????

Your IP : 3.14.12.254


Current Path : /opt/cloudlinux/venv/lib/python3.11/site-packages/__pycache__/
Upload File :
Current File : //opt/cloudlinux/venv/lib/python3.11/site-packages/__pycache__/secureio.cpython-311.pyc

�

�j�e�C��h�ddlmZddlmZddlmZddlZddlZddlZddlZddlm	Z	ddl
mZddlZddl
mZmZmZmZmZmZmZmZmZmZejd��Z	ejd	��Zn#e$rejd
��ZYnwxYweZeZGd�de��Zee��Zej Z eeege _!ee _"ej#Z#eege#_!ee#_"ej$Z$ege$_!ee$_"ej%Z%ege%_!ee%_"ej&Z&ege&_!de&_"ej'Z'ege'_!ee'_"ej(Z)eege)_!ee)_"egej*_!dej*_"ej+Z+ege+_!ee+_"ej,Z,eeege,_!ee,_"eeeegej-_!eej-_"eeeeegej._!eej._"eeeeeegej/_!eej/_"eeeeegej0_!eej0_"ej1Z1eege1_!ee1_"ej2Z2eege2_!ee2_"d
a3dZ4dZ5dZ6d�Z(d�Z7d�Z8d�Z*d,d�Z-d,d�Z.d,d�Z/d-d�Z0d.d�Z9d/d�Z:	d0d�Z;d1d�Z<d1d�Z=d �Z>d!�Z?da@d"�ZAe	e5�#��ZBd$�ZCdaDd2d%�ZEd&�ZFd3d'�ZGd(�ZHd)�ZIejJd*���ZKejJd+���ZLdS)4�)�print_function)�absolute_import)�divisionN)�ClPwd)�drop_user_privileges)
�cdll�c_long�	Structure�c_ushort�c_ubyte�c_char�POINTER�c_int�c_void_p�c_char_pz	libc.so.6zlibsecureio.so.0zliblve.so.0c�6�eZdZdefdefdefdefdedzfgZdS)�DIRENTRY�d_ino�d_off�d_reclen�d_type�d_name�N)	�__name__�
__module__�__qualname__�ino_t�off_trrr
�_fields_����/builddir/build/BUILDROOT/alt-python27-cllib-3.3.15-1.el8.cloudlinux.x86_64/opt/cloudlinux/venv/lib/python3.11/site-packages/secureio.pyrr#sA������	�%��	�%��	�X��	�7��	�6�C�<� ��H�H�Hr!rTz/var/log/cagefs-update.logi�Fc�Z�tj|tjtjz��S�N)�os�open�O_RDONLY�
O_NOFOLLOW��paths r"�open_not_symlinkr+�s��
�7�4���r�}�4�5�5�5r!c�F�tjt|��d��S)N�r)r%�fdopenr+r)s r"�open_file_not_symlinkr/�s��
�9�%�d�+�+�S�1�1�1r!c�6�tj|��}t|��}|std���t	|��g}	t|��}|sn"|j}|�|j���4t	|��t|��|S)z:Returns list of entries of directory pointed by descriptorzfdopendir error)
r%�dup�	fdopendir�	Exception�	rewinddir�readdir�contents�appendr�closedir)�fd�fd2�dirp�dirlist�entryp�entrys      r"�flistdirr?�s���
�&��*�*�C��S�>�>�D��+��)�*�*�*�
�d�O�O�O��G�%�������	��������u�|�$�$�$�%��d�O�O�O��T�N�N�N��Nr!c�Z�|�(	tj|��dS#t$rYdSwxYwdSr$)r%�close�OSError)r9s r"�closefdrC�sF��	�~�	��H�R�L�L�L�L�L���	�	�	��D�D�	�����~s��
(�(c���|�d}t�|���|||�����}|dkr|S|�|d|zdd��dS)z{Sets permissions to directory (in secure manner)
    Returns descriptor if successful
    Returns None if error has occuredN���rz.Error: failed to set permissions of directory FT)�liblve�set_perm_dir_secure�encode)r*�perm�parent_pathr9�loggers     r"rGrG�sn��
�z�
��	�	#�	#�D�K�K�M�M�4��[�=O�=O�=Q�=Q�	R�	R�B�	�A�v�v��	�
����?�$�F��t�T�T�T��4r!c���|�d}t�|���||||�����}|dkr|S|�|d|zdd��dS)zSets owner and group of directory (in secure manner)
    Returns descriptor if successful
    Returns None if error has occuredNrErz(Error: failed to set owner of directory FT)rF�set_owner_dir_securerH)r*�uid�gidrJr9rKs      r"rMrM�sp��
�z�
��	�	$�	$�T�[�[�]�]�C��b�+�BT�BT�BV�BV�	W�	W�B�	�A�v�v��	�
����9�D�@�%��N�N�N��4r!c	���|�d}t�|���|||||�����}|dkr|S|�|d|zdd��dS)z�Creates directory if it does not exist, sets permissions/owner otherwise
    Returns descriptor if successful
    Returns None if error has occuredNrEr�#Error : failed to create directory FT)rF�create_dir_securerH)r*rIrNrOrJr9rKs       r"rRrR�sr��
�z�
��	�	!�	!�$�+�+�-�-��s�C��[�EW�EW�EY�EY�	Z�	Z�B�	�A�v�v��	�
����4�t�;�U�D�I�I�I��4r!c��t�|���||||�����}|r|r|d|zdd��|S)zeRecursive directory creation function
    Returns 0 if successful
    Returns -1 if error has occuredrQFT)rF�makedirs_securerH)r*rIrNrOrJrK�ress       r"rTrT�sc���
 �
 �������c�3��@R�@R�@T�@T�
U�
U�C�
�J�v�J���4�t�;�U�D�I�I�I��Jr!c���|�|�|�|�td���|duo|du}|rt||��	t|��}|���}|���|rt��|S#ttf$r_}|rt��td|zdzt|��ztd|��|s�tjd��Yd}~dSd}~wwxYw)z read file not following symlinksNzEread_file_secure: uid and gid should be both null or be both not nullzError: failed to read � : �)
r3�
set_user_permr/�	readlinesrA�
set_root_permrB�IOError�logging�str�SILENT_FLAG�sys�exit)	�filenamerNrO�
exit_on_error�	write_log�	drop_perm�file_object�content�es	         r"�read_file_secureris����C�K������_�`�`�`��D��7�s�$��I�� ��c�3����
�+�H�5�5���'�'�)�)���������	��O�O�O�����W������	��O�O�O��(�8�3�e�;�c�!�f�f�D�k�ST�V_�`�`�`��	������������������
���s�AA<�<C,�
AC'�'C,�c��tj�|��}|rt||��	t	jd|���\}}	tj|d��}
|
�d�|����|s$|�"|� t|||��rtd���t||��rtd���|
����n#ttf$r�}	|
���n#YnxYw	tj|��n#YnxYw	tj|	��n#YnxYw|rt��t!d|zd	zt#|���d
d��zt&d|��Yd}~dSd}~wt($rD}t!d
t#|��zt&d��t+jd��Yd}~nd}~wwxYwd}	tj|	|��nl#t$r_}d}t!d|zd	zt#|��zt&d|��	tj|	��n#t$rYnwxYwYd}~nd}~wwxYw|rt��|S)z!Returns True if error has occured�cagefs_)�prefix�dir�w�Nz
fchown failedz
fchmod failedzError : failed to write file rW�ErrnozErr codeTzError: rXFz$Error: failed to rename tempfile to )r%r*�dirnamerY�tempfile�mkstempr.�write�join�fchownrB�fchmodrAr\�unlinkr[r]r^�replacer_r3r`ra�rename)
rg�ini_pathrNrOrerIrd�dirpathr9�	temp_pathrfrh�errors
             r"�write_file_securer�!s����g�o�o�h�'�'�G�� ��c�3����� �(�	�w�G�G�G�
��I��i��C�(�(�����"�'�'�'�*�*�+�+�+��	/�S�_����b�#�s�#�#�
/��o�.�.�.��"�d���	+��/�*�*�*����������W�����	���������	��D����	��H�R�L�L�L�L��	��D����	��I�i� � � � ��	��D�����	��O�O�O��/�(�:�U�B�S��V�V�^�^�T[�]g�Eh�Eh�h�ju�w{�~G�	H�	H�	H��t�t�t�t�t����������	�C��F�F�"�K��3�3�3��������������������
�E��
�	�)�X�&�&�&�&���������6��A�E�I�C�PQ�F�F�R�T_�ab�dm�n�n�n�	��I�i� � � � ���	�	�	��D�	������������������������Ls��B/C$�$G4�6D�
F#�D�
F#�D(�'F#�(D,�*F#�0E�F#�E	�AF#�#
G4�0:G/�/G4�:H�
I9�/I4�
I�I4�
I,�)I4�+I,�,I4�4I9rpc��|�%tj��}t|dd���tj�|��}d\}}		tj|||���\}}	tj|dd�	��5}
|
�|��ddd��n#1swxYwYnu#ttf$ra|�|	��	tj|��n#ttf$rYnwxYw	tj|	��n#ttf$rYnwxYw�wxYw	tj
|	|��tj|	|��nI#tttf$r/	tj|	��n#ttf$rYnwxYw�wxYw|�htj��}tj|��tjtj����|d
krtj|��dSdSdS)aP
    Safely write string content to a file
    :param content: str
    :param dest_path: str -> path to a file
    :param perm: int -> permissions for the file
    :param prefix: str -> add to temporary file name
    :param suffix: str -> add to temporary file name
    :param as_user: str -> name of the user to drop privileges to
    NTF)�effective_or_real�set_env�NN)rm�suffixrnro�surrogateescape)�errorsr)r%�	getgroupsrr*rrrsrtr.rur\rBrAry�chmodr{�	TypeError�getuid�seteuid�setegid�getgid�	setgroups)rg�	dest_pathrIrmr��as_user�
old_groupsr}r9r~�f_temp�ruids            r"�write_file_via_tempfiler�Xs������\�^�^�
��W��e�L�L�L�L��g�o�o�i�(�(�G��M�B�	�� �(��f�'�;�;�;�
��I�
�Y�r�3�'8�
9�
9�
9�	"�V��L�L��!�!�!�	"�	"�	"�	"�	"�	"�	"�	"�	"�	"�	"����	"�	"�	"�	"����W�����
�:��*��	��H�R�L�L�L�L����!�	�	�	��D�	����	��I�i� � � � ����!�	�	�	��D�	����
������
���D�!�!�!�
�	�)�Y�'�'�'�'���W�i�(����	��I�i� � � � ����!�	�	�	��D�	����
��������y�{�{��
�
�4����
�
�2�9�;�;�����1�9�9��L��$�$�$�$�$�
��
�9s��
1B,�>B �B,� B$�$B,�'B$�(B,�,D�C�D�C,�)D�+C,�,D�0D�D�D�D�D�D�"*E
�
F�%E:�9F�:F�F�
F�Fc�6�	tj|��ng#tf$rY}|rGtdt	|��zdzt	|��z��tjd��nYd}~dSYd}~nd}~wwxYwt||��}	tj|��nS#tf$rE}|r3td|t	|����tjd��nYd}~dSYd}~nd}~wwxYw	tj	|��ng#tf$rY}|rGtdt	|��zdzt	|��z��tjd��nYd}~dSYd}~nd}~wwxYw|dkrda
dSt���d	a
dS)
Nzfailed to set egid to z: rXrEz'failed to set supplementary groups to :zfailed to set euid to rTF)
r%r�rB�print_errorr^r`ra�
get_groupsr�r��	root_flagrF�enable_quota_capability)rNrOrarh�groupss     r"rYrY�s����
�
�3�������:�����	��0�3�s�8�8�;�d�B�S��V�V�K�L�L�L��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K�����������S�
!�
!�F��
��V�������:�����	��A�6�3�q�6�6�R�R�R��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������
�
�3�������:�����	��0�3�s�8�8�;�d�B�S��V�V�K�L�L�L��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������a�x�x��	�	�	�	�&�&�(�(�(��	�	�	sF��A;�A	A6�6A;�B$�$C4�/5C/�/C4�8D
�
E1�A	E,�,E1c��	tjd��nR#tf$rD}|r2tdt	|����tjd��nYd}~dSYd}~nd}~wwxYw	tjd��nR#tf$rD}|r2tdt	|����tjd��nYd}~dSYd}~nd}~wwxYwtdd��}	tj	|��nS#tf$rE}|r3td|t	|����tjd��nYd}~dSYd}~nd}~wwxYwda
dS)Nrzfailed to set euid to 0 :rXrEz Error: failed to set egid to 0 :z.Error: failed to set supplementary groups to :T)r%r�rBr�r^r`rar�r�r�r�)rarhr�s   r"r[r[�s����
�
�1�
�
�
�
���:�����	��3�S��V�V�<�<�<��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������
�
�1�
�
�
�
���:�����	��:�C��F�F�C�C�C��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K�����������1�
�
�F��
��V�������:�����	��H�&�RU�VW�RX�RX�Y�Y�Y��H�Q�K�K�K�K��2�2�2�2�2�
�K�K�K�K����������I�I�IsD��A&�4A!�!A&�*A?�?C�
4C	�	C�"C7�7E�5E�Ec��tddtj���|D]}t|dtj����ttj���dS)NzError:� )�end�file)r�)�printr`�stderr)�args�as  r"r�r��s[��	�(��#�*�-�-�-�-�
�+�+��
�a�S�s�z�*�*�*�*�*�	�s�z������r!c�V�t��}t��}t��}|D]Y}||j}|D]G}	||j}n#t
$rY�wxYw||kr |�||j���H�Z|�|��t|��S)z$Returns supplementary groups for uid)	�get_grp_dict�get_pwd_dict�set�gr_mem�pw_uid�KeyError�add�gr_gid�list)	rNrO�gr�pwr��group�members�user�
member_uids	         r"r�r��s���	���B�	���B�
�U�U�F��-�-���U�)�"���	-�	-�D�
���X�_�
�
���
�
�
���
�����S� � ��
�
�2�e�9�+�,�,�,��
	-��J�J�s�O�O�O���<�<�s�
A�
A�Ac�p�t�)iatj��}|D]}|t|j<�tSr$)�grp_dict�grp�getgrall�gr_name)r��lines  r"r�r��s;������
�\�^�^���	*�	*�D�%)�H�T�\�"�"��Or!)�min_uidc�4�t���Sr$)�clpwd�
get_user_dictr r!r"r�r��s����� � � r!c�X�|s|rt|��|�rt}tst��\}}t��	t�>tjd��}ttdd��atj|��t�	|��t�	d��nU#ttf$rA}tdtt|����tjd��Yd}~nd}~wwxYw|st!||��dSdSdS)N�rorX�
zwriting to )r�r��get_permr[�log_filer%�umaskr&�LOGFILErurBr\r�r^r`rarY)	�msg�silent�verboserd�root_flag_savedrNrO�umask_savedrhs	         r"r]r]s/�����	��#�J�J�J��$�#���	��z�z�H�C���O�O�O�
	��� �h�t�n�n�����a�0�0�����%�%�%��N�N�3�����N�N�4� � � � ����!�	�	�	��
�w��A���7�7�7��H�Q�K�K�K�K�K�K�K�K�����	�����	$��#�s�#�#�#�#�#�#$�$� 	$�	$s�A9B?�?D�7D�Dc���	tj��}tj��}nI#tf$r;}t	dt|����t
jd��Yd}~nd}~wwxYw||fS)Nzfailed to get (euid,egid)rX)r%�geteuid�getegidrBr�r^r`ra)rNrOrhs   r"r�r� sy����j�l�l���j�l�l�����:�����/��Q���8�8�8����������������������8�Os�&)�A/�1A*�*A/c�j�|rt���nt���S)z�
    Set CAP_SYS_RESOURCE capability

    :param bool clear: Set on if it's true, set off otherwise
    :return: 0 for success, -1 otherwise
    :rtype: int
    )rF�disable_quota_capabilityr�)�clears r"�set_capabilityr�*s1��16�.�6�*�*�,�,�,�
�
+�
+�
-�
-�.r!c�F�tj|��t��S)a
    Change effective uid of current process and set CAP_SYS_RESOURCE capbality
    to prevent "Disk quota exceeded" error

    :param int euid: User ID to set it as current effective UID
    :return: 0 if capability was set successfuly, -1 otherwise
    :rtype: int
    )r%r�r�)rNs r"�
change_uidr�6s���J�s�O�O�O����r!c�r�|st���dSt���dS)zZ
    Disable quota kernel check to allow us to write
    more than user can by quota.
    N)rFr�r���enableds r"�_set_quota_checks_statusr�Cs<��
�*��&�&�(�(�(�(�(��'�'�)�)�)�)�)r!c#�~K�td���	dV�td���dS#td���wxYw)NFr�T)r�r r!r"�
disable_quotar�NsT�����U�+�+�+�+�/�
���� ��.�.�.�.�.�.�� ��.�.�.�.�.���s�*�<c#�K�tj|��}	dV�tj|��dS#tj|��wxYwr$)r%r�)�umask_value�saved_umasks  r"�	set_umaskr�WsO�����(�;�'�'�K��
����
������������������s	�2�Ar�r$)NNTT)TrjT)rprpN)T)FTT)F)M�
__future__rrrr�r`rs�
contextlib�clcommonr�clcommon.clpwdrr%�ctypesrr	r
rrr
rrrr�LoadLibrary�libcrFrBrrr�
DIRENTRY_Prw�argtypes�restyperxr2r5r4r8r+�_open_not_symlinkrC�	check_dir�isdirrGrMrRrT�get_path_from_descriptor�	is_subdirr�r��MIN_UIDr_r/r?rir�r�rYr[r�r�r�r�r�r�r�r]r�r�r�r��contextmanagerr�r�r r!r"�<module>r�s���&�%�%�%�%�%�&�&�&�&�&�&�������
�
�
�
�
�
�
�
���������������/�/�/�/�/�/�	�	�	�	�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/�/��t���$�$��-�
�T�
�0�
1�
1�F�F���-�-�-�
�T�
�m�
,�
,�F�F�F�-����	���������y�����W�X�
�
�
�	
����%��'������	
����%�.�������N�	��W�	���	��
�,���:�������N�	��Z�	���	���=���J�������+��&��1���!���!�'��������
��	��W�	���	��	����E�8�,�����
�(0���x�&H���#�%*���"�)1�%���x�'P���$�&+���#�&.�u�e�U�E�8�$T���!�#(��� �$,�U�E�5�(�"K����!&����
"�:��%*�H�$5��!�#+�� �
��	���)�	���	��

�	�
&��

����6�6�6�2�2�2����8�����������������������24�4�4�4�pAE�3%�3%�3%�3%�l$�$�$�$�N����D������"�����	��g�����!�!�!�
��$�$�$�$�4���	.�	.�	.�	.�
�
�
�*�*�*���/�/���/���������s�A-�-B�B