Mini Shell
Direktori : /usr/share/cagefs/ |
|
Current File : //usr/share/cagefs/exclude_users_cleaner.py |
#!/opt/cloudlinux/venv/bin/python3 -bb
# -*- coding: utf-8 -*-
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2019 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
from __future__ import print_function
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from future import standard_library
standard_library.install_aliases()
from builtins import *
import glob
import os
import sys
from pwd import getpwnam
from clcommon.utils import get_file_lines, write_file_lines
from clcommon.cpapi import cpusers, NotSupported
from clcommon.utils import mod_makedirs
# cagefs imports
LIBDIR = '/usr/share/cagefs'
sys.path.append(LIBDIR)
from cagefsctl import EXCLUDE_PATH
NEW_EXCLUDE_PATH = '/usr/share/cagefs/exclude.d'
def _is_user_present_in_system(username):
try:
getpwnam(username)
return True
except KeyError:
return False
def _is_exclude_user(cp_users, username):
"""
Determines whether the user should be excluded from CageFS
:param cp_users: Panel users lst
:param username: username to check
:return: True - user should be excluded from CageFs, False - else
"""
if username in cp_users:
# Panel user should not be excluded from CageFS
return False
if _is_user_present_in_system(username):
# User present in system, but absent in panel - exclude from CageFS
return True
return False
def _process_file(cp_users, source_filename, dest_filename):
"""
Copies usernames from source file to destination file and excudes absent and panel users
:param source_filename: Source filename (/usr/share/cagefs/exclude.d/..)
:param dest_filename: Destination filename (/etc/cagefs/exclude/..)
:return: None
"""
source_lines = get_file_lines(source_filename)
if os.path.isfile(dest_filename):
dest_lines = get_file_lines(dest_filename)
else:
dest_lines = []
# Determine manually added users to destination file and put them to output line list
source_users = [x.strip() for x in source_lines]
dest_users = [x.strip() for x in dest_lines]
manually_added_users_list = list(set(dest_users) - set(source_users))
lines_for_write = [line+'\n' for line in manually_added_users_list if line]
for username in source_users:
if _is_exclude_user(cp_users, username):
lines_for_write.append(username + '\n')
# Write new file if need
if not lines_for_write:
# Nothing to write
try:
os.remove(dest_filename)
except (OSError, IOError):
pass
else:
if sorted(dest_lines) != sorted(lines_for_write):
write_file_lines(dest_filename, lines_for_write, 'w')
os.chmod(dest_filename, 0o0600)
def main():
# Create /etc/cagefs/exclude directory
try:
if not os.path.isdir(EXCLUDE_PATH):
mod_makedirs(EXCLUDE_PATH, 0o0751)
except (OSError, IOError) as e:
print("Error:", str(e))
sys.exit(1)
try:
# Get panel users list
cp_users = cpusers()
except NotSupported:
cp_users = ()
exclude_file_list = glob.glob(os.path.join(NEW_EXCLUDE_PATH, '*'))
is_error = False
for exclude_file in exclude_file_list:
exclude_file_to_write = os.path.join(EXCLUDE_PATH, os.path.basename(exclude_file))
try:
_process_file(cp_users, exclude_file, exclude_file_to_write)
except (OSError, IOError) as e:
print("Error:", str(e))
is_error = True
sys.exit(1 if is_error else 0)
if "__main__" == __name__:
main()
Zerion Mini Shell 1.0