}Ce#'ddlmZddlmZddlmZddlZddlZddlZddlZdZdZ Gdde Z Gd d e Z Gd d Z d ZddZddZ ddZdZdZdZddZdZdZdS))print_function)absolute_import)divisionNz/etc/cagefs/cagefs.mpz/usr/sbin/cagefsctlceZdZdZdZdS)CagefsMpConflictc2d|dtd|d|_dS)NzConflict in adding 'z' to z5 because of pre-existing alternative specification: '')CAGEFS_MP_FILENAME_msg)selfnew_item existing_items /builddir/build/BUILDROOT/alt-python27-cllib-3.3.7-2.el7.cloudlinux.x86_64/opt/cloudlinux/venv/lib/python3.11/site-packages/clcommon/clcagefs.py__init__zCagefsMpConflict.__init__s*XX111===B c|jSN)r r s r__str__zCagefsMpConflict.__str__s yrN)__name__ __module__ __qualname__rrrrrrs5BBB rrceZdZdZdZdS)CagefsNotSupportedErrorzCagefs Not Supported Exceptionc<t||dSr) Exceptionr)r messages rrz CagefsNotSupportedError.__init__!s4)))))rN)rrr__doc__rrrrrrs)((*****rrceZdZdZdZdZdZdZdZe dZ dZ d Z d Z e d Ze d Ze d ZdZdZdS) CagefsMpItemz@!%*!c|dddkr d|_dS|dkr d|_dS||_dS)zConstructor :param arg: Is either path to add to cagefs.mp or a raw line is read from cagefs.mp :param prefix: The same as adding prefix '!' to arg before passing it to ctorN#r") _path_specstrip)r args rrzCagefsMpItem.__init__+sI rr7c>>"DOOO YY[[B  "DOOO!DOOOrc\|dkr|d|j|fz|_|S)z%Specify mode as in fluent constructor@Nz%s,%03o)prefixr')r modes rr-zCagefsMpItem.mode8s3 ;;==C   '4?D*AADO rc|jSrr'rs rrzCagefsMpItem.__str__@s rc8|dkrdS|ddkr|dzS|S)Nr"/r)paths r _add_slashzCagefsMpItem._add_slashCs, 2::3 8s??#:  rcdt|}|s|rdSt|}t|}||SNF)r!_adoptis_dummyr4r3 startswith)r anotheradopted this_pathtest_preexist_in_paths r pre_exist_inzCagefsMpItem.pre_exist_inKs%%g.. ==?? g..00 5 ++DIIKK88 , 7 7  G G##$9:::rct|}|s|rdS||krdStjtjgi}g}||||vS)NFT)r!r7r8r,_PREFIX_MOUNT_RW_PREFIX_MOUNT_ROget)r existingr;prefix_compatibility_map null_optionss ris_compatible_by_prefix_withz)CagefsMpItem.is_compatible_by_prefix_withWs%%h// ==?? g..00 5 ;;==GNN,, , ,4%1%BlFcEd#f  {{}} 8 < rFr8r7rPrTr3r,rrrr!r!%sK " " "\ ; ; ;]]] '''##\# ''\'::\:YYYrr!cJtjtSr)osr3existsCAGEFSCTL_TOOLrrris_cagefs_presentr\s 7>>. ) ))rc|d}|d}tj|stj||tj||tj|||dS)Nr2)rYr3isdirmkdirchmodchown)r3r-owner_idgroup_ids r_mk_mount_dir_setup_permresm 7==     tHT8X&&&&&rFctsdS| tddg}n td|g}|r-tj|tjtjdStj|tjtjdS)Nz --wait-lockz --remount-allz --remountstdoutstderr)r\r[ subprocessPopenDEVNULLrun)userremount_in_backgroundcommands r_remount_cagefsrqs    |!=/B!;5V);JDVWWWWWWwz'9*BTUUUUUUrr"cj t||||tsdStjt s2t jtdgt j t j ttt d} t||z | d|D} fd| D} | sv|dd|&|}t!d || t! | ||rt%| n1 | d st) | d |dS#|wxYw) a Add mount point to /etc/cagefs/cagefs.mp :param path: Directory path to be added in cagefs.mp and mounted from within setup_mount_dir_cagefs(). If this directory does not exist, then it is created. :param added_by: package or component, mount dir relates to, or whatever will stay in cagefs.mp with "# added by..." comment :param mode: If is not None: Regardless of whether directory exists or not prior this call, it's permissions will be set to mode. :param owner_id: Regardless of whether directory exists or not prior this call, it's owner id will be set to. If None, the owner won't be changed. :param group_id: Regardless of whether directory exists or not prior this call, it's group id will be set to. If None, the group won't be changed. :param prefix: Mount point prefix. Default is mount as RW. Pass '!' to add read-only mount point. Refer CageFS section at http://docs.cloudlinux.com/ for more options. :param remount_cagefs: If True, cagefs skeleton will be automatically remounted to apply changes. :param remount_in_background: If True, cagefs remount will be done in separate background process, without waiting for completion :returns: None Propagates native EnvironmentError if no CageFS installed or something else goes wrong. Raises CagefsMpConflict if path is already specified in cagefs.mp, but in a way which is opposite to mount_as_readonly param. Nz --create-mprgzr+c3>K|]}|VdSr)rstrip).0 file_lines r z)setup_mount_dir_cagefs..s.FFy ((**FFFFFFrc>g|]}||Sr)r>)rurJr s r z*setup_mount_dir_cagefs..s,PPP!x7L7LQ7O7OPAPPPrrz# next line is added by )fileror2)rer\rYr3rZr rjrmr[rladd_new_line_to_cagefs_mpopenr!r-seekr(printcloserqrFr) r3added_byr-rcrdr,remount_cagefsro cagefs_mp trim_nl_iterpre_exist_optionr s @rsetup_mount_dir_cagefsrsRT48<<<    7>>, - -n 6z?QZdZlmmmm '..I ..33D99FFIFFF PPPP|PPP C NN1a ##>>++0(KKKK ( + + + + OO    M6KLLLL667G7KLL C"8-=b-ABB B OO     IOO    s C(FF2cttd5}|cdddS#1swxYwYdS)Nr)r~r readlines)fs r_get_cagefs_mp_linesrs  # & &!{{}}s 7;;cttd5}||cdddS#1swxYwYdS)Nw)r~r writelines)linesrs r_write_cagefs_mp_linesrs  # & &#!||E""##################s 8<<ct}|r?|ddkr5|dddkr%|dxxdz cc<t|dSdSdSdS)zR Add new line to the end of /etc/cagefs/cagefs.mp file if it is not there rr"r2 N)rr)rs rr}r}ss ! " "E &qRE"IbMT$9$9 b T u%%%%%&&$9$9rct}tjdtjtj|fd|D}t||rt|dSdS)af Remove mount points matching given path from cagefs.mp file :param str path: Path that should be removed from file. :param bool remount_cagefs: Remount cagefs skeleton or not :param remount_in_background: If True, cagefs remount will be done in separate background process, without waiting for completion :return: Nothing z^[{prefix}]?{path}(,\d+)?$)r,r3c3FK|]}||VdSr)match)ruliners rrwz*remove_mount_dir_cagefs.. s2LLaggdmmLLLLLLLrr|N) rrecompileformatr!rSescaperrq)r3rrorlines_with_excluded_pathrs @rremove_mount_dir_cagefsrs ! " "E /66' Yt__7  A MLLLLLL3444E.CDDDDDDEErc@tjdS)zEIf this folder /var/.cagefs exists, it means process is inside cagefsz /var/.cagefs)rYr3r_rrr in_cagefsr's 7== ( ((rc d}|tjvrtj|ddl}n#t$rYdSwxYw ||sdSn#t $rtdwxYwdS)z, Check that cagefs enabled for user z/usr/share/cagefs/rNFz;ERROR: CageFS version is unsupported. Please update CageFS.T)sysr3append cagefsctl ImportErroris_user_enabledAttributeErrorr)rncagefs_lib_dirrs r_is_cagefs_enabledr,s-  ) ) HOON + + + uue((.. 5  eee%&cddde 4s36 AAA A:)r]NNr6)Nr]NNr"FF)FF) __future__rrrrYrrjrr r[rrrr!r\rerqrrrr}rrrrrrrs&%%%%%&&&&&&  ,*y*****i*** ________D*** ' ' ' ' V V V VUYRWPPPPf ### &&&EEEE*))) r