Mini Shell
Direktori : /proc/self/root/bin/ |
|
Current File : //proc/self/root/bin/clsupergid_process |
#!/opt/cloudlinux/venv/bin/python3 -bb
# -*- coding: utf-8 -*-
#
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENCE.TXT
# pylint: disable=no-absolute-import
import sys
import os
import grp
import pwd
import subprocess
from clcommon.sysctl import SysCtlConf, SYSCTL_CL_CONF_FILE
from cl_proc_hidepid import remount_proc, get_gid_from_mounts
from clcommon.lib.cledition import lve_supported_or_exit
def _is_group_present_by_id(gid: int):
"""
Checks if group present in system
:param gid: Gid to check
:return: True/False - present/absent
"""
try:
grp.getgrgid(gid)
except KeyError:
return False
return True
def polkitd_process(gids_to_add_list: list):
"""
Add polkitd user to groups
:param gids_to_add_list: List of gids to add user
"""
polkitd_username = "polkitd"
try:
pwd.getpwnam(polkitd_username)
except KeyError:
return
# Determine group names list to add user
group_names_to_add = []
for gid in gids_to_add_list:
try:
_grp = grp.getgrgid(gid)
if polkitd_username not in _grp.gr_mem:
group_names_to_add.append(_grp.gr_name)
except KeyError:
pass
if group_names_to_add:
print("INFO: adding user '%s' to group(s)" % polkitd_username, group_names_to_add)
# usermod -a -G group1,group2 username
cmd = '/usr/sbin/usermod -a -G ' + ','.join(group_names_to_add) + ' ' + polkitd_username
subprocess.run(cmd, shell=True, executable='/bin/bash')
@lve_supported_or_exit
def main():
print("INFO: Checking fs.proc_super_gid group...")
sysctl = SysCtlConf(config_file=SYSCTL_CL_CONF_FILE)
sgid_key = 'fs.proc_super_gid'
proc_super_gid = 0
try:
# sysctl.get may return empty string in some cases like cldeploy
# when CL kernel is not loaded yet and proc has no such param
proc_super_gid = int(sysctl.get(sgid_key))
except ValueError:
pass
if proc_super_gid == 0 or (proc_super_gid != 0 and not _is_group_present_by_id(proc_super_gid)):
print("INFO: clsupergid group absent, creating ...")
sgid_name = 'clsupergid'
subprocess.run('/usr/sbin/groupadd -f ' + sgid_name, shell=True, executable='/bin/bash')
proc_super_gid = grp.getgrnam(sgid_name).gr_gid
sysctl.set(sgid_key, proc_super_gid)
print("INFO: clsupergid group created, gid is", proc_super_gid)
else:
print("INFO: fs.proc_super_gid group already present (gid is {}).".format(proc_super_gid))
remount_proc()
gids_to_add_list = [proc_super_gid]
gid_from_mounts = get_gid_from_mounts()
if gid_from_mounts != proc_super_gid and _is_group_present_by_id(gid_from_mounts):
gids_to_add_list.append(gid_from_mounts)
polkitd_process(gids_to_add_list)
sys.exit(0)
if __name__ == "__main__":
main()
Zerion Mini Shell 1.0