Mini Shell

Direktori : /usr/share/cagefs/__pycache__/
Upload File :
Current File : //usr/share/cagefs/__pycache__/cagefslib.cpython-311.pyc

�

z��ԣ�_��
�ddlmZddlmZddlmZddlmZddlZddlmZmZm	Z	m
Z
ddlmZej
��ddlTddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddl Z dd	l!m"Z"m#Z#m$Z$m%Z%m&Z&dd
l!m'Z'm(Z(m)Z)m*Z*ddl!m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1ddl2Z2ddl3m4Z4m5Z5m6Z6dd
l7m8Z8m9Z9ddl:m;Z;m<Z<m=Z=ddl>m?Z?ddl@mAZAddlBmCZCmDZDddlEmFZFmGZGddlHmIZIddlJmKZKddlLZLddlMmNZNddlOmPZPmQZQmRZRddl2mSZSmTZTddlUmVZVGd�deW��ZXdZYdeYzZZdZ[dZ\dZ]d Z^d!Z_dZ`d"aad#Zbdacd$Zdd%Zed&Zfd'Zgd(Zhd)Zid*egzZjd+Zkd,Zld-Zmd.�Znd�d0�Zod�d1�Zpd�d2�Zqd3�Zrd/esfd4�Ztd/esfd5�Zud6�Zvd7�Zwd8�Zxd9�Zyejzd"fd:�Z{d;�Z|e|��peeZ}gZ~d<�Zd=�Z�d>�Z�d?�Z�d"Z�d@Z�d@Z�d@Z�dA�Z�dBe�d/e�fdC�Z�ia�d�dD�Z�dE�Z�dBe�d/dfdF�Z�dG�Z�dH�Z�gZ�dI�Z�dJ�Z�dK�Z��ddL�Z�dM�Z�dN�Z�dBe�d/esfdO�Z�ia�dP�Z�dQ�Z�dR�Z�dS�Z�dT�Z�ia�dU�Z�dV�Z��ddX�Z�ia��ddY�Z�dZ�Z��dd[�Z��dd\�Z�Gd]�d^eW��Z�d_e�d`e�d/e
e�fda�Z�d`e�d/e	e�fdb�Z��ddc�Z��ddd�Z�de�Z�df�Z�ia�dg�Z��ddi�Z��ddj�Z��ddk�Z�dddhdhdgdfdl�Z�dm�Z��ddn�Z�do�Z�dp�Z�dq�Z�dr�Z�ds�Z�dtZ�duZ�iZ�iZ�dve	e�d/e�fdw�Z�dx�Z�dy�Zd	dz�Z�d{d|d}d~dd��a�d�Z�d�Z�e5dzd�zZ�d��Z�d"a�d��Z�d��Z�d��Z�d��Z�d��Zΐd	d��Z�d��Z�d�Zѐdd��Z�d��Z�dddhdhddgdfd��Z�d��ZՐd
d��Z֐d
d��Zאd
d��Zؐd
d��Z�d��Z�d�e�d�e�d/e�fd��Z�dBed/ej�dzfd��Z�					�dd�e�d�e�d�esd�esd�e�e�dzd�esd�e�e�dzd/e�fd��Z�		�dd�e�d�e�d�esd�esd/e�f
d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d
d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�d��Z�de^fd��Z�d��Z�d��Z�d��Z�dd��Z�d��Z�d��Z�d��Z�d	d��Z�d��Z�d��Z�da�d��Z�da�d��Z�da��dd��Z�d��Z�d��Z�d���ZdZdÐez�ZdĐZdŐZdƄ�Zi�adDŽ�ZdȄ�ZdɄ�Z	�ddʄ�Z
d�ad"�a�dd˄�Z
�dd̄�Z	�dd̈́�Zd΄�Zdτ�Zd�ad�ad�ad�adЄ�Z�ddф�Z�dd҄�Z�d	dӄ�Zi�adԄ�ZdՐZdք�Zd�e�d�e�d/ee�e�ffdل�Zd�e�d�e�d/ee�e�ffdڄ�Zd�e�d�e�d/ee�e�ffdۄ�Z d�e	e�d�e�d�e�d�ee�e�fd/df
d߄�Z!d��Z"d�Z#d��Z$d��Z%d��Z&d��Z'd��Z(d�a)d��Z*d��Z+d��Z,d��Z-d��Z.d��Z/d��Z0d�Z1d��Z2d��Z3d��Z4�dd��Z5d��Z6�dd���Z7d���Z8d���Z9d���Z:d���Z;�dd���Z<d���Z=e �j>d����d�����Z?dS(�)�print_function)�absolute_import)�division)�unicode_literalsN)�AnyStr�Dict�List�Optional)�standard_library)�*)�read_file_secure�write_file_secure�
set_user_perm�open_file_not_symlink�
set_root_perm)�create_dir_secure�closefd�set_owner_dir_secure�set_perm_dir_secure)�	root_flag�print_error�
get_groups�clpwd�SILENT_FLAG�logging�get_perm)�CL_ALT_NAME�ETC_CL_ALT_PATH�BASEDIR)�get_linksafe_gid�get_user_prefix)�make_userdir�	read_file�read_file_cached��is_ea4_enabled)�get_alt_dirs)�byteify�
unicodeify)�ClPwd�	clcaptain)�Feature)�is_panel_feature_supported)�
sigterm_check)�ExternalProgramFailed�is_socket_file�mod_makedirs��get_boolean_param�CL_CONFIG_FILE)�loggerc��eZdZd�ZdS)�CageFSExceptionc�0�tj|g|�Ri|��dS�N)�	Exception�__init__)�self�args�kwargss   �]/builddir/build/BUILDROOT/cagefs-7.6.19-1.el9.cloudlinux.x86_64/usr/share/cagefs/cagefslib.pyr;zCageFSException.__init__Cs)����4�1�$�1�1�1�&�1�1�1�1�1�N)�__name__�
__module__�__qualname__r;�r@r?r7r7Bs#������2�2�2�2�2r@r7z.etc.version�/z/etc/cagefs/cagefs.iniz/etc/cl.selector/php.confz/usr/share/cagefsz/usr/share/cagefs/etc.newz/var/run/cagefsFz!/var/log/cagefs-php-opt-check.logz/etc/psa/psa.conf�/var/www/vhostsz/run/systemd/journal/dev-logz"/usr/share/cagefs-skeleton/dev/logz/dev/logz/etc/sysconfig/syslogz -a z/etc/rsyslog.confz(/etc/rsyslog.d/cagefs-syslog-socket.confz/etc/rsyslog.d/schroot.confc��	tj|d��dS#t$r&t|d�����YdSwxYw)z�
    /bin/touch analog - update timestamp of a file if it exists
    or create a file otherwise
    :param fname: file path
    :type fname: string
    N�a)�os�utime�OSError�open�close)�fnames r?�touchrOjs_��!�
�����������!�!�!��U�C����� � � � � � �!���s��,A	�A	�returnc���d�}tt��}t|��D]�\}}||�d��r�||�t
��dkr_||ddks||ddkr|||t
d��}|||<n|||t
d��}|||<n��t
t|d���td	��d
S)z_
    Add syslog socket into CageFS, add it to syslog config and restart
    syslog service
    c�2�|d|�|z||d�zS)z5
        Inserts new inside original at pos.
        NrD)�original�new�poss   r?�_insertz2_add_syslog_socket_for_syslog_pkg.<locals>._insert|s$������~��#�h�s�t�t�n�4�4r@�SYSLOGD_OPTIONS�������"�'T��make_backup�)/sbin/service syslog restart &> /dev/nullN)r#�SYSCONFIG_SYSLOG�	enumerate�
startswith�find�
CAGEFS_SOCKET�
write_file�
ExecuteSimple)rV�lines�i�_�tmps     r?�!_add_syslog_socket_for_syslog_pkgrjws��
5�5�5�
�&�'�'�E��%� � �
�
���1���8���0�1�1�		��Q�x�}�}�]�+�+�r�1�1���8�B�<�3�&�&�%��(�2�,�#�*=�*=�!�'�%��(�M�2�>�>�C�"�E�!�H�H�!�'�%��(�M�2�>�>�C�"�E�!�H��E�		����D�9�9�9�9��=�>�>�>�>�>r@c�Z�dt�d�}tt��}t|��D]9\}}||�d��}|dvr|||d�||<n�:t
j�t��r`ttd��5}|�
��}ddd��n#1swxYwY||krtjt��tt|d���tt|gd���td	��dS)
za
    Add syslog socket into CageFS, add it to rsyslog config and restart
    rsyslog service
    z$AddUnixListenSocket �
z$ModLoad imuxsock)rXrN�rTr\�*/sbin/service rsyslog restart &> /dev/null)�
LOG_SOCKETr#�RSYSLOG_CONFr`rbrI�path�isfile�CHROOT_OLD_CONFrL�read�unlinkrd�CHROOT_CONFre)�chroot_conf_contentrfrgrhrU�f�old_contents       r?�"_add_syslog_socket_for_rsyslog_pkgrz�s}��
A�*�@�@�@���l�#�#�E��%� � �����1��A�h�m�m�/�0�0���g����Q�x����~�E�!�H��E��
�w�~�~�o�&�&�'�
�/�3�
'�
'�	#�1��&�&�(�(�K�	#�	#�	#�	#�	#�	#�	#�	#�	#�	#�	#����	#�	#�	#�	#��-�-�-��I�o�&�&�&���
������
��	�������
�>�?�?�?�?�?s�"C�C�
Cc�P�t��r/t��rt��td��dSdStj�t��rt��dStj�t��rt��dSdS)z�
    Add cagefs skeleton syslog socket to syslog config file.
    Create .conf file for rsyslog
    Restart syslog/rsyslog service
    z/usr/share/cagefs/need.remountN)�is_new_syslog_socket_used�is_old_syslog_socket_in_cage�remove_syslog_socketrOrIrqrrr_rjrprzrDr@r?�add_syslog_socketr�s���!�"�"�-�'�)�)�	4�
!�"�"�"�
�2�3�3�3�3�3�	4�	4�
����(�	)�	)�-�)�+�+�+�+�+�	�����	%�	%�-�*�,�,�,�,�,�-�-r@c	��tj�t��r�t	t��}t|��D]H\}}||�d��r(||�td��}|||<n�Itt|d���td��tj�t��rg	tjt��n;#t$r.}tdtdt|����Yd}~nd}~wwxYwtd	��dSdS)
zl
    Remove syslog socket info for cagefs from system syslog configs
    Restart syslog/rsyslog service
    rW�Tr\r^�removing�:Nrn)rIrqrrr_r#r`ra�replacercrdrervrurKr�str)rfrgrhri�es     r?r~r~�sY��

�w�~�~�&�'�'�C��*�+�+���e�$�$�	�	�D�A�q��Q�x�"�"�#4�5�5�
��A�h�&�&�}�b�9�9����a����
�
	����	
�	
�	
�	
�
	�A�B�B�B�	�w�~�~�k�"�"�D�	>��I�k�"�"�"�"���	>�	>�	>��
�K��c�!�f�f�=�=�=�=�=�=�=�=�����	>����	�B�C�C�C�C�C�
D�Ds�C6�6
D.�$D)�)D.c���tj�t��o@tj�t��t
kot
t
��S)z�
    File `/dev/log` is symlink to socket `/run/systemd/journal/dev-log` if
    server uses the newer version of syslog socket
    )rIrq�islink�DEV_LOG_SOCKET�realpath�SYSTEMD_JOURNAL_SOCKETr0rDr@r?r|r|�sI��
�7�>�>�.�)�)�/�
�����(�(�,B�B�/��-�.�.�/r@c�*�tt��S)zB
    Return True if CageFS has into self an old syslog socket
    )r0rorDr@r?r}r}�s���*�%�%�%r@c���	t|��}n#t$rd}YnwxYw	t|��}n#t$rd}YnwxYw|dks|dkr|dkr||kS||kS|dkr||kS||kS)NrXr)�int�
ValueError)�txt1�txt2�op�i1�i2s     r?�getItemr��s����
��Y�Y��������
���������
��Y�Y��������
��������	�R�x�x�2��8�8�
��7�7��$�;���$�;��
��7�7���7�N���7�Ns��!�!�5�A�Ac��|�d��}|�d��}t|��t|��krt|��}nt|��}t|��D]B}t||||d��rdSt||||d��rdS�Ct|��t|��krdSt|��t|��krdSdS)N�.r�rX)�split�len�ranger�)�base�test�lnrgs    r?�
verComparer�s����:�:�c�?�?�D��:�:�c�?�?�D��D�	�	�C��I�I���
��Y�Y���
��Y�Y��
�2�Y�Y�����4��7�D��G�Q�'�'�	��1�1��4��7�D��G�Q�'�'�	��2�2�	�
�4�y�y�C��I�I����q�	�T���S��Y�Y�	�	��q��rr@c�R�	tj|��dS#t$rYdSwxYwr9)rIrurK�rqs r?ruru's:��
�
�	�$��������
�
�
����
���s��
&�&c���t}tst��\}}t��	t�>t	jd��}t
tdd��at	j|��t�tj	�
���d��dz|zdz��|r?t�d��|D]"}t�d|zdz���#|r?t�d	��|D]"}t�d|zdz���#|r?t�d
��|D]"}t�d|zdz���#nU#ttf$rA}	tdtt|	����t!jd��Yd}	~	nd}	~	wwxYw|st%||��dSdS)N�?rHr�z%Y.%m.%d %H:%M:%S�: rlz8 - The following options have been disabled as unknown:
z     * zF - The following options have been disabled as have incorrect values:
zI - The following options have been disabled as invalid (have no values):
zwriting to )rrr�php_log_optrI�umaskrL�PHP_OPTIONS_LOGFILE�write�datetime�now�strftimerK�IOErrorrr��sys�exitr)
�msg�unknown_options_list�invalid_values_options_list�invalid_options_list�root_flag_saved�uid�gid�umask_saved�optionr�s
          r?�php_options_log_writer�/s	���O����:�:���S���������(�4�.�.�K��2�C��;�;�K��H�[�!�!�!����(�+�/�/�1�1�:�:�;N�O�O�RV�V�Y\�\�_c�c�d�d�d��	=����Y�Z�Z�Z�.�
=�
=���!�!�)�f�"4�t�";�<�<�<�<�&�	=����g�h�h�h�5�
=�
=���!�!�)�f�"4�t�";�<�<�<�<��	=����j�k�k�k�.�
=�
=���!�!�)�f�"4�t�";�<�<�<�<����W������M�#6��A���?�?�?��������������������� ��c�3������ � s�EF
�
G�7G�Gc�z�tj��\}}}t|j��}t|��}|sO|�d|��}|�dd��}tj||��t
|tj���dS	ddl}|���}	n##t$rtj��}	YnwxYwtj|||d|	��|	�
���d��D]2}
tj||
��t
|
tj����3dS)Nr��Errno�Err code)�filerrl)r��exc_infor��	__class__r��syslog�print�stderr�StringIO�ImportError�io�	traceback�print_exception�getvaluer�)�level�includetraceback�exctype�	exception�exctraceback�excclass�messager�r��excfd�lines           r?r�r�OsL��'*�|�~�~�$�G�Y���9�&�'�'�H��)�n�n�G��)�"�(�(�G�G�,���k�k�'�:�.�.���
�e�S�!�!�!�
�c��
�#�#�#�#�#�#�	(��O�O�O��%�%�'�'�E�E���	"�	"�	"��K�M�M�E�E�E�	"����	�!�'�9�l�D�%�P�P�P��N�N�$�$�*�*�4�0�0�	)�	)�D��M�%��&�&�&��$�S�Z�(�(�(�(�(�	)�	)s�
B&�&C�Cc�L�	ttd��5}|���}ddd��n#1swxYwYn#t$rYdSwxYwt	jd|tj��}|sdS|���d�d��S)N�rtz^HTTPD_VHOSTS_D[ \t]+(\S+)$rrE)	rL�GLOBAL_PLESK_CFGrtr:�re�search�	MULTILINE�groups�rstrip)rx�data�matchs   r?�_read_vhosts_dirr�hs����
�"�D�
)�
)�	�Q��6�6�8�8�D�	�	�	�	�	�	�	�	�	�	�	����	�	�	�	��������t�t������I�4�d�B�L�I�I�E����t��<�<�>�>�!��#�#�C�(�(�(s-�A�8�A�<�A�<�A�
A�Ac��t|��}t|��}tD])}t|��}|�|��rdS�*dS�NTF)�
strip_path�addslash�
black_listra)�_file�rfilerqs   r?�is_in_black_listr�{s[���u���E��U�O�O�E�������~�~�����D�!�!�	��4�4�	��5r@c�<�tj��jjS)z*Returns the current line number in program)�inspect�currentframe�f_back�f_linenorDr@r?�linenor��s����!�!�(�1�1r@c�>�|dkr|ddkr
|dd�S|S)Nr�rXrErD��_dirs r?�
stripslashr��s+���r�z�z���H��O�O�����9���Kr@c�8�|dkrdS|ddkr|�d�S|S)Nr�rErXrDr�s r?r�r��s.���r�z�z��s��R��C���������Kr@r�c�2�t��tjd��}ttd��}|D]}|�d|z���|���tj|��tjtd��dS)N��wz%s
�)r.rIr�rL�FUSE_SAFE_LISTr�rM�chmod)�	safe_listr�r��filenames    r?�save_etc_safe_listr��s����O�O�O��(�4�.�.�K����%�%�E��'�'��
���F�X�%�&�&�&�&�	�K�K�M�M�M��H�[�����H�^�U�#�#�#�#�#r@rqc�>�|�t��}|pdS)zB
    Remove leading path to skeleton from the specified path.
    rE)�removeprefix�SKELETONr�s r?r�r��s!�����X�&�&�D��;�3�r@c�x�tj|��D]�}tj�||��}|}|dkr|t	|��d�}|dkr||z}d||<tj�|��r4|stj�|��st||||�����dS)Nr���cut_path�add_path)rI�listdirrq�joinr��isdirr��add_tree_to_list)�src�_list�follow_symlinksr�r��name�srcnamerqs        r?rr�s����
�3���	S�	S���'�,�,�s�D�)�)�����t�����H�
�
���'�D��t����d�?�D���d��
�7�=�=��!�!�	S��	S�r�w�~�~�g�?V�?V�	S��W�e�h��R�R�R�R��	S�	Sr@c���tj�tj�tj�|����tj�|����Sr9)rIrqrr��dirname�basenamer�s r?�
get_real_pathr�sG��
�7�<�<���(�(������)>�)>�?�?���AQ�AQ�RV�AW�AW�X�X�Xr@c�.�|�d��sdSt|d���rdS|�d��s|�d��rdS|dvrdStj�|��sdSt
|z}tj�|��sKtj�|��r>ttj�	|����rt||��dSt||d��dS)N�/etc/T)�etcz/etc/cl.php.d/�/etc/cl.selector/)�/etc/passwd�
/etc/group�/etc/shadowz
/etc/cl.php.dz/etc/cl.selector)ra�move_to_alternativesrIrq�exists�ETC_TEMPLATE_NEW_DIRrrr��is_path_read_only_mountedr��	copy_file�copytree)rq�destinations  r?�copy2etcr�s���?�?�7�#�#�����D�d�+�+�+�������'�(�(��D�O�O�<O�,P�,P�����`�`�`���
�7�>�>�$������&��-�K�	�w�~�~�d���*�����t� 4� 4�*�$=�b�g�>N�>N�t�>T�>T�$U�$U�*��$��$�$�$�$�$���{�D�)�)�)�)�)r@c�\�t|��}t|��}t|��|�d��ri|tvr^t
j�|��r?dt|<t
j�|��rt|td��dSdS)Nr
r�TF)
r�r�rra�
white_listrIrqrrrr�s r?�add_to_white_listr�s����d���D��d���D��T�N�N�N����w�����
�"�"�����t�(<�(<�"� �J�t���w�}�}�T�"�"�
9� ��z�4�8�8�8��t��5r@c��|D]�}t|��}t|��}t|��t|��}||krt|��tj�|��}||kr||krt|��tj�|��r#t	j|��}t|����dSr9)	r�r�rrrIrqr�r��readlink)�pathsrq�path2�path3�linktos     r?�copy_to_etcr$s����
�
���$�����$����������d�#�#���D�=�=��U�O�O�O��� � ��&�&���D�=�=�U�e�^�^��U�O�O�O�
�7�>�>�$���	��[��&�&�F��V�����
�
r@c�,�|�|��Sr9�ra�rq�mounts  r?�$path_includes_mount_point_comparatorr)s�����D�!�!�!r@c�,�|�|��Sr9r&r's  r?�path_is_mounted_comparatorr+s���?�?�5�!�!�!r@c�B�t||��pt||��Sr9)r)r+r's  r?�mounts_are_found_comparatorr-s$��/��e�<�<�g�@Z�[_�af�@g�@g�gr@c�>�|�t}t|��}t|��}|�d��s|�d��rdS|D]F}|dkr>|ddkr2|���}t|��}|||��rdS�GdS)Nr
z	/var/log/Tr�rrEF)�mountsr�r�rar�)rq�
comparator�mounts_listr�s    r?�mounts_are_foundr2#s��������d���D��D�>�>�D����w����4�?�?�;�#?�#?���t������2�:�:�$�q�'�S�.�.��;�;�=�=�D��D�>�>�D��z�$��%�%�
��t�t���5r@c�,�t|t��Sr9)r2r+r�s r?�path_is_mountedr47s���D�"<�=�=�=r@c�,�t|t��Sr9)r2r)r�s r?�path_includes_mount_pointr6=s���D�"F�G�G�Gr@c�Z�ddlm}|��j}t|t|���S)Nr��MountpointConfig)r1)�	cagefsctlr9�read_only_mountsr2r+)rqr9r;s   r?rrAsE��*�*�*�*�*�*�'�'�)�)�:���D�6�(8�:�:�:�:r@c��|t|<dSr9)�	libs_list)�binary�libss  r?�add_libs_to_listr@Os���I�f���r@c�@�	t|S#t$rYdSwxYwr9�r=�KeyError�r>s r?�get_libs_from_listrETs4����� � �������t�t����s��
�c�:�	t|=dS#t$rYdSwxYwr9rBrDs r?�del_libs_from_listrG[s7��
��f������
�
�
����
������
�c��t��	tjd��}t|d��}t	jt
t��|d���|���tj|��tj	|d��dS#t$r}td|d|��Yd}~dSd}~wwxYw)Nr��wb�)�protocolr�zwhile saving�-)r.rIr�rL�pickle�dumpr(r=rMr�r:r)r�r�r��errs    r?�	save_libsrQcs����O�O�O�8��h�t�n�n���X�t�$�$����G�I�&�&���:�:�:�:�
���
�
�
�
������
���5�!�!�!�!�!���8�8�8��N�H�c�3�7�7�7�7�7�7�7�7�7�����8���s�B
B�
C�&B>�>Cc�N�tj�|��r�	t|d��}t	tj|tj�������a	|�
��dS#t$r}td|d|��Yd}~dSd}~wwxYwdS)N�rb)�encoding�loadingrM)
rIrqrrrLr)rN�load�locale�getpreferredencodingr=rMr:r)r�r�rPs   r?�	load_libsrYqs���	�w�~�~�h���7�	7���4�(�(�E�"�6�;�u�v�?Z�?\�?\�#]�#]�#]�^�^�I��K�K�M�M�M�M�M���	7�	7�	7��	�8�S�#�6�6�6�6�6�6�6�6�6�����	7����7�7s�AA;�;
B"�B�B"c�n�t|��}t|��}t|��}|tvSr9)r�r�r�
files_listr�s r?�path_is_in_listr\�s4���d���D��d���D�����D��:��r@c���trt|��rdSt|��}tj�|��r$t
|��std|d|d��dSdSdS)N�
Error in liner�zis not in list)�debug_optionr4r�rIrq�lexistsr\r)rq�linenums  r?�check_errorrb�s�����_�T�2�2�����d���D�	�w���t���P��t�$�$�	P����$��>N�O�O�O�O�O�P�P�	P�	Pr@Tc�,�t|��}tr5t|��}||kr tdt	��d|d|��t
j�|��r�t|��}|tvrbdt|<|rXt
j�
|��r;t
j�|��st|td��dSdSdSdSdStr tdt	��d|��dSdS)Nr^r��!=r�Fr�zpath does not exist:)
r�r_rrr�rIrqr`r�r[rr�r)rq�add_tree�rpaths   r?�add_to_listrg�s)���d���D��L��d�#�#���5�=�=������4��t�U�K�K�K�	�w���t���
H��$�����z�!�!� �J�t���
:�B�G�M�M�$�/�/�
:������9M�9M�
:� ��z�5�9�9�9�9�9�"�!�
:�
:�
:�
:�
:�
:��	H������*@�$�G�G�G�G�G�	H�	Hr@c��|stj|��S	t|}n.#t$r!tj|��xt|<}YnwxYw|Sr9)rI�lstat�
stat_cacherC)rq�	use_cache�ress   r?�cached_lstatrm�sd�����x��~�~��0��������0�0�0�!#��$���/�
�4��3�3�3�0�����Js�
&�(A�Ac�:�	t|=dS#t$rYdSwxYwr9)rjrCr�s r?�clear_stat_cachero�s7��
��t������
�
�
����
���rHc���|dkrt||���}|dkrt||���}tj|tj��tj|tj��krdStj|tj��rFt	j|��}t	j|��}|rt
||��}||kS||kS|tj}	|tj}
|	tjztjz}	|
tjztjz}
|	|
krdS|tj	|tj	ksr|tj
|tj
ksL|tj|tjks&|tj|tjkrdSdS)N�rkFT)
rm�stat�S_ISLNK�ST_MODErIr�get_relative_path�S_ISUID�S_ISGID�ST_MTIME�ST_SIZE�ST_UID�ST_GID)�fileA�fileB�sbA�sbBrk�relative_symlinks�	realfileA�	realfileB�
relative_path�modeA�modeBs           r?�is_same_metadatar��s����T�	�	��5�I�6�6�6���T�	�	��5�I�6�6�6����S���&�'�'�4�<��D�L�8I�+J�+J�J�J��u���S���&�'�'�&��K��&�&�	��K��&�&�	��	.�-�i��?�?�M��
�-�-��I�%�%�����E�����E��d�l�]�
"�t�|�m�3�E�
�d�l�]�
"�t�|�m�3�E�
��~�~��u�	�D�M��c�$�-�0�0�0�c�$�,�6G�3�t�|�K\�6\�6\��D�K�(�C���,<�<�<�#�d�k�BR�VY�Z^�Ze�Vf�Bf�Bf��u��4r@c�t�	t||||||���S#t$r}|jdkcYd}~Sd}~wwxYw)z�
    Returns: True if update of "injail" file is needed
             False if update is NOT needed (file in jail has same metadata)
    )r~rrkr�rKN)r�rK�errno)rS�injail�origstatbuf�
injailstatbufrkr�r�s       r?�is_update_neededr��sp��
�#�H�f�+�=�.7�K\�^�^�^�^�	^��������1���������������s��
7�
2�7�7c��eZdZdS)�StaticallyLinkedErrorN)rArBrCrDr@r?r�r��s�������Dr@r�r��
executablec��d|vrdS|���}|std|dd���dS|dd�ddgks|dd�|dd	�zgd
�krt���|ddvs#t|��d	kr|dd	�dd
gkrdSt|��dkrd}||vr|n|d}nHt|��dkr|dddkr	|d}ntd|dd���dStj�|��std|d|��dS|S)Nz no version information availablezfailed to parse ldd outputrXrrK�
statically�linkedr��)�not�dynamicr�)zlinux-gate.so.1zlinux-vdso.so.1r��found�z/lib64/ld-linux-x86-64.so.2rEz ldd returns non existing library�for)r�rr�r�rIrqr)r�r��splitted�dynamic_linker�lib_paths     r?�_parse_lib_pathr��s��)�T�1�1����z�z�|�|�H����0�$�s��s�)�<�<�<�����1��
�,��1�1�1���1��
���1��
�-�1Q�1Q�1Q�Q�Q�#�%�%�%���{�<�<�<��H�
�
��"�"�x��!��}���8H�'H�'H���
�8�}�}����7��%3�x�%?�%?�>�>�X�a�[���	�X���!�	�	����A��#� 5� 5��A�;����0�$�s��s�)�<�<�<���
�7�>�>�(�#�#���6��%��T�T�T����Or@c	��ddl}g}	t|d��}|�d|�d����d}|���n	#|cYSxYw|dkr|Sd}tj||gdt
jt
jt
jd	d	�
��}|j�	��D]<}	t||��}n#t$rYnwxYw|�|�|���=|S)z6
    Returns list of libraries for the executable
    rNrSz<Ir�iELFz/usr/bin/lddFT)�shell�stdin�stdoutr��	close_fds�text)
�structrL�unpackrtrM�
subprocess�Popen�PIPEr��	readlinesr�r��append)	r�r��retvalrx�	signature�ldd_path�pr�r�s	         r?�get_ldd_libsr�s,���M�M�M�
�F����T�"�"���M�M�$����q�	�	�2�2�1�5�	�	���	�	�	�	����
�
�
�����J����
��H�	��(�J�/�u�)��z�� *��4�d�	L�	L�	L�A���"�"�$�$�$�$��	�&�t�Z�8�8�H�H��$�	�	�	��E�E�	�������M�M�(�#�#�#���Ms�AA�A"�C�
C%�$C%c�&�|dkrdSt|��}d}|s|d}|dd�}d}d}|D�]=}tj�||��}t	|��}tj|j��r�|dz
}tj|��}	|	ddkr#tj�	||	z��}��tj�	tj�tj�
|��|	����}
t|��dkr;|
dt|���|kr td|
d��td���|
}��?tj�||��S)	NrEr�rXrr��symlink � points outside jail, ABORT�Symlink points outside jail)�
split_pathrIrqrrmrrrs�st_moder�normpathr	r�rr:)rq�chroot�include_file�spathr
�ret�
doscounter�entry�sbr�ris           r?�resolve_realpathr�Isj���c�	�	��s��t���E��H�����9���c�r�c�
��

�C��J������g�l�l�3�u�%�%��
�#�
�
���L���$�$�
	���M�J��{�3�'�'�H����S� � ��g�&�&�v�h��7�7����g�&�&�r�w�|�|�B�G�O�O�C�4H�4H��'R�'R�S�S����K�K��M�M�c�,�3�v�;�;�,�&7��&?�&?��
�C�1N�O�O�O�#�$A�B�B�B����
�7�<�<��H�%�%�%r@c�(�tj|��}tj|tj��}|sS|tjtjzzr7t
d|zt|��|tjztjz}tj||tj	|tj
f��|r6tj||tj|tj
��tj||��dS)Nz,removing setuid and setgid permissions from )rIrr�S_IMODErtrvrwrrrJ�ST_ATIMErx�chownrzr{r�)r�dst�
be_verbose�
allow_suid�copy_ownership�sbuf�modes       r?�copy_time_and_permissionsr�is���
�7�3�<�<�D��<��T�\�*�+�+�D��:��D�L�4�<�/�0�	:��B�3�F��U_�`�`�`��D�L�=�(�T�\�M�9�D��H�S�4��
�&��T�]�(;�<�=�=�=��<�
���d�4�;�'��d�k�):�;�;�;��H�S�$�����r@c�l�|�d��}g}|D]}|r|�|���|S�NrE)r�r�)rqr�rl�items    r?r�r�ysE���J�J�s�O�O�E�
�C������	��J�J�t������Jr@c�N�t|��dkrdSd}|D]
}|d|zz
}�|S)NrrEr�)r�)r�r�r�s   r?�	join_pathr��s?���E�
�
�A�
�
��s�
�C������s�5�y�����Jr@c�R�|dzt|��zdzt|��zS)Nrh)r�)rq�copy_permissionsr�s   r?�gen_path_keyr��s,���#�:�c�*�+�+�+�c�1�C��4G�4G�G�Gr@r�c	�n
�t��t|��r||zSt|||��}|tvr
t|St	|��}|}d}	|	t|��k�rBt��t
|d|	dz���}
t|
||��}|tvr�tj�	|||	��}tj�
|��sn�t||d��}
tj�
|
��sn�|
}|rTt|��sE	t|
||||��n0#t$r#}td|
d|d|j��Yd}~nd}~wwxYw|t|<n
t|}|	dz
}	|	t|��k��B|	t|��k�rTt��t
|d|	dz���}
tj�	|||	��}	t#|
��}n3#t$r&}td|
zdz|j��Yd}~dSd}~wwxYwt%j|j���r#	t#|��}t%j|j��s#t+|��tj|��n#t$rYnwxYwt/d|zt0|��	tj|d	��t5|d
��n;#t$r.}t/d|zdz|jzt0|��Yd}~nd}~wwxYw|rG	t|
||||���n�#t$r$}td|
d|d|j��Yd}~�ntd}~wwxYw�njt%j|j���rPt9|
|��}t5|d
��|dd
kr1t;||||||��}t=|t?����n�tj� tj�	tj�!|��|����}
t|��dkr?|
dt|���|kr$td|
zdz��tEd���|
t|��d�}t;||||||��}t=|t?����|}|	dz
}	|	t|��k��Tt5|d
��|t|<|S)Nrr�z*failed to copy time/permissions/owner from�tor�zfailed to lstat(z):zCreate directory ��Fz$Warning: failed to create directory z -- rEr�r�r�)#r.r�r��handled_dirr�r�r�rIrqrrr�r4r�rKr�strerrorrmrr�S_ISDIRr�rorurr�mkdirrgrs�update_symlink_in_skeleton�create_parent_pathrbr�r�r	r:)r�rqr�r�r�r��keyr��	existpathrg�origpath�origkey�tmp1rir��jailpathr��injailsb�realfiles                   r?r�r��s����O�O�O�������d�{���t�-�~�
>�
>�C�
�k����3���
�t���E��I��A��S��Z�Z�<�<������U�1�Q�q�S�5�\�*�*���x�)9�>�J�J���+�%�%��7�<�<�	�%��(�3�3�D��7�>�>�$�'�'�
��"�4��q�1�1�C��7�>�>�#�&�&�
���I��
z��	�(B�(B�
z�z�-�h�	�:�z�[i�j�j�j�j���z�z�z�� L�h�X\�^g�il�no�nx�y�y�y�y�y�y�y�y�����z����!*�K�� � �#�G�,�I�	�1���)
�S��Z�Z�<�<�0
�S��Z�Z�<�<������U�1�Q�q�S�5�\�*�*���7�<�<�	�%��(�3�3��	��h�'�'�B�B���	�	�	��*�8�3�D�8�!�*�E�E�E��4�4�4�4�4�����	����
�L���$�$�&	0�
�'��1�1���|�H�$4�5�5�(�$�X�.�.�.��I�h�'�'�'����
�
�
���
����
�'��0��Z�H�H�H�
z����5�)�)�)��H�e�,�,�,�,���
z�
z�
z��>��I�F�R�UV�U_�_�al�nx�y�y�y�y�y�y�y�y�����
z����!�
y�y�-�h��*�j�Zh�i�i�i�i���y�y�y�� L�h�X\�^f�hk�mn�mw�x�x�x�x�x�x�x�x�����y����
y�
�l�2�:�&�&�	0�1�(�H�E�E�H���%�(�(�(����S� � �-�f�h�
�.>�
�N�\�\���H�f�h�h�/�/�/�/��g�&�&�r�w�|�|�B�G�O�O�H�4M�4M�x�'X�'X�Y�Y����K�K��M�M�c�,�3�v�;�;�,�&7��&?�&?��
�3��/L� L�M�M�M�#�$A�B�B�B��s�6�{�{�|�|�,��-�f�h�.8�:J�J�Xf�h�h���H�f�h�h�/�/�/��	�	�1���e
�S��Z�Z�<�<�f�	�5�!�!�!��K����ss�>E�
E?�E:�:E?�H&�&
I�0I�I�4AK�
K
�K
�*%L�
M�$M�M�M#�#
N�-N�Nc	��t|��rdS	t|��}tj|j��r#t|��t
j|��n"#tttj
f$rYnwxYwd}|dkrJ	tj||��d}t|��n"#td|zdz|zdz��YnxYw|dkr�	t
j||��t|d���t!|||d|�	��dS#tttj
f$r$}td
|d|d|j��Yd}~dSd}~wwxYwdS)zKcopies/links the file and the permissions, except any setuid or setgid bitsNr�rzLinking � to z failed, will revert to copyingF�re�r�r�z$ERROR: copying file and permissions r�)r�rmrrr�r�ro�shutil�rmtreer�rK�ErrorrI�linkrgr�copyfiler�r�)rr�r��try_hardlink�retain_ownerr��do_normal_copyr�s        r?�copy_with_permissionsr��s����������
���$�$���<��(�)�)�	��S�!�!�!��M�#�������W�f�l�+�
�
�
���
�����N��a���	��G�C������N��������	��
�3��v�-�c�1�2S�S�T�T�T��D�����!���	d��O�C��$�$�$����.�.�.�.�%�c�3�
�q�Ye�f�f�f�f�f�f����&�,�/�	d�	d�	d��>��V�S�RV�XY�Xb�c�c�c�c�c�c�c�c�c�����	d����	�s6�AA�A>�=A>�
&B1�1C�:D�E�2E�Ec�F�t|��rdS	tj|��}n-#t$r t	d|zdzt
|��YdSwxYwt
|tj�|��|ddd���t||z|��}tj|j��rd}�nqtj
|j��rd}�nTtj|j���r8	tj|��}t	d|zd	z|zt
|��t!|d
���tj||��n/#t$r"t	d|zd	z|zt
d��YnwxYw|dd
krZtj�tj�tj�|��|����}|�d��s1tj�|��rt-||||��dSdSt/|jd��\}}		tj�|��sht	d|z|zt
|��tjtjdd|t9|��t9|��t9|	����nt	d|zdzt
|��t;||d|���dS#t$rt	d|zt
d��YdSwxYw)NzDevice z does NOT exist in real systemr�r�r�r�r��c�b�Creating symlink r�T��check_mounts�Failed to create symlink rEz/proc/�zCreating device �mknodz does exist alreadyr�zFailed to create device )r4rIrirKrrr�rqr	r�rr�S_ISCHRr��S_ISBLKrsr�remove_file_or_dir�symlinkr�rrar�copy_device�divmod�st_rdevr`�spawnlp�P_WAITr�r�)
r�rqr�r�r��
chrootpathr�r��major�minors
          r?r�r�s,���t�������
�X�d�^�^���������	�D� �"B�B�;�z�Z�Z�Z���������v�r�w���t�4�4�j�ST�ab�st�u�u�u�u�!�&��+�f�5�5�J���R�Z� � �����
�,�r�z�
"�
"�����
�,�r�z�
"�
"��	[��{�4�(�(�H��'�
�2�6�9�(�B�;�z�Z�Z�Z��z�$�?�?�?�?��J�x�
�+�+�+�+���	[�	[�	[��/�
�:�6�A�(�J�;�XY�Z�Z�Z�Z�Z�	[�����A�;�#����w�'�'�����R�W�_�_�T�5J�5J�H�(U�(U�V�V�H��"�"�8�,�,�	D������1I�1I�	D����*�l�C�C�C������"�*�c�*�*�L�E�5�F��w���z�*�*�	W��&�v�-�d�2�;�z�J�J�J��J�r�y�'�'�:�s�4�y�y�#�e�*�*�VY�Z_�V`�V`�a�a�a�a��I�j�(�)>�>�{�:�V�V�V�!�$�
�q�Q]�^�^�^�^�^�^���F�F�F��*�:�5�k�1�E�E�E�E�E�E�F���s5�(�&A�A�/AE	�	)E5�4E5�B6K9�9#L �L c	���t��t|��r|Sd}	tj|��D]�}
t��tj�||
��}	t
|��}tj|j	��rJt|||dd|���}
t|
t����t|||||||||��	�	}n$|	tj�||
��fz
}	��#t$r!}td|d|j��Yd}~��d}~wwxYwt#||	|||||||��	�	}t$r!|	D]}t|t�����|S)	zRcopies a directory and the permissions recursive, except any setuid or setgid bitsrDr�r)r�r�r�r���update�!failed to investigate source filer�N)r.r�rIr�rqrrmrrr�r�r�rbr��copy_dir_recursiverKrr��copy_binaries_and_libsr_)r�r��force_overwriter��
check_libsr�r��handledfilesr�files2r�rir��epathr�r�s                r?r	r	;s����O�O�O��������
�F���D�!�!�
P�
P�������g�l�l�4��'�'��
	P���$�$�D���T�\�*�*�
5�*�6�3�:�`a�no�AM�N�N�N���E�6�8�8�,�,�,�1�&��_�j�Zd�fr�uA�CO�X^� _� _� _����"�'�,�,�t�U�3�3�4�4�����	P�	P�	P��;�C��A�J�O�O�O�O�O�O�O�O�����	P����)�&����U_�am�o{�~J�SY�Z�Z�Z�L��(��	(�	(�D���f�h�h�'�'�'�'��s�'BC>�>
D)�D$�$D)c��|�d��dkpA|�d��dkp(|tjtjztjzzS)N�/librX�.so)rbrr�S_IXUSR�S_IXGRP�S_IXOTH)r�r�s  r?�libs_check_is_neededrYsS���J�J�v���"�$�
U��
�
�5�(9�(9�R�(?�
U� $���t�|�(C�d�l�(R� S�Vr@c�x�t��	|r�	d�|��}tj||��t	j|t
jt	j|��j	����n"#tttjf$rYnwxYwt|d��5}|sdnd}|�|�|����ddd��dS#1swxYwYdS#ttf$r1t!d|zt"d��t%jd��YdSwxYw)z�
    Helper for write lines to file
    :param: filename `str` filename for write
    :param: lines `list` list with content lines
    :param: add_eol `bool` if True than add 
 to end each line
    z{}.bakr�r�rlNzError: failed to write r�)r.�formatr�r�rIr�rrr�rir�r�rKr�rLr�rrrr�r�)r�rf�add_eolr]�backup_namerx�splitters       r?rdrd^s����O�O�O���	�
�&�o�o�h�7�7�����+�6�6�6����d�l�2�8�H�3E�3E�3M�&N�&N�O�O�O�O���W�f�l�3�
�
�
���
�����(�C�
 �
 �	*�A�!(�2�r�r�d�H�
�G�G�H�M�M�%�(�(�)�)�)�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*����	*�	*�	*�	*�	*�	*��
�W������)�H�4�k�1�E�E�E�������������sY�C7�A(A<�;C7�<B�C7�B�C7�./C*�C7�*C.�.C7�1C.�2C7�7>D9�8D9c�
�|dvS)N)
�0�1�2�3�4�5�6�7�8�9rD)�ns r?�isdigitr(ws���B�B�Br@c�<�|sdS|D]}t|��sdS�dS)NFT)r()�s�chars  r?�isdigitsr,|s=�����u������t�}�}�	��5�5�	��4r@c�,�t|��}|�|��}|dkri|||zd�}d}|t|��kr.t||��sn|dz
}|t|��k�.|d|�}t|��SdS)NrXrr�)r�rbr(r��r��sign�lengthrU�end�pos2�vers       r?�get_versionr4�s���
��Y�Y�F�
�)�)�D�/�/�C�
�b�y�y��3�v�:�;�;������S��X�X�o�o��3�t�9�%�%�
���A�I�D��S��X�X�o�o��%�4�%�j���3�x�x���1r@c��|dd�}tt|����D]#}||�d|��}|||<�$tj�|��rZ	tj|��nD#ttf$r0td|ztd��tjd��YnwxYwtj
d��}t||��tj
|��dS)N�ALIASzError: failed to delete r�r�)r�r�r�rIrqrrrurKr�rrr�r�r�rd)�program�alias�command�scriptrgrir�s       r?�update_wrapperr;�s���
�Q�Q�Q�Z�F��3�v�;�;�
�
�����Q�i�����/�/����q�	�	�	�w�~�~�g����	��I�g��������!�	�	�	��.��8�+�q�I�I�I��H�Q�K�K�K�K�K�	�����(�4�.�.�K��w������H�[�����s�+B�>C�Cc��tj�|��sdSd}	tj|dd||gtjtjd���}|���\}}|jdkr'td|zdz|zd	z|ztd
��dS|jdkrdSn6#t$r)td|zdz|zd	z|ztd
��YdSwxYw|dkrt||��}||krd
SdS)NTz	/bin/grep�-mr�r�r�r�rK�Error while executing z -m 1 � r�r�Error: failed to run F)rIrqrrr�r�r��communicate�
returncoderrrKr4)r9�versionr/�GREPr��outrhr3s        r?�wrapper_not_installedrG�sE��
�7�>�>�'�"�"���t��D����d�D�#�t�W�=�?I��Wa�Wf�mq�
s�
s�
s���=�=�?�?���a��<�1����,�t�3�h�>��E��K�g�U�Wb�de�f�f�f��4�
�\�Q�
�
��4��������'�$�.��9�D�@�3�F��P�R]�_`�a�a�a��t�t�����
�d�{�{��#�t�$�$���'�>�>��5��4s�A8B-�B-�-/C �C z/usr/share/cagefs/safeprograms/z #CageFS proxyexec wrapper - ver rfc�N�|D]!}t|t��}|dkr|cS�"dS)zY
    Detect wrapper version from the file lines.
    If unable to detect, return -1.
    rrX)r4�	SIGNATURE)rfr�rDs   r?�get_proxy_versionrJ�s>��
�����d�I�.�.���a�<�<��N�N�N��
�2r@c�,�t|��}tj�|��sdSt	t
t|z��}t|��}|dkstt|z|t��r$t|t|t|z��	t|t|zddd���dS#ttf$r9t!dtz|zt"d��t%jd��YdSwxYw)NrXrr��r�r�r�z*Error: failed to set permissions/owner to )r�rIrqrrr#�
PROXY_PATH�wrappers_namesrJrGr�rIr;�wrappersr�rKr�rrr�r�)r��proxy�	proxy_vers   r?�install_wrapperrR�s���u���E�
�7�>�>�%� � ����
�j�>�%�#8�8�9�9�E�"�%�(�(�I��B���/����	�9�U�U���u�h�u�o�x��~�>�>�>��!�%��%��A�RS�de�f�f�f�f�f�f���W������<�x�G��M�{�\]�^�^�^�������������s�+C	�	AD�Dc��t��t|��}|tvr"t|d���t	|��dSdS)NFr�T)r.r�rOrgrR)r�s r?�update_proxy_wrapperrTsN���O�O�O��u���E������E�e�,�,�,�,�������t��5r@c�*�	tj|��n#ttf$rYnwxYwtj�|��rF|rt
|��stj|d��dStd|zdztd��dSdS)NTz"Error: failed to remove directory z because it includes mount pointsr�)rIrurKr�rqrr6r�r�rr)rqr�s  r?r�r�s���
�
�	�$�������W��
�
�
���
����
�w�}�}�T���v��	v�&?��&E�&E�	v��M�$��%�%�%�%�%��8�4�?�Bd�d�fq�st�u�u�u�u�u�	v�vs��+�+z/usr/bin/php-cgiz/usr/bin/phpz/etc/php.iniz/usr/local/bin/lsphpz/usr/local/sbin/php-fpm)�php�php-cli�php.ini�lsphpzphp-fpmz
/usr/selectorz/usr/selector.etcznative.confc�*�t��rdS|dvS)z�
    Returns True if php file for appropriate alias is mandatory
    for proper work of PHP Selector (i.e the file should exist
    and should be replaced with symlink successfully)
    :param alias: alias for php file
    :type alias: string
    F)rVrWrXr%�r8s r?�is_mandatoryr\7s#�������u��1�1�1r@c��ts�tj�t��r�ttd��}|D]�}|�d��s�|���}|�dd��}t|��dkrG|d���}|d���}|tvr
|t|<��|���dadSdSdS)Nrm�#�=r�rKrT)�
config_loadedrIrqrr�NATIVE_CONFrLra�stripr�r��
orig_binariesrM)rxr��arr8rqs     r?�read_native_confreGs����
!�
�7�>�>�+�&�&�	!��[�#�&�&�A��
8�
8�����s�+�+�8��:�:�<�<�D����C��+�+�B��2�w�w�!�|�|� "�1����
�
��!�!�u�{�{�}�}�� �M�1�1�37�M�%�0��
�G�G�I�I�I� �M�M�M�
!�
!�	!�	!r@c���t��t���D]9}tj�|��}|�d��rdS�:dS)Nr
TF)rerc�valuesrIrqr�ra)rqr!s  r?�is_etc_in_native_confrhYse�������$�$�&�&������ � ��&�&�����G�$�$�	��4�4�	��5r@c�B�|dkr
tdz|zStdz|zS)NrXrE)�ALT_DEST_ETC_PATH�
ALT_DEST_PATHr[s r?�get_usr_selector_pathrlcs-���	��� ��$�U�*�*����U�"�"r@c�l�|dkr+|�d��stdd|gd���dSdSdS)Nr��.iniz/usr/bin/killallz-qF)�check_return_code)�endswith�Execute)�	file_names r?�kill_phprsisI���B���	� 2� 2�6� :� :���#�T�9�5��O�O�O�O�O�O����r@c	��|dkrttz}nttz}tj�||��}tj�|��s�	tj�|��st|d��tj	d��}t|d�����tj	|��n>#ttf$r*}td|dt|����Yd}~dSd}~wwxYwt!��x}�tj|d	|��d
S)zW
    Create stub (empty file) for php file.
    Return True when error has occured
    rXr�r�r�zFailed to write:r�NTrXF)r�rjrkrIrqrr`rr1r�rLrMrKr�rr�r r�)r8�selector_dir�	stub_pathr�r��linksafe_gids      r?�create_php_stubrxns0��

�	����"3�3����-�/������\�5�1�1�I�
�7�?�?�9�%�%�	�	��7�=�=��.�.�
2��\�5�1�1�1��(�4�.�.�K���C� � �&�&�(�(�(��H�[�!�!�!�!����!�	�	�	��*�I�s�C��F�F�C�C�C��4�4�4�4�4�����	����)�*�*�*��7�
���B��-�-�-��5s�&A9C � D�1D�Dc
��t��|r|�d��sdS|}nt|��}t��tD�]}t��t
j�t|��}||k�r=t
j�|���rt
j�	|���s�|dvr t��rt|��dS|}t|��}tdz|z}t|z}t
j�|��}	|rt |z}
n
t|z}
|	t
j�|
��fD]�}t
j�|��s�	t%|d���3#t&$rb}d|�dt)|���dd	����}
t-j|
|�
��t1|
t2d��Yd}~dSd}~wwxYw��t5||d�
��rtt7||d���rbt
j�|��}t;|��t7||d���r"t1d|zdz|zt2d��dSt=��x}�tj|d|��	t
j�	|
��rBtj |
��|kr)tj!|
��tj"||
��n$tG|
��tj"||
��nn#t&$ra}d|
�dt)|���dd	����}
t-j|
|�
��t1|
t2d��Yd}~dSd}~wwxYw|stI|
d���dS���dS)aN
    Move php file to /usr/selector* directory inside cagefs-skeleton and create symlink to it
    Return True if php binary has been moved successfully, False otherwise
    :param path: path to original php file
    :type path: string
    :param etc: True = /etc directory is being processed, False otherwise
    :type etc: bool
    r
F)rVrWrYrXrEr��"Error: failed to create directory � : r�r��r�r�Nrq)�create_parent_dirzError copying r�rX� Error: failed to create symlink r�T)%r.rar�rercrIrqr�rrr�r&rxrlrr�r	rrr1rKr�r�r5�errorrrr�rr
rsr r�rrur�r�rg)rqrr�r8�	orig_pathr��	DEST_PATH�LINK_TO�	dest_file�dest_dir�	orig_file�parent_pathr�r�rrrws                r?rr�s����O�O�O�
�!����w�'�'�	��5�����4� � �������7�7�������G�$�$�]�5�%9�:�:�	��Y���B�G�N�N�9�$=�$=��r�w�~�~�V_�G`�G`���>�>�>�!�#�#�!�#�E�*�*�*� �5�5��H�-�e�4�4�I�%�c�)�(�2�G� �9�,�I��w���y�1�1�H��
1�0�9�<�	�	�$�y�0�	� (�"�'�/�/�)�*D�*D�E�
%�
%���w�}�}�[�1�1�%�%�$�[�%�8�8�8�8��"�%�%�%�x�;�x�x�SV�WX�SY�SY�Sa�Sa�bi�ku�Sv�Sv�x�x����S�1�5�5�5�5���[�!�4�4�4�$�u�u�u�u�u�u�u�����	%����%� �	�9��F�F�F�
%��Y�	�u�M�M�M�%� "�� 0� 0�� ;� ;�I��Y�'�'�'� ��I�5�Q�Q�Q�%�� 0�� :�6� A�)� K�[�Z[�\�\�\�$�u�u� 0� 2� 2�2��?����B��5�5�5�
��7�>�>�)�,�,�3��{�9�-�-��8�8��	�)�,�,�,��
�7�I�6�6�6��&�y�1�1�1��J�w�	�2�2�2����
�
�
�l��l�l�s�1�v�v�~�~�V]�_i�Gj�Gj�l�l����S�1�-�-�-�-���[�!�,�,�,��u�u�u�u�u�u�����	
�����
9��I�%�8�8�8�8��4�4���5s3�F'�'
H�1AH�H�BM
�

N5�AN0�0N5c�d�|dkrdSt|��}|ddddddd	d
ddd
dddddthvS)NrETz/binz/bootz/devz/etcrz/lost+foundz/mnt�/procz/rootz/sbinz/sys�/tmpz/usrz/varz/homerF)r��PLESK_VHOSTS_Dr�s r?�is_path_in_exclusionsr��sd���s�{�{��t��d���D�����������������
��)��r@z(/var/www/cgi-bin/cgi_wrapper/cgi_wrapperc��td|zdz|ztd��tj||��|rt	||��dSt	||��dS)N�Copying r�r�)rrr�r�r�)�A�B�Cs   r?�__copy_wrapperr��sh���Z�!�^�f�
$�q�
(�+�q�9�9�9�
�O�A�q�����(�!�!�Q�'�'�'�'�'�!�!�Q�'�'�'�'�'r@c�L�t��	tj��r�d}d}ttdztfdttztf|t|ztf||tff}t
j�ttz��}t
j�|��st|d��|D]\}}}t|||���dSdS#ttf$r*}tdt|��z��Yd}~dSd}~wwxYw)Nz//var/www/cgi-bin/cgi_wrapper/cloudlinux_wrapperz9/usr/share/cagefs-plugins/plesk-cagefs/cloudlinux_wrapperz4/var/www/cgi-bin/cgi_wrapper/cgi_wrapper.orig.cagefsz2/usr/share/cagefs-plugins/plesk-cagefs/cgi_wrapperr�z!failed to install Plesk wrapper: )r.�cldetectlib�is_plesk�PLESK_ORIG_WRAPPER_FILENAMEr�rIrqr	r`r1r�rKr�rr�)�CLOUDLINUX_WRAPPER�CLOUDLINUX_WRAPPER_PACKAGE�WRAPPERS�dirpathrr��permr�s        r?�install_plesk_wrapperr��sU���O�O�O�B���!�!�	/�!R��)d�&�0�(�;q�2q�tO�P�I�8�To�Ko�rM�N�/��:L�1L�Ni�j�/�1C�E`�a�	�H��g�o�o�h�/J�&J�K�K�G��7�?�?�7�+�+�
-��W�e�,�,�,�"*�
/�
/���S�$��s�C��.�.�.�.�!	/�	/�
/�
/���W��B�B�B��7�#�a�&�&�@�A�A�A�A�A�A�A�A�A�����B���s�CC(�(D#�9D�D#c
��t��|ddkr
|dd�}|D�]�}
t��|
|vr�t|
��rTtj�|
��stj�|
��r|�|
���yt|
��rTtj�|
��stj�|
��r|�|
����	t|
��}n�#t$r�}|j
dkr�|dkr�tj|
��}
t|
��dkrBt||
|||||d||	��
�
}tr!|
D]}t|t!�����nQt#d|
zd	zt$|��n4t#d|
zd	zt$|��nt'd
|
d|j��Yd}~���d}~wwxYwt+|tj�|
��|dd|���	t/tj�|dz|
z��|��}n#t$rY��DwxYwt|��rUtj�|
��stj�|
��r|�|
�����t3|��r|�|
�����|
t4kr%t7��|�|
����t9|��r=t;|
��}t||||d|||	�
��}|�|
����Nt=|��rUtj�|
��stj�|
��r|�|
�����	t|��}d}t?|��n=#t$r0}|j
dkrd}nt'd||
d|j��Yd}~nd}~wwxYw|dkr[|	dkrU|rStAj!|j"��s:t#d|zdzt$|��t|t!������r|�r�|r�tAj#|j"��stAj$|j"��rbt#d|zdzt$|��	tj%|���n�#t$r"}t'd|d|j��Yd}~�nZd}~wwxYwtAj!|j"��rt#d|zdzt$|���n|	�r�tAj#|j"��stAj$|j"���rwtM|
|||d���rbt#d|zdzt$|��	tj%|���n�#t$r"}t'd|d|j��Yd}~�nwd}~wwxYwt#d|zdzt$|��t?|d���t|t!����|�|
��tAj$|j"��r�	tj'|
��}n#ttPf$rd}YnwxYw|dkr�tS|��s�|ddkrZtj�tj�*tj�|
��|����}t||g|||||||	��	�	}t|t!����tAj+|t@j,��}|r�t[|
|��rst]|
��}|dkrt;|
��}t_|
|��t||||d|||	�
��}tr!|D]}t|t!��������tAj!|j"��rt#d|zdzt$|��n8tAj!|j"��rnt#d|zdzt$|����]t+|tj�|
��|dd|���tAj$|j"��r�ta|
|��}t?|d���|�|
��tS|��s�|ddkrZtj�tj�*tj�|
��|����}t||g|||||||	��	�	}t|t!�����n�tAj!|j"��r�t+||
|dd|���}tc|��}tr&||kr t'dt!��d|d |��te||
|||||||	��	�	}t|t!����n�tAj#|j"��r�|r t#d!|
zd"z|zt$d��nt#d#|
zd"z|zt$d��tg|
||||�$��|�|
��t|t!����nDtAj4|j"��stAj5|j"��rtm||
||��tAj+|t@j,��}|r�t[|
|��r�tAj$|j"��stAj#|j"��r^t;|
��}t_|
|��t||||d|||	�
��}tr!|D]}t|t!��������|S)%z>copies a list of executables and their libraries to the chrootrXrENrKr�r)r�r��try_glob_matchingr
rzSource file(s) z
 do not existrr�r�)rr�r
rz'failed to investigate destination file r�z" already exists, will not touch itzDestination file z$ exists, will delete to force updatezERROR: failed to deletezDestination dir z existsT)r�z
 needs updatezfailed to deletez does NOT need updateFr�)rr�r�r
rr�r�rdzTrying to link r�r�)r�r�)7r.rrIrqrrr�r�r4rmrKr��globr�r
r_rbr�rrrr�r�r	r�r�rTr�r�rr�r�rgrrr�r��S_ISREGrsrur�rr�r�rr�rtrrEr@r�r�r	r�r�r�r�)r��binarieslistrr�rr�r�r�r
rr�r�r�r�r��chrootrfile�php_libs�chrootsb�chrootfile_existsr�r�r?rs                       r?r
r
s*
���O�O�O��r�
�c����������I8�I8�������L� � ���U�#�#�	��w�~�~�e�$�$�
+�����u�(=�(=�
+��#�#�E�*�*�*���5�!�!�	��w�~�~�e�$�$�
+�����u�(=�(=�
+��#�#�E�*�*�*��	��e�$�$�B�B���	�	�	���1���%��*�*��)�E�*�*�C��C����
�
�'=�f�c�?�\f�hr�KW�fr�PQ�`l�u{�(}�(}�(}��(�<�(+�<�<�� +�D�&�(�(� ;� ;� ;� ;��� 1�%� 7�� G��T^�_�_�_�_��-�e�3�O�C�K�PZ�[�[�[�[��?��c�!�*�U�U�U��H�H�H�H�����#	����(	�6�"�'�/�/�%�"8�"8�*�WX�ef�xD�	E�	E�	E�	E�	�*�2�7�+;�+;�F�3�J�u�<L�+M�+M�f�U�U�K�K���	�	�	��H�	����
�;�'�'�	��w�~�~�e�$�$�
+�����u�(=�(=�
+��#�#�E�*�*�*�� ��,�,�	�����&�&�&���/�/�/�!�#�#�#�����&�&�&�� ��,�,�	�#�E�*�*�H�1�&�(�O�U_�!"�<�P\�gm�o�o�o�L�����&�&�&���K�(�(�	��w�~�~�e�$�$�
+�����u�(=�(=�
+��#�#�E�*�*�*��	c�#�K�0�0�H� !����$�$�$�$���	c�	c�	c���1���$%�!�!��E�f�U�SV�WX�Wa�b�b�b����������		c������
!�
!��!���9J��SW�S_�`h�`p�Sq�Sq���B�{�N�#G�G��T^�_�_�_���V�X�X�.�.�.�.�!�=
!�#�<!���X�%5�6�6�a�$�,�x�GW�:X�:X�a�� 3�K� ?�@f� f�gr�s}�~�~�~�^��I�k�2�2�2�2��&�^�^�^�'�(A�+�c�RS�R\�]�]�]�]�]�]�]�]�����^�����,�x�'7�8�8�a�� 2�;� >�y� H��U_�`�`�`���3!��|�H�$4�5�5�*a���h�FV�9W�9W�*a�,�U�K��X�ae�f�f�f�'%�#�$7��$C�O�$S�T_�`j�k�k�k�[� "�	�+� 6� 6� 6� 6��#*�[�[�[� +�,>�{�3�q�z� Z� Z� Z� Z� Z� Z� Z� Z�����[����$�$7��$C�D[�$[�\g�hr�s�s�s�'���F�F�F�F�'��V�X�X�>�>�>�(�/�/��6�6�6�#�|�H�,<�=�=�
D�!4�/1�{�5�/A�/A�H�H��(/��'9�!4�!4�!4�/3�H�H�H�!4����#+�t�#3�#3�=R�S[�=\�=\�#3�(0���s�(:�(:�35�7�3C�3C�B�G�L�L�QS�QX�Q`�Q`�af�Qg�Qg�hp�Dq�Dq�3r�3r��3I�&�S[�R\�^m�oy�GQ�`l�|H�Wc�lr�4s�4s�4s�L�$/��&�(�(�$C�$C�$C�$(�<��4�<�0@�#A�#A�D� *�D�/C�E�4�/P�/P�D�'9�%�'@�'@��#'�4�<�<�+7��+>�+>�D�$4�U�D�$A�$A�$A�/E�f�d�Tc�eo�uv�FR�xD�MS�0T�0T�0T��$0�!D�04�%D�%D��(3�D�&�(�(�(C�(C�(C�(C�$��,�x�'7�8�8�a�� 2�;� >�y� H��U_�`�`�`����X�%5�6�6�!�� � 3�K� ?�	� I�+�V`�a�a�a� �
�v�b�g�o�o�e�&<�&<�j�[\�ij�|H�
I�
I�
I�
I���R�Z�(�(� 
E�5�e�[�I�I���K�E�:�:�:�:��#�#�E�*�*�*�,�X�6�6�4� ���s�*�*�#%�7�#3�#3�B�G�L�L�����QV�AW�AW�X`�4a�4a�#b�#b��#9�&�8�*�o�_i�ak�{G�co�co�x~�$@�$@�$@�L� ��&�(�(�3�3�3���,�r�z�*�*�
E�*�6�5�*�WX�ef�xD�E�E�E��"�5�)�)���R�U�k�%9�%9������$��t�[�Q�Q�Q�1�&���PZ�]g�wC�_k�_k�tz� |� |� |���K����2�2�2�2��,�r�z�*�*�	
E� �P��.�u�4�V�;�K�G��UV�W�W�W�W��Z��-�f�4�[�@��Q�O�O�O�%�e�K�
�Q]�lx�y�y�y�y��#�#�E�*�*�*��K����2�2�2�2��,�r�z�*�*�
E�d�l�2�:�.F�.F�
E��F�E�:�|�D�D�D��<��4�<� 0�1�1�D��	
8�3�E�4�@�@�	
8��<��
�+�+�8�t�|�B�J�/G�/G�8�'��.�.�D�$�U�D�1�1�1�#9�&�$��Yc�ij�zF�kw�AG�$H�$H�$H�L�$�8�$(�8�8�D�'��f�h�h�7�7�7�7���s��D�
G4�CG/�/G4�*3I�
I,�+I,� O;�;
P5�&P0�0P5�-T�
T/�
T*�*T/�W&�&
X�0X
�
X�
Z"�"Z8�7Z8c���g}|�||��rN|�||��}|�d��D]"}|���}|dkr||gz
}�#|S)z�retrieves a comma separated option from the configparser and splits it into a list, returning an empty list if it does not exist�,r�)�
has_option�getr�rb)�	cfgparser�sectionname�
optionnamer��inputstrrir�s       r?�config_get_option_as_listr��su��
�F����[��4�4�!��=�=��Z�8�8���>�>�#�&�&�	!�	!�C��9�9�;�;�D��r�z�z��4�&� ����Mr@c�`
�|ddkr
|dd�}tj�|��sF	t|d��n4#t$r'td|��t
jd��YnwxYwtj|d��g}|�	|��g}|�	|��tj
dd�dkr�t|d	zd
�����t|dzd
�����t|dzd
�����t|d
zd
������n�tj�
|d	z��st|d	zd��}�n5t|d	zd��}|���}t|��dkr�|�d��}t|��dkr�|d|vs
|d|vr�t#d|dzdz|zd	zt$|��	|�|d��n#t($rYnwxYw	|�|d��n#t($rYnwxYw|���}t|��dk��|�dd��t|��dk�rtdd��}	|	���}t|��dkr�|�d��}t|��dkrg|d|vs
|d|vrS|�|��t#d|dzdz|zd	zt$|��|d|vr||dgz
}|	���}t|��dk��|	���|���t/d|d	zddd���tj�
|dz��st|dzd��}�n5t|dzd��}|���}t|��dkr�|�d��}
t|
��dkr�|
d|vs
|
d|vr�t#d|
dzdz|zdzt$|��	|�|
d��n#t($rYnwxYw	|�|
d��n#t($rYnwxYw|���}t|��dk��|�dd��t|��dkr�tdd��}	|	���}t|��dkr�|�d��}
t|
��dkrQ|
d|vs
|
d|vr=|�|��t#d|
dzdz|zdzt$|��|	���}t|��dk��|	���|���t/d|dzddd���dS)NrXrEr��creatingr�r���bsdz/passwdrHz/spwd.dbz/pwd.dbz/master.passwdr��r+rr�r�rK�user � exists in rrm�
writing user r�rLz/group�group r�writing group )rIrqrr1rKrr�r�r��extend�platformrLrMrr�readliner�r�rr�remover��seekr�r�)r��
users_list�groups_listr��usersr��fd2r��pwstruct�fd�groupstructs           r?�init_passwd_and_groupr��s����������C�R�C�=��
�7�=�=��"�"��	���5�)�)�)�)���	�	�	��
�H�-�-�-��H�Q�K�K�K�K�K�	�����H�X�u�����E�	�L�L�����
�F�
�M�M�+������Q�q�S��U�"�"��X�i�
��$�$�*�*�,�,�,��X�j�
 ��%�%�+�+�-�-�-��X�i�
��$�$�*�*�,�,�,��X�&�
&�s�+�+�1�1�3�3�3�3�����x�	�1�2�2�	��x�	�)�#�.�.�C�C��x�	�)�$�/�/�C��<�<�>�>�D��t�9�9�Q�;�;��:�:�c�?�?����M�M�A�%�%�!�!���-�-�8�A�;�%�3G�3G������ 3�M� A�(� J�9� T�U`�ak�l�l�l�!�!�L�L��!��5�5�5�5��)�!�!�!� �D�!����!�!�L�L��!��5�5�5�5��)�!�!�!� �D�!�����|�|�~�~���t�9�9�Q�;�;�
�H�H�Q�q�M�M�M���J�J��N�N��m�C�(�(�B��;�;�=�=�D��t�9�9�Q�;�;��:�:�c�?�?����M�M�A�%�%�!�!���-�-�8�A�;�%�3G�3G��	�	�$��������� ;�F� B�8� K�I� U�Va�bl�m�m�m� (���v� 5� 5�"�x��{�m�3�F��{�{�}�}���t�9�9�Q�;�;�
�H�H�J�J�J��	�	�����m�X�i�-?�A�Z[�lm�n�n�n�n�
�G�N�N�8�H�,�-�-���8�H�$�S�)�)����8�H�$�T�*�*���|�|�~�~���4�y�y��{�{��*�*�S�/�/�K��K� � �1�$�$� ��^�v�-�-�;�q�>�V�3K�3K��H�[��^�3�M�A�(�J�8�S�T_�`j�k�k�k���
�
�k�!�n�5�5�5�5��%������������
�
�k�!�n�5�5�5�5��%�����������<�<�>�>�D��4�y�y��{�{�	����1�
�
�
��F���a���
�,�s�
#�
#���{�{�}�}���4�y�y��{�{��*�*�S�/�/�K��K� � �1�$�$� ��^�v�-�-�;�q�>�V�3K�3K��I�I�d�O�O�O��,�[��^�;�F�B�8�K�H�T�U`�ak�l�l�l��;�;�=�=�D�
�4�y�y��{�{�	���
�
�
��I�I�K�K�K��l�H�X�,=�!�XY�jk�l�l�l�l�l�lsY�A�.A9�8A9�I�
I,�+I,�0J�
J�J�/T�
T�T�T8�8
U�Uc��|ddkr
|dd�}tjd��}tj�|��sF	t	|d��n4#t
$r't
d|��tjd��YnwxYwtj	|d��g}|�
|��g}|�
|��tj�|dz��st|dzd��}n�t|dzd	��}|�
��}|���}t|��d
kr�||vrIt!d|zdz|zdzt"|��	|�|��n#t&$rYnwxYw|�
��}|���}t|��d
k��|�d
d
��t|��d
kr�tdd��}	|	�
��}t|��d
kr�|�d��}
t|
��dkrZ|
d
|vs
|
d
|vrF|�|
d
dz��t!d|
d
zdz|zdzt"|��|	�
��}t|��d
k��|	���|���	tj	|dzd��n3#t
t0f$rt!d|zdzt"d��YnwxYwtj�|dz��st|dzd��}n�t|dzd	��}|�
��}|���}t|��d
kr�||vrIt!d|zdz|zdzt"|��	|�|��n#t&$rYnwxYw|�
��}|���}t|��d
k��|�d
d
��t|��d
kr�tdd��}	|	�
��}t|��d
kr�|�d��}t|��d
krZ|d
|vs
|d
|vrF|�|d
dz��t!d|d
zdz|zdzt"|��|	�
��}t|��d
k��|	���|���	tj	|dzd��n3#t
t0f$rt!d|zdzt"d��YnwxYwtj|��dS)NrXrEr�i�r�r�z/safe.usersr�r�rr�r�rKrrmr�r�rlr�r�r��$Error: failed to set permissions to z/safe.groupsr�rr�)rIr�rqrr1rKrr�r�r�r�rrrLr�r�r�rrr�r�r�r�r�rMr�)r�r�r�r�r�r�r�r�r�r�r�r�s            r?�init_safe_users_and_groupsr�ds����������C�R�C�=���(�4�.�.�K�
�7�=�=��"�"��	���5�)�)�)�)���	�	�	��
�H�-�-�-��H�Q�K�K�K�K�K�	�����H�X�u�����E�	�L�L�����
�F�
�M�M�+�����G�N�N�8�M�1�2�2���8�M�)�#�.�.����8�M�)�$�/�/���|�|�~�~���{�{�}�}���4�y�y��{�{��u�}�}�����]�2�8�;�M�I�+�V`�a�a�a���L�L��&�&�&�&��!�����D������<�<�>�>�D��;�;�=�=�D��4�y�y��{�{�	����1�
�
�
��E�
�
�Q���
�-��
$�
$���{�{�}�}���4�y�y��{�{��z�z�#���H��H�
�
��!�!��a�[�E�)�)�x��{�e�/C�/C��I�I�h�q�k�$�.�/�/�/��O�H�Q�K�7��>�x�G�
�U�Va�bl�m�m�m��;�;�=�=�D�
�4�y�y��{�{�	���
�
�
��I�I�K�K�K�^�
���-�'��/�/�/�/���W��^�^�^��6�x�?�
�M�k�[\�]�]�]�]�]�^����
�G�N�N�8�N�2�3�3���8�N�*�3�/�/����8�N�*�4�0�0���|�|�~�~���{�{�}�}���4�y�y��{�{��v�~�~����
�m�3�H�<�^�K�K�Xb�c�c�c���M�M�$�'�'�'�'��!�����D������<�<�>�>�D��;�;�=�=�D��4�y�y��{�{�	����1�
�
�
��F���a���
�,�s�
#�
#���{�{�}�}���4�y�y��{�{��*�*�S�/�/�K��K� � �1�$�$� ��^�v�-�-�;�q�>�V�3K�3K��I�I�k�!�n�T�1�2�2�2��,�[��^�;�F�B�8�K�N�Z�[f�gq�r�r�r��;�;�=�=�D�
�4�y�y��{�{�	���
�
�
��I�I�K�K�K�_�
���.�(�%�0�0�0�0���W��_�_�_��6�x�?��N�{�\]�^�^�^�^�^�_�����H�[�����sZ�A�.B
�B
�>F�
F!� F!�L*�*-M�M�P�
P+�*P+�V4�4-W$�#W$c��|ddkr
|dd�}tj�|��sF	t|d��n4#t$r'td|��t
jd��YnwxYwtj|d��g}|�	|��tj�
|dz��st|dzd��}n�t|dzd��}|���}t|��d	kr�|�d
��}t|��dkr_|d	|vrUtd|d	zdz|zdzt |��	|�|d	��n#t$$rYnwxYw|���}t|��d	k��|�d	d
��t|��d	kr�tdd��}|���}t|��d	kr�|�d
��}t|��dkrG|d	|vr=|�|��td|d	zdz|zdzt |��|���}t|��d	k��|���|���t-d|dzd	d	d���dS)NrXrEr�zError while creatingr��/shadowr�r�rr�r�r�rKrrmr�r�rL)rIrqrr1rKrr�r�r�r�rrrLr�r�r�rrr�r�r�r�rMr�)r�r�r�r�r�r�r�r�s        r?�init_shadowr��s����������C�R�C�=��
�7�=�=��"�"��	���5�)�)�)�)���	�	�	��.��9�9�9��H�Q�K�K�K�K�K�	�����H�X�u�����E�	�L�L������G�N�N�8�I�-�.�.���8�I�%�c�*�*����8�I�%�d�+�+���|�|�~�~���4�y�y��{�{��z�z�#���H��H�
�
��!�!��A�;�%�'�'��G�H�Q�K�/�
�=�h�F�y�P�Q\�]g�h�h�h�����X�a�[�1�1�1�1��%�����������<�<�>�>�D��4�y�y��{�{�	����1�
�
�
��E�
�
�Q���
�-��
$�
$���{�{�}�}���4�y�y��{�{��z�z�#���H��H�
�
��!�!��A�;�%�'�'��I�I�d�O�O�O��O�H�Q�K�7��>�x�G�	�Q�R]�^h�i�i�i��;�;�=�=�D�
�4�y�y��{�{�	���
�
�
��I�I�K�K�K��m�X�i�-?�A�Z[�lm�n�n�n�n�n�ns#�A�.A9�8A9�3F�
F�Fc�<�t|��}tj�|dz��st	d|zdzt
d��dStj�|dz��rt	d|zdzt
d��dStdd��}t|dzd��}|���}t|��d	kr�|�
d
d��}t|��dkrJ|d	|kr>|�|��t	d|d	zdz|zdzt
|��n'|���}t|��d	k��|���|���dS)
Nr�zError: z/shadow does not existr�z/shadow is a symlinkrrmrHrr�z
Writing user r�)
r�rIrqrrrrr�rLr�r�r�r�rM)r��userr�r��destr�r�s       r?�add_user_to_shadowr��sy���(�#�#�H�
�7�>�>�(�9�,�-�-���	�(�"�#;�;�[�!�L�L�L���	�w�~�~�h�y�(�)�)���	�(�"�#9�9�;��J�J�J���	
�m�S�	!�	!�B����"�C�(�(�D�
�;�;�=�=�D�

�d�)�)�a�-�-��:�:�c�1�%�%���x�=�=�A�����{�d�"�"��
�
�4� � � ������3�F�:�8�C�I�M�{�\f�g�g�g���{�{�}�}���d�)�)�a�-�-��H�H�J�J�J��J�J�L�L�L�L�Lr@c� �t|��dkst|��dkrdStt|��t|����}d}||kr||||krn|dz}||k�|dkrdS||dzd�S)NrrXr�)r��min)�s1�s2�min_lenrUs    r?�get_common_endr�s���
�2�w�w�!�|�|�s�2�w�w�!�|�|��t��#�b�'�'�3�r�7�7�#�#�G�
�C�

�'��/�/�
�c�7�b��g�����q����'��/�/��b�y�y��t�
�c�!�e�f�f�:�r@rr�c��tj�|��}tj�|��}t|��}t|��}|dks|dks|ddks|ddkr!t	d|zdz|zt
d��dSt
t|��t|����}|�+	t|d��n#ttf$rYnwxYwdSt|��}|dt|���}|dt|���}|D]�}|dz|z}|dz|z}	t|d��n#ttf$rYnwxYw	t||ddd�	���Q#ttf$r6}t	d
|zdz|zdz|jzt
d��Yd}~dSd}~wwxYwdS)
a
    Copy a path from a source to a destination.

    If there are shared ending directories between source and destination paths,
    iterates over the common ending directories,
    creating each corresponding directory in a destination path.
    Copies timestamp and permissions from source subdirectories.

    For example, if src = '/root/dir1/dir2' and dst = '/usr/share/cagefs-skeleton/dir1/dir2',
    running this function will result in creating directories 'dir1' and 'dir2'
    within the '/usr/share/cagefs-skeleton' path.
    r�rrEzError: invalid paths src = z dst = r�Nr�rL�!ERROR: while copying permissions r�r�)rIrqr�r�rrr�r�r1r�rKr�r�r�r�)rr��common�
common_str�dst_path�src_pathr�r�s        r?�	copy_pathr�s3��
�'�
�
�3�
�
�C�
�'�
�
�3�
�
�C�
�S�/�/�C�
�S�/�/�C��r�	�	�s�b�y�y�c�!�f��m�m��Q��3����-�c�1�)�;�C�?��a�P�P�P��q�
�J�s�O�O�Z��_�_�
=�
=�F�
�~�	���e�$�$�$�$����!�	�	�	�
�D�		�����q��6�"�"�J��$�S��_�_�$�$�%�H��$�S��_�_�$�$�%�H������C�<��$���C�<��$��	���5�)�)�)�)����!�	�	�	�
�D�	����
	�%�h��Q�ST�ef�g�g�g�g�g����!�	�	�	��7��@��G��P�QU�U�VW�V`�`�bm�op�q�q�q��1�1�1�1�1�1�����	����

�1s<�C � C4�3C4�
E�E2�1E2�6F�G�*G
�
Gc�\�	tj|��S#ttf$rYdSwxYw)zq
    Securely get status of a file or a file descriptor.

    Returns None if unable to retrieve the status.
    N)rIrir�rKr�s r?�oslstatr�Ys<����x��~�~����W������t�t����s��+�+�symlinks�	overwrite�
skip_src_dirsr�skip_dst_filesc	�4�|�g}|�g}||vrdStj|��}	tj|��}tj|j��rd}	ni||vrdS	tj|��nK#ttf$r7}
td|zdzt|
��ztd��Yd}
~
dSd}
~
wwxYwd}	n#ttf$rd}	YnwxYwd}|	st||��dkrd}|D�];}tj
�||��}
tj
�||��}	t|
��}t!|��}|du}|r�tj|j��r{|s|r��|r||vr��tj|
��}|rCtj|j��rt'j|d��ntj|��tj||��n�tj|j��rt-|
|||||��dkrd}n�|s|r��6|r||vr��>|r|rt/|
|||��s��V|r\tj|j��rtj|��n.tj|j��rt'j|d��t'j|
|��t3|
|ddd������#ttt&jf$r?}td	|
zd
z|zdzt|��ztd��d}Yd}~��5d}~wwxYw	t3||ddd���nR#ttf$r>}td|zd
z|zdzt|��ztd��d}Yd}~nd}~wwxYw|S)
z�
    Recursively copy an entire directory tree.

    This function acts like shutil.copytree, but works
    if destination directory already exists and does not fail if symlink exists.
    Copies timestamp and permissions from source subdirectories.
    NrTzERROR: failed to delete file r{r�FrL�ERROR: while copying r�r�r�)rIr�rirrr�r�rur�rKrr�rr�rqrrmr�rsrr�r�r�rr�r�r�r�)rr�r�r�r�rr��names�dstbuf�
dst_existsr�rrr�dstname�srcbuf�dstname_existsr#rPs                   r?rresU����������
�m����q��J�s�O�O�E����#�����<���'�'�
	��J�J��n�$�$��q�
��	�#�������W�%�
�
�
��7��;�E�A�#�a�&�&�H�+�WX�Y�Y�Y��q�q�q�q�q�����
�����J����W������
�
�
�����
�E����S�#���!�#�#��E��&�&���'�,�,�s�D�)�)���'�,�,�s�D�)�)��#	�!�'�*�*�F��W�%�%�F�#�4�/�N��
j�D�L���8�8�
j�!��~���!��w�.�'@�'@����W�-�-��!�+��|�F�N�3�3�+��
�g�t�4�4�4�4��	�'�*�*�*��
�6�7�+�+�+�+���f�n�-�-�
j��G�W�h�	�=�RX�Y�Y�]^�^�^��E��!��~���!��w�.�'@�'@��!��f��6F�w�PW�Y_�ag�6h�6h���!�5��|�F�N�3�3�5��	�'�*�*�*�*���f�n�5�5�5��
�g�t�4�4�4�����1�1�1�)�'�7�q�UV�gh�i�i�i�i�����&�,�/�	�	�	��+�G�3�F�:�7�B�4�G��C���P�R]�_`�a�a�a��E�E�E�E�E�E�����	�����!�#�s�q�Q�WX�Y�Y�Y�Y�Y���W������3�C�7��>�s�B�4�G��C���P�R]�_`�a�a�a�����������������Ls��4B>�A0�/B>�0B8�,B3�-B>�3B8�8B>�>C�C�7AK�9K�B'K�)K�1K�	BK�L-�.4L(�(L-�1M�N�4N�Nrr�r}c��t��	t|��}tj|j��rdSt|��}|du}|sTtj�|��}|dkr/|r-ttj�|��|��tj
|j��rot
j|��}|rCtj|j��rtj
|d��nt
j|��t
j||��n�|r|rt!||||��sdS|rCtj|j��rtj
|d��nt
j|��tj||��t%||ddd���nT#t&t(tjf$r5}	t-d|zdz|zd	z|	jzt0d��Yd}	~	dSd}	~	wwxYwdS)
a�
    Copy a source file to a specified destination.

    The algorithm is as follows:
    - if the source is a directory - fail;
    - if the source is a symlink, remove the current destination
      and create a symlink in its place that points to the same location as the source symlink;
    - otherwise - remove current destination,
      and copy the source file copying its time and permissions as well.
    r�NrETrrLr�r�r�)r.rmrrr�r�r�rIrqr	r�rsrr�r�rur�r�r�r�r�rKr�rr�r)
rr�r}rr�r�r��
parent_dirr#r�s
          r?rr�s���O�O�O���g�&�&���<���'�'�	��1���!�!���t�+���	@������1�1�J��S� � �%6� ��"�'�/�/�'�2�2�J�?�?�?��<���'�'�	f��[��)�)�F��
'��<���/�/�'��M�'�4�0�0�0�0��I�g�&�&�&��J�v�w�'�'�'�'��
�&�
�2B�7�G�U[�]c�2d�2d�
��q��
'��<���/�/�'��M�'�4�0�0�0�0��I�g�&�&�&��O�G�W�-�-�-�%�g�w�1�QR�cd�e�e�e�e����W�f�l�+�����'��/��6�w�>�t�C�A�J�N�P[�]^�_�_�_��q�q�q�q�q���������

�1s$�(F2�DF2�A.F2�2H�*G>�>Hc�j�	t|d��}n#YdSxYw|���}t|��dkrq|�d��}t|��|kr"|||kr|���dS|���}t|��dk�qdS)Nrmrr�r�)rLr�r�r�rM)r��numr�r�r�r�s      r?�test_numitem_existr��s����
�(�3�
�
������q�q����
�;�;�=�=�D��t�9�9�Q�;�;��:�:�c�?�?����M�M�C���H�S�M�T�$9�$9��H�H�J�J�J��1��{�{�}�}���t�9�9�Q�;�;�
�1s��c�$�t|d|��S�Nr�r�)r��
passwdfiles  r?�test_user_existr�	s���d�1�Z�0�0�0r@c�$�t|d|��Sr�r�)�group�	groupfiles  r?�test_group_existr�	s���e�A�i�0�0�0r@c�*�tj|��Sr9)r�	get_names)r�s r?�get_all_users_with_uidr�	s���?�3���r@c�~�tj|ddtjdd���}|���dS)NTz	/bin/bashrX)r�r�r�r��bufsizer)r�r�r�rB)r9�procs  r?rere	sE����G�"&�'2�#-�?�!%�$&�(�(�(�D������a� � r@c��	|r-tj|tjtjd���}n,tj|tjtjd���}|���\}}|r7|jdkr,t
dd�|��ztd��nQ#t$rDt
dd�|��ztd��|rtjd���wxYw|S)NTr>rr?r@r�rA)r�r�r��STDOUTrBrCrrrrKr�r�)r9ro�merge_stderr�
exit_on_errorr�rFrhs       r?rqrq!	s�����	e�� �����IZ�ae�f�f�f�A�A�� ������_c�d�d�d�A��=�=�?�?���a��	V��|�q� � ��0�3�8�8�G�3D�3D�D�k�ST�U�U�U��������'�#�(�(�7�*;�*;�;�[�!�L�L�L��	��H�Q�K�K�K�
�	�����Js
�B+B.�.AC<c��t|��}|�|��}|dkr\|||zd�}d}|t|��kr.t||��sn|dz
}|t|��k�.|d|�}|SdS)NrXrr�r�)r�rbr(r.s       r?�get_version_strr7	s���
��Y�Y�F�
�)�)�D�/�/�C�
�b�y�y��3�v�:�;�;������S��X�X�o�o��3�t�9�%�%�
���A�I�D��S��X�X�o�o��%�4�%�j���
�
�2r@c�v�d}d}tj�|���rt|��}t	t|����D]�}||}|r�|ddkr�|�|��dkr�|�dd��}|d���}||kr�|d���}|�d��}	|	dkr
|d|	�}|���}|�d��}|�d	��}|}n��|S)
Nr�z#/var/lib/pgsql/data/postgresql.confrr^rXr_r�r[rZ)	rIrqrrr#r�r�rbr�rb)
r��value�	PSQL_CONF�	psql_confrgr��v�opt_name�valrUs
          r?�get_postgres_configrG	s���E�5�I�	�w�~�~�i� � ���i�(�(�	��s�9�~�~�&�&�	�	�A��Q�<�D��
��Q��3���4�9�9�V�+<�+<��+B�+B��J�J�s�A�&�&���Q�4�:�:�<�<���v�%�%��A�$�*�*�,�,�C��(�(�3�-�-�C��b�y�y�!�$�3�$�i���)�)�+�+�C��)�)�C�.�.�C��)�)�C�.�.�C��E��E���Lr@c�0�d}tj�|��r�t|��}|D]�}|���}tt
|����D]�}||}|�d��}|�d��}|dkrh	||dz}n+#td|��tj
d��YnxYw|�d��}|�d��}|ccS����td��S)Nz#/var/lib/pgsql/data/postmaster.optsr[rZz-pr�zError while parsing�port)rIrqrrr#r�r�r�rbrr�r�r)�OPTSrfr�rrgr*r
s       r?�get_postgres_portr`	s��0�D�	�w�~�~�d��� ��$�����	 �	 �D��
�
���A��3�q�6�6�]�]�
 �
 ���a�D���G�G�C�L�L���G�G�C�L�L����9�9�$� ��1��v����$�#�$9�4�@�@�@�������������:�:�c�?�?�D��:�:�c�?�?�D��K�K�K�K�K��	
 ��v�&�&�&s� B,�,&Cc��d}d}t��}|dkr$td�|����|}d|z}||krt||dzg��dStj�|��rC	t	j|��dS#ttf$rt||dzg��YdSwxYwdS)Nz#/usr/share/cagefs/pgsql.socket.name�5432r�zEWarning: Port of PostgreSQL server is not detected, using default: {}z/tmp/.s.PGSQL.rl)
rr�rrdrIrqrrrurKr�)�PGSQL_SOCKET_CFG�default_pg_portr
�socket_names    r?�detect_postgresrw	s��<���O����D��r�z�z�
�U�\�\�]l�m�m�n�n�n���"�4�'�K������#�k�$�&6�%7�8�8�8�8�8�
�7�>�>�*�+�+�	A�
A��	�*�+�+�+�+�+���W�%�
A�
A�
A��+�k�$�.>�-?�@�@�@�@�@�@�
A����	A�	As�>B�%B=�<B=c�"�t|��dkrdSt|��}tj|��D]�}tj�||��}	tj|��j}n #t$rtd|��Y�YwxYwtj|��r�rtj|��rt|����|tjtjzzr#|rt!d|����t!d|����dS)Nr�zlstat() failed for pathzMounted to skeleton:zCopied  to skeleton:)r�r4rIr�rqrrir�rKrrrrsr��print_suidsrvrwr�)r�mountedrrr�s     r?rr�	s#���#���'�!�!����c�"�"�G��
�3���7�7���'�,�,�s�D�)�)��	��8�G�$�$�,�D�D���	�	�	��1�7�;�;�;��H�	�����<����	���<����	7��� � � � ��d�l�T�\�1�2�	7��
7��,�g�6�6�6�6��,�g�6�6�6��7�7s�A6�6B�Bc���i}tj�|��rIt|d��}|D]"}|�d��d}d||<�#|���|S)Nrmr�rr�)rIrqrrrLr�rM)rqr��pfr�r�s     r?�get_users_from_passwdr�	sj���E�	�w�~�~�d����
�$��_�_���	�	�D��:�:�c�?�?�1�%�D��E�$�K�K�
���
�
�
��Lr@c��t��|dz}tj�|��sdSt	|��}|dkrt|dz��}d}t
t|����D]�}||�d��}t|��dkr�|ddvr�|ddd��d	��}g}d}	|D]}
|
|vr|�	|
���d
}	�|	r;|ddz|d
zdz}d	�
|��}||dzz
}|||<d
}��|rKt||��	tj
d|��dS#tttjf$rYdSwxYwdS)NrrFr�r�r�)r�rlrXr�Trz:x:rKrl)r.rIrqrrr#rr�r�r�r�rrdr��copystatrKr�r�)
r�rq�
group_filerf�file_changedrgr��group_users�new_group_users�changedr�ri�tmp2s
             r?�!remove_unwanted_users_from_groupsr$�	s����O�O�O���$�J�
�7�>�>�*�%�%�����j�!�!�E���}�}�%�d�=�&8�9�9���L�
�3�u�:�:�
�
�$�$����8�>�>�#�&�&����M�M�Q���X�a�[�
�%B�%B�"�1�+�c�r�c�*�0�0��5�5�K� �O��G�#�
#�
#���5�=�=�#�*�*�4�0�0�0�0�"�G�G��
$��q�k�%�'����3�C�7���x�x��0�0���t�D�y� ����a��#������:�u�%�%�%�	��O�L�*�5�5�5�5�5����&�,�/�	�	�	��D�D�	����	�s�
E$�$F�Fc�&�i}tj�|��rotj|��D]Z}tj�||��}tj�|��rtj|��}|||<�[|Sr9)rIrqrr�rr�r)�
cl_alt_dir�linksr�rq�link_tos     r?�
read_symlinksr)�	s���E�	�w�}�}�Z� � �&��Z�
�+�+�	&�	&�E��7�<�<�
�E�2�2�D��w�~�~�d�#�#�
&��+�d�+�+��%��d����Lr@c	���d}|D�]\}	||}tj�|��r|tj|��kr�Dn tj�|��r�e	tj|��n^#t$rQ}|jtjkrtj
d|�d���ntjd|��|���Yd}~nd}~wwxYwtj||����#t$rb}d|�dt|���dd	����}tj||���t|t d
��d}Yd}~��Vd}~wwxYw|S)NFzPath z does not existzError: Unable to remove path r|r~r{r�r�r�T)rIrqr�rrrurKr��ENOENTr5�inforr�r�r�rr)r'rrqr(r�r�s      r?�write_symlinksr-�	s����E�����	��D�k�G��w�~�~�d�#�#�
��b�k�$�/�/�/�/��0�����t�$�$�
��
U��	�$�������
U�
U�
U��7�e�l�*�*��K� =�� =� =� =�>�>�>�>��L�!G��!G�!G�RS�T�T�T�T����������	
U����
�J�w��%�%�%�%���	�	�	�c�T�c�c�c�!�f�f�n�n�W�V`�>a�>a�c�c�C��L��q�)�)�)�)��C��a�(�(�(��E�E�E�E�E�E�����		����
�LsI�?C4�	 C4�+B�?C4�
C�
AC�C4�C�C4�4
E �>AE�E c��t||��}|j}|j|kr|tjzS|tjzr	|j|vp|tjzSr9)rr��st_uidrr�S_IWUSR�S_IWGRP�st_gid�S_IWOTH)r�r�r�r�r�s     r?�is_writabler4
sY��
��S�
!�
!�F��<�D��{�c����t�|�#�$��d�l�"�?����)>�
Y�T�D�L�EX�[r@c��d}	tj|��}n#t$rd}YnwxYw|r�tj|j��s!|r3tj�|��r|rt||��SdS	tj	|��nR#ttf$r>tj�|��rtd|ztd��YdSYnwxYw	t||��n�#t$r�}tj�|��s[d|�dt|���dd����}t#j||�	��t|td��Yd
}~dSYd
}~nd
}~wwxYwdS)a�
    Create directory if it does not exist. Check for symlink (race conditions are not handled).
    Returns True if error has occured
    :param path: path to directory
    :type path: string
    :param perm: Linux permissions
    :type perm: int
    :param allow_symlink: True = allow path to be symlink, False = delete symlink and create directory
    :type allow_symlink: bool
    :param update_perm: True = set permissions when path exists
    :type update_perm: bool
    TFzError: failed to remove r�rzr{r�r�r|N)rIrirKrrr�r�rqr�set_permrur�r`rrr1r�r�r5r)rqr��
allow_symlink�update_perm�path_existsr�r�r�s        r?�make_dirr:
s����K���x��~�~����������������� ��<���%�%�
	 �-�
	 �B�G�M�M�$�<O�<O�
	 ��
,���d�+�+�+��5�
 ��	�$�������W�%�
 �
 �
 ��7�?�?�4�(�(� ��6��=�{�A�N�N�N��4�4� � �
 ����
��T�4� � � � �������w�}�}�T�"�"�	�e�t�e�e��A�����w�Xb�@c�@c�e�e�C��L��q�)�)�)�)��C��a�(�(�(��4�4�4�4�4�		�	�	�	�	����������5s8��(�(�<B�A	C �C �$C5�5
F�?A4E>�>Fc��	tj||��dS#ttf$rt	d|zt
d��YdSwxYw)NFr�r�T)rIr�rKr�rr)rqr�s  r?r6r6>
s]���
���t�����u���W������6��=�{�A�N�N�N��t�t����s��*A�Ac��	tj|||��dS#ttf$rt	d|zt
d��YdSwxYw)NFz"Error: failed to set ownership to r�T)rIr�rKr�rr)rqr�r�s   r?�	set_ownerr=I
s_���
���s�C� � � ��u���W������4�t�;�[�!�L�L�L��t�t����s��*A�Ac��|D]}}t|��}d}|D]g}tj�||��}tj�||��}	t	|	|||��}
|
�nt|
���h�~dS)Nr�)r�rIrqrrr)�basepath�
real_homepathr�r��personal_mountsr(r�rqrr�r�s           r?�fix_owner_of_personal_mountsrBT
s��� �����5�!�!�����	�	�D��7�<�<��d�+�+�D��g�l�l�8�T�2�2�G�%�g�s�C��G�G�B��z����B�K�K�K�K���r@c��|stj��sdSddl}g}|rddlm}|dd���}|j}|D�]H}	t
j|��}n#tj	$rY�*wxYwtj�|j
��}	tj�|j
d��}
tj�|
d��}t|
|j|j|	��}|���t%|
d|	|���}|���t'|��t)|j|j��t+|��t-��|�||d��|rt1|
|	|j|j|����JdS)	Nrr8T��skip_errors�skip_cpanel_checkz.cagefsz.cagefs.enabledi�)r�)r��
is_ispmanager�cagefs_ispmanager_libr:r9rAr�get_pw_by_namer*�NoSuchUserExceptionrIrqr��pw_dirrr�pw_uid�pw_gidrrrr�r�-ispmanager_create_user_wrapper_detect_php_verrB)
r��is_user_enabled�	fix_ownerrHrAr9�	mp_configr��pwr@rq�status_flagr�s
             r?�
update_statusrTf
s������2�4�4���� � � � ��O��4�.�.�.�.�.�.�$�$���N�N�N�	�#�3���e�e��	��%�d�+�+�B�B���(�	�	�	��H�	������(�(���3�3�
��w�|�|�B�I�y�1�1���g�l�l�4�):�;�;��"�$��	�2�9�m�
L�
L��
�:��
 ��u�m��
C�
C�
C��
�:��������b�i���+�+�+��;�'�'�'�����	�K�K�B�P_�ae�f�f�f��	e�(��}�b�i���Tc�d�d�d��;e�es�A�A'�&A'c�\�td}td}t|d|dg��S)NrWrX�-cz-i)rcrq)�php_path�php_ini_paths  r?�get_php_inforY�
s-���Y�'�H� ��+�L��H�d�L�$�7�8�8�8r@c���td}td}	t��rt|dgdd���}nt|d|dgdd���}n#t$rd	}YnwxYw|S)
NrWrXr=TF)rrrVz-qmr�)rcr&rqrK)rWrX�results   r?�get_list_of_php_modulesr\�
s����Y�'�H� ��+�L�����	l��h��-�D�PU�V�V�V�F�F��h��l�E�B�QU�ej�k�k�k�F����������������Ms�9A�A%�$A%c�>�tdkrt��t���d��}ia|D]K}|rG|�d��s2|�dd�����}dt|<�Ltt��S)Nrl�[r@rhr�)�php_modulesrer\r�rar��lower�list)rfr��module_names   r?�get_php_modulesrc�
s����d�������'�)�)�/�/��5�5�����	-�	-�D��
-�T�_�_�S�1�1�
-�"�l�l�3��4�4�:�:�<�<��+,��K�(������r@c�V�t��d}iatj�|��ryt	|��}|D]g}|���}|dkrK|���}t|��dkr$|ddkr|d}|dt|<�htS)N�/etc/cl.selector/selector.confr�r�rrVr�rK)�alt_versionsrIrqrrr$r�r�r�)�CL_ALT_CONFrfr�rd�verss     r?�get_alt_versionsri�
s�����6����
�7�>�>�+�&�&�		3�$�[�1�1�E��
3�
3���{�{�}�}���2�:�:������B��2�w�w�!�|�|��1�����!�!�u��-/��U��T�*���r@rVc�>�tdkr�d}iatj�|��r�t	|��}|D]�}|���}|dkrg|���}t|��dkr@|d}|d}|d}	|tvrt|}
ni}
|	|
|<|
t|<��|tvrP|r,tt|�	����S|t|vrt||SdS)Nrer�r�rr�r�)
�alt_confrIrqrrr$r�r�r�ra�keys)rhr8�get_aliasesrgrfr�rd�	cur_alias�cur_vers�cur_path�temps           r?�get_alt_confrr�
s���4���6����
�7�>�>�+�&�&�	2�$�[�1�1�E��
2�
2���{�{�}�}���2�:�:������B��2�w�w�!�|�|�$&�q�E�	�#%�a�5��#%�a�5��#�x�/�/�#+�H�#5�D�D�#%�D�*2��Y��-1���*���x����	)�����+�+�-�-�.�.�.�
�h�t�n�
$�
$��D�>�%�(�(��4r@c�l�|dkrtt��St|d���}|dkrgS|S)N�nativeT)rm)rarcrr)rh�aliasess  r?�get_alt_aliasesrv�
s@���x����M�"�"�"��t�4�8�8�8���d�?�?��I��r@c�$�d}g}g}t��D]�}d|z}|dz}|dz}tj�|��r|�|��n�Gtj�|��r|�|��tj�|��r|�|����g}|r>|�t
|g|zddgz���d����|r>|�t
|g|zdd	gz���d����t��}|D]+}|r't|��D]}	|�
|	����,t|��S)
Nz
/usr/bin/findz	/opt/alt/z/usr/binz	/usr/sbinz-namez*.sorlz-typerx)r'rIrqrr�r�rqr��setr��addra)
�FIND�altpaths�binpaths�altdirrq�binpath�sbinpathr r?�libs
          r?�get_alt_php_libsr�s����D��H��H��.�.�&�&���V�#����#���+�%��
�7�=�=����	��O�O�D�!�!�!�!��
�7�=�=��!�!�	%��O�O�G�$�$�$�
�7�=�=��"�"�	&��O�O�H�%�%�%���E��Q�
���W�d�V�h�.�'�6�1B�B�C�C�I�I�$�O�O�P�P�P��N�
���W�d�V�h�.�'�3��?�@�@�F�F�t�L�L�M�M�M��5�5�D������	�#�D�)�)�
�
������
�
�
�
����:�:�r@c���tdzt|��zdz|zdz}|dz}tj�|��s&|dz}tj�|��sdStj|��}|�d��rdS|�d��r5|�dd��}|d|�d���}|SdS)	NrErrVrYz/usr/selector/rtz/opt/alt/phpr�)	rr!rIrqr�rrar�rb)�usernamerq�
user_php_filer(�php_vers     r?�get_php_version_for_userr� s���
�S�=�?�8�4�4�4�s�:�X�E�H[�[�D��5�L�M�
�7�>�>�-�(�(���w��
��w�~�~�m�,�,�	��4��k�-�(�(�G����*�+�+���x����.�)�)���/�/�.�"�5�5���,�7�<�<��,�,�,�-�����4r@zcl.php.dr
z.cl.selectorzdefaults.cfgc	��||D]�}|dz}tj�||��}tj�d|dd|��}tj�|��s�t	|��	tj||����#t$r_}d|�dt|���dd����}	tj
|	|�	��t|	td
��Yd}~��d}~wwxYw��dS)Nrn�/opt/altr�	php.d.allr~r{r�r�r|r�)
rIrqrr�r�r�rKr�r�r5rrr)
�php_versr_r�r	�mod�	link_name�	link_pathr(r�r�s
          r?�enable_extensions_symlinksr�Fs���8�$�-�-���&�L�	��G�L�L��)�4�4�	��'�,�,�z�7�E�;�	�R�R���w�~�~�i�(�(�	-��y�)�)�)�
-��
�7�I�.�.�.�.���
-�
-�
-�l��l�l�s�1�v�v�~�~�V]�_i�Gj�Gj�l�l����S�1�-�-�-�-���[�!�,�,�,�,�,�,�,�,�����
-����		-�	-�-s�B�
D�"AC<�<Dc�0�|tv�ri}tj�|���r�tj|��D�]�}|dz|z}|�d���r�tj�|���r}|dtd���}g||<t|��}|D�]M}|�	��}|�
d��s|�
d���r|�d��r|�dd��}n+|�d��r|�dd��}|�d	d
��}t|��dkr�|d
�d��rptj�
|d
�����}|dtd���}||kr||�|����O���|t|<t|S)
al
    Return dependencies of php modules (extensions), determined by parsing of ini files in specified directory
    :param alt_dir: path to directory where ini files are (something like '/opt/alt/php54/etc/php.d.all')
    :type alt_dir: string
    :return: something like { 'mailparse' : ['mbstring'], 'xsl' : ['dom'], 'xmlreader' : ['dom'] }
    :rtype: dict
    rErnN�	extension�zend_extensionrZr�r[r_r�rKr)�
deps_cacherIrqrr�rprrr�r$r�rar�r�r
�lstripr�)�alt_dir�deps�ini_file�ini_path�extnamer�rd�exts        r?�get_dependenciesr�Ws����j� � ���
�7�=�=��!�!�	>��J�w�/�/�
>�
>��"�S�=�8�3���$�$�V�,�,�>������1I�1I�>�&�}��V����}�5�G�$&�D��M�/��9�9�H� (�>�>��#�{�{�}�}���?�?�;�7�7�
>�4�?�?�K[�;\�;\�
>�#�}�}�S�1�1�=�'+�|�|�C��'<�'<���!%���s�!3�!3�=�'+�|�|�C��'<�'<��!%���C��!3�!3�B� #�B���1���"�Q�%�.�.��2G�2G��&(�g�&6�&6�r�!�u�|�|�~�~�&F�&F��&)�,�C��J�J�;�,�&7��#*�c�>�>�$(��M�$8�$8��$=�$=�$=���"�
�7���g��r@c��||vr7||D]}t|||���||vr|�|��dSdSdSr9)�get_load_orderr���
load_orderr�r��deps    r?r�r�|sg��
�d�{�{���9�	2�	2�C��:�t�S�1�1�1�1��j� � ����c�"�"�"�"�"�	�{�!� r@c��||vrC||D]}||vr||vr|�|��� ||vr|�|��dSdSdSr9)r�r�s    r?�get_load_order_not_recursiver��sz��
�d�{�{���9�	'�	'�C��*�$�$������!�!�#�&�&�&���j� � ����c�"�"�"�"�"��{�!� r@c�8�|�t|��}ttfD]y}g}	d||vr|||d��nd||vr
|||d��||D]}|dvr
||||���n(#t$r|st	dt
d��Y�vwxYw|S)aG

    :param php_vers: something like 'php5.4'
    :type php_vers: string
    :param php_modules: { 'php5.3' : ['dom', 'xmlreader'], 'php5.4' : ['dom', 'xsl'] }
    :type php_modules: dict
    :param ini_path: path to directory where ini files are (something like '/opt/alt/php54/etc/php.d.all')
    :type ini_path: string
    N�ioncube_loader�ioncube_loader_4)r�r�z^Error: cyclic dependencies of PHP modules detected. Depth of dependencies will be limited to 1r�)r�r�r��RuntimeErrorrr)r�r_r�r��quiet�funcr�r�s        r?�build_load_orderr��s���|���)�)���!=�>�J�J���
�	J��;�x�#8�8�8���Z��'7�8�8�8�8�#�{�8�'<�<�<���Z��'9�:�:�:�"�8�,�
0�
0���D�D�D��D��T�3�/�/�/���E���	J�	J�	J��
J��x�{F�HI�J�J�J���	J�����s�AA2�2"B�Bc���|�dStj�|t|��}tj�|��sdSt|||d���}t�rts<t�5	tj
t���an#ttf$rdaYnwxYwtr|S|stj|��}t��}	t�||	|���}
tjstjstjrX|rd|z}nd}|d|zd	z|zz
}|r	|d
|zz
}n|dz
}t)|tjtjtj��n|}
|
S)NF)r)�phpconf_pathT)�input_phpini_linesr�zUser: z
User: Unknownz; PHP version: z#
                     Backup file: z(
                     Destination file: z/
                     Destination file: Unknown)rIrqr�CL_ALT_BACKUP_DIRrrr
�validate_alt_php_ini�$bad_try_init_phpinivalidator_trigger�php_ini_validator�phpinivalidator�PHPINIvalidator�PHP_CONFrKr��get_php_verri�validate�unknown_options�invalid_values_options�invalid_optionsr�)�homepathr�r�r�r��	user_name�alt_php_ini_file�backup_path�
php_ini_lines�alt_vers�output_lines_list�log_messages            r?�read_custom_php_settingsr��s������t��'�,�,�x�):�H�E�E�K�
�7�>�>�+�&�&���t�$�[�#�s�E�R�R�R�M��*�3�	<�8I�8Q�
<�$3�$C�QY�$Z�$Z�$Z�!�!���W�%�
<�
<�
<�7;�4�4�4�
<����/�	!� � ��	@�&�2�;�?�?�H�#�%�%��-�6�6�-�ai�jr�as�6�t�t���,�
	_�0A�0X�
	_�\m�\}�
	_��
.�&��2���-���,�x�7�:`�`�cn�n�n�K��
R��J�M]�]�]����Q�Q��!�+�/@�/P�Rc�Rz�}N�}^�
_�
_�
_��*���s�6B�B'�&B'c	���tj�d|dd��}t|||��}	g}
|	D]�}|
�d|zdz��|dz|zdz}t|��}
|
D]K}|���}|r3|�d��s|d	z
}||
vr|
�|���L|
�d	����tj�|d
��}	t|d|zdz|||d
d�||���}n#ttf$rd}YnwxYw|�*|
�|��|
�d	��t|
|||��dS)a�
    Enable specified extensions for specific php version and user
    :param php_vers: php version, something like 'php5.4'
    :type php_vers: string
    :param php_modules: extesions enabled for different php version for the user specified like { 'php5.3' : ['dom', 'xmlreader'], 'php5.4' : ['dom', 'xsl'] }
    :type php_modules: dict
    :param dirpath: path where generated alt_php.ini file is written to (something like '/var/cagefs/prefix/user/etc/cl.php.d/alt-php54')
    :type dirpath: string
    :param dirname: name of directory for specified php version inside /opt/alt directory (something like 'php54')
    :type dirname: string
    :param uid: uid of user
    :type uid: int
    :param gid: gid of user
    :type gid: int
    :param homepath: path to home directory of user (something like '/home/user')
    :type homepath: string
    :param user_name: name of user
    :type user_name: string
    r�rr�z;---z---
rErn�;rl�alt_php.ini�alt_z.cfgr�N)r�r�r�)
rIrqrr�r�r$r�rar�rKr�r�r)r�r_r�r	r�r�r�r�r�r��alt_php_ini�module�module_ini_path�
module_inir��
user_ini_path�custom_php_settingss                 r?�enable_extensionsr��s���(�w�|�|�J����D�D�H�"�(�K��B�B�J��K��!�!�����6�&�=��0�1�1�1�#�S�.�6�1�F�:��&�o�6�6�
��	-�	-�D��;�;�=�=�D��
-�D�O�O�C�0�0�
-������{�*�*��&�&�t�,�,�,�����4� � � � ��G�L�L��-�8�8�M�#�7�x�7=�g�~�f�7L�7:�7:�@H�����AJ�HU�
W�W�W����
�W��#�#�#�"����#�����&����.�/�/�/����4� � � ��k�=�#�s�;�;�;�;�;s�4$D�D/�.D/c��t��}|dkrd}|dkrd}|dkri}|dkri}tj�|��}
d}|D]�}d|z}d|�dd��z}d|z}tj�||��}tj�|d��}tj�|��r|	s|
rVt|d|||
��r��||vs|	r%||vr||||<nt��}|||<d	}t||||||||�
����|r|}n|}|s|rt|||||��dSdS)NrtFrVr�r�zalt-r�r�T)r�r�)rirIrqr�r�rr`r"rcr��write_cl_alt_to_backup)�userpathr�r�r��def_vers�cl_alt_def_modulesr_�vers_changed�def_vers_old�force�rebuildr�r��
real_userpath�modules_changedrhr�r	r}r�r��modules�new_verss                       r?�select_default_php_modulesr�.s����!�!�H��4������t������d������T�!�!����G�$�$�X�.�.�M��O��3�3���4�<���$�,�,�s�B�/�/�/���'�!���'�,�,�x��0�0������W�m�<�<�
�����
�.�.�	3�5�	3�G�	3��G�U�C��m�D�D�
����+�+��+��1�1�1�,>�x�,H�K��)�)�-�/�/�G�,3�K��)�"&��
�h�)�%�%�!�!�'/�(1�
3�
3�
3�
3�� � �������J��J��x��;��S�I�I�I�I�I�J�Jr@c��tj�|tt��}t||��t
|��}t��|Sr9)rIrqrr��CL_ALT_DEFAULTSr�read_cl_alt_backupr)r�r�r�r�r[s     r?�read_cl_alt_backup_as_userr�msE���'�,�,�x�):�O�L�L�K��#�s����
��
,�
,�F��O�O�O��Mr@c�b�	t|��}n#ttf$rYdSwxYwtjdd���}	|�|��n#tj$rYdSwxYw	t|dd��d}n#t$rYdSwxYwi}i}i}|�	��D�] }|�
dd��}|�d��r�t|td��d���r�t||d	��||<|�|d
��rg|�|d
���������d��rd||td��d�<��|dvr8i}	|�|��D]}
|�||
��|	|
<�|	||<��"d
|vrTd
|d
vrJ|d
d
�������d��rd|d<||||fS)N)NNNNF��
interpolation�strict�versionsrVrr�r�r��state�disable)r��	phpnativert)rrKr��configparser�ConfigParser�readfpr�r��
IndexError�sectionsr�rar,r�r�r�rbr`�options)r��backup_file�cfgr�r��	php_state�other�sectionr	r�r�s           r?r�r�us���&�+�K�8�8�����W��&�&�&�%�%�%�&�����
#�$�u�
E�
E�
E�C�&��
�
�;��������&�&�&�%�%�%�&����&�,�S�*�e�D�D�Q�G�����&�&�&�%�%�%�&�����G��I��E��<�<�>�>�
%�
%���/�/�#�r�*�*�����e�$�$�	%��'�#�e�*�*�+�+�2F�)G�)G�	%�8��g�y�Q�Q�G�G���~�~�g�w�/�/�
8�S�W�W�W�g�5N�5N�5T�5T�5V�5V�5\�5\�5^�5^�5i�5i�js�5t�5t�
8�27�	�'�#�e�*�*�+�+�.�/��
�M�
)�
)��G��+�+�g�.�.�
;�
;��"%�'�'�'�6�":�":�����$�E�'�N���u���7�e�K�.@�#@�#@�u�[�GY�Za�Gb�Gh�Gh�Gj�Gj�Gp�Gp�Gr�Gr�G}�G}�H�HI�HI�#@�#�	�(���W�i��.�.s0��'�'�A�A*�)A*�.B�
B�Bc�:�tdkr;tdkr0tdkr%tdkrttttfSt	t
j�tt����\aaaattttfSr9)
�cl_alt_def_versr��cl_alt_def_php_state�cl_alt_def_otherr�rIrqrrr�rDr@r?�read_cl_alt_defaultsr��s����$���#5��#=�#=�BV�Z^�B^�B^�cs�w{�c{�c{�� 2�4H�JZ�Z�Z�Rd�eg�el�eq�eq�sB�DS�fT�fT�SU�SU�O�O�'�)=�?O��.�0D�FV�V�Vr@c���|dkr-tj�tt��}d}n�tj�|t
��}	tj�|��}
t|	d|||
��rdStj�|t
t��}d}g}|�d��|�d|zdz��|dkri}|D]�}|�d|zdz��|�d	d
�||��zdz��|dkr8|td��d�}
|
|vr||
s|�d����|dkrU|D]R}|�d|zdz��||D],}|�|d
z|||zdz���-�St|||||��dS)NFr�Tz[versions]
zphp=rlz
[z]
zmodules=r�rVzstate=disabled
r_)rIrqrrr�r�r�r"r�r�r)r�r�r�r�r�r�r�r��	drop_perm�
backup_dirr@�backupr�rhr�s               r?r�r��s���4����g�l�l�?�O�D�D���	�	��W�\�\�(�,=�>�>�
���(�(��2�2�
��
�E�3��]�C�C�	��F��g�l�l�8�->��P�P���	��F�
�M�M�.�!�!�!�
�M�M�&��/�$�&�'�'�'��$������2�2���
�
�e�G�m�E�)�*�*�*��
�
�j����'�'�*:�!;�!;�;�D�@�A�A�A��D�=�=��3�u�:�:�;�;�'�D���
�
��d��
��
�
�0�1�1�1����}�}��	F�	F�G��M�M�%��-��-�.�.�.���.�
F�
F���
�
�f�S�j��w���)?�?��D�E�E�E�E�
F��f�k�3��Y�?�?�?�?�?r@c�j�g}tdd��5}|D�]}|s2|�d��dkr�|�d��dkr�|���}|d}|d�d��}	|rd	|	vr�u|rd
|	vr�||sU|�tdz��dks4|rb|�d��dks|�d
��dkr0|�||�d��d�����	ddd��n#1swxYwY|S)a:
    Return list of mounts points
    :param all_cagefs_mounts: return CageFS mounts points only
    :param without_nosuid: return mount points without 'nosuid' attribute
    :param rw_mounts_only: return rw mount points only (i.e. mounts without 'ro' attribute)
    :param all_mounts: return all mount points
    z/proc/mountsrmzcagefs-etcfsrXzcagefs-varfsr�r�r��nosuid�rorEz/var/cagefs/z	/.cagefs/N)rLrbr�r�r�)
�all_cagefs_mounts�without_nosuid�rw_mounts_only�
all_mountsr1r/r�r��
mountpoint�optss
          r?�get_mounted_dirsr�s����K�	
�n�c�	"�	"�J�f��	J�	J�D��

J�T�Y�Y�~�6�6�"�<�<����>�AZ�AZ�^`�A`�A`��J�J�L�L���q�T�
���t�z�z�#����!��h�$�&6�&6��!��d�d�l�l���J�����#��!>�!>�"�!D�!D�)�"E�/9���~�/N�/N�RT�/T�/T�Xb�Xg�Xg�hs�Xt�Xt�xz�Xz�Xz��&�&�z�*�/�/�#�2F�2F�2G�2G�'H�I�I�I��	J�J�J�J�J�J�J�J�J�J�J�J����J�J�J�J��s�DD(�(D,�/D,c��tjd��}t��}|r�tjd��D]m}|�t|����}|rGtj�|��r(|�	|�
d�����nndtj��}|D]N}||j
}|�|��}|r(|�	|�
d�����O|S)zh
    Returns set of base home directories like {"/home0", "/home1", .., "/home9"} including "/home"
    z(/home\d?)/z/home*r�)r��compilerxr�r�r�rIrqrryr�r�
get_user_dictrK)�use_glob�pattern�dirsrq�mrRr�r�s        r?�get_homeN_dirsr�s����j��(�(�G��5�5�D��%��I�h�'�'�	%�	%�D��
�
�h�t�n�n�-�-�A��
%�R�W�]�]�4�(�(�
%����������$�$�$��	%�
�
 �
"�
"���	%�	%�D��d�8�?�D��
�
�d�#�#�A��
%����������$�$�$���Kr@c�@�t|��}|tvrx	t|��}tj|j��rt
j|��x}t|<ngx}t|<n0#ttf$rgx}t|<YnwxYwt|}|Sr9)
r��
listdir_cachermrrr�r�rIr�rKr�)rqr�rls   r?�cached_listdirr	
s����d���D��=� � �	+���%�%�D��|�D�L�)�)�
/�,.�J�t�,<�,<�<��m�D�)�)�,.�.��m�D�)�����!�	+�	+�	+�(*�*�C�-��%�%�%�	+�����D�!���Js�AA.�.B�
Bz/etc/cagefs/custom.etc/c�*�tt��Sr9)r�
CUSTOM_ETCrDr@r?�get_custom_etc_listr 
s���*�%�%�%r@r��
user_etc_pathc�F�it||���t||���S)ag
    Get additional files for a user
    to be placed within their '/etc' directory.

    This includes retrieving files added
    by the 'custom.etc' directory mechanism
    and mount points defined in the 'cagefs.mp' file.

    Args:
        username: The user's name
        user_etc_path: The user etc path, like '/var/cagefs/<prefix>/<username>/etc'
    )�get_custom_etc_files_for_user�!get_etc_dirs_from_mounts_for_user)r�rs  r?�!get_additional_etc_files_for_userr$
s0���
'��-�
@�
@��
+�H�m�
D�
D��r@c���i}|t��vr`t|z}	t|��}n#ttf$r|cYSwxYwtj|j��rt||||���|S)a&
    Get a list of additional files for a user,
    which have been added to the user's '/etc' directory
    by utilizing the 'custom.etc' directory mechanism.

    Args:
        username: The user's name
        user_etc_path: The user etc path, like '/var/cagefs/<prefix>/<username>/etc'
    r�)	rrrmrKr�rrr�r�r)r�r�etc_listrqr�s     r?rr8
s����H��&�(�(�(�(��H�$��	���%�%�D�D����!�	�	�	��O�O�O�	�����<���%�%�	X��T�8���W�W�W�W��Os�.�A�Ac��ddl}i}|�dd���}|j}|j}t	||||��	tt
j|����}n#tj$r|cYSwxYwt	||||��|S)a�
    Get a list of additional directories for a user,
    which have been added to the user's '/etc' by defining
    additional mount points within the 'cagefs.mp' file.

    Process only the mount points splitted by username or UID,
    as only these are mounted to the user's '/var/cagefs/.../etc',
    which is subsequently mounted to the skeleton's '/etc'.

    Args:
        username: The user's name
        user_etc_path: The user etc path, like '/var/cagefs/<prefix>/<username>/etc'
    rNTrD)	r:r9�splitted_by_username_mounts�splitted_by_uid_mounts�_process_etc_mountsr�r�get_uidrJ)r�rr:rrQrr�user_uids        r?rrO
s��������H��*�*�t�t�*�T�T�I�"+�"G��&�=���3�X�}�h�W�W�W���u�}�X�.�.�/�/�����$�������������.��-��R�R�R��Os�!A!�!A5�4A5r/�user_identifierrc�8�|D]�}|�d��r|t|��vr�)|�ddd��}|�d��}|�|��|}|D]'}t
j�||��}d||<�(��dS)aq
    Process mount points and construct a list of '/etc' ones
    and their respective user subdirectories.

    Retrieve a list of contents within the mount point,
    and if it contains the user's identifier
    (UID for mount points splitted by UIDs,
    or username for mount points splitted by usernames),
    add all the subdirectories to the resulting list.
    r
r�r�rEN)rarr�r�r�rIrqr)r/rrrrq�parts�current_path�parts        r?rrq
s����
'�
'�����w�'�'�	�?�.�QU�BV�BV�+V�+V���|�|�G�R��+�+���
�
�3����
���_�%�%�%�$���	'�	'�D��7�<�<��d�;�;�L�%&�H�\�"�"�	'�
'�
'r@c�t�|t��v�r"t|z}	t|��}n#ttf$rYdSwxYwtj|j��r�tj	|��D]�}|tttfvr�|dz|z}|dz|z}	t|��}nJ#ttf$r6}td|zdzt|��ztd��Yd}~�{d}~wwxYwtj|j��rt!||d�����t#||d�����dSdSdS)NrEzError: lstat() failed file r{r�Tr)rrrmrKr�rrr�r�rIr�r�CL_PHP_DIR_NAME�ETC_VERSION_NAMErr�rrr)r�rr�r�r�rr�r�s        r?� update_custom_etc_files_for_userr'�
s����"�$�$�$�$��D� ��	���%�%�D�D����!�	�	�	��F�F�	�����<���%�%�
	<��J�t�,�,�
<�
<���[�/�CS�#U�U�U���*�x�/�C�(�#�-��8�D�!�+�C�0�0����#�W�-�!�!�!�� =�� C�e� K�c�RS�f�f� T�Va�cd�e�e�e� ���������!�����|�D�L�1�1�<� ��d�T�:�:�:�:�:�!�#�t�d�;�;�;�;��'%�$�
	<�
	<�
<�
<s'�-�A�A�B+�+C2�<,C-�-C2z/usr/share/cagefs/custom.etc/c�2�tt��rdSdSr�)r�CUSTOM_ETC_LOGrDr@r?�custom_etc_presentr*�
s���n�%�%���t��5r@c��	tt��}nY#ttf$rEt	jd��}t	jtd��t	j|��YnwxYw|rtt|z|d���dS	t	jt|z��dS#ttf$rYdSwxYw)Nr�T�r)	rmr)rKr�rIr�r�rdru)r��
list_of_filesrhr�s    r?�save_custom_etc_logr/�
s������(�(�����W������h�q�k�k��
����'�'�'�
���������������>�$�&�
��F�F�F�F�F�F�	��I�n�T�)�*�*�*�*�*����!�	�	�	��D�D�	���s"��AA-�,A-�B-�-C�Cc��g}|tt��vr�tt|z��}|D]�}|���}||vri|�dt
z��sL|�dtz��s/|�t��s|�|����|�	��|Sr�)
rr)r#r�rarr%�ETC_VERSIONr��sort)r�r.rl�old_listrqs     r?�get_custom_etc_files_to_deleter4�
s���
�C��~�n�-�-�-�-��^�D�0�1�1���	%�	%�D��;�;�=�=�D��=�(�(�����K��8�8�%�D�O�O�C�P_�L_�<`�<`�%�dh�ds�ds�t�eA�eA�%��J�J�t�$�$�$�����
�
�
��Jr@c��t|��}t��}|D]}|�||d���� |Sr9)r�rxry)rrq�plenrlr�s     r?r�r��
sG���t�9�9�D�

�%�%�C�
��������$�%�%�������Jr@c���	tj|��}n#t$rYdSwxYwtj|j��sdS|jdkp|jdkp|jtjzS)NFr)	rIrirKrrr�r�r/r2r3)rqr�s  r?�is_path_securer8�
s}����x��~�~���������u�u������<���%�%���u��+��"�Z���q�(8�Z�d�l�T�\�>Y�\�\s��
%�%c�,�t�dStj�t��rtt��sdadSt
jdd���a	t�t��dS#tj	$rdaYdSwxYw)NFr�)
�cagefs_ini_cfgrIrqrr�
CAGEFS_INIr8r�r�rtr�rDr@r?�read_cagefs_inir<�
s����!����G�N�N�:�&�&���z�0J�0J������!�.�T�%�P�P�P�N�����J�'�'�'�'�'���������������s�A>�>B�Bc���d}t��t�|Sttdd��}	t|d��}|dkrd}n#tt
f$rd}YnwxYw||zS)Ni�Qr��update_period_daysrr�)r<r:r�r�r�r�)�seconds_in_24hrl�dayss   r?�get_update_periodrA�
s����N���������
#�N�H�>R�
S�
S�C���3�q�6�{�{���!�8�8��D����
�#�������������D� � s�A�A%�$A%c���t��t�tjdd���at�|��st�|��t�|||��ttd��}t�	|��|�
��ttdd��ttd��dS)NFr�r�rr�)
r<r:r�r��has_section�add_sectionrxrLr;r�rMr=r6)r�r�rr�s    r?�set_cagefs_ini_optionrE
s���������%�2��e�T�T�T���%�%�g�.�.�,��"�"�7�+�+�+����w���.�.�.��J��$�$�H�����"�"�"��N�N����
�j�!�Q�����Z������r@c�B�tddt|����dS)Nr�r>)rEr�)r@s r?�set_update_periodrGs!���(�$8�#�d�)�)�D�D�D�D�Dr@c���tj�d��}|rdnd}t��t�|St�dd��rt�dd��S|S)Nz%/opt/alt/tmpreaper/usr/sbin/tmpreaperz)/opt/alt/tmpreaper/usr/sbin/tmpreaper 720z/usr/sbin/tmpwatch -umclq 720r��tmpwatch)rIrqrrr<r:r�r�)�	is_ubuntu�TMPWATCHs  r?�get_tmpwatch_paramsrL#sq������F�G�G�I�>G�l�:�:�Ml�H���������� � ��:�6�6�8��!�!�(�J�7�7�7��Or@c�(�tdd|��dS)Nr�rI)rE)�
params_strs r?�set_tmpwatch_paramsrO1s���(�J�
�;�;�;�;�;r@c�\�t��t�gSttdd��S)Nr��
tmpwatch_dirs)r<r:r�rDr@r?�get_tmpwatch_dirsrR6s+���������	�$�^�X��O�O�Or@z&/usr/share/cagefs/last_update_time.txtc	��ttttt	j������gd���tjtd��dS)NTr-i�)rd�LAST_UPDATE_TIMEr�r��timerIr�rDr@r?�save_last_update_timerVAsJ����#�c�$�)�+�+�&6�&6�"7�"7�!8�D�I�I�I�I��H�
�u�%�%�%�%�%r@c���tj�t��rSt	t��}	t|d�����S#ttf$rYnwxYwdSr�)	rIrqrrrTr#r�rbr�r�)�contents r?�read_last_update_timerYFst��	�w�~�~�&�'�'���,�-�-��	��w�q�z�'�'�)�)�*�*�*���J�'�	�	�	��D�	�����1s�&A!�!A5�4A5c��t��}|dkrdSt��}ttj����}|||zkS)NrT)rArYr�rU)�
update_period�last_update�current_times   r?�#update_of_cagefs_skeleton_is_neededr^QsK��%�'�'�M������t�'�)�)�K��t�y�{�{�#�#�L��K�-�7�8�8r@c��t|��}|sdSt|��}|sdStj|j��r�tj|j��sdSt	j|��}|���t	j|��}|���||krdS|D]&}|dz|z}|dz|z}	t||	|��sdS�'dStj|j��rdS|s2tj|j��stj|j��rt||||���Stj||d���S)NFrET)r~r)�shallow)r�rrr�r�rIr�r2�are_dirs_equalrsr��filecmp�cmp)
�dir1�dir2r`�sbuf1�sbuf2�listdir1�listdir2r�path1r!s
          r?raraasn���D�M�M�E����u��D�M�M�E����u��|�E�M�"�"���|�E�M�*�*�	��5��:�d�#�#���
�
�����:�d�#�#���
�
�����x����5��	�	�D��3�J��%�E��3�J��%�E�!�%���8�8�
��u�u�
��t�	
��e�m�	$�	$���u��8�$�,�u�}�-�-�8���e�m�1L�1L�8���d�%�u�E�E�E�E��{�4���7�7�7�7r@c�,�tjtj�|d����}t	j��}|D]K}	tj|��}|j}||z
|krtj|���<#t$rY�HwxYwdS)z�
    Clean directories from old files
    :param dir_path: Dir path to clean
    :param max_lifetime: Max lifetime for clean
    :return: None
    zsess_[a-z0-9]*N)	r�rIrqrrUrr�st_ctimerurK)�dir_path�max_lifetime�sessions�cur_time�sessr*�ctimes       r?� clean_dir_from_old_session_filesrs�s����y�����h�0@�A�A�B�B�H��y�{�{�H�����	����
�
�A��J�E��%��,�.�.��	�$�������	�	�	��D�	����
�s�8B�
B�Br�c�R�	t|d��5}|���D]�}|���}|�d��r�,|�d��r2d|vr.|�d��d���}�s|�d��r,d|vr(t|�d��d��}��	ddd��n#1swxYwYn#tttf$rYnwxYw|�d��|fS)	au
    Read php.ini and returns session.save_path and session.gc_maxlifitime options
    :param str path: Path to ini file
    :param int default_time: Return that time when can not get value from config
    :param str default_path: Return that path when can not get value from config
    :return: Tuple (session.save_path, session.gc_maxlifitime)
    :rtype: (str, int)
    rmr�zsession.save_pathr_r�zsession.gc_maxlifetimeNz"')	rLr�rbrar�r�r�r�r�)rq�default_time�default_path�configr��ls      r?�get_opts_from_php_iniry�se��
�
�$��_�_�	8���(�(�*�*�
8�
8���J�J�L�L���<�<��$�$�8���\�\�"5�6�6�8�3�!�8�8�$%�G�G�C�L�L��O�#:�#:�#<�#<�L�L��\�\�":�;�;�8��q���#&�q�w�w�s�|�|�A��#7�#7�L��
8�	8�	8�	8�	8�	8�	8�	8�	8�	8�	8�	8����	8�	8�	8�	8���
�
�G�,�
�
�
���
�������e�$�$�l�2�2s5�C5�C
C)�C5�)C-�-C5�0C-�1C5�5D�Dc���|�d��rWtj�t	|��t	tj�|������S|S)z�
    Convert symlink value (path) from absolute to relative
    :param original: path to original file
    :param dest: path where symlink will be created
    rE)rarIrq�relpathr�r	)rSr�s  r?ruru�sU�����3���X��w���z�(�3�3�Z�����PT�@U�@U�5V�5V�W�W�W��Or@c�P�t||��}tj||��dS)z�
    Create relative symlink instead of absolute
    :param original: path to original file
    :param dest: path where symlink will be created
    N)rurIr�)rSr�r�s   r?�relative_symlinkr}�s+��&�h��5�5�M��J�}�d�#�#�#�#�#r@c�2�tj|��}	t||��}tj�|��r-tj|��|krtj|��nt
|d���tj�|��s1td|�d|��td��tj	||��nC#t$r6}td|�d|�dt|����td��Yd}~nd}~wwxYw|S)	z�
    Create symlink or update if changed. Return value of original symlink (destination it points to)
    :param origpath: path to symlink in real file system
    :param jailpath: path to symlink in cagefs-skeleton
    Tr�r�r�r�r�r�N)rIrrurqr�rur�rrr�rKr�)r�r�r�r�r�s     r?r�r��s.���{�8�$�$�H�e�)�(�H�=�=�
�
�7�>�>�(�#�#�	<��{�8�$�$�
�5�5��	�(�#�#�#���x�d�;�;�;�;��w�~�~�h�'�'�	0��E��E�E�m�E�E�{�TU�V�V�V��J�}�h�/�/�/����e�e�e��S�H�S�S�-�S�S�3�q�6�6�S�S�U`�bc�d�d�d�d�d�d�d�d�����e�����Os�B=C�
D�,D�Dc��tj�t��sdStdz}ttz}tdz}	tj�|��st|d��nC#t$r6}td|zdzt|��ztd��Yd}~nd}~wwxYw	tj�
|��stj||��dSdS#t$r=}td|zd	z|zdzt|��ztd��Yd}~dSd}~wwxYw)
z�
    Create symlink /usr/share/cagefs-skeleton/var/run/utmp -> /var/run/cagefs/utmp
    needed for emulation of /var/run/utmp inside CageFS
    For details see CAG-706
    N�/utmpz
/var/run/utmpr�rzr{r�r~z -> )rIrqrr��VAR_RUN_CAGEFSr1rKrr�rr�r�)�utmp_cagefs�skel_cagefs_dir�	skel_utmpr�s    r?�create_utmp_in_skeletonr��sv���7�=�=��"�"���� �7�*�K���/�O��?�*�I�i��w�}�}�_�-�-�	1���%�0�0�0����i�i�i��4��F��N�QT�UV�QW�QW�W�Yd�fg�h�h�h�h�h�h�h�h�����i����x��w�~�~�i�(�(�	/��J�{�I�.�.�.�.�.�	/�	/���x�x�x��2�Y�>��G�+�U�X]�]�`c�de�`f�`f�f�hs�uv�w�w�w�w�w�w�w�w�w�����x���s0�/A;�;
B;�,B6�6B;�?4C7�7
D>�2D9�9D>c�:�	tj|��}n#tj$rYdSwxYw|jdzt
z}|dz}tj�|��s�t|j
|j��	tj�|��stj|dd���tj|d��nA#t t"t$f$r't'��|rt)jd��YnwxYwt-��dSdS)	a
    Create user's personal /home/user/.cagefs/var/run/cagefs/utmp file
    For details see CAG-706
    :param user: user name
    :type user: string
    :param exit_on_error: True == execute sys.exit(1) when error has occured
    :type exit_on_error: bool
    Nz/.cagefsr�r,T)�	recursiver�r�)rrIr*rJrKr�rIrqr`rrLrMrr+r�r�rKr�r/r�r�r�r)r�rrR�utmp_dir�	utmp_files     r?�create_utmp_for_userr��s*���
�
!�$�
'�
'�����$������������y�:�%��6�H��7�"�I�
�7�?�?�9�%�%�
��b�i���+�+�+�	��7�=�=��*�*�
A����%�4�@�@�@�@��O�I�r�*�*�*�*����"7�8�	�	�	������
���������	����	������
�
s��*�*�>AC
�
;D�Dc�8�ttdd���sdSdS)zf
    Check clean_php_sessions parameter in config file
    By default sessions cleanup is enabled
    �clean_user_php_sessionsT)�default_valFr2rDr@r?�"is_clean_user_php_sessions_enabledr�s'��
�^�-F�TX�Y�Y�Y���u��4r@)�maxsizec�6�ttj��Sr9)r-r,�LVErDr@r?�is_running_without_lver�s��)�'�+�6�6�6�6r@)rPN)FNNr9)T)NNTF)r�r)rrr)rr�rr)rr�r)r�r�)FF)F)r)TTNFN)TF)TFT)FT)rVF)NF)NNN)NN)FFFF)r�(@�
__future__rrrrrW�typingrrr	r
�futurer�install_aliases�builtinsr�r�r�r�r�r�r�rNr�rUrbr�r�r�r�rrrI�	functools�secureior
rrrrrrrrrrrrrrrr��clcagefslib.constrrr�clcagefslib.fsr r!�clcagefslib.ior"r#r$�clcagefslib.selector.configurer&�clcagefslib.selector.pathsr'�clcommon.clfuncr(r)�clcommonr*r+�clcommon.constr,�clcommon.cpapir-r��signals_handlersr.�clcommon.utilsr/r0r1r3r4�logsr5r:r7r&r1r;r��ETC_TEMPLATE_DIRrr��VERBOSE_FLAGr�r�r�r��FALLBACK_PLESK_VHOSTS_Dr�ror�r_rcrprvrsrOrjrzrr~�boolr|r}r�r�rur��LOG_ERRr�r�r�r�r�r�r�r�r_r��FUSE_WHITE_LISTr�r�r�r�rrrrrr$r/r)r+r-r2r4r6rr=r@rErGrQrYr[r\rbrgrjrmror�r�r�r�r�r�r�r�r�r�r�r�r�r�r	rrdr(r,r4r;rGrMrIrOrNr�rJrRrTr�rcrkrjrar\r`rerhrlrsrxrr�r�r�r�r
r�r�r�r�r�r�r��stat_resultr�rarrr�r�r�r�rerqrrrrrrr$r)r-r4r:r6r=rBrTrYr\r_rcrfrirkrrrvr�r�r%�ETC_CL_PHP_PATHr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrr
rrrrrrrr'r)r*r/r4r�r8r:r<rArErGrLrOrRrTrVrYr^rarsryrur}r�r�r�r��	lru_cacher�rDr@r?�<module>r�s���&�%�%�%�%�%�&�&�&�&�&�&�������'�'�'�'�'�'�
�
�
�
�/�/�/�/�/�/�/�/�/�/�/�/�#�#�#�#�#�#� �� �"�"�"���������	�	�	�	�
�
�
�
�
�
�
�
�������������
�
�
�
�������������
�
�
�
�����	�	�	�	���������	�	�	�	�����n�m�m�m�m�m�m�m�m�m�m�m�m�m�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�Z�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�^�����C�C�C�C�C�C�C�C�C�C�<�<�<�<�<�<�<�<�D�D�D�D�D�D�D�D�D�D�9�9�9�9�9�9�3�3�3�3�3�3�/�/�/�/�/�/�/�/�%�%�%�%�%�%�%�%�"�"�"�"�"�"�5�5�5�5�5�5�����*�*�*�*�*�*�����������
:�9�9�9�9�9�9�9�������2�2�2�2�2�i�2�2�2�"���$�$��&�
�&��&��2��"������9����&��+��7��
1�
���*����#�
�"��8��/��
!�
!�
!�?�?�?�?�8@�@�@�@�D-�-�-�-�2D�D�D�</�4�/�/�/�/�&�d�&�&�&�&����.���&
�
�
� � � �@#�N�u�)�)�)�)�2	)�	)�	)�"�!�#�#�>�'>���
����2�2�2�
��������������$�$�$��S��S������
�
S�
S�
S�
S�Y�Y�Y�
*�3�*�4�*�*�*�*�6
�
�
�&���(
��"�"�"�"�"�"�h�h�h�
����(>�>�>�H�H�H�:�C�:�D�:�:�:�:�
�	����
���
�
�
�
8�
8�
8�7�7�7��
����P�P�P�H�H�H�H�*�
�����
�
�
�!�!�!�!�J
�
�
�
�	�	�	�	�	�I�	�	�	� �#� �3� �8�C�=� � � � �F)�S�)�T�#�Y�)�)�)�)�^&�&�&�&�@���� ��������H�H�H�]�]�]�]�Bd�d�d�d�@(F�(F�(F�(F�X45��q�_`�op�@B�KL�����<V�V�V�
����2C�C�C�
���
�
�
�"���0!�!�!�L/�
�
/�	�����	�T�#�Y�	�3�	�	�	�	����4
�
�
�
v�
v�
v�
v�$#���"�%���� �
�(����#�m�3��
2�
2�
2��
�!�!�!�$���#�#�#�P�P�P�
���2L�L�L�L�^���8I��(�(�(�(�B�B�B�:BC�q�]^�mn�}~�ST�ce�no�R�R�R�R�l	�	�	�bm�bm�bm�bm�NY�Y�Y�Y�|/o�/o�/o�/o�h����6���7
�3�7
�S�7
�S�7
�7
�7
�7
�t	�&�	�R�^�d�2�	�	�	�	�#�#�/3�!�04�
`�`�#�`��`��`��`�!��I��,�	`�
�`�"�#�Y��-�
`�:=�
`�`�`�`�J)-�"�1
�1
�s�1
��1
�!%�1
��1
�(+�1
�1
�1
�1
�j
�
�
�1�1�1�1�1�1� � � �
!�!�!�����,��� ���2'�'�'�.A�A�A�27�7�7�.���/3�;O�%�%�%�%�R������:\�\�\�)�)�)�)�\���������$(e�(e�(e�(e�V9�9�9�
�
�
���
�
�
������(�� � � � �H������@���2���/�)��#�� ��-�-�-��
� � � �J#�#�#�#�#�#�����<��',�$�&�&�&�&�RG<�G<�G<�G<�hVZ�<J�<J�<J�<J�~���$/�$/�$/�R��������W�W�W�#@�#@�#@�#@�N����2����,�
����&'�
�&�&�&����58��=A�#�s�(�^�����(�C��14��9=�c�3�h������.���58��=A�#�s�(�^�����D'��S�	�'�C�'�'*�'�6:�3��8�n�'�IM�'�'�'�'�4<�<�<�21�����
�
�
�&
�
�
����	]�	]�	]���
�
�
�"!�!�!�$ � � � E�E�E�
�
�
�<�<�<�
P�P�P�<��&�&�&�

�
�
�9�9�9� 8�8�8�8�D���&3�3�3�3�0���$�$�$����,x�x�x�.����8������T�"�"�"�7�7�#�"�7�7�7r@

Zerion Mini Shell 1.0