Mini Shell

Direktori : /opt/imunify360/venv/lib64/python3.11/site-packages/imav/feature_management/plugins/
Upload File :
Current File : //opt/imunify360/venv/lib64/python3.11/site-packages/imav/feature_management/plugins/watcher.py

"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
import asyncio
import contextlib
from logging import getLogger

from imav.malwarelib.subsys.ainotify import Inotify, Watcher

from defence360agent.api import inactivity
from defence360agent.contracts.config import MyImunifyConfig
from defence360agent.contracts.plugins import MessageSource
from defence360agent.feature_management.control import (
    is_native_feature_management_enabled,
)
from defence360agent.feature_management.utils import (
    sync_users as sync_feature_management_users,
)
from defence360agent.myimunify.model import sync_users as sync_myimunify_users
from defence360agent.subsys.panels import hosting_panel
from defence360agent.utils import finally_happened, recurring_check

logger = getLogger(__name__)


class PasswdWatcher(MessageSource):
    WATCH_PATH = b"/etc"
    WATCH_FILE = b"passwd"
    WATCH_MASK = Inotify.MOVED_TO

    async def create_source(self, loop, sink, watcher=None):
        self._loop = loop
        self._sink = sink

        self._hosting_panel = hosting_panel.HostingPanel()

        if watcher is None:
            self._watcher = Watcher(self._loop)
        else:
            self._watcher = watcher
        self._watcher.watch(self.WATCH_PATH, self.WATCH_MASK)

        if not await is_native_feature_management_enabled():
            await self.update_users_permissions()
        if MyImunifyConfig.ENABLED:
            await self.update_myimunify_users()

        self._watch_task = self._loop.create_task(self._process_events())

    async def shutdown(self):
        self._watch_task.cancel()
        with contextlib.suppress(asyncio.CancelledError):
            await self._watch_task

        self._watcher and self._watcher.close()

    async def update_users_permissions(self) -> bool:
        return await sync_feature_management_users(
            await self._hosting_panel.get_users()
        )

    async def update_myimunify_users(self) -> bool:
        return await sync_myimunify_users(
            self._sink, await self._hosting_panel.get_users()
        )

    @recurring_check(0)
    async def _process_events(self):
        event = await self._watcher.get_event()
        if event.name != self.WATCH_FILE:
            return
        if not await is_native_feature_management_enabled():
            # updating the users list may take a while on different panels
            with inactivity.track.task("permissions_update"):
                await finally_happened(
                    self.update_users_permissions, max_tries=5, delay=1
                )
                logger.info("Feature management permissions updated")
        if MyImunifyConfig.ENABLED:
            await self.update_myimunify_users()

Zerion Mini Shell 1.0