From 28d8e58607f97f5467e58ee21ef45ef396ba9598 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1s=20Touceda?= Date: Wed, 17 Jul 2013 11:47:47 -0300 Subject: Create policy file based on a template and copy to destination --- changes/feature_generate_polkit | 1 + src/leap/platform_init/initializers.py | 48 +++++++++++++++++++++++++++++++++- src/leap/services/eip/vpnlaunchers.py | 16 +++++++++--- 3 files changed, 60 insertions(+), 5 deletions(-) create mode 100644 changes/feature_generate_polkit diff --git a/changes/feature_generate_polkit b/changes/feature_generate_polkit new file mode 100644 index 00000000..c2fcc648 --- /dev/null +++ b/changes/feature_generate_polkit @@ -0,0 +1 @@ + o Linux: Dynamically generate policy file for polkit. Closes #3208 \ No newline at end of file diff --git a/src/leap/platform_init/initializers.py b/src/leap/platform_init/initializers.py index d22d7143..d04daca6 100644 --- a/src/leap/platform_init/initializers.py +++ b/src/leap/platform_init/initializers.py @@ -31,6 +31,8 @@ from PySide import QtGui from leap.config.leapsettings import LeapSettings from leap.services.eip import vpnlaunchers from leap.util import first +from leap.config.providerconfig import ProviderConfig + logger = logging.getLogger(__name__) @@ -330,6 +332,35 @@ def DarwinInitializer(): # Linux initializers # +POLICY_TEMPLATE = """ + + + + LEAP Project + http://leap.se/ + + + Runs the openvpn binary + Ejecuta el binario openvpn + OpenVPN needs that you authenticate to start + + OpenVPN necesita autorizacion para comenzar + + package-x-generic + + yes + yes + yes + + {path} + true + + +""" + + def _linux_install_missing_scripts(badexec, notfound): """ Tries to install the missing up/down scripts. @@ -348,11 +379,26 @@ def _linux_install_missing_scripts(badexec, notfound): if os.path.isdir(installer_path): fd, tempscript = tempfile.mkstemp(prefix="leap_installer-") + polfd, pol_tempfile = tempfile.mkstemp(prefix="leap_installer-") try: + # We need to do the config/../apps/openvpn otherwise the + # policy file won't work + openvpn_path = os.path.join( + ProviderConfig().get_path_prefix(), + "..", "apps", "eip", + launcher.OPENVPN_BIN) + + policy_contents = POLICY_TEMPLATE.format(path=openvpn_path) + + with os.fdopen(polfd, 'w') as f: + f.write(policy_contents) + pkexec = first(launcher.maybe_pkexec()) - scriptlines = launcher.cmd_for_missing_scripts(installer_path) + scriptlines = launcher.cmd_for_missing_scripts(installer_path, + pol_tempfile) with os.fdopen(fd, 'w') as f: f.write(scriptlines) + st = os.stat(tempscript) os.chmod(tempscript, st.st_mode | stat.S_IEXEC | stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH) diff --git a/src/leap/services/eip/vpnlaunchers.py b/src/leap/services/eip/vpnlaunchers.py index fc77de48..550877cd 100644 --- a/src/leap/services/eip/vpnlaunchers.py +++ b/src/leap/services/eip/vpnlaunchers.py @@ -254,16 +254,24 @@ class LinuxVPNLauncher(VPNLauncher): OTHER_FILES = (POLKIT_PATH,) @classmethod - def cmd_for_missing_scripts(kls, frompath): + def cmd_for_missing_scripts(kls, frompath, pol_file): """ - Returns a command that can copy the missing scripts. + Returns a sh script that can copy the missing files. + + :param frompath: The path where the up/down scripts live + :type frompath: str + :param pol_file: The path where the dynamically generated + policy file lives + :type pol_file: str + :rtype: str """ to = kls.SYSTEM_CONFIG - cmd = "#!/bin/sh\nset -e\nmkdir -p %s\ncp %s/%s %s\ncp %s/%s %s" % ( + cmd = "#!/bin/sh\nset -e\nmkdir -p %s\n" + cmd += "cp %s/%s %s\ncp \"%s\" \"%s\"" % ( to, frompath, kls.UP_DOWN_FILE, to, - frompath, kls.POLKIT_FILE, kls.POLKIT_PATH) + pol_file, kls.POLKIT_PATH) return cmd @classmethod -- cgit v1.2.3