fix system-profile
This commit is contained in:
parent
a6d412b589
commit
918c070f73
1 changed files with 28 additions and 22 deletions
|
|
@ -4,11 +4,11 @@ from core.models.BaseProfile import BaseProfile
|
||||||
from core.models.system.SystemConnection import SystemConnection
|
from core.models.system.SystemConnection import SystemConnection
|
||||||
from dataclasses import dataclass
|
from dataclasses import dataclass
|
||||||
from typing import Optional
|
from typing import Optional
|
||||||
|
import json
|
||||||
import os
|
import os
|
||||||
import shutil
|
import shutil
|
||||||
import subprocess
|
import subprocess
|
||||||
|
|
||||||
|
|
||||||
@dataclass
|
@dataclass
|
||||||
class SystemProfile(BaseProfile):
|
class SystemProfile(BaseProfile):
|
||||||
connection: Optional[SystemConnection]
|
connection: Optional[SystemConnection]
|
||||||
|
|
@ -17,33 +17,23 @@ class SystemProfile(BaseProfile):
|
||||||
return self.__get_system_config_path(self.id)
|
return self.__get_system_config_path(self.id)
|
||||||
|
|
||||||
def save(self):
|
def save(self):
|
||||||
|
|
||||||
if 'location' in self._get_dirty_keys():
|
if 'location' in self._get_dirty_keys():
|
||||||
self.__delete_wireguard_configuration()
|
self.__delete_wireguard_configuration()
|
||||||
|
|
||||||
super().save()
|
super().save()
|
||||||
|
|
||||||
def attach_wireguard_configuration(self, wireguard_configuration):
|
def attach_wireguard_configuration(self, wireguard_configuration):
|
||||||
|
|
||||||
if shutil.which('pkexec') is None:
|
if shutil.which('pkexec') is None:
|
||||||
raise CommandNotFoundError('pkexec')
|
raise CommandNotFoundError('pkexec')
|
||||||
|
|
||||||
wireguard_configuration_file_backup_path = f'{self.get_config_path()}/wg.conf.bak'
|
wireguard_configuration_file_backup_path = f'{self.get_config_path()}/wg.conf.bak'
|
||||||
|
|
||||||
with open(wireguard_configuration_file_backup_path, 'w') as wireguard_configuration_file:
|
with open(wireguard_configuration_file_backup_path, 'w') as wireguard_configuration_file:
|
||||||
wireguard_configuration_file.write(wireguard_configuration)
|
wireguard_configuration_file.write(wireguard_configuration)
|
||||||
|
|
||||||
wireguard_configuration_is_attached = False
|
wireguard_configuration_is_attached = False
|
||||||
failed_attempt_count = 0
|
failed_attempt_count = 0
|
||||||
|
|
||||||
while not wireguard_configuration_is_attached and failed_attempt_count < 3:
|
while not wireguard_configuration_is_attached and failed_attempt_count < 3:
|
||||||
|
|
||||||
process = subprocess.Popen(('pkexec', 'install', '-D', wireguard_configuration_file_backup_path, self.get_wireguard_configuration_path(), '-o', 'root', '-m', '744'))
|
process = subprocess.Popen(('pkexec', 'install', '-D', wireguard_configuration_file_backup_path, self.get_wireguard_configuration_path(), '-o', 'root', '-m', '744'))
|
||||||
wireguard_configuration_is_attached = not bool(os.waitpid(process.pid, 0)[1] >> 8)
|
wireguard_configuration_is_attached = not bool(os.waitpid(process.pid, 0)[1] >> 8)
|
||||||
|
|
||||||
if not wireguard_configuration_is_attached:
|
if not wireguard_configuration_is_attached:
|
||||||
failed_attempt_count += 1
|
failed_attempt_count += 1
|
||||||
|
|
||||||
if not wireguard_configuration_is_attached:
|
if not wireguard_configuration_is_attached:
|
||||||
raise ProfileModificationError('The WireGuard configuration could not be attached.')
|
raise ProfileModificationError('The WireGuard configuration could not be attached.')
|
||||||
|
|
||||||
|
|
@ -54,41 +44,57 @@ class SystemProfile(BaseProfile):
|
||||||
return os.path.isfile(f'{self.get_system_config_path()}/wg.conf')
|
return os.path.isfile(f'{self.get_system_config_path()}/wg.conf')
|
||||||
|
|
||||||
def address_security_incident(self):
|
def address_security_incident(self):
|
||||||
|
|
||||||
super().address_security_incident()
|
super().address_security_incident()
|
||||||
self.__delete_wireguard_configuration()
|
self.__delete_wireguard_configuration()
|
||||||
|
|
||||||
def delete(self):
|
def delete(self):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
self.__delete_wireguard_configuration()
|
self.__delete_wireguard_configuration()
|
||||||
except ProfileModificationError:
|
except ProfileModificationError:
|
||||||
raise ProfileDeletionError('The WireGuard configuration could not be deleted.')
|
raise ProfileDeletionError('The WireGuard configuration could not be deleted.')
|
||||||
|
|
||||||
if shutil.which('pkexec') is None:
|
if shutil.which('pkexec') is None:
|
||||||
raise CommandNotFoundError('pkexec')
|
raise CommandNotFoundError('pkexec')
|
||||||
|
|
||||||
process = subprocess.Popen(('pkexec', 'rm', '-d', self.get_system_config_path()))
|
process = subprocess.Popen(('pkexec', 'rm', '-d', self.get_system_config_path()))
|
||||||
completed_successfully = not bool(os.waitpid(process.pid, 0)[1] >> 8)
|
completed_successfully = not bool(os.waitpid(process.pid, 0)[1] >> 8)
|
||||||
|
|
||||||
if not completed_successfully:
|
if not completed_successfully:
|
||||||
raise ProfileDeletionError('The profile could not be deleted.')
|
raise ProfileDeletionError('The profile could not be deleted.')
|
||||||
|
|
||||||
super().delete()
|
super().delete()
|
||||||
|
|
||||||
|
def attach_operator_proxy_session(self, operator_proxy_session):
|
||||||
|
from core.models.OperatorProxySession import OperatorProxySession
|
||||||
|
operator_proxy_session_file_contents = f'{operator_proxy_session.to_json(indent=4)}\n'
|
||||||
|
os.makedirs(self.get_config_path(), exist_ok=True)
|
||||||
|
operator_proxy_session_file_path = self.get_operator_proxy_session_path()
|
||||||
|
with open(operator_proxy_session_file_path, 'w') as operator_proxy_session_file:
|
||||||
|
operator_proxy_session_file.write(operator_proxy_session_file_contents)
|
||||||
|
|
||||||
|
def get_operator_proxy_session_path(self):
|
||||||
|
return f'{self.get_config_path()}/operator_proxy_session.json'
|
||||||
|
|
||||||
|
def get_operator_proxy_session(self):
|
||||||
|
try:
|
||||||
|
config_file_contents = open(self.get_operator_proxy_session_path(), 'r').read()
|
||||||
|
except FileNotFoundError:
|
||||||
|
return None
|
||||||
|
try:
|
||||||
|
data = json.loads(config_file_contents)
|
||||||
|
except ValueError:
|
||||||
|
return None
|
||||||
|
from core.models.OperatorProxySession import OperatorProxySession
|
||||||
|
return OperatorProxySession.from_dict(data)
|
||||||
|
|
||||||
|
def has_operator_proxy_session(self):
|
||||||
|
return os.path.isfile(self.get_operator_proxy_session_path())
|
||||||
|
|
||||||
def __delete_wireguard_configuration(self):
|
def __delete_wireguard_configuration(self):
|
||||||
|
|
||||||
if self.has_wireguard_configuration():
|
if self.has_wireguard_configuration():
|
||||||
|
|
||||||
if shutil.which('pkexec') is None:
|
if shutil.which('pkexec') is None:
|
||||||
raise CommandNotFoundError('pkexec')
|
raise CommandNotFoundError('pkexec')
|
||||||
|
|
||||||
process = subprocess.Popen(('pkexec', 'rm', '-d', self.get_wireguard_configuration_path()))
|
process = subprocess.Popen(('pkexec', 'rm', '-d', self.get_wireguard_configuration_path()))
|
||||||
completed_successfully = not bool(os.waitpid(process.pid, 0)[1] >> 8)
|
completed_successfully = not bool(os.waitpid(process.pid, 0)[1] >> 8)
|
||||||
|
|
||||||
if not completed_successfully:
|
if not completed_successfully:
|
||||||
raise ProfileModificationError('The WireGuard configuration could not be deleted.')
|
raise ProfileModificationError('The WireGuard configuration could not be deleted.')
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def __get_system_config_path(id: int):
|
def __get_system_config_path(id: int):
|
||||||
return f'{Constants.HV_SYSTEM_PROFILE_CONFIG_PATH}/{str(id)}'
|
return f'{Constants.HV_SYSTEM_PROFILE_CONFIG_PATH}/{str(id)}'
|
||||||
Loading…
Reference in a new issue