UPDOWN_FILE, to)
+ cmd += 'ln -f %s/%s %s/%s\n' % (to, kls.UPDOWN_FILE, to, kls.UP_FILE)
+ cmd += 'ln -f %s/%s %s/%s\n' % (to, kls.UPDOWN_FILE, to, kls.DOWN_FILE)
+ cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.RESOLVCONF_FILE, to)
+ cmd += 'cp "%s/%s" "%s"\n' % (frompath, kls.RESOLV_UDATE_FILE, to)
cmd += 'cp "%s" "%s"\n' % (pol_file, kls.POLKIT_PATH)
cmd += 'chmod 644 "%s"\n' % (kls.POLKIT_PATH, )
diff --git a/src/leap/bitmask/services/eip/vpnlauncher.py b/src/leap/bitmask/services/eip/vpnlauncher.py
index 99cae7f9..ab423bcd 100644
--- a/src/leap/bitmask/services/eip/vpnlauncher.py
+++ b/src/leap/bitmask/services/eip/vpnlauncher.py
@@ -226,6 +226,11 @@ class VPNLauncher(object):
'--down', '\"%s\"' % (kls.DOWN_SCRIPT,)
]
+ args += [
+ '--up-restart',
+ '--persist-tun'
+ ]
+
###########################################################
# For the time being we are disabling the usage of the
# down-root plugin, because it doesn't quite work as