Sindbad~EG File Manager
# -*- coding: utf-8 -*-
# CLDETECT python lib
#
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2019 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENSE.TXT
# Detection:
#
# Control Panel name & version
# Control Panel name
# Control Panel admin email
# CXS is installed
# mod_suphp is enabled for easyapache on cPanel
# get apache gid
# Detect LiteSpeed
# Detect PostGreSQL
# Detect admin user for DirectAdmin control panel
# Detect CloudLinux instalation process
# Detect Nagios
# Detect if cloudlinux=yes is present for DirectAdmin
# Get fs.enforce_symlinksifowner from /etc/sysctl.conf
# Detect suEXEC
# Detect suPHP
# Check suEXEC or suPHP for SecureLVE jail
# Check /etc/ssh/sshd_config for UsePAM yes
# Separate functions for detect machines: is_da, is_isp, etc
# Detect cagefs installed
from __future__ import absolute_import
from __future__ import print_function
import os
import pwd
import re
import subprocess
import sys
import clcommon.cpapi as cpapi
from clcommon.sysctl import SysCtlConf, SYSCTL_CL_CONF_FILE
from clcommon.utils import get_cl_version
from future.moves.configparser import SafeConfigParser, NoSectionError, NoOptionError
# Control panel name
CP_NAME = None
# Control panel version
CP_VERSION = None
# If CP_NAME is "ISPManager" and CP_VERSION is "5.xx" ISP5 Type: "Master" or "Node".
# else - always None
CP_ISP_TYPE = None
CP_ADMIN_EMAIL = None
NAGIOS_GID = 0
APACHE_GID = 48
APACHE_UNAME = 'apache'
LITESPEED_CONFIG_FILE = '/usr/local/lsws/conf/httpd_config.xml'
LITESPEED_OPEN_CONFIG_FILE = '/usr/local/lsws/conf/httpd_config.conf'
LITESPEED_VERSION_FILE = '/usr/local/lsws/VERSION'
POSTGRE_SERVER_FILE = None
POSTGRE_SYSTEMD_PATH = '/usr/lib/systemd/system/postgresql.service'
POSTGRE_INITD_PATH = '/etc/rc.d/init.d/postgresql'
CL_SETUP_LOCK_FILE = '/var/lock/cldeploy.lck'
CL_CONFIG_FILE = '/etc/sysconfig/cloudlinux'
USEPAM_FILE = '/etc/ssh/sshd_config'
SUEXEC_ENABLED = None
SUPHP_ENABLED = None
SHARED_PRO_EDITION_HUMAN_READABLE = 'CloudLinux OS Shared Pro'
SHARED_EDITION_HUMAN_READABLE = 'CloudLinux OS Shared'
SOLO_EDITION_HUMAN_READABLE = 'CloudLinux OS Solo'
if os.path.isfile(POSTGRE_SYSTEMD_PATH):
POSTGRE_SERVER_FILE = POSTGRE_SYSTEMD_PATH
else:
POSTGRE_SERVER_FILE = POSTGRE_INITD_PATH
def is_ea4():
if os.path.exists('/etc/cpanel/ea4/is_ea4'):
return True
return False
# This function get CP name and CP version
def getCP():
global CP_NAME
global CP_VERSION
global CP_ISP_TYPE
CP_NAME = 'Unknown'
CP_VERSION = '0'
CP_ISP_TYPE = None
####################################################################
# Try to detect panels, supported by CL and custom panel with cpapi plugin
try:
panel_data = cpapi.get_cp_description()
CP_NAME = panel_data['name']
CP_VERSION = panel_data['version']
CP_ISP_TYPE = panel_data['additional_info']
except:
pass
# Try to detect some other panels without retrieving info about them
####################################################################
# H-Sphere
try:
with open('/hsphere/shared/version') as f:
data = f.read()
release = re.findall(r'Release:\s+(.+)', data)[0]
version = re.findall(r'Version:\s+(.+)', data)[0]
CP_NAME = 'H-Sphere'
CP_VERSION = '{0}.{1}'.format(release, version)
return True
except:
pass
####################################################################
# HostingNG check
if os.path.isfile('/lib64/libnss_ng.so'):
CP_NAME = 'HostingNG'
CP_VERSION = 'none'
return True
####################################################################
# CentOS Web Panel check
if os.path.isdir('/usr/local/cwpsrv'):
CP_NAME = 'CentOS_WEB_Panel'
CP_VERSION = 'none'
return True
# Atomia check: (what is atomia you can see at www.atomia.com)
# Atomia is more than just CP inside the CloudLinux,
# So we just check presence of Atomia program agent
# by its footprints - config files, which agent created.
if os.path.isfile('/etc/httpd/conf.d/atomia-pa-apache.conf') or\
os.path.isdir('/storage/configuration/cloudlinux'):
CP_NAME = 'Atomia_agent'
CP_VERSION = 'none'
return True
# Cyber Panel
if os.path.isdir('/usr/local/CyberCP'):
CP_NAME = 'Cyberpanel'
CP_VERSION = 'none'
return True
# Planet Hoster
if os.path.isdir('/var/phmgr'):
CP_NAME = 'PlaneHoster'
CP_VERSION = 'none'
return True
# Vesta CP, check it`s main dir
# can install from https://vestacp.com/install/
if os.path.isdir('/usr/local/vesta'):
CP_NAME = 'Vesta'
CP_VERSION = 'none'
return True
# we can check is VirtualminWebmin installed, by checking license file
# file is always present, license serial and key
# are predefined in the beginning of the installation script
if os.path.isfile('/etc/virtualmin-license'):
CP_NAME = 'VirtualminWebmin'
CP_VERSION = 'none'
return True
if os.path.isfile('/usr/local/webuzo/universal.php'):
CP_NAME = 'Webuzo'
CP_VERSION = 'none'
return True
# No panel detected
return False
# Get params value from file
def get_param_from_file(fileName, paramName, separator=None, default_val=''):
try:
f = open(fileName, "r")
content = f.readlines()
f.close()
except IOError:
return default_val
for line in content:
line = line.strip()
if line.startswith(paramName):
lineParts = line.split(separator)
if (len(lineParts) == 2) and (lineParts[0].strip() == paramName):
return lineParts[1].strip()
return default_val
# This function get CP name only
def getCPName():
global CP_NAME
if CP_NAME:
return CP_NAME
# cPanel check
if os.path.isfile('/usr/local/cpanel/cpanel'):
CP_NAME = 'cPanel'
# Plesk check
elif os.path.isfile('/usr/local/psa/version'):
CP_NAME = 'Plesk'
# DirectAdmin check
elif os.path.isfile('/usr/local/directadmin/directadmin'):
CP_NAME = 'DirectAdmin'
# ISPmanager v4 or v5 check
elif os.path.isfile('/usr/local/ispmgr/bin/ispmgr') or os.path.isdir('/usr/local/mgr5'):
CP_NAME = 'ISPManager'
# InterWorx check
elif os.path.isdir('/usr/local/interworx'):
CP_NAME = 'InterWorx'
# HSphere check
elif os.path.isdir('/hsphere/shared'):
CP_NAME = 'H-Sphere'
elif os.path.isfile('/lib64/libnss_ng.so'):
CP_NAME = 'HostingNG'
# CentOS Web Panel check
elif os.path.isdir('/usr/local/cwpsrv'):
CP_NAME = 'CentOS_WEB_Panel'
elif os.path.isfile('/etc/httpd/conf.d/atomia-pa-apache.conf')\
or os.path.isdir('/storage/configuration/cloudlinux'):
CP_NAME = 'Atomia_agent'
elif os.path.isdir('/usr/local/vesta'):
CP_NAME = 'Vesta'
elif os.path.isfile('/etc/virtualmin-license'):
CP_NAME = 'VirtualminWebmin'
elif os.path.isdir('/var/phmgr'):
CP_NAME = 'PlaneHoster'
elif os.path.isdir('/usr/local/CyberCP'):
CP_NAME = 'Cyberpanel'
elif os.path.isfile('/usr/local/webuzo/universal.php'):
CP_NAME = 'Webuzo'
else:
# detect custom panel name
panel_data = cpapi.get_cp_description()
if panel_data:
# Panel detected
CP_NAME = panel_data['name']
else:
CP_NAME = 'Unknown'
return CP_NAME
def add_server_stats(status_report):
"""
Add server statistics to status_report dict
:param status_report: dict to add statistics to
:type status_report: dict
"""
from clcommon import ClPwd
res = {}
cp_name = getCPName()
if cp_name != 'Unknown':
res['cp'] = cp_name
if cp_name == 'Plesk':
clpwd = ClPwd(10000)
else:
clpwd = ClPwd()
d = clpwd.get_uid_dict()
users = 0
sys_users = {
'nfsnobody', 'avahi-autoipd', 'exim', 'clamav', 'varnish', 'nagios', 'saslauth', 'mysql', 'lsadm',
'systemd-bus-proxy', 'systemd-network', 'polkitd', 'firebird', 'nginx', 'dovecot', 'dovenull',
'roundcube_sysuser', 'avahi-autoipd', 'cpanel', 'cpanelhorde', 'cpanelphpmyadmin', 'cpanelphppgadmin',
'cpanelroundcube', 'mailman', 'cpaneleximfilter', 'cpanellogaholic', 'cpanellogin', 'munin',
'cpaneleximscanner', 'cpanelphpgadmin', 'cpses', 'cpanelconnecttrack', 'cpanelrrdtool', 'admin',
'webapps' 'apache', 'diradmin', 'majordomo', 'viapm', 'iworx', 'iworx-web', 'iworx-pma',
'iworx-backup', 'iworx-horde', 'iworx-roundcube', 'iworx-sqmail', 'iworx_support_user', 'psaadm',
'popuser', 'psaftp', 'drweb', 'sw-cp-server', 'horde_sysuser'
}
for uid in d:
found = False
for entry in d[uid]:
if entry.pw_name in sys_users:
found = True
break
if not found:
users += 1
res['users'] = users
status_report['cln'] = res
# Control Panel admin email
def getCPAdminEmail():
global CP_ADMIN_EMAIL
if CP_ADMIN_EMAIL:
return CP_ADMIN_EMAIL
if not os.path.isfile(CL_CONFIG_FILE):
print('Error: missing '+CL_CONFIG_FILE+' config file.')
sys.exit(1)
try:
parser = SafeConfigParser(interpolation=None,
strict=False)
parser.read(CL_CONFIG_FILE)
if parser.get('license_check', 'EMAIL').strip().find('@') != -1:
CP_ADMIN_EMAIL = parser.get('license_check', 'EMAIL').strip()
else:
try:
getCPName()
get_email_script = parser.get('license_check', CP_NAME+'_getemail_script')
if not os.path.isfile(get_email_script):
raise FileNotFoundError
p = subprocess.Popen([get_email_script], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
(out, err) = p.communicate()
CP_ADMIN_EMAIL = out.strip()
except (NoSectionError, NoOptionError, FileNotFoundError):
CP_ADMIN_EMAIL = 'root@localhost.localdomain'
return CP_ADMIN_EMAIL
except:
print('Error: bad '+CL_CONFIG_FILE+' config file.')
sys.exit(1)
# Check is CXS installed
def CXS_check():
if os.path.isdir('/etc/cxs'):
return True
else:
return False
# Check is mod_suphp is enabled in easyapache on cPanel
# TODO check cagefs_posteasyapache_hook.sh for suPHP check via /usr/local/cpanel/bin/rebuild_phpconf --available
def mod_suPHP_check():
getCPName()
if CP_NAME == 'cPanel':
if os.path.isfile('/usr/local/apache/modules/mod_suphp.so'):
return True
else:
return False
else:
return False
# Get Apache gid
def get_apache_gid():
getCPName()
global APACHE_GID
global APACHE_UNAME
if CP_VERSION != '0':
if CP_NAME == 'cPanel':
APACHE_UNAME = 'nobody'
if CP_NAME == 'H-Sphere':
APACHE_UNAME = 'httpd'
# line 24 | APACHE_UNAME = 'apache' - for others control panel (DA,ISP,IWorx,Plesk)
try:
APACHE_GID = pwd.getpwnam(APACHE_UNAME).pw_gid
except:
pass
return True
else:
return False
# Detect LiteSpeed
def detect_litespeed():
"""
LiteSpeed can be enterprise or open source, and each of them
stores config in different formats
So this checker will search for one of them
"""
return detect_enterprise_litespeed() or detect_open_litespeed()
def detect_enterprise_litespeed():
"""
Detects LSWS Enterprise presence
"""
return os.path.isfile(LITESPEED_CONFIG_FILE)
def detect_open_litespeed():
"""
Detects OpenLiteSpeed presence
"""
return os.path.isfile(LITESPEED_OPEN_CONFIG_FILE)
def get_litespeed_version():
"""
Determine Litespeed version.
Works for both LSWS Enterprise and OpenLiteSpeed.
"""
try:
# Content of LITESPEED_VERSION_FILE: '5.4.12'
with open(LITESPEED_VERSION_FILE, 'r') as f:
return f.read().strip()
except (FileNotFoundError, OSError, IOError):
return ''
# Detect PostGreSQL
def detect_postgresql():
if os.path.isfile(POSTGRE_SERVER_FILE):
return True
else:
return False
# Detect DirectAdmin admin user
def detect_DA_admin():
getCPName()
if CP_NAME == 'DirectAdmin':
try:
f = open('/usr/local/directadmin/conf/directadmin.conf', 'r')
out = f.read()
f.close()
return out.split('admindir=')[1].split('\n')[0].split('/')[-1].strip()
except:
return 'admin'
else:
return False
# Detect CloudLinux instalation process
def check_CL_installing():
if os.path.isfile(CL_SETUP_LOCK_FILE):
try:
f = open(CL_SETUP_LOCK_FILE, 'r')
pid = int(f.read())
f.close()
if os.path.isdir('/proc/'+str(pid)):
return True
else:
return False
except:
return False
else:
return False
# Detect Nagios
def get_nagios():
if os.path.isdir('/usr/local/nagios'):
global NAGIOS_GID
try:
NAGIOS_GID = pwd.getpwnam('nagios').pw_gid
return True
except:
return False
else:
return False
# Detect if cloudlinux=yes is present for DirectAdmin
def da_check_options():
check_result = get_param_from_file('/usr/local/directadmin/custombuild/options.conf', 'cloudlinux', '=')
if check_result == 'yes':
return True
else:
return False
def get_symlinksifowner():
"""get fs.enforce_symlinksifowner from sysctl conf"""
sysctl = SysCtlConf(config_file=SYSCTL_CL_CONF_FILE, mute_errors=False)
value = sysctl.get('fs.enforce_symlinksifowner')
return int(value) if value is not None else value
# Get suEXEC status
def get_suEXEC_status():
global SUEXEC_ENABLED
if SUEXEC_ENABLED is None:
detect_suEXEC_suPHP()
return SUEXEC_ENABLED
# Get suPHP status():
def get_suPHP_status():
global SUPHP_ENABLED
if SUPHP_ENABLED is None:
detect_suEXEC_suPHP()
return SUPHP_ENABLED
# Detect suEXEC and suPHP
def detect_suEXEC_suPHP():
global SUEXEC_ENABLED
global SUPHP_ENABLED
# This helps us to avoid double check when we checks both suEXEC and suPHP
SUEXEC_ENABLED = False
SUPHP_ENABLED = False
modules = get_apache_modules()
if modules is None:
return
SUEXEC_ENABLED = 'suexec_module' in modules
SUPHP_ENABLED = 'suphp_module' in modules
def get_apache_modules():
# path to httpd is the same on the panels
bin_exec = "/usr/sbin/httpd"
try:
p = subprocess.Popen([bin_exec, '-M'], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
out, err = p.communicate()
modules = []
out = out.split('\n')
# clean the output from 1st line 'Loaded modules'
for line in out[1:]:
if not line:
continue
# core_module (static) so_module (static) http_module (static) mpm_worker_module (shared)...
# --> ['core_module', 'so_module', 'http_module', 'mpm_worker_module']
try:
mod = line.strip().split(' ')[0]
except IndexError:
mod = ''
if mod == '':
continue
modules.append(mod)
return modules
except(OSError, IOError):
return None
def execute(command):
"""
Executes command with bash interpreter
"""
proc = subprocess.Popen(
command,
shell=True,
executable='/bin/bash',
stdout=subprocess.PIPE,
text=True,
bufsize=-1
)
return proc.communicate()[0]
# check suPHP or suEXEC binary for jail
def check_binary_has_jail(location):
try:
if is_ea4():
result = execute('/usr/bin/strings ' + str(location[getCPName() + '_ea4']) + ' | grep jail')
else:
result = execute('/usr/bin/strings ' + str(location[getCPName()]) + ' | grep jail')
if result.find('jail error') != -1:
return True
else:
return False
except KeyError:
return None
except (IOError, OSError):
return False
# Check sshd -T output for usepam yes
def check_SSHd_UsePAM():
try:
result = execute('/usr/sbin/sshd -T | grep usepam')
if result.find('usepam yes') != -1:
return True
else:
return False
except (IOError, OSError):
return None
def init_cp_name():
if CP_NAME is None:
getCPName()
# Detect DirectAdmin machine
def is_da():
init_cp_name()
return CP_NAME == 'DirectAdmin'
# Detect ISP Manager machine
def is_ispmanager():
init_cp_name()
return CP_NAME == 'ISPManager'
# Detect ISP Manager v5 machine type: "Master" or "Node"
# If not ISP5 - always None
def ispmanager5_type():
init_cp_name()
return CP_ISP_TYPE
# Detect ISP Manager v5 machine is Master
def ispmanager5_is_master():
return CP_ISP_TYPE == "Master"
# Detect cPanel machine
def is_cpanel():
init_cp_name()
return CP_NAME == 'cPanel'
# Detect Plesk machine
def is_plesk():
init_cp_name()
return CP_NAME == 'Plesk'
# Detect InterWorx machine
def is_internetworx():
init_cp_name()
return CP_NAME == 'InterWorx'
# Detect H-Sphere machine
def is_hsphere():
init_cp_name()
return CP_NAME == 'H-Sphere'
# Detect HostingNG machine
def is_hostingng():
init_cp_name()
return CP_NAME == 'HostingNG'
# Detect unknown machine
def is_unknown():
init_cp_name()
return CP_NAME == 'Unknown'
def is_openvz():
"""
Returns 0 if there is no openvz, otherwise returns node id
"""
pid = os.getpid()
lines = open('/proc/' + str(pid) + '/status').readlines()
for line in lines:
if line.startswith('envID:'):
env_id = line.split(':')[1].strip()
return int(env_id)
return 0 # no openvz found
def is_cagefs_installed():
return os.path.exists('/usr/sbin/cagefsctl')
def get_boolean_param(file_name, param_name, separator='=', default_val=True):
config_val = get_param_from_file(file_name, param_name, separator, default_val=None)
if config_val is None:
return default_val
return config_val.lower() in ('true', '1', 'yes', 'on')
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists