fj~dZddlZddlZddlZddlZddlZddlZddlZddlZddl m Z m Z ddl m Z m Z ddlmZmZmZddlZddlmZddlmZmZddlmZmZdd lmZdd lmZdd lmZdd l m!Z"d dl#m$Z$d dl%m&Z&d dl'm(Z(d dl)m*Z*m+Z+m,Z,m-Z-m.Z.d dl/m0Z0d dl1m2Z2d dl3m4Z4d dl5m6Z6m7Z7m8Z8d dl9m:Z:d dl;mZ>m?Z?m@Z@d dlAmBZBmCZCmDZDmEZEmFZFmGZGd dlHmIZImJZJmKZKmLZLmMZMejNrd dlOmPZPGddZQdS)zX This module contains classes implementing X-Ray Manager behaviour and helper functions N)datetime timedelta)escapeglob)IteratorOptionalTuple)Feature)is_panel_feature_supportedget_installed_php_versions)php_get_vhost_versionsis_wpos_supported)is_litespeed_running)drop_privileges) disable_quota)gettext) ClWposGetter) get_client)ContinuousManager) XRayAPIError XRayErrorXRayMissingDomainXRayManagerExitXRayManagerExitPHPUnsupported)FPMReloadController)open_local_storage)NginxUserCache) DomainInfoTask url_split)ManageUserAgent)AdvancedMetrics)get_xray_exec_useruser_mode_restrictednginx_user_cache)no_active_tasksswitch_schedstats ssa_disabled_cagefsctl_remountset_privilegesis_file_recently_modified)create_ini_filesremove_ini_filesis_global_ini_moderemove_global_ini_mode_markercreate_global_ini_mode_marker) APIClientceZdZdZdZddddddd d d d d ddddZd`dedefdZde e fdZ de fdZ dedefdZdedefdZdedefdZdedefdZdedefdZdedd fd!Zd"Zd#edefd$Zed%edeejfd&Zd'edd fd(Zd)edefd*Zd+edefd,Zdedefd-Z d.edefd/Z!d.edd fd0Z"ed#ede#ee ffd1Z$d2edd fd3Z%edefd4Z&dad6Z'e(ddd7d)ed8ed9ed:e d;edZ*d?d@d)ed:e dd5fdAZ+dBedd5fdCZ,dDZ-e(dBedd5fdEZ.dBedd5fdFZ/edGe defdHZ0dadIZ1edJe2dKdLfdMZ3dBedd5fdNZ4d)edOedd5fdPZ5d)edd5fdQZ6d)edd5fdRZ7d)edd5fdSZ8dadTZ9dadUZ:dVedd5fdWZ;dVedXe dd5fdYZdad\Z?dad]Z@dad^ZAdad_ZBd S)b BaseManagerz Basic manager abstract class. Implements methods common for all managers. Requires managers to implement their custom methods. z/var/run/xray-agent.pidz/opt/alt/php54/link/confz/opt/alt/php55/link/confz/opt/alt/php56/link/confz/opt/alt/php70/link/confz/opt/alt/php71/link/confz/opt/alt/php72/link/confz/opt/alt/php73/link/confz/opt/alt/php74/link/confz/opt/alt/php80/link/confz/opt/alt/php81/link/confz/opt/alt/php82/link/confz/opt/alt/php83/link/confz/opt/alt/php84/link/confz/opt/alt/php85/link/conf)z alt-php54z alt-php55z alt-php56z alt-php70z alt-php71z alt-php72z alt-php73z alt-php74z alt-php80z alt-php81z alt-php82z alt-php83z alt-php84z alt-php85F system_id phpinfo_modec t|_||_tjd|_t |_t|_ ||_ td|j|_ dS)Nmanagerlistsr5) rapi_client_classsys_idlogging getLoggerloggerrcontinuous_monitoringr"manage_user_agentr6 ui_api_client)selfr5r6s H/opt/cloudlinux/venv/lib64/python3.11/site-packages/xray/manager/base.py__init__zBaseManager.__init__csr2< ' 22 %6%8%8"!0!2!2(0Z004;GGGreturnc t|j5}t|cdddS#1swxYwYdS#tt f$rt jdYdSwxYw)Nz'Unable to read daemon pid from pidfile.)openDAEMON_PIDFILEintreadOSErrorIOErrorr=warning)rCfs rD_get_daemon_pidzBaseManager._get_daemon_pidns Gd)** %a16688}} % % % % % % % % % % % % % % % % % %! G G G OE F F F F F F Gs3A!A AAA A A%A:9A:c|jS)z\ Get supported PHP versions :return: a dict with supported versions )VERSIONSrCs rDsupported_versionszBaseManager.supported_versionsus }rF php_versionc.||vS)z Check if given PHP version is supported :param php_version: PHP version, e.g. 'alt-phpXY' :return: True if version is supported, False otherwise )rU)rCrVs rDis_version_supportedz BaseManager.is_version_supported|s d557777rF domain_infocZ||jS)zh Get a path to directory for additional ini file for based on panel-set version )rUgetpanel_php_versionrCrYs rD _ini_pathzBaseManager._ini_paths' &&((,,[-JKKKrFc||} |jr|j}n&||r|j}n |jp|}n#t $rYnwxYw|jd||S)z Resolve a path to directory for additional ini file It depends on version set for domain and on selector :param domain_info: a DomainInfo object :return: path to directory for ini files zIni path resolved as %s)r^php_ini_scan_diris_selector_enabledselector_ini_pathphpd_location_ini_path ValueErrorr?info)rCrYini_paths rD get_ini_pathzBaseManager.get_ini_paths>>+.. + J&7))+66 J&8&=I    D  2H===s5A AAc|js=||r(|jd|j|j}n|j}|jd||S)a Get PHP version which serves given domain :param domain_info: a DomainInfo object, including user of domain and PHP version set in control panel environment :return: real php version of domain (selector or panel one) zSelector is enabled for user %szPHP version detected as %s)is_selector_appliedrar?reuserselector_php_versionr\)rCrYcurrent_versions rDget_php_versionzBaseManager.get_php_versionsy. <((55 < K  >(- / / /)>OO);O 5GGGrFctttjsdS|jdS||S)a  Is selector enabled for given domain :param domain_info: a DomainInfo object, including user of domain and PHP version set in control panel :return: True if selector is enabled for domain, False otherwise F)r r PHP_SELECTORrkpanel_specific_selector_enabledr]s rDrazBaseManager.is_selector_enableds>*'*>?? 5  + 3533K@@@rFNc||j|jr||dSt r||jdS||jdS)z Reload FPM service or kill all *php* processes of user :param domain_info: a ready-to-use DomainInfo object N)reset_criu_imgsname panel_fpmrestart_fpm_servicergracefully_restart_litespeedrj kill_user_phpr]s rDphp_procs_reloadzBaseManager.php_procs_reloads [-...   1  $ $[ 1 1 1 1 1 ! # # 1  - -k.> ? ? ? ? ?   {/ 0 0 0 0 0rFct|5t5tj|} t t j|jdd n3#ttf$r|j ddYnwxYwdddn #1swxYwYddddS#1swxYwYdS)z Litespeed's graceful restart. https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:php:detached_mode#for_a_user z.lsphp_restart.txtwz$Unable to restart lsws after changesT)exc_infoN)rrpwdgetpwnamrIospathjoinpw_dircloseFileNotFoundErrorPermissionErrorr?rO)rCusernamepws rDrvz(BaseManager.gracefully_restart_litespeeds X & & [ [  [ [h''B [RW\\")-ABBCHHNNPPPP%7 [ [ [ ##$JUY#ZZZZZ [  [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [ [sXCB:AA;:B:;-B+(B:*B++B:. C:B> >CB> CCCrct}||D]P}d|jdvr?|tj||jdQ|S)z Kill all PHP processes, which belong to given username :param username: name of user :return: list of pids of successfully killed processes phprspid)list user_procsre send_signalsignalSIGHUPappend)rCr killed_procsprocs rDrwzBaseManager.kill_user_phpsr vv OOH-- 6 6D &)))  ///##DIe$4555rF user_namec#Ktj|j}gd}tj|D],}||jdj|jdjfvr|V-dS)z Generator yields processes, which belong to given user_name. Processes are checked using UID, not user_name :param user_name: user name :return: a generator object )rsruidsrN)r|r}pw_uidpsutil process_iterrereal effective)r uid_by_nameattrsps rDrzBaseManager.user_procssul9--4 '''$U++  Aqvf~2AF6N4LMMM  rFdomainc|sdStdt|d}|r=tj|d|jd|ddSdS)zt Reset criu images if any found for given domain in order to enable/disable X Ray correctly Nz/var/run/mod_lsapi/* _criu_imgsrzcriu images in %s dropped)r glob_escapeshutilrmtreer?re)rCr criu_imgs_dirs rDrrzBaseManager.reset_criu_imgss   FSK4G4GSSSTT  L M-* + + + K  8-:J K K K K K L LrFurlcPt|\}}||S)z4 DomainInfo retrieving based on url )r!get_domain_inforCr domain_name_s rD_domain_info_by_urlzBaseManager._domain_info_by_urls'#3 Q##K000rFrc:ttd)z Retrieve information about given domain from control panel environment Required to be implemented by child classes :param domain_name: name of domain :return: a DomainInfo object z0Manager should implement retrieving domain info!NotImplementedErrorr)rCrs rDrzBaseManager.get_domain_infos%" @ A ACC CrFc:ttd)z Check if selector is enabled specifically for panel Required to be implemented by child classes :param domain_info: a DomainInfo object :return: True if yes, False otherwise zCManager should implement specific panel check for selector enabled!rr]s rDrpz+BaseManager.panel_specific_selector_enableds%" S T TVV VrFdom_infoc:ttd)z Get FPM service name for particular panel :param dom_info: DomainInfo object :return: name of FPM service z5Manager should implement FPM service name retrieving!r)rCrs rDfpm_service_namezBaseManager.fpm_service_names% " E F FHH HrFc||} tjd|dgddd|jd|t |d S#tttj f$r7}|j dt||dYd }~d Sd }~wwxYw) zg Restart FPM service for particular version :param dom_info: DomainInfo object z /sbin/servicereloadT)capture_outputtextcheckzService %s reloadedzFailed to reload FPM service)errreextraN) r subprocessrunr?rersave_latest_reloadrMrdSubprocessErrorerrorstr)rCrfpm_serves rDruzBaseManager.restart_fpm_service%s ((22 ? N (H5#      K  2H = = =  ) ) < < > > > > > Z%?@ 8 8 8 K  <,/FF-5%7%7  8 8 8 8 8 8 8 8 8 8s6A00C ,B>>CcJtj|}d|jd}tjtj|s@tjtj|t|||j fS)z5Resolve path for user and prepare directory if neededz/var/clwpos/uids/z /info.json) r|r}rr~risdirdirnamemakedirsr*pw_gid)r_upwd_paths rDprepare_wpos_info_pathz"BaseManager.prepare_wpos_info_path9s X&&> >rF)rc8||dd|ddS)a6 Start monitoring of given URL (autotracing task). Note, user is overridden as *autotracing* Arguments are only allowed by keyword :param url: URL to monitor :param tracing_count: count of requests to capture :return: JSON encoded result of start action r request_qtyT)rrrrrrr )rCrrs rDstart_autotracingzBaseManager.start_autotracings-zzcS](5&*,, ,rFrc||j|}|}|t |j5}||jdddn #1swxYwYgd}|j|vr1ttdt|jz | |j }||jnm#t $r|jdd}YnEt&$r9}t)|ddr|jdd}nYd}~nd}~wwxYw|||}|d kr||n||||;t5|j||t;rt=rt?d | d |j! S) z Stop monitoring of given task ID :param tracing_task_id: an ID of task to stop :return: JSON encoded result of stop action r5r)next_request_idN)runningstopped completedholdz!Cannot stop task with status '%s'z+Stopping task for an already deleted domain_internal_missing_domainFrrstopr)"r;r<get_task_request_daemon_storage_flushrfake_idupdate_with_local_datarstatusrrrrrset_domain_ownerrjrr?rergetattrremove drop_cronjobrecalculate_countsr _completerrestorerxr'r)r(rr) rCrrrstoragetry_to_complete_statusesrYrremaining_counts rDrzBaseManager.stops &&7F'HH((  **,,,  4 5 5 Y  / /@W / X X X Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y$O#N#N  &> > >!566\=P9Q9QQSS S 22<3CDDK  ) )+*: ; ; ; ;     K  J K K KKKK   q4e<<    !NOOO"   $ !!###'99;; Q   KK ( ( ( ( NN< 0 0 0  " ;+ , , 4 4 6 6 6  ! !+ . . .    - - e , , , ,}}F-9-ACC Cs0BBB 4D&E*( E*1/E%%E*ctjtjtjh|}|rK t j|tjn*#t$r|j dYnwxYw|j dtj tjhd}|tj dtjtj tjhdS)z Request daemon to flush it's in-memory storage on disk using SIGUSR2 and wait for getting SIGUSR2 back that daemon sends when it successfully flushed data on disk and we are ready to proceed. zVUnable to send daemon signal. Some stats will not be flushed. Maybe daemon is stopped?z2Waiting for daemon to signal back about flush end.g.@NzUDaemon did not signal back in given timeout. Some stats may not be flushed. Continue.)rpthread_sigmask SIG_BLOCKSIGUSR2rQr~killrMr?rOre sigtimedwaitr=SIG_DFL)rC daemon_pidsiginfos rDrz)BaseManager._request_daemon_storage_flushs v/&.1ABBB))++  @ @ FN3333 @ @ @ ##%?@@@@@ @ MNNN%v~&6== ? OG H H H v~/?@@@@@sA""$B B c||j|}|}|jdvr1t t dt |jz||j}| |j d| vr| |}nd}| |||j||jt#|j ||t)d |d |j S) z Continue monitoring of given task ID :param tracing_task_id: an ID of task to continue :return: JSON encoded result of continue action rrrz%Cannot continue task with status '%s'54Nrr:Trcontinuer)r;r<rrrrrrrrrjrUrmrrrrrrrxr(rr)rCrrrrYrs rD continue_zBaseManager.continue_'s&&7F'HH((  ": : :!9::SAT=U=UUWW W..|/?@@ %%k&6777 4**,, , ,#33K@@   $ %5666  4; 777  l,---{'((00222 k***$''''}}J-9-ACC CrFc:||j|}|}|jdvr1t t dt |jz||||d|j S)z Complete given tak ID :param tracing_task_id: an ID of task to complete :return: JSON encoded result of complete action rr1z%Cannot complete task with status '%s'completer) r;r<rrrrrr"rrrCrrrs rDr6zBaseManager.completeMs &&7F'HH((  ": : :!9::SAT=U=UUWW W |V,,,}}J-9-ACC CrFtaskc tj}|d}|dp|d}tj|}|dkr|tdz|krdS|dkr|t|d  z|krdSd S) zT Returns True if task should be completed. False otherwise. rr createtimer r)daysTrr)minutesF)rnow fromtimestampr)r8r=r inceptiontask_start_times rD_is_to_completezBaseManager._is_to_complete]s lnn,' %;l); "0;;  & &?YA=N=N=N+NQT+T+T4   Oi_H]6^6^6^$^ad$d$d4urFc|jdg}|jdt ||D][}||stjdt |d||d\| dS)z Gets all server tasks and complete those which match following criteria: - traced_by requests_qty: if task started 2 days ago - complete - traced_by time: if task runs longer than start time + tracing time - complete rz#Check tasks for autocompleting...%sz"Going to complete task with id: %srzautocomplete-tasksr) rB get_task_listr[r?rerrAr=rr)rCall_server_tasks task_items rDautocomplete_taskszBaseManager.autocomplete_tasksms  -;;==AA(BOO >DT@U@UVVV) 4 4I'' 22  L=s9M^C_?`?` a a a IIi 12 3 3 3 3}}$8}999rFt_taskrr2c||||jr|dSdS)z Common complete actions: - delete cron job, - erase request id file - send 'complete' status to mongo :param t_task: a tracing task object :param client: an APIClient object N)r erase_request_id_storager6rshare)rHrs rDr"zBaseManager._complete|s^ '')))    LLNNNNN  rFc:||j|}|}|jdkr1t t dt |jz||d|j S)z Delete given task ID :param tracing_task_id: an ID of task to delete :return: JSON encoded result of delete action rrz#Cannot delete task with status '%s'deleter) r;r<rrrrrrMrrr7s rDrMzBaseManager.deletes &&7F'HH((  ) + +!7883|?R;S;SSUU U }}H-9-ACC CrFemailc||}|j|j|||d|S)z Enable continuous monitoring for given URL :param url: URL to monitor :param email: email to send reports to :return: JSON encoded result of enable action enablerr)rr@rPrsr)rCrrNd_infos rDenable_continuouszBaseManager.enable_continuoussM))#.. "))&+sEBBB''xS'AAArFct|\}}|j||d|S)z Disable continuous monitoring for given URL :param url: URL to monitor :return: JSON encoded result of disable action rrQ)r!r@rrrs rDdisable_continuouszBaseManager.disable_continuoussC #3 Q "**;777''yc'BBBrFct|\}}|j||d|S)z Start continuous monitoring for given URL :param url: URL to monitor :return: JSON encoded result of start action rrQ)r!r@rrrs rDstart_continuouszBaseManager.start_continuoussC #3 Q "((555''wC'@@@rFct|\}}|j||d|S)z Stop continuous monitoring for given URL :param url: URL to monitor :return: JSON encoded result of stop action rrQ)r!r@rrrs rDstop_continuouszBaseManager.stop_continuoussC #3 Q "'' 444''v3'???rFcb|j}|d|S)zq Get list of continuous monitoring tasks :return: JSON encoded result of get list action zget continuous listrdata)r@get_tracing_listr)rC tracing_lists rDcontinuous_tracing_listz#BaseManager.continuous_tracing_lists9 1BBDD }}$9".00 0rFc^|d|jS)z# Get list of tasks z tasks-listr[)rrBrDrTs rD tasks_listzBaseManager.tasks_lists6}}L"&"4"B"B"D"DFF FrFrc||j|}|}|d|j|S)z@ Get list of requests for given tracing task id rz requests-listr[)r;r<rrrBget_request_list)rCrrrs rD requests_listzBaseManager.requests_listsj &&7>'@@ OO  }}O"&"4"E"Eg"N"NPP PrF request_idc||j|}|}|d|j||S)zO Get collected statistics for request ID of given tracing task rz request-datar[)r;r<rrrBget_request_data)rCrrerrs rD request_datazBaseManager.request_datasn &&7>'@@ OO  }}N"&"4"E"E!(*#6#677 7rFc`|j|dS)a Enable X-Ray User Agent: start or restart service if it is accidentally already running For systemd systems -- start socket unit only For SysV -- start the entire service :return: JSON encoded result of enable action zenable-user-agentrC)rArPrrTs rDenable_user_agentzBaseManager.enable_user_agents. %%'''}}$7}888rFc`|j|dS)a7 Disable X-Ray User Agent: stop the entire service or do nothing if it is accidentally not running For systemd systems -- also check if socket unit is running and stop it too :return: JSON encoded result of disable action zdisable-user-agentrC)rArrrTs rDdisable_user_agentzBaseManager.disable_user_agents. &&(((}}$8}999rFc||j}|d|tS)zn Get status of X-Ray User Agent service :return: JSON encoded result of status action zuser-agent-status)rruser_nginx_cache)rArrr&)rC agent_statuss rDuser_agent_statuszBaseManager.user_agent_statussD -4466 }}$7 .>.@.@BB BrFc*t}|ddur|nS|ddur|n4|ddur*|}||S|S)] Advanced metrics tool :return: JSON encoded result of status action rPTrr)r)r#rPrrr)rCargsamrs rDadvanced_metricszBaseManager.advanced_metricss    >T ! ! IIKKKK )_ $ $ JJLLLL (^t # #YY[[F===// /}}rFcbtt|Srr)r1r-rrCrss rDenable_serverwide_modez"BaseManager.enable_serverwide_modes* &'''}}rFcbtt|Srw)r.r0rrxs rDdisable_serverwide_modez#BaseManager.disable_serverwide_mode(s* %'''}}rF)F)rGr)C__name__ __module__ __qualname____doc__rJrSrboolrErrKrQrrUrXrr^rgrmrarxrvrrw staticmethodrrProcessrrrrrrprrur rrrrr%rr rrrr4r6rArGr r"rMrSrUrWrYr_rardrhrjrlrpruryr{rrFrDr4r4Js1 /N0/////////////H" H H# HT H H H HG#GGGGD888888LZLCLLLL s*:#" Az Ad A A A A 1J 14 1 1 1 1 [ [ [ c d     c hv~&>   \  Lc Ld L L L L1s1z1111C3C:CCCCV:V$VVVVHHHHHH?J?4????(##sCx###\#*C*D****8 9c 9 9 9\ 9''''!&"'<C<C<CC<CC<C<C.1<C<C <C-7<C<C<C<C|>>>>>>02 , , , ,), ,6@ , , , ,@CC@CJ@C@C@C@CDAAA2#C#C#C#C#C#CJCC CCCC  d t   \  : : : : $    \ CcCjCCCC BS B B B B B BCcCjCCCCACAJAAAA@3@:@@@@0000FFFF PS PZ P P P P 7C 7S 7Z 7 7 7 7 9 9 9 9 : : : :BBBB rFr4)Rrrr=r~r|rrrtypingrrrrrrrr rclcommon.constr clcommon.cpapir r !xray.internal.clwpos_safe_importsr rclcommon.utilsrclcommon.clpwdrsecureiorxrayrradviser.clwpos_getr apiclientrcontinuous.managerrinternal.exceptionsrrrrrinternal.fpm_utilsrinternal.local_countersrinternal.nginx_utilsrinternal.typesrr r!internal.user_managerr"internal.advanced_metricsr#internal.user_plugin_utilsr$r%r&internal.utilsr'r(r)r*r+r,reconfiguration.global_inir-r.r/r0r1 TYPE_CHECKINGapiclient.api_clientr2r4rrFrDrsi   ((((((((,,,,,,,,,,,,,,,,,, """"""XWWWWWWW//////******""""""------""""""2222225444448888881111118888888888333333777777  1000000f f f f f f f f f f rF