Your IP : 216.73.216.172

Current Path : /opt/cloudlinux/venv/lib64/python3.11/site-packages/clselect/__pycache__/
Upload File :
Current File : //opt/cloudlinux/venv/lib64/python3.11/site-packages/clselect/__pycache__/utils.cpython-311.pyc

�

$_$h�@����ddlmZddlmZddlmZddlZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlmZddl
mZmZmZmZddlmZddlmZmZdd	lmZdd
lmZddlmZmZmZddlm Z dd
l!m"Z"ddl#m$Z$ddl%m&Z&ddl'm(Z(dZ)dZ*d8d�Z+d9d�Z,d�Z-d�Z.d�Z/d�Z0d�Z1d�Z2d�Z3d:d�Z4d8d�Z5d;d!�Z6d;d"�Z7d#�Z8d$�Z9d%�Z:d&�Z;d'�Z<d(�Z=d)�Z>d<d,�Z?d-�Z@d.�ZAd/�ZBd8d0�ZCd1eDd2eEfd3�ZFd4eDfd5�ZGd6�ZHd7�ZIdS)=�)�print_function)�absolute_import)�divisionN)�time)�AnyStr�List�Dict�Optional)�Path)�urlparse�
urlunparse)�resolve_username_and_doc_root)�CP_NAME)�NoDomain�NotSupported�
IncorrectData)�mod_makedirs)�init_sentry_client)�get_pkg_version�)�clprint)�ClSelectExceptz/sbin/cagefs_enter_userzehttps://9713d1296f804031b058b8f2d789d7ac:8ddacae32d8246cf8b25cf826bf3fc0a@cl.sentry.cloudlinux.com/12c	��	tj|td��tjtjd|d���}|���\}}nA#ttf$r-}tj	|dt|�����d}~wwxYw|jdkr/tj|pdd�
|���d|�����|S)	z�
    Runs external process and returns output
    :param cmd: command and arguments as a list
    :param env_data
    :return string
    �	/dev/nullT)�stdin�stdout�stderr�	close_fds�env�textrNzoutput of the command: � �
)�
subprocess�Popen�open�PIPE�STDOUT�communicate�OSError�IOErrorr�FileProcessError�str�
returncode�ExternalProgramFailed�join)�cmd�env_data�output�std_out�std_err�es      �E/opt/cloudlinux/venv/lib64/python3.11/site-packages/clselect/utils.py�run_commandr7(s���>��!���{�#�#��?��$����
�
�
��"�-�-�/�/�������W��>�>�>��-�c�!�f�c�!�f�f�=�=�=�����>����
��A����2��Q�Q�#�(�(�3�-�-�-�-���Q�
�
�	
��Ns�AA�B�'(B�Bc
�D�	tj|td��tjtj|d||���}|���\}}nA#t
tf$r-}tj|dt|�����d}~wwxYw|j
||fS)a�
    Runs external process and returns output.
    Differs from subprocess.check_output, run_command above, and check_output below in that it does not
     throw an exception if process's return code != 0
    :param cmd: command and arguments as a list
    :param env_data
    :param preexec_fn: Pre-exec function. None if don't need
    :param cwd: Directory name to set as current
    :return Cortege: (ret_code, stdout, stderr)
    rT)rrr�
preexec_fnr�cwdrrN)r#r$r%r&r(r)r*rr+r,r-)r0r1r9r:�processr3r4r5s        r6�run_command_fullr<Cs���
>��"���{�#�#��?��?�!����	
�	
�	
��#�.�.�0�0�������W��>�>�>��-�c�!�f�c�!�f�f�=�=�=�����>������w��/�/s�AA�B�((B�Bc��d}	t|��}|���}|���n#ttf$rYnwxYw|S)z8
    Reads file contents and returns it as a string
    �)r%�read�closer)r*)�filename�defaults_contents�fs   r6�read_file_as_stringrD_sb����
���N�N���F�F�H�H��	���	�	�	�	���W��
�
�
���
�����s�7<�A�Ac��t|i|��dS�N)�check_output)�args�kwargss  r6�
check_callrJms���$�!�&�!�!�!�!�!�c��|�dd��}|�d��}|�dd��}|�dd��}|r||z
}|d=	tjd	|tjtjdd�|��}nA#t
tf$r-}tj|dt|�����d}~wwxYw|�
��\}}	|r)|�|��|���|�|�
��|jrtj|p|	p|���|S)
av
    check_output(val1, val2, val3, arg4=val4)
    equivalent
    check_output(args=(val1, val2, val3), arg4=val4)
    or equivalent
    check_output(val1, args=(val2, val3), arg4=val4)
    DON'T USE check_output((val1, val2, val3), arg4=val4)
    :param tuple *args: arguments for command line
    :param dict **kwargs: parameters for subprocess.Popen
    :return str:
    �errorNrHr2�waitT)rHrrr r�)�pop�getr#r$r&r)r*rr+r,r(�writer@rNr-r.)
rHrIrM�args_from_kwargsr2rN�pr5rrs
          r6rGrGqsN��
�J�J�w��%�%�E��z�z�&�)�)��
�Z�Z��$�
'�
'�F��:�:�f�d�#�#�D���� � ���6�N�?���l�$�z��z��]a�l�l�ek�l�l�����W��?�?�?��-�d�1�g�s�1�v�v�>�>�>�����?�����]�]�_�_�N�F�F�
�����V������������	�������|�N��2�5�3L�F�3L�f�M�M�M��Ms�#*B�C�(C�Cc�D���fd�tj���D��S)Nc���g|]A}tj�tj��|�����?|��BSrO)�os�path�isdirr/)�.0�drXs  �r6�
<listcomp>zlist_dirs.<locals>.<listcomp>�s<���P�P�P�!�2�7�=�=�����d�A�9N�9N�+O�+O�P�A�P�P�PrK)rW�listdir�rXs`r6�	list_dirsr_�s'���P�P�P�P�r�z�$�'�'�P�P�P�PrKc
#�K�|V�|D]M\}}|t|��zV�|D]1}|d�tt||f����zV��2�NdS)N�.)r,r/�map)rX�versions�major�minors�minors     r6�
versioningrg�s�����
�J�J�J�!�<�<�
��v��S��Z�Z������	<�	<�E�����#�c�E�5�>�":�":�;�;�;�;�;�;�;�	<�<�<rKc���	tj|��dS#t$rA}|jtjkr tj�|��rn�Yd}~dSd}~wwxYwrF)rW�makedirsr)�errno�EEXISTrXrY)rX�excs  r6�mkdir_prm�ss���
��D������������9���$�$�����t�)<�)<�$���
�D�D�D�D�D��������s��
A#�6A�A#c��tj�tj|��j��}tj�tj�||����}t||��d�tj	��}t||f��stjd|�d|�d����||fS)z�
    Returns absolute and relative to user's home directories paths,
    after eliminating all symlinks
    :param user: Unix user whose home contains the directory
    :param directory: The directory to obtain absolute and relative paths for
    �zDirectory 'z' not in user home ('z'))
rWrX�realpath�pwd�getpwnam�pw_dirr/�s_partition�lstrip�sep�allr�	WrongData)�user�	directory�user_dir�abs_dir�rel_dirs     r6�get_abs_relr~�s����w�����T� 2� 2� 9�:�:�H��g���r�w�|�|�H�i�@�@�A�A�G��'�8�,�,�Q�/�6�6�r�v�>�>�G����!�"�"�i��&�&�S\�S\�S\�^f�^f�^f�'g�h�h�h��G��rK�rc��d}t|||���}	|���}|���n#|���wxYw|S)zg
    read file and close
    :param path: file path
    :param mode: reading mode
    :return str:
    N)�mode�errors)r%r?r@)rXr�r��data�streams     r6�	file_readr��sU���D�
�$�T�&�
1�
1�
1�F���{�{�}�}���������������������Ks	�?�Ac��g}t||���}	|���}|���n#|���wxYw|S)zE
    read litle file and close
    :param path:
    :return str:
    �r�)r%�	readlinesr@)rXr�r�r�s    r6�file_readlinesr��sW���D�
�$�v�
&�
&�
&�F�����!�!���������������������Ks	�>�A�wc��t|||���}	|�|��|���dS#|���wxYw�zN
    write litle data to file and close
    :param path:
    :return str:
    r�N)r%rRr@)rX�liner�r�r�s     r6�
file_writer��sR���$��V�
,�
,�
,�F�����T�����������������������	�?�Ac��t|||���}	|�|��|���dS#|���wxYwr�)r%�
writelinesr@)rX�linesr�r�r�s     r6�file_writelinesr��sT���$��V�
,�
,�
,�F�����%� � � �������������������r�c��tjddkr+tjddkr|�|��S|�|d��}t	|��dkr|d||df}n|dddf}|S)z�
    str.partition for all python versions
    :param s:		string to parse
    :param sep:		separator to split by
    :return:		cortege - see str.partition function for python 2.5+
    rror�r>)�sys�version_info�	partition�split�len)�srv�s_parts�ret_corteges    r6rtrt�s�������a���C�$4�Q�$7�1�$<�$<��{�{�3�����g�g�c�1�o�o�G�
�7�|�|�q����q�z�3���
�3����q�z�2�r�*���rKc���	t|d��}n#t$rYdSwxYwd}tj|��}|D]}|�|��r|dz
}�|���|S)z"
    find regex count in file
    rNrr)r%r*�re�compile�searchr@)�patternrXrC�counter�regexr�s      r6�grepr�s������s�O�O���������t�t������G��J�w���E������<�<����	��q�L�G���G�G�I�I�I��Ns��
!�!c�$�ddlm}||��S)z�
    Determines is user should be skipped in selectorctl work
    :param username: user name to check
    :return: True - user should be skipped, False - not
    r)�is_admin)�clcommon.cpapir�)�usernamer�s  r6�user_should_be_skippedr�s(��(�'�'�'�'�'��8�H���rKc	��tj�|��se	t|d��dS#tt
f$r>}t
d|dt|����tj	d��Yd}~dSd}~wwxYwdS)Ni�zError: failed to create�:r)
rWrXrYrr*r)�printr,r��exit)�dest_dirr5s  r6�make_dirr�&s���
�7�=�=��"�"��	���5�)�)�)�)�)����!�	�	�	��+�X�s�C��F�F�C�C�C��H�Q�K�K�K�K�K�K�K�K�K�����	�����s�3�B�3A=�=Bc��	tj|��n#t$rYnwxYwtj�|��rtj|d��dSdS)NT)rW�unlinkr)rXrY�shutil�rmtreer^s r6�remove_file_or_dirr�/sn��
�
�	�$�������
�
�
���
����	�w�}�}�T���"��
�d�D�!�!�!�!�!�"�"s��
$�$c��	tj�|��rEtj|��|kr+tj|��tj||��dSdSt
|��tj||��dS#t$r@}td|d|dt|����tjd��Yd}~dSd}~wwxYw)NzError: failed to create symlinkz->r�r)rWrX�islink�readlinkr��symlinkr�r)r�r,r�r�)�src�dstr5s   r6�make_symlinkr�8s���
�
�7�>�>�#���	!��{�3���3�&�&��	�#�����
�3��$�$�$�$�$�'�&�
�s�#�#�#��J�s�C� � � � � ������
�/��d�C��c�!�f�f�M�M�M��������������������s�A B�&$B�
C�5C�Cc�2�tj|ddd���S)N�)�,z: T)�indent�
separators�	sort_keys)�json�dumps)r�s r6�pretty_jsonr�Fs���:�d�1���M�M�M�MrKr Fc	���|}d}	t||���\}}n�#t$rCtj|dd�||��d���tjd��Yn�t$r:|rn4tj|ddtzd���tjd��YnAt$r5tj|dd|�d	|��d���tjd��YnwxYw||fS)
a�
    Safely resolve username and doc_root by domain,
    or resolve document root by username,
    or resolve document root and username by effective uid
    :param pass_not_supported_panel: pass not supported panel for php selector
    :param msg_format: error messages' format (json or text)
    :param user: str -> name of unix user
    :param domain: str -> domain of panel user
    :return: tuple -> user, doc_root
    N)ry�domain�ERRORz(No domain found for user: {}, domain: {})�status�messagerz6NodeJs/Ruby/Python selector not supported for %s panelzDomain z is not owned by the user )
rrr�
print_diag�formatr�r�rrr)ryr��
msg_format�pass_not_supported_panel�result_user�result_doc_roots      r6�$safely_resolve_username_and_doc_rootr�KsW���K��O��'D���(
�(
�(
�$��_�_���������7�7a�7h�7h�im�ou�7v�7v�w�w�	
�	
�	
�	������������#�	�����"�/g�jq�/q�r�r�
�
�
�
�H�Q�K�K�K����������7�7�bh�bh�bh�jn�jn�7o�p�p�	
�	
�	
�	��������	������'�'s��A
C'�'AC'�);C'�&C'c���t||��d}|D](}t||��d}||kr
||cS�)td�|�����)a
    Transform all directories to realpath, compare and return config value
    :param user: str -> unix user - owner of the config
    :param directory: str -> wanted directory key
    :param config: dict -> config to get value from,
        should have directories as keys
    r�%Config does not contain directory: {})r~�KeyErrorr�)ryrz�config�
abs_directory�conf_dir�abs_conf_dirs      r6�get_using_realpath_keysr�us{�� ��i�0�0��3�M��$�$��"�4��2�2�1�5���L�(�(��(�#�#�#�#�)��:�A�A�)�L�L�
M�
M�MrKc��t||��d}d}t|�����}|D]#}t||��d}||kr||=d}�$|s"td�|�����dS)a
    Transform all directories to realpath, compare and remove directory key
    :param user: str -> unix user - owner of the config
    :param directory: str -> wanted directory key
    :param config: dict -> config to remove key from,
        should have directories as keys
    rFTr�N)r~�list�keysr�r�)ryrzr�r��removed_at_least_one�config_keysr�r�s        r6�delete_using_realpath_keysr��s��� ��i�0�0��3�M� ���v�{�{�}�}�%�%�K��(�(��"�4��2�2�1�5���L�(�(��x� �#'� ���R��>�E�E�i�P�P�Q�Q�Q�R�RrKc�^�t||��dt||��dkS)a#
    Checks that two paths in user home directory are the same after
    stripping symlinks
    :param user: Unix user whose home directory contains both paths
    :type path1: str
    :type path2: str
    :return: True if paths are canonically the same otherwise False
    :rtype: bool
    r)r~)ry�path1�path2s   r6�realpaths_are_equalr��s-���t�U�#�#�A�&�+�d�E�*B�*B�1�*E�E�ErKc�l�i}|si}t||g|z}tj||tjtjd���}|���\}}|j}	|s,|	dkr&d�|��dt��d�}n|���}||d<|	|d<|	rdnd	|d
<|S)z=
    Run any process using the utility cagefs_enter_user
    T)rrrr �z�User's process "{}" failed and didn't return anything. It could mean that user has too small limit of PMEM for running of cloudlinux-selector. Please, increase the limit to user and try run process againrM)�details�result�	timestampr2r-F�failed)	�CAGEFS_ENTER_USER_BINr#r$r&r(r-r�r�strip)
ry�path_to_utility�args_for_utility�env_varsr�r0r;r�_�retcodes
          r6�run_process_in_cagefsr��s���
�F����� �$��
8�;K�
K�C���s����Q[�Q`�gk�l�l�l�G��#�#�%�%�I�F�A�� �G�
�	 �g��m�m�C�CI�6�/�CZ�CZ�����
�
����������F�8��"�F�<��&�1�t�t�E�F�8���MrK�version�returnc��tdtd��td���}d|�dd����}d}t	d��}|���sdS	t
|��5}|���}d	d	d	��n#1swxYwY|�d
��std|�d����||vrd
S||vr[t	|�
d
�������}|���}|t|��vrd
Sn#|���YnxYwdS)ar
    Check if python version is used by imunify packages
    The algorithm is as follows:
    - Verify if imunify services are installed
    - Check if shebang contains the path to the specified Python version being checked
    - If shebang contains the path to the imunify virtual environment,
      determine the Python version it is based on by reading a symlink
    �
lvemanagerF)�release�dsn�handlez/opt/alt/pythonrar>z/opt/imunify360/venvz/usr/bin/imunify-serviceNz#!zERROR: "z" doesn't have a shebangT)rr�	LVEMANDSN�replacer�is_filer%�readline�
startswith�	Exceptionrur�r�r,�captureException)	r��
sentry_client�alt_path�imunify_venv_path�imunify_servicerC�
first_line�venv_python_bin�
python_bins	         r6�is_imunify_using_pythonr�s���'�|�_�\�=Z�=Z�`i�rw�x�x�x�M�;�����b�!9�!9�;�;�H�.���5�6�6�O��"�"�$�$���u�)�
�/�
"�
"�	&�a������J�	&�	&�	&�	&�	&�	&�	&�	&�	&�	&�	&����	&�	&�	&�	&��$�$�T�*�*�	S��Q��Q�Q�Q�R�R�R��z�!�!��4��
�*�*�"�:�#4�#4�T�#:�#:�#@�#@�#B�#B�C�C�O�(�1�1�3�3�J��3�z�?�?�*�*��t���)��&�&�(�(�(�(�(�����5s7�'D0�6B�D0�B�D0�B�/D0�AD0�0Eryc�>���tj������fd�}|S)z
    Drops to user
    c���tj�j��tj�j���tjd<�jtjd<dS)N�USER�HOME)rW�setgid�pw_gid�setuid�pw_uid�environrs)ry�user_pwds��r6�funczdemote.<locals>.func�sG���
�	�(�/�"�"�"�
�	�(�/�"�"�"�!��
�6��%�_��
�6���rK)rqrr)ryrrs` @r6�demoter�s:�����|�D�!�!�H�-�-�-�-�-�-��KrKc�l�d}d}|D](}	||g|�Ri|��}|dz}�#|$r}	|	}Yd}	~	�!d}	~	wwxYw|s|�|S)NFTrO)
r�users�exception_typerHrI�caught_exception�
is_handled�
user_aliasr�r5s
          r6�apply_for_at_least_one_userrs������J����
�	��T�*�6�t�6�6�6�v�6�6�F�
�$��J�J���	!�	!�	!� �����������	!����
�����Ms��-�(�-c��t|��}d|jvr1|j�dd��}|�|���}t	|��S)a�
    Transforms a URL containing a wildcard ('*') in the netloc.

    If the netloc of the URL contains a '*', it replaces the '*' with 'any'.
    This is necessary because URLs with wildcards are not valid for HTTP requests.
    Replacing '*' with 'any' ensures compatibility with systems or libraries
    that do not support wildcards in URLs.

    :param url: str - The URL to transform.
    :return: str - The transformed URL with the wildcard replaced.
    �*�any)�netloc)rrr��_replacer
)�url�parsedrs   r6�transform_wildcard_urlr"sT���c�]�]�F�
�f�m�����&�&�s�E�2�2�������/�/���f���rKrF)NNN)rN)r�N)NNr F)J�
__future__rrrrjrWrqr�r#r�r�r�r�typingrrr	r
�pathlibr�urllib.parserr
�clcommon.clpwdrr�r�clcommon.cpapi.cpapiexceptionsrrr�clcommon.utilsr�clsentryr�clsentry.utilsr�
clselectprintr�clselectexceptrr�r�r7r<rDrJrGr_rgrmr~r�r�r�r�rtr�r�r�r�r�r�r�r�r�r�r�r,�boolrrrr"rOrKr6�<module>r/s���&�%�%�%�%�%�&�&�&�&�&�&�����������	�	�	�	�
�
�
�
�	�	�	�	�����
�
�
�
�����
�
�
�
�������/�/�/�/�/�/�/�/�/�/�/�/�������-�-�-�-�-�-�-�-�8�8�8�8�8�8�"�"�"�"�"�"�P�P�P�P�P�P�P�P�P�P�'�'�'�'�'�'�'�'�'�'�'�'�*�*�*�*�*�*�"�"�"�"�"�"�*�*�*�*�*�*�2��s�	�����60�0�0�0�8���"�"�"����DQ�Q�Q�<�<�<�������&
�
�
�
� ����
�
�
�
�
�
�
�
����$���&	�	�	����"�"�"����N�N�N�
'(�'(�'(�'(�TN�N�N�"R�R�R�(
F�
F�
F� � � � �F$�S�$�T�$�$�$�$�N���������$����rK
?>