5/9eGddlmZddlmZddlZddlZddlmZmZddlm Z m Z ddl m Z m Z ddddd Zd Zd Zdd ZdZdefdZdS))print_function)absolute_importN)Featureis_panel_feature_supported) SysCtlConfSYSCTL_CL_CONF_FILE)grep)proc_can_see_other_uid_and_hidepid_synced)noaccess invisible12c d} t|d5}|D]g}|}|rO|ds:|}|r$|ddkrd|dvrdddd Sh dddn #1swxYwYn=#tt f$r)}t d |d t|Yd}~nd}~wwxYwd S) z Search for line like "proc /proc proc defaults,hidepid=2,gid=clsupergid 0 0" in /etc/fstab Return True if /proc is mounted with hidepid option in /etc/fstab z /etc/fstabr#rproczhidepid=NTzError: failed to parse:F)openstrip startswithsplitIOError IndexErrorprintstr)fstabfline splitted_linees py/cl_proc_hidepid.py hidepid_foundr%sc E < %   $ $ $zz||$ 4 4$$(JJLLM$$q)9V)C)C VcdeVfHfHf#  $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ Z <<< &sCFF;;;;;;;;< 5sGBAB 1 B>B  B BBBBC)C  Cct|r#tdd|tj|S)N executing )rjoin subprocesscall)cmdverboses r$executer./s4* k388C==))) ?3  FctrdSttjs|rt ddSt t }|rt dtr#|rt dtgd|S| d}| d}|d kr#|rt d tgd |S|rt d td dd|zdg|S)z9 Remount /proc with hidepid=2 option when needed Nz>environment without LVE detected - remounting /proc is skipped) config_filezapply sysctl settingszUhidepid option is found in /etc/fstab - remounting /proc with options from /etc/fstab) /bin/mount-oremount/proczfs.proc_can_see_other_uidzfs.proc_super_gid0zJvirtualized procfs feature is not enabled in sysctl conf - disable hidepid)r2r3zremount,hidepid=0,gid=0r5zenable hidepid for /procr2r3zremount,hidepid=2,gid=r5) r rrLVErrrr%r.get)r-sysctlproc_can_see_other_uid super_gids r$ remount_procr<5sA122 %gk 2 2  T R S S S $7 8 8 8F' %&&&J  k i j j j???III#ZZ(CDD .//I$$  ` ^ _ _ _OOOQXYYY* ())) L$(@(JGTV] ^ ^^r/ctdd}d} |D]}|}||vr||}|dkr7|dz }||d}|d}|dkr |d|}n)|d}|dkr |d|}ndSt|cSn#tt t f$rYnwxYwdS) zN Retrieve hidepid gid from /proc/mounts :return: gid, 0 if absent z ,hidepid= /proc/mountsz,gid=N,r()r rfindintrr ValueError) lines_gen gid_prefixr!poss r$get_gid_from_mountsrHUs [.11IJ   D::<rr)modezhidepid=(\d|\w+)z proc /procr N) rresearchrrHidepidValuesDictr8rgroupOSErrorrrrD) mounts_pathresfiler!ms r$get_hidepid_typing_from_mountsrUxs$ !K C  +C ( ( ( D  I1488zz||..|<<+//AGGAJJCCCE                 Wj* 5      Js5B1BB% B1%B))B1,B)-B11CC)F) __future__rrr*rLclcommon.cpapirrclcommon.sysctlrrclcommon.utilsr r rNr%r.r<rHrCrUr/r$r[s&%%%%%&&&&&& >>>>>>>>;;;;;;;;JJJJJJJJ &   ____@   Fr/