Your IP : 18.188.188.152

Current Path : /opt/imunify360/venv/lib64/python3.11/site-packages/__pycache__/
Upload File :
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/__pycache__/secureio.cpython-311.pyc

�

\�DgAO���ddlZddlZddlZddlZddlZddlmZddlmZddl	m
Z
mZmZm
Z
mZmZmZmZmZmZddlmZddlmZd�Zd�Zed�	��d
���Zer
e��ZeZeZGd�de��Zee��Zd
�Z d�Z!d�Z"d�Z#d�Z$d�Z%Gd�d��Z&ed�	��d���Z'er
e'��Z(d�Z)d�Z*d�Z+d�Z,d�Z-da.dZ/dZ0dZ1d�Z2d �Z3d!�Z4d"�Z5d:d#�Z6d:d$�Z7d:d%�Z8d;d&�Z9d<d'�Z:d=d)�Z;	d>d+�Z<d?d,�Z=d?d-�Z>d.�Z?d/�Z@daAd0�ZBee0�1��ZCd2�ZDdaEd@d3�ZFd4�ZGdAd5�ZHd6�ZId7�ZJejKd8���ZLejKd9���ZMdS)B�N)�	lru_cache)�
TYPE_CHECKING)
�cdll�c_long�	Structure�c_ushort�c_ubyte�c_char�POINTER�c_int�c_void_p�c_char_p)�ClPwd)�drop_user_privilegesc��|dkrt��S|dkrt��Stdt�d|�����)N�libc�liblvezmodule z has no attribute )�
_load_libc�_load_liblve�AttributeError�__name__)�names �h/builddir/build/BUILD/imunify360-venv-2.4.0/opt/imunify360/venv/lib/python3.11/site-packages/secureio.py�__getattr__rsK���v�~�~��|�|��	
��	�	��~�~��
�E�8�E�E�t�E�E�
F�
F�F�c�J�ddgt������S)Nrr)�globals�keys�rr�__dir__r #s ���H�0�w�y�y�~�~�/�/�0�0r)�maxsizec���tjd��}tttg|j_t|j_ttg|j_t|j_tg|j_t|j_tg|j	_t|j	_tg|j_d|j_tg|j_t|j_|S)Nz	libc.so.6)
r�LoadLibraryr�fchown�argtypes�restype�fchmod�	fdopendirr
�readdir�
DIRENTRY_P�	rewinddir�closedir)rs rrr(s�����K�(�(�D�!�5�%�0�D�K���D�K��!�5�>�D�K���D�K�� %�g�D�N��%�D�N��&�J�D�L��%�D�L�� (�j�D�N��!�D�N��'�Z�D�M��!�D�M���Krc�6�eZdZdefdefdefdefdedzfgZdS)�DIRENTRY�d_ino�d_off�d_reclen�d_type�d_name�N)	r�
__module__�__qualname__�ino_t�off_trr	r
�_fields_rrrr.r.PsA������	�%��	�%��	�X��	�7��	�6�C�<� ��H�H�Hrr.c�H�t���|||��S�N)rr$)�fd�uid�gids   rr$r$]s���<�<���r�3��,�,�,rc�F�t���||��Sr;)rr')r<�modes  rr'r'as���<�<���r�4�(�(�(rc�D�t���|��Sr;)r�fdopen�r<s rrBrBes���<�<���r�"�"�"rc�D�t���|��Sr;)rr)��dirps rr)r)is���<�<����%�%�%rc�D�t���|��Sr;)rr+rEs rr+r+ms���<�<�!�!�$�'�'�'rc�D�t���|��Sr;)rr,rEs rr,r,qs���<�<� � ��&�&�&rc�T�eZdZdZd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
S)�StubLVEz?Stub implementation of LVE functions for systems without liblvec��dS�N���r)�self�path�parent_paths   r�open_not_symlinkzStubLVE.open_not_symlinkx����rrc��dSrLr)rNr<s  r�	check_dirzStubLVE.check_dir{rRrc��dSrLr)rNrO�
descriptorrPs    r�isdirz
StubLVE.isdir~rRrc��dSrLr)rNrO�permr<rPs     r�set_perm_dir_securezStubLVE.set_perm_dir_secure�rRrc��dSrLr)rNrOr=r>r<rPs      r�set_owner_dir_securezStubLVE.set_owner_dir_secure�rRrc��dSrLr)rNrOrYr=r>r<rPs       r�create_dir_securezStubLVE.create_dir_secure�rRrc��dSrLr)rNrOrYr=r>rPs      r�makedirs_securezStubLVE.makedirs_secure�rRrc��dSr;r)rNr<�bufs   r�get_path_from_descriptorz StubLVE.get_path_from_descriptor�s���trc��dS�Nrr)rN�dir�subdirs   r�	is_subdirzStubLVE.is_subdir�����qrc��dSrer�rNs r�enable_quota_capabilityzStubLVE.enable_quota_capability�rirc��dSrerrks r�disable_quota_capabilityz StubLVE.disable_quota_capability�rirN)rr5r6�__doc__rQrTrWrZr\r^r`rcrhrlrnrrrrJrJus�������I�I�����������������������������������rrJc�l�	tjd��}nF#t$r9	tjd��}n #t$rt��cYcYSwxYwYnwxYwttg|j_t|j_tg|j	_d|j	_tg|j
_t|j
_tttg|j_t|j_ttttg|j_t|j_tttttg|j
_t|j
_ttttttg|j_t|j_tttttg|j_t|j_ttg|j_t|j_ttg|j_t|j_|S)z>Load liblve if available, otherwise return stub implementationzlibsecureio.so.0zliblve.so.0N)rr#�OSErrorrJrrQr%rr&�closefdrTrWrZr\r^r`rcrh)rs rrr�s�����!�"4�5�5��������	��%�m�4�4�F�F���	�	�	��9�9������	����
�F�����)1�(�';�F��$�&+�F��#� %�g�F�N��!�F�N��
"'��F���$�F���&�u�h�7�F�L�� �F�L��,4�U�E�8�*L�F��'�).�F��&�-5�e�U�E�8�+T�F��(�*/�F��'�*2�5�%���x�(X�F��%�',�F��$�(0���u�h�&O�F��#�%*�F��"�
16�x�/@�F�#�,�.6�F�#�+�"*�8� 4�F���$�F����Ms/��
A�7�A�A�A�A�A�Ac�F�t���||��Sr;)rrQ)rOrPs  r�_open_not_symlinkrt�s���>�>�*�*�4��=�=�=rc�D�t���|��Sr;)rrTrCs rrTrT�s���>�>�#�#�B�'�'�'rc�H�t���|||��Sr;)rrW)rOrVrPs   rrWrW�s���>�>����j�+�>�>�>rc�F�t���||��Sr;)rrc)r<rbs  rrcrc�s���>�>�2�2�2�s�;�;�;rc�F�t���||��Sr;)rrh)rfrgs  rrhrhs���>�>�#�#�C��0�0�0rTz/var/log/cagefs-update.logi�Fc�Z�tj|tjtjz��Sr;)�os�open�O_RDONLY�
O_NOFOLLOW�rOs rrQrQs��
�7�4���r�}�4�5�5�5rc�F�tjt|��d��S)N�r)rzrBrQr~s r�open_file_not_symlinkr�s��
�9�%�d�+�+�S�1�1�1rc�6�tj|��}t|��}|std���t	|��g}	t|��}|sn"|j}|�|j���4t	|��t|��|S)z:Returns list of entries of directory pointed by descriptorzfdopendir error)
rz�dupr(�RuntimeErrorr+r)�contents�appendr3r,)r<�fd2rF�dirlist�entryp�entrys      r�flistdirr�s���
�&��*�*�C��S�>�>�D��.��,�-�-�-�
�d�O�O�O��G�%�������	��������u�|�$�$�$�%��d�O�O�O��T�N�N�N��Nrc�Z�|�(	tj|��dS#t$rYdSwxYwdSr;)rz�closerqrCs rrrrr7sF��	�~�	��H�R�L�L�L�L�L���	�	�	��D�D�	�����~s��
(�(c���|�d}t���|���|||�����}|dkr|S|�|d|zdd��dS)z{Sets permissions to directory (in secure manner)
    Returns descriptor if successful
    Returns None if error has occuredNrMrz.Error: failed to set permissions of directory FT)rrZ�encode)rOrYrPr<�loggers     rrZrZ?sr��
�z�
��	���	+�	+�D�K�K�M�M�4��[�EW�EW�EY�EY�	Z�	Z�B�	�A�v�v��	�
����?�$�F��t�T�T�T��4rc���|�d}t���|���||||�����}|dkr|S|�|d|zdd��dS)zSets owner and group of directory (in secure manner)
    Returns descriptor if successful
    Returns None if error has occuredNrMrz(Error: failed to set owner of directory FT)rr\r�)rOr=r>rPr<r�s      rr\r\Mst��
�z�
��	���	,�	,�T�[�[�]�]�C��b�+�J\�J\�J^�J^�	_�	_�B�	�A�v�v��	�
����9�D�@�%��N�N�N��4rc	���|�d}t���|���|||||�����}|dkr|S|�|d|zdd��dS)z�Creates directory if it does not exist, sets permissions/owner otherwise
    Returns descriptor if successful
    Returns None if error has occuredNrMr�#Error : failed to create directory FT)rr^r�)rOrYr=r>rPr<r�s       rr^r^[sv��
�z�
��	���	)�	)�$�+�+�-�-��s�C��[�M_�M_�Ma�Ma�	b�	b�B�	�A�v�v��	�
����4�t�;�U�D�I�I�I��4rc��t���|���||||�����}|r|r|d|zdd��|S)zeRecursive directory creation function
    Returns 0 if successful
    Returns -1 if error has occuredr�FT)rr`r�)rOrYr=r>rPr��ress       rr`r`isg���.�.�
(�
(�������c�3��HZ�HZ�H\�H\�
]�
]�C�
�J�v�J���4�t�;�U�D�I�I�I��Jrc���|�|�|�|�td���|duo|du}|rt||��	t|��}|���}|���|rt��|S#ttf$r_}|rt��td|zdzt|��ztd|��|s�tjd��Yd}~dSd}~wwxYw)z read file not following symlinksNzEread_file_secure: uid and gid should be both null or be both not nullzError: failed to read � : �)
r��
set_user_permr��	readlinesr��
set_root_permrq�IOError�logging�str�SILENT_FLAG�sys�exit)	�filenamer=r>�
exit_on_error�	write_log�	drop_perm�file_object�content�es	         r�read_file_securer�ss������S�_����b�c�c�c��D��7�s�$��I�� ��c�3����
�+�H�5�5���'�'�)�)���������	��O�O�O�����W������	��O�O�O��(�8�3�e�;�c�!�f�f�D�k�ST�V_�`�`�`��	������������������
���s�AA<�<C,�
AC'�'C,�c
�T�tj�|��}|rt||��d}d}		t	jd|���\}}	tj|d��}
|
�d�|����|s$|�"|� t|||��rtd���t||��rtd���|
����n+#ttf$r�}	|
���n#t$rYnwxYw	tj|��n#t$rYnwxYw	tj|	��n#t$rYnwxYw|rt!��t#d|�d	t%|���d
d����t(d|��Yd}~d
Sd}~wt$rD}t#dt%|����t(d��t+jd��Yd}~nd}~wwxYwd}	tj|	|��nl#t$r_}d
}t#d|zd	zt%|��zt(d|��	tj|	��n#t$rYnwxYwYd}~nd}~wwxYw|rt!��|S)z!Returns True if error has occuredN�cagefs_)�prefixrf�w�z
fchown failedz
fchmod failedzError: failed to write file r��ErrnozErr coder�TzError: Fz$Error: failed to rename tempfile to )rzrO�dirnamer��tempfile�mkstemprB�write�joinr$rqr'r�r��	Exception�unlinkr�r�r��replacer�r�r��rename)
r��ini_pathr=r>r�rYr��dirpathr<�	temp_pathr�r��errors
             r�write_file_securer��s0���g�o�o�h�'�'�G�� ��c�3����	
�B��I�"� �(�	�w�G�G�G�
��I��i��C�(�(�����"�'�'�'�*�*�+�+�+��	/�S�_����b�#�s�#�#�
/��o�.�.�.��"�d���	+��/�*�*�*����������W�����	����������	�	�	��D�	����	��H�R�L�L�L�L���	�	�	��D�	����	��I�i� � � � ���	�	�	��D�	�����	��O�O�O��]�8�]�]��A�����w�PZ�8[�8[�]�]��
��		
�	
�	
��t�t�t�t�t����������"�#�a�&�&�"�"�K��3�3�3��������������������
�E��
�	�)�X�&�&�&�&���������6��A�E�I�C�PQ�F�F�R�T_�ab�dm�n�n�n�	��I�i� � � � ���	�	�	��D�	������������������������Ls��B/C(�(H�:D�F?�
D�F?�D�F?� D5�4F?�5
E�?F?�E�F?�E�F?�
E(�%F?�'E(�(AF?�?
H�:H�H�H,�,
J�6/J�&I;�:J�;
J�J�J�J�Jr�c��|�%tj��}t|dd���tj�|��}d\}}		tj|||���\}}	tj|dd�	��5}
|
�|��ddd��n#1swxYwYnu#ttf$ra|�|	��	tj|��n#ttf$rYnwxYw	tj|	��n#ttf$rYnwxYw�wxYw	tj
|	|��tj|	|��nI#tttf$r/	tj|	��n#ttf$rYnwxYw�wxYw|�htj��}tj|��tjtj����|d
krtj|��dSdSdS)aP
    Safely write string content to a file
    :param content: str
    :param dest_path: str -> path to a file
    :param perm: int -> permissions for the file
    :param prefix: str -> add to temporary file name
    :param suffix: str -> add to temporary file name
    :param as_user: str -> name of the user to drop privileges to
    NTF)�effective_or_real�set_env�NN)r��suffixrfr��surrogateescape)�errorsr)rz�	getgroupsrrOr�r�r�rBr�r�rqr�r��chmodr��	TypeError�getuid�seteuid�setegid�getgid�	setgroups)r��	dest_pathrYr�r��as_user�
old_groupsr�r<r��f_temp�ruids            r�write_file_via_tempfiler��s������\�^�^�
��W��e�L�L�L�L��g�o�o�i�(�(�G��M�B�	�� �(��f�'�;�;�;�
��I�
�Y�r�3�'8�
9�
9�
9�	"�V��L�L��!�!�!�	"�	"�	"�	"�	"�	"�	"�	"�	"�	"�	"����	"�	"�	"�	"����W�����
�:��*��	��H�R�L�L�L�L����!�	�	�	��D�	����	��I�i� � � � ����!�	�	�	��D�	����
������
���D�!�!�!�
�	�)�Y�'�'�'�'���W�i�(����	��I�i� � � � ����!�	�	�	��D�	����
��������y�{�{��
�
�4����
�
�2�9�;�;�����1�9�9��L��$�$�$�$�$�
��
�9s��
1B,�>B �B,� B$�$B,�'B$�(B,�,D�C�D�C,�)D�+C,�,D�0D�D�D�D�D�D�"*E
�
F�%E:�9F�:F�F�
F�Fc�D�	tj|��ng#tf$rY}|rGtdt	|��zdzt	|��z��tjd��nYd}~dSYd}~nd}~wwxYwt||��}	tj|��nS#tf$rE}|r3td|t	|����tjd��nYd}~dSYd}~nd}~wwxYw	tj	|��ng#tf$rY}|rGtdt	|��zdzt	|��z��tjd��nYd}~dSYd}~nd}~wwxYw|dkrda
dSt�����d	a
dS)
Nzfailed to set egid to z: r�rMz'failed to set supplementary groups to :zfailed to set euid to rTF)
rzr�rq�print_errorr�r�r��
get_groupsr�r��	root_flagrrl)r=r>r�r��groupss     rr�r�s����
�
�3�������:�����	��0�3�s�8�8�;�d�B�S��V�V�K�L�L�L��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K�����������S�
!�
!�F��
��V�������:�����	��A�6�3�q�6�6�R�R�R��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������
�
�3�������:�����	��0�3�s�8�8�;�d�B�S��V�V�K�L�L�L��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������a�x�x��	�	�	�	���.�.�0�0�0��	�	�	sF��A;�A	A6�6A;�B$�$C4�/5C/�/C4�8D
�
E1�A	E,�,E1c��	tjd��nR#tf$rD}|r2tdt	|����tjd��nYd}~dSYd}~nd}~wwxYw	tjd��nR#tf$rD}|r2tdt	|����tjd��nYd}~dSYd}~nd}~wwxYwtdd��}	tj	|��nS#tf$rE}|r3td|t	|����tjd��nYd}~dSYd}~nd}~wwxYwda
dS)Nrzfailed to set euid to 0 :r�rMz Error: failed to set egid to 0 :z.Error: failed to set supplementary groups to :T)rzr�rqr�r�r�r�r�r�r�r�)r�r�r�s   rr�r�'s����
�
�1�
�
�
�
���:�����	��3�S��V�V�<�<�<��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������
�
�1�
�
�
�
���:�����	��:�C��F�F�C�C�C��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K�����������1�
�
�F��
��V�������:�����	��H�&�RU�VW�RX�RX�Y�Y�Y��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������I�I�IsD��A&�4A!�!A&�*A?�?C�
4C	�	C�"C7�7E�5E�Ec��tddtj���|D]}t|dtj����ttj���dS)NzError:� )�end�file)r�)�printr��stderr)�args�as  rr�r�Is[��	�(��#�*�-�-�-�-�
�+�+��
�a�S�s�z�*�*�*�*�*�	�s�z������rc�V�t��}t��}t��}|D]Y}||j}|D]G}	||j}n#t
$rY�wxYw||kr |�||j���H�Z|�|��t|��S)z$Returns supplementary groups for uid)	�get_grp_dict�get_pwd_dict�set�gr_mem�pw_uid�KeyError�add�gr_gid�list)	r=r>�gr�pwr��group�members�user�
member_uids	         rr�r�Ps���	���B�	���B�
�U�U�F��-�-���U�)�"���	-�	-�D�
���X�_�
�
���
�
�
���
�����S� � ��
�
�2�e�9�+�,�,�,��
	-��J�J�s�O�O�O���<�<�s�
A�
A�Ac�p�t�)iatj��}|D]}|t|j<�tSr;)�grp_dict�grp�getgrall�gr_name)r��lines  rr�r�es;������
�\�^�^���	*�	*�D�%)�H�T�\�"�"��Or)�min_uidc�4�t���Sr;)�clpwd�
get_user_dictrrrr�r�rs����� � � rc�X�|s|rt|��|�rt}tst��\}}t��	t�>tjd��}ttdd��atj|��t�	|��t�	d��nU#ttf$rA}tdtt|����tjd��Yd}~nd}~wwxYw|st!||��dSdSdS)N�r�r��
zwriting to )r�r��get_permr��log_filerz�umaskr{�LOGFILEr�rqr�r�r�r�r�r�)	�msg�silent�verboser��root_flag_savedr=r>�umask_savedr�s	         rr�r�ys/�����	��#�J�J�J��$�#���	��z�z�H�C���O�O�O�
	��� �h�t�n�n�����a�0�0�����%�%�%��N�N�3�����N�N�4� � � � ����!�	�	�	��
�w��A���7�7�7��H�Q�K�K�K�K�K�K�K�K�����	�����	$��#�s�#�#�#�#�#�#$�$� 	$�	$s�A9B?�?D�7D�Dc���	tj��}tj��}nI#tf$r;}t	dt|����t
jd��Yd}~nd}~wwxYw||fS)Nzfailed to get (euid,egid)r�)rz�geteuid�getegidrqr�r�r�r�)r=r>r�s   rr�r��sy����j�l�l���j�l�l�����:�����/��Q���8�8�8����������������������8�Os�&)�A/�1A*�*A/c��|r t�����nt�����S)z�
    Set CAP_SYS_RESOURCE capability

    :param bool clear: Set on if it's true, set off otherwise
    :return: 0 for success, -1 otherwise
    :rtype: int
    )rrnrl)�clears r�set_capabilityr
�s9��9>�6�<�>�>�2�2�4�4�4�
�^�^�
3�
3�
5�
5�6rc�F�tj|��t��S)a
    Change effective uid of current process and set CAP_SYS_RESOURCE capbality
    to prevent "Disk quota exceeded" error

    :param int euid: User ID to set it as current effective UID
    :return: 0 if capability was set successfuly, -1 otherwise
    :rtype: int
    )rzr�r
)r=s r�
change_uidr�s���J�s�O�O�O����rc��|s"t�����dSt�����dS)zZ
    Disable quota kernel check to allow us to write
    more than user can by quota.
    N)rrlrn��enableds r�_set_quota_checks_statusr�sD��
�2����.�.�0�0�0�0�0����/�/�1�1�1�1�1rc#�~K�td���	dV�td���dS#td���wxYw)NFrT)rrrr�
disable_quotar�sT�����U�+�+�+�+�/�
���� ��.�.�.�.�.�.�� ��.�.�.�.�.���s�*�<c#�K�tj|��}	dV�tj|��dS#tj|��wxYwr;)rzr)�umask_value�saved_umasks  r�	set_umaskr�sO�����(�;�'�'�K��
����
������������������s	�2�Ar�r;)NNTT)Tr�T)r�r�N)T)FTT)F)Nr�r�r��
contextlibrz�	functoolsr�typingr�ctypesrrrrr	r
rrr
r�clcommonr�clcommon.clpwdrrr rrr7r8r.r*r$r'rBr)r+r,rJrrrtrTrWrcrhr�r�MIN_UIDr�rQr�r�rrrZr\r^r`r�r�r�r�r�r�r�r�r�r�r�rr�r�r
rr�contextmanagerrrrrr�<module>r"s����
�
�
�
�
�
�
���������	�	�	�	������� � � � � � �/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�������/�/�/�/�/�/�G�G�G�1�1�1�
��4���������>���:�<�<�D�	���������y�����W�X�
�
�
�-�-�-�)�)�)�#�#�#�&�&�&�(�(�(�'�'�'�"�"�"�"�"�"�"�"�L��4����P�P���P�f��
�\�^�^�F�>�>�>�(�(�(�?�?�?�<�<�<�1�1�1�
�	�
&��

����6�6�6�2�2�2����8�����������������������2;�;�;�;�~AE�3%�3%�3%�3%�l$�$�$�$�N����D������$�����	��g�����!�!�!�
��$�$�$�$�4���	6�	6�	6�	6�
�
�
�2�2�2���/�/���/���������r
?>