nxd

Your IP : 18.117.135.125

Current Path : /opt/imunify360/venv/lib64/python3.11/site-packages/imav/__pycache__/
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/imav/__pycache__/server.cpython-311.opt-1.pyc
�

c1�g%A��6�dZddlZddlZddlZddlZddlZddlZddlZddlZddl	m
Z
ddlmZm
Z
ddlmZddlmZddlmZmZddlmZddlZdd	lmZddlZddlZddlZdd
lmZddlm Z m!Z!ddl"m#Z#m$Z$m%Z%m&Z&m'Z'dd
l(m)Z)ddl*m+Z+ddl,m-Z-m.Z.ddl/m0Z0ddl1m2Z2ddl3m4Z4ddl5m6Z6m7Z7m8Z8ddl9m:Z:m;Z;m<Z<m=Z=m>Z>ddl?m@Z@mAZAddlBmCZCmDZDmEZEmFZFddlGmHZHddlImJZJddlKmLZLmMZMddlNmOZOddlPmQZQmRZRmSZSddlTmUZUmVZVddlWZWdZXede&jYz��ZZdZ[ej\e]��Z^eMeL� ��e^j_��Z`Gd!�d"��Zaed#���Zbd$�Zcd%�Zdd&�Zed'�Zfd(�Zgd)ee4ehehffd*�Zid+e4fd,�Zjd-�Zkd.�Zld/ehd)dfd0�Zmd1�Znd2�Zod3�Zpd4�Zqd5�ZrdS)6u

This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
�N)�ThreadPoolExecutor)�contextmanager�suppress)�partial)�Path)�CalledProcessError�check_output)�Tuple)�
AlreadyLocked)�files)�health�
inactivity)�ConfigsValidator�Core�Merger�Model�	SimpleRpc)�	HookEvent)�
LicenseCLN)�MessageSink�
MessageSource)�g)�IndependentAgentIDAPI)�TheSink)�instance�simplification�	tls_check)�NonRootRpcServer�NonRootRpcServerAV�	RpcServer�RpcServerAV�
is_running)�persistent_state�systemd_notifier)�Task�create_task_and_log_exceptions�is_root_user�is_systemd_boot)�is_db_corrupted)�EXITCODE_GENERAL_ERROR)�DAY�
rate_limit)�flush_sentry)�MalwareHitStatus�MalwareScanResourceType�VulnerabilityHitStatus)�
MalwareHit�VulnerabilityHiti4z%s.is_corruptedz�Imunify360 database is corrupt. Application cannot run with corrupt database. Please, contact Imunify360 support team at https://cloudlinux.zendesk.com)�periodc��eZdZd�Zd�ZdS)�TaskFactoryc�,�t��|_dS�N)�set�pool)�selfs �@/opt/imunify360/venv/lib/python3.11/site-packages/imav/server.py�__init__zTaskFactory.__init__es���E�E��	�	�	�c��t||���}|j�|��|�|jj��|S)N��loop)r%r9�add�add_done_callback�discard)r:r@�coro�tasks    r;�__call__zTaskFactory.__call__hsF���D�t�$�$�$���	�
�
�d�������t�y�0�1�1�1��r=N)�__name__�
__module__�__qualname__r<rF�r=r;r5r5ds2�������������r=r5c#�K�	dV�dS#t$r;}t�d||��tj|��Yd}~dSd}~wwxYw)z)Log *message* on any error & suppress it.Nzcaught error %r on %s)�	Exception�logger�error�
sentry_sdk�capture_exception)�message�es  r;�log_and_suppress_errorrSosq����(�
��������(�(�(����,�a��9�9�9��$�Q�'�'�'�'�'�'�'�'�'�����(���s�
�
A�0A
�
Ac��(K�td��5tj�t	j����ddd��n#1swxYwYt
�dtj����td��5g}tj
d��4�d{V��dtvrOtj�
��|�tj�����|�|�����tj|��d{V��ddd���d{V��n#1�d{V��swxYwYddd��n#1swxYwYt%|d����D]s}td��5t
�d	|jj|jj��|����d{V��ddd��n#1swxYwY�ttd
��5t-j���d{V��ddd��n#1swxYwYtjd��x}�Atd��5tj|���d{V��ddd��n#1swxYwYtd
��5|���ddd��n#1swxYwYt5��t
�dtj����dS)Nz)marking the start of the shutdown processzshutdown task starting, pid=%sz4preventing new messages (if any) processing to start�
�
sensor_serverc��|jSr7)�SHUTDOWN_PRIORITY)�ps r;�<lambda>z _shutdown_task.<locals>.<lambda>�s	��A�4G�r=)�keyz,This happened while shutting down a plugin!!zShutting down %s.%s...zshutting down IAID API�web_server_restart_taskzwaiting for web server restartz
stopping loopzshutdown task finished, pid=%s)rSr
�sensor�
shutting_down�timerM�info�os�getpid�asyncio�timeoutrrV�close�append�wait_closed�shutdown�gather�sorted�	__class__rHrGr�get�wait_for�stopr-)r@�the_sink�plugin_list�_tasks�plugin�restart_tasks      r;�_shutdown_taskrtys�����	� K�	L�	L�1�1��
�#�#�D�I�K�K�0�0�0�1�1�1�1�1�1�1�1�1�1�1����1�1�1�1��K�K�0�"�)�+�+�>�>�>�	�>�
�
�
*�
*����?�2�&�&�	*�	*�	*�	*�	*�	*�	*�	*��!�#�#���%�%�'�'�'��
�
�a�o�9�9�;�;�<�<�<��M�M�(�+�+�-�-�.�.�.��.�&�)�)�)�)�)�)�)�)�
	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*����	*�	*�	*�	*�	
*�
*�
*�
*�
*�
*�
*�
*�
*�
*�
*����
*�
*�
*�
*���*G�*G�H�H�H�$�$��
#�:�
�
�
	$�
	$�
�K�K�(�� �+�� �)�
�
�
��/�/�#�#�#�#�#�#�#�#�#�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$����
	$�
	$�
	$�
	$��
 � 8�	9�	9�/�/�#�,�.�.�.�.�.�.�.�.�.�/�/�/�/�/�/�/�/�/�/�/����/�/�/�/���7�8�8�8��E�
#�$D�
E�
E�	1�	1��"�<�0�0�0�0�0�0�0�0�0�	1�	1�	1�	1�	1�	1�	1�	1�	1�	1�	1����	1�	1�	1�	1�
 ��	0�	0����	�	�����������������������N�N�N�
�K�K�0�"�)�+�+�>�>�>�>�>s��1A�A�A�E5�2BE�E5�
E"	�"E5�%E"	�&E5�5E9�<E9�#AG:�:G>	�G>	�H;�;H?�H?�+J�J�J�,K
�
K�Kc��t�d|��tj��}tj�|��|_d|_tj|_	t��rd|_nd|_tj
j���|_	|���nC#t"$r6t�d��t'jt*��YnwxYwt-j��tj
j���dS)NzRun as daemon [pidfile = %s]FTz*PID file already locked by another process)rMr`�daemon�
DaemonContext�pidfile�PIDLockFile�prevent_corer�
FILE_UMASK�umaskr(�detach_process�defence360agent�	internals�get_fds�files_preserve�openrrN�sys�exitr*�gc�collect�reconfigure)�pidfilepath�dcs  r;�
_daemonizer��s
��
�K�K�.��<�<�<�	�	�	�	�B���+�+�K�8�8�B�J��B�O���B�H����!�!���� ���'�1�8�@�@�B�B�B��)�
���	�	�	�	���)�)�)����A�B�B�B���'�(�(�(�(�(�)�����J�L�L�L���$�0�0�2�2�2�2�2s�1C�=D�Dc��<K�tj���d{V��dS)zPerform update files on start.N)r�!update_all_no_fail_if_files_existrJr=r;�_initial_files_updater��s-����
�
1�
3�
3�3�3�3�3�3�3�3�3�3r=c�j�|�tj|tj����dSr7)�run_until_completer�run_in_executorr�resetr?s r;�_tls_check_resetr��s6������&�t�Y�_�=�=�����r=c� ���fd�|D��S)Nc�4��g|]}t|����|��SrJ)�
isinstance)�.0rY�pclasss  �r;�
<listcomp>z$plugin_instances.<locals>.<listcomp>�s(���5�5�5�!�z�!�V�4�4�5�A�5�5�5r=rJ)�objsr�s `r;�plugin_instancesr��s���5�5�5�5�t�5�5�5�5r=�returnc���d�|D��}t|t��}|D]E}t�d|��|�|�|�����Ft
||��}t|t��}|D]F}t�d|��|�|�||�����G|�	��|||fS)Nc�"�g|]}|����
SrJrJ)r��plugin_classs  r;r�z"_start_plugins.<locals>.<listcomp>�s��A�A�A�,�|�|�~�~�A�A�Ar=zCreating sink %rzCreating source %r)
r�rrMr`r��create_sinkrr�
create_source�start)r@�plugin_classes�plugins�sinks�sro�sourcess       r;�_start_pluginsr��s���A�A�.�A�A�A�G�
�W�k�2�2�E�
�5�5�����&��*�*�*�����
�
�d� 3� 3�4�4�4�4��u�d�#�#�H��w�
�6�6�G�
�A�A�����(�!�,�,�,��������h� ?� ?�@�@�@�@��N�N�����U�G�#�#r=roc���t�d��tjrtt
f}nttf}|D]+}|�|�	||�����,dS)NzStarting RpcServers...)
rMr`r�SOCKET_ACTIVATIONr!rr rr��create)r@ro�rpc_servers�rpcs    r;�
_start_rpcr��sv��
�K�K�(�)�)�)��"�4�"�$6�7��� �"2�3���<�<������
�
�4�� :� :�;�;�;�;�<�<r=c���	tddgt|��zdditj����}n_#t$r}t|j��}Yd}~n<d}~wt$rt�	d��gcYSt$rgcYSwxYw|����d��}d�|D��}tt|����S)	N�lsofz+wt�PATHz/usr/sbin:/usr/bin)�envz&There is no lsof in /usr/sbin:/usr/bin�
c�0�g|]}|�t|����SrJ)�int)r��lines  r;r�z"_get_pids_open.<locals>.<listcomp>s#��0�0�0�$�4�0�C��I�I�0�0�0r=)r	�listra�environr�bytes�output�FileNotFoundErrorrM�warning�IOError�strip�splitr8)r�outrR�lines�pidss     r;�_get_pids_openr��s����
�U�O�d�5�k�k�)��-�<���<�
�
�
���������A�H�o�o������������������?�@�@�@��	�	�	������	�	�	������I�I�K�K���e�$�$�E�0�0�%�0�0�0�D���D�	�	�?�?�s �14�
B�A�)B�B�Bc�F�t���r�tj��}|dk�r�tj|�����}t
tjtj	��}g}|D]�}	tj|��}n#tj
$rY�)wxYw|���}|r|���}nd}|�||���dt|��zf����	t|��5}	|	���}
ddd��n#1swxYwYn#t t"f$rd}
YnwxYwt%dt&j�d|�d|�dt|���d|�d	|
�d
�
��t+jt.��t1t2j���r�t6���s9t:�t>��t6� ��nt:�!t>��t+jt.��dStEtF��5t6�$��ddd��dS#1swxYwYdS)Nr�Nonezparent process = %szInstance of z% is already running. Parent process "z" with pid "z". Sockets are in use by z. z file contents z pid)�db_path)%r"ra�getppid�psutil�Process�namer�r�SOCKET_PATH�NON_ROOT_SOCKET_PATH�
NoSuchProcess�parentrf�strr��read�OSErrorr��throttled_log_errorr�SVC_NAMEr�r�r*r)rr��_DB_IS_CORRUPTED_FLAG�existsrMrN�_DB_IS_CORRUPTED_MSG�touchr�rr��unlink)rx�ppidr��pids_used_socket�process_used_socket�pid�_pr�
_local_parent�_parent_name�file�written_pids           r;�_check_able_to_startr�s���|�|�--��z�|�|���1�9�9��^�D�)�)�.�.�0�0�F�-��%�y�'E� � ��#%��'�
�
��� �.��-�-�C�C���+�����H����� #�
�
���
� �*�#0�#5�#5�#7�#7�L�L�#)�L�#�*�*�����
�
�-��L�0A�0A�A������
#��'�]�]�.�d�"&�)�)�+�+�K�.�.�.�.�.�.�.�.�.�.�.����.�.�.�.����W�%�
#�
#�
#�"����
#�������M�M�M��F�F��D�D��+�,�,�,�,��G�G��K�K��

�

�

�
�H�+�,�,�,��u�z�*�*�*�	+�$�+�+�-�-�	1��L�L�-�.�.�.�!�'�'�)�)�)�)��N�N�/�0�0�0���'�(�(�(�(�(�
�'�
(�
(�	+�	+�!�(�(�*�*�*�	+�	+�	+�	+�	+�	+�	+�	+�	+�	+�	+�	+����	+�	+�	+�	+�	+�	+sZ�;B�B"�!B"�E
�D>�2E
�>E�E
�E�E
�
E �E �/J�J�Jr�c
��	�t��s3t�d��tjt
��t
��}tjj�	|j
��|jstj
�d��rHtjj�|jptj
�d����tjt"��t%|j��|jr7t+|j��t-jt,jj��t4j�t;j����t=j��st4j� ��tCj"��}tj#��}|�$tKtMd|r|dznd�������|�'tQ����	tS|��tTj+�,tZj.��t_|��taj1��|�2|����	tfthfD]}|���
n]#tjj6$rK}t�7dtq|����tjt
��Yd}~nd}~wwxYw|�2tsj:����s;t�d	��|�2tw����txj=�>t~j@��t�||��\}}}	t�||��t�d
��t�jDt�jFd���}
t�||jH|
��	t�jJ��n2#t�$r%}t�7d
|��Yd}~nd}~wwxYwt�|t�t�||||	z����|�O��t�d��|�P��dS#|�P��wxYw)z�Common function for agent service startup.

    plugin_classes is a list of classes implementing message processing
    plugins. init_actions is a coroutine that will be called prior to starting
    RPC and message processing.z5Imunify agent could be started by the root user only!�IMUNIFY360_LOGGING_CONFIG_FILE� ��)�max_workersz0Failed to stop pending cleanup/patch. Reason: %sNz=Essential files are missing. Performing initial files update.zMessage Bus startedF)�version�residentz!Failed to remove unused locks: %szloop stopped)Qr'rMr`r�r�r*�	parse_clir~r�setLogLevel�verbose�
log_configrar�rl�update_logging_config_from_file�setrecursionlimit�_MAX_RECURSION_DEPTHr�rxrvr�r$�notify�
AgentState�
DAEMONIZEDr
r]�startingr_r�
is_registered�unregisteredrc�get_event_loop�	cpu_count�set_default_executorr�min�set_task_factoryr5r�r�db�initrr��validate_configs_on_startr�update_merged_configr��_stop_pending_cleanup�_stop_pending_patchr�PeeweeExceptionrN�reprr�essential_files_existr�r�track�set_timeoutr�INACTIVITY_TIMEOUTr�r�r�AgentStartedr�VERSIONr&�process_messager#�remove_unused_locksrL�_setup_signal_handlersrrt�run_foreverre)r��init_actions�argsr@�_cpu�_stop_outdatedrRror�r��
agent_starteds           r;r�r�Bsn���>�>�)����K�L�L�L���'�(�(�(��;�;�D���$�0�0���>�>�>���
�"�*�.�.�)I�J�J�
��!�(�H�H��O�O�r�z�~�~�.N�O�O�	
�	
�	
���.�/�/�/����&�&�&��{�H��4�<� � � ��� 0� ;� F�G�G�G�
�M���4�9�;�;�'�'�'��#�%�%�%��
�"�"�$�$�$��!�#�#�D�
�<�>�>�D�	����s�2�4�/F�t�a�x�x�Q�'G�'G�H�H�H����	���+�-�-�(�(�(�6������������$�$�$�!�$�'�'�'��#�%�%�%��������/�/�/�
	-�#8�:M�"N�
!�
!���� � � � �
!���-�	-�	-�	-�
�L�L�B�D��G�G�
�
�
�
�H�+�,�,�,�,�,�,�,�,�����	-�����&�&�u�'B�'D�'D�E�E�	=��K�K�O�
�
�
�
�#�#�$9�$;�$;�<�<�<���$�$�Y�%A�B�B�B�#1�$��#G�#G� ��%���4��"�"�"����)�*�*�*�!�.��L�5�
�
�
�
�	'��(�*�M�	
�	
�	
�	A��0�2�2�2�2���	A�	A�	A��L�L�<�a�@�@�@�@�@�@�@�@�����	A����	��'�.�$��%�'�/�J�J�	
�	
�	
�	
���������N�#�#�#�	
�
�
��������
�
�������sd�3A7S�+K�S�L!�AL�S�L!�!DS�#P7�6S�7
Q&�Q!�S�!Q&�&AS�S+c�j�	tj��dS#t$r�}ddlm}tjt|�����}|�||����t�
t|����tj
t��Yd}~dSd}~wwxYw)Nr)�
execute_hooks)rN)r�validate_config_layersrL�defence360agent.hooks.executerr�AgentMisconfigrr�rMr�r�r�r�r*)r@rRr�agent_misconfigs    r;r�r��s���)��/�1�1�1�1�1���)�)�)�?�?�?�?�?�?�#�2��a���A�A�A�����
�
�o� >� >�?�?�?����s�1�v�v������'�(�(�(�(�(�(�(�(�(�����
)���s��
B2�BB-�-B2c����d���fd�}tjtjtjtjfD]}|�||||���dS)NFc����s/d�t�d|��t|����dSt�d|��dS)NTz	Caught %sz9Caught %s. Shutdown task is already running, please wait.)rMr`r&)r@�sig�called�shutdowntasks  ��r;�_sighandlerz+_setup_signal_handlers.<locals>._sighandler�s]����		��F��K�K��S�)�)�)�3�D�,�G�G�F�F�F��K�K�K��
�
�
�
�
r=)�signal�SIGINT�SIGTERM�SIGUSR1�SIGUSR2�add_signal_handler)r@rrrrs `  @r;rr�sp����
�F��������
�v�~�v�~�v�~�N�=�=������[�$��<�<�<�<�=�=r=c�<�tjd���}|�ddddd���|�d	d
d���|�d
dd���|�dd���|�tjdd���S)NzRun imunify agent)�descriptionz-vr��countrz�Level of logging. Each value corresponds to:1 - console only log level,2 - previous plus add network log,3 - all previous plus add process message log,4 - all previous plus add debug log)�dest�action�default�helpz--daemon�
store_truez
run as daemon)r)r+z	--pidfilez/var/run/imunify360.pidzuse with --daemon)r*r+z--log-configzlogging config filename)r+�)�argparse�ArgumentParser�add_argument�
parse_argsr��argv)�parsers r;r�r��s���
�
$�1D�
E�
E�
E�F�
����
���
2�
�������
�<�o��N�N�N�
����)�
 �����
����-F��G�G�G����S�X�a�b�b�\�*�*�*r=c��tj���tjtjktjtjj	k��}tj
|tj��dS)zP
    Get back to FOUND all malware hits which have stuck in CLEANUP_STARTED
    N)r1�select�where�statusr.�CLEANUP_STARTED�
resource_typer/�FILE�value�
set_status�FOUND��hitss r;rr�sb������$�$���-�=�=�� �$;�$@�$F�F���D���$� 0� 6�7�7�7�7�7r=c��tj���tjtjk��}tj|tj��dS)zZ
    Get back to VULNERABLE all vulnerabilities which have stuck in PATCH_IN_PROGRESS
    N)r2r5r6r7r0�PATCH_IN_PROGRESSr<�
VULNERABLEr>s r;rr�sP���"�$�$�*�*���#9�#K�K���D����&<�&G�H�H�H�H�Hr=)s�__doc__r.rcr��loggingrarr�r_�concurrent.futuresr�
contextlibrr�	functoolsr�pathlibr�
subprocessrr	�typingr
rv�lockfiler�daemon.pidfiler�� defence360agent.internals.loggerr~r�defence360agent.apir
r� defence360agent.contracts.configrrrrr�%defence360agent.contracts.hook_eventsr�!defence360agent.contracts.licenser�!defence360agent.contracts.pluginsrr�&defence360agent.internals.global_scoper�defence360agent.internals.iaidr�"defence360agent.internals.the_sinkr�defence360agent.modelrrr�defence360agent.simple_rpcrrr r!r"�defence360agent.subsysr#r$�defence360agent.utilsr%r&r'r(�defence360agent.utils.check_dbr)�defence360agent.utils.clir*�defence360agent.utils.commonr+r,�defence360agent.sentryr-�imav.malwarelib.configr.r/r0�imav.malwarelib.modelr1r2rOr�r�r�r��	getLoggerrGrMrNr�r5rSrtr�r�r�r�r�r�r�r�r�r�r�rr�rrrJr=r;�<module>ras$����*��������	�	�	�	�����	�	�	�	�
�
�
�
�
�
�
�
�����1�1�1�1�1�1�/�/�/�/�/�/�/�/�������������7�7�7�7�7�7�7�7�������
�
�
�
�"�"�"�"�"�"�����
�
�
�
�'�'�'�'�!�!�!�!�!�!�2�2�2�2�2�2�2�2���������������<�;�;�;�;�;�8�8�8�8�8�8�H�H�H�H�H�H�H�H�4�4�4�4�4�4�@�@�@�@�@�@�6�6�6�6�6�6�E�E�E�E�E�E�E�E�E�E���������������F�E�E�E�E�E�E�E�������������;�:�:�:�:�:�<�<�<�<�<�<�8�8�8�8�8�8�8�8�/�/�/�/�/�/�����������
?�>�>�>�>�>�>�>���������.���;�<�<��%��
��	�8�	$�	$��,�j�j��,�,�,�V�\�:�:�����������(�(���(�,?�,?�,?�^3�3�3�24�4�4�
���6�6�6�$�E�'�4��2E�,F�$�$�$�$�*<�w�<�<�<�<����$9+�9+�9+�x\�$�\��\�\�\�\�~	)�	)�	)�=�=�=�(+�+�+�28�8�8�I�I�I�I�Ir=