Server : Apache System : Linux indy02.toastserver.com 3.10.0-962.3.2.lve1.5.85.el7.x86_64 #1 SMP Thu Apr 18 15:18:36 UTC 2024 x86_64 User : palandch ( 1163) PHP Version : 7.1.33 Disable Function : NONE Directory : /opt/imunify360/venv/lib64/python3.11/site-packages/defence360agent/subsys/panels/cpanel/ |
import json import logging import subprocess import signal from urllib.parse import quote from defence360agent.utils import check_run, CheckRunError from defence360agent.subsys.panels.base import PanelException logger = logging.getLogger(__name__) # use complete path as recommended by cPanel docs # https://documentation.cpanel.net/display/DD/WHM+API+1+Functions+-+modsec_is_installed WHMAPI1_CMD = "/usr/sbin/whmapi1" WHMAPI_CERT_ERROR_LIST = [ "no certificate", "no key with the id", "cannot read license file", "invalid license file", "license file expired", ] class WHMAPIException(PanelException): """Got broken output or other problem during WHMAPI call""" pass class WHMAPILicenseError(WHMAPIException): """Raises when cannot Read License File""" pass async def whmapi1(function, sudo=False, **kwargs): cmd = ["sudo"] if sudo else [] cmd.extend([WHMAPI1_CMD, "--output=json", function]) params = ["{}={}".format(k, quote(v)) for k, v in kwargs.items()] try: raw_output = (await check_run(cmd + params)).decode() except CheckRunError as e: if e.returncode == -signal.SIGTERM: logger.warning(e) raise WHMAPIException(e) else: raise e try: output = json.loads(raw_output) except json.JSONDecodeError as e: raise WHMAPIException( f"Broken output from whmapi1: {raw_output!r}, reason: {e}" ) from e try: if output["metadata"]["result"]: return output["data"] else: raise WHMAPIException( "whmapi {} command failed: {}".format( output["metadata"]["command"], output["metadata"]["reason"] ) ) except KeyError as e: if ("statusmsg", "Cannot Read License File") in output.items(): logger.warning("Cannot Read CPanel License File") raise WHMAPILicenseError else: raise WHMAPIException( "Broken output from whmapi1 (KeyError: {}): {!r}".format( e, output ) ) def run_whmapi(args, *path_list): # FIXME: this script partly copypaste 'whmapi1' function cmd = [WHMAPI1_CMD, *args, "--output=json"] try: logger.debug("subprocess.run(%r)", cmd) res = subprocess.run(cmd, check=True, stdout=subprocess.PIPE) except subprocess.CalledProcessError as e: raise WHMAPIException("Failed to run whmapi1: %s" % e) from e if path_list: decoded_output = json.loads(res.stdout.decode()) result = [] for i, element_path in enumerate(path_list): try: item = decoded_output for key in element_path: item = item[key] result.append(item) except KeyError as e: if i == 0: # we guarantee to *always* return first element from # path_list raise WHMAPIException( "Could not parse whmapi1 output" ) from e else: # and have no guarantee for the rest of path_list result.append(None) else: return if len(result) == 1: return result[0] else: return result def run_whmapi_result(args): return run_whmapi(args, ["metadata", "result"]) def run_whmapi_result_and_reason(args): result, reason = run_whmapi( args, ["metadata", "result"], ["metadata", "reason"] ) # explicit is better than implicit! return result, reason