AlkantarClanX12

Your IP : 18.116.20.108


Current Path : /opt/imunify360/venv/lib/python3.11/site-packages/imav/__pycache__/
Upload File :
Current File : //opt/imunify360/venv/lib/python3.11/site-packages/imav/__pycache__/server.cpython-311.pyc

�

��g�>��$�dZddlZddlZddlZddlZddlZddlZddlZddlZddl	m
Z
ddlmZm
Z
ddlmZddlmZddlmZmZddlmZddlZdd	lmZddlZddlZddlZdd
lmZddlm Z m!Z!ddl"m#Z#m$Z$m%Z%m&Z&m'Z'dd
l(m)Z)ddl*m+Z+ddl,m-Z-m.Z.ddl/m0Z0ddl1m2Z2ddl3m4Z4ddl5m6Z6m7Z7m8Z8ddl9m:Z:m;Z;m<Z<m=Z=m>Z>ddl?m@Z@ddlAmBZBmCZCmDZDmEZEddlFmGZGddlHmIZIddlJmKZKmLZLddlMmNZNddlOmPZPmQZQddlRmSZSddlTZTdZUede&jVz��ZWdZXejYeZ��Z[eLeK� ��e[j\��Z]Gd!�d"��Z^ed#���Z_d$�Z`d%�Zad&�Zbd'�Zcd(�Zdd)ee4eeeeffd*�Zfd+e4fd,�Zgd-�Zhd.�Zid/eed)dfd0�Zjd1�Zkd2�Zld3�Zmd4�ZndS)5u

This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
�N)�ThreadPoolExecutor)�contextmanager�suppress)�partial)�Path)�CalledProcessError�check_output)�Tuple)�
AlreadyLocked)�files)�health�
inactivity)�ConfigsValidator�Core�Merger�Model�	SimpleRpc)�	HookEvent)�
LicenseCLN)�MessageSink�
MessageSource)�g)�IndependentAgentIDAPI)�TheSink)�instance�simplification�	tls_check)�NonRootRpcServer�NonRootRpcServerAV�	RpcServer�RpcServerAV�
is_running)�systemd_notifier)�Task�create_task_and_log_exceptions�is_root_user�is_systemd_boot)�is_db_corrupted)�EXITCODE_GENERAL_ERROR)�DAY�
rate_limit)�flush_sentry)�MalwareHitStatus�MalwareScanResourceType)�
MalwareHiti4z%s.is_corruptedz�Imunify360 database is corrupt. Application cannot run with corrupt database. Please, contact Imunify360 support team at https://cloudlinux.zendesk.com)�periodc��eZdZd�Zd�ZdS)�TaskFactoryc�,�t��|_dS�N)�set�pool)�selfs �@/opt/imunify360/venv/lib/python3.11/site-packages/imav/server.py�__init__zTaskFactory.__init__ds���E�E��	�	�	�c��t||���}|j�|��|�|jj��|S)N��loop)r$r6�add�add_done_callback�discard)r7r=�coro�tasks    r8�__call__zTaskFactory.__call__gsF���D�t�$�$�$���	�
�
�d�������t�y�0�1�1�1��r:N)�__name__�
__module__�__qualname__r9rC�r:r8r2r2cs2�������������r:r2c#�K�	dV�dS#t$r;}t�d||��tj|��Yd}~dSd}~wwxYw)z)Log *message* on any error & suppress it.Nzcaught error %r on %s)�	Exception�logger�error�
sentry_sdk�capture_exception)�message�es  r8�log_and_suppress_errorrPnsq����(�
��������(�(�(����,�a��9�9�9��$�Q�'�'�'�'�'�'�'�'�'�����(���s�
�
A�0A
�
Ac��(K�td��5tj�t	j����ddd��n#1swxYwYt
�dtj����td��5g}tj
d��4�d{V��dtvrOtj�
��|�tj�����|�|�����tj|��d{V��ddd���d{V��n#1�d{V��swxYwYddd��n#1swxYwYt%|d����D]s}td��5t
�d	|jj|jj��|����d{V��ddd��n#1swxYwY�ttd
��5t-j���d{V��ddd��n#1swxYwYtjd��x}�Atd��5tj|���d{V��ddd��n#1swxYwYtd
��5|���ddd��n#1swxYwYt5��t
�dtj����dS)Nz)marking the start of the shutdown processzshutdown task starting, pid=%sz4preventing new messages (if any) processing to start�
�
sensor_serverc��|jSr4)�SHUTDOWN_PRIORITY)�ps r8�<lambda>z _shutdown_task.<locals>.<lambda>�s	��A�4G�r:)�keyz,This happened while shutting down a plugin!!zShutting down %s.%s...zshutting down IAID API�web_server_restart_taskzwaiting for web server restartz
stopping loopzshutdown task finished, pid=%s)rPr
�sensor�
shutting_down�timerJ�info�os�getpid�asyncio�timeoutrrS�close�append�wait_closed�shutdown�gather�sorted�	__class__rErDr�get�wait_for�stopr,)r=�the_sink�plugin_list�_tasks�plugin�restart_tasks      r8�_shutdown_taskrqxs�����	� K�	L�	L�1�1��
�#�#�D�I�K�K�0�0�0�1�1�1�1�1�1�1�1�1�1�1����1�1�1�1��K�K�0�"�)�+�+�>�>�>�	�>�
�
�
*�
*����?�2�&�&�	*�	*�	*�	*�	*�	*�	*�	*��!�#�#���%�%�'�'�'��
�
�a�o�9�9�;�;�<�<�<��M�M�(�+�+�-�-�.�.�.��.�&�)�)�)�)�)�)�)�)�
	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*�	*����	*�	*�	*�	*�	
*�
*�
*�
*�
*�
*�
*�
*�
*�
*�
*����
*�
*�
*�
*���*G�*G�H�H�H�$�$��
#�:�
�
�
	$�
	$�
�K�K�(�� �+�� �)�
�
�
��/�/�#�#�#�#�#�#�#�#�#�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$�
	$����
	$�
	$�
	$�
	$��
 � 8�	9�	9�/�/�#�,�.�.�.�.�.�.�.�.�.�/�/�/�/�/�/�/�/�/�/�/����/�/�/�/���7�8�8�8��E�
#�$D�
E�
E�	1�	1��"�<�0�0�0�0�0�0�0�0�0�	1�	1�	1�	1�	1�	1�	1�	1�	1�	1�	1����	1�	1�	1�	1�
 ��	0�	0����	�	�����������������������N�N�N�
�K�K�0�"�)�+�+�>�>�>�>�>s��1A�A�A�E5�2BE�E5�
E"	�"E5�%E"	�&E5�5E9�<E9�#AG:�:G>	�G>	�H;�;H?�H?�+J�J�J�,K
�
K�Kc��t�d|��tj��}tj�|��|_d|_tj|_	t��rd|_nd|_tj
j���|_	|���nC#t"$r6t�d��t'jt*��YnwxYwt-j��tj
j���dS)NzRun as daemon [pidfile = %s]FTz*PID file already locked by another process)rJr]�daemon�
DaemonContext�pidfile�PIDLockFile�prevent_corer�
FILE_UMASK�umaskr'�detach_process�defence360agent�	internals�get_fds�files_preserve�openrrK�sys�exitr)�gc�collect�reconfigure)�pidfilepath�dcs  r8�
_daemonizer��s
��
�K�K�.��<�<�<�	�	�	�	�B���+�+�K�8�8�B�J��B�O���B�H����!�!���� ���'�1�8�@�@�B�B�B��)�
���	�	�	�	���)�)�)����A�B�B�B���'�(�(�(�(�(�)�����J�L�L�L���$�0�0�2�2�2�2�2s�1C�=D�Dc��<K�tj���d{V��dS)zPerform update files on start.N)r�!update_all_no_fail_if_files_existrGr:r8�_initial_files_updater��s-����
�
1�
3�
3�3�3�3�3�3�3�3�3�3r:c�j�|�tj|tj����dSr4)�run_until_completer�run_in_executorr�resetr<s r8�_tls_check_resetr��s6������&�t�Y�_�=�=�����r:c� ���fd�|D��S)Nc�4��g|]}t|����|��SrG)�
isinstance)�.0rV�pclasss  �r8�
<listcomp>z$plugin_instances.<locals>.<listcomp>�s(���5�5�5�!�z�!�V�4�4�5�A�5�5�5r:rG)�objsr�s `r8�plugin_instancesr��s���5�5�5�5�t�5�5�5�5r:�returnc���d�|D��}t|t��}|D]E}t�d|��|�|�|�����Ft
||��}t|t��}|D]F}t�d|��|�|�||�����G|�	��|||fS)Nc�"�g|]}|����
SrGrG)r��plugin_classs  r8r�z"_start_plugins.<locals>.<listcomp>�s��A�A�A�,�|�|�~�~�A�A�Ar:zCreating sink %rzCreating source %r)
r�rrJr]r��create_sinkrr�
create_source�start)r=�plugin_classes�plugins�sinks�srl�sourcess       r8�_start_pluginsr��s���A�A�.�A�A�A�G�
�W�k�2�2�E�
�5�5�����&��*�*�*�����
�
�d� 3� 3�4�4�4�4��u�d�#�#�H��w�
�6�6�G�
�A�A�����(�!�,�,�,��������h� ?� ?�@�@�@�@��N�N�����U�G�#�#r:rlc���t�d��tjrtt
f}nttf}|D]+}|�|�	||�����,dS)NzStarting RpcServers...)
rJr]r�SOCKET_ACTIVATIONr!rr rr��create)r=rl�rpc_servers�rpcs    r8�
_start_rpcr��sv��
�K�K�(�)�)�)��"�4�"�$6�7��� �"2�3���<�<������
�
�4�� :� :�;�;�;�;�<�<r:c���	tddgt|��zdditj����}n_#t$r}t|j��}Yd}~n<d}~wt$rt�	d��gcYSt$rgcYSwxYw|����d��}d�|D��}tt|����S)	N�lsofz+wt�PATHz/usr/sbin:/usr/bin)�envz&There is no lsof in /usr/sbin:/usr/bin�
c�0�g|]}|�t|����SrG)�int)r��lines  r8r�z"_get_pids_open.<locals>.<listcomp>s#��0�0�0�$�4�0�C��I�I�0�0�0r:)r	�listr^�environr�bytes�output�FileNotFoundErrorrJ�warning�IOError�strip�splitr5)r�outrO�lines�pidss     r8�_get_pids_openr��s����
�U�O�d�5�k�k�)��-�<���<�
�
�
���������A�H�o�o������������������?�@�@�@��	�	�	������	�	�	������I�I�K�K���e�$�$�E�0�0�%�0�0�0�D���D�	�	�?�?�s �14�
B�A�)B�B�Bc�F�t���r�tj��}|dk�r�tj|�����}t
tjtj	��}g}|D]�}	tj|��}n#tj
$rY�)wxYw|���}|r|���}nd}|�||���dt|��zf����	t|��5}	|	���}
ddd��n#1swxYwYn#t t"f$rd}
YnwxYwt%dt&j�d|�d|�dt|���d|�d	|
�d
�
��t+jt.��t1t2j���r�t6���s9t:�t>��t6� ��nt:�!t>��t+jt.��dStEtF��5t6�$��ddd��dS#1swxYwYdS)Nr�Nonezparent process = %szInstance of z% is already running. Parent process "z" with pid "z". Sockets are in use by z. z file contents z pid)�db_path)%r"r^�getppid�psutil�Process�namer�r�SOCKET_PATH�NON_ROOT_SOCKET_PATH�
NoSuchProcess�parentrc�strr�read�OSErrorr��throttled_log_errorr�SVC_NAMEr�r�r)r(rr��_DB_IS_CORRUPTED_FLAG�existsrJrK�_DB_IS_CORRUPTED_MSG�touchr�rr��unlink)ru�ppidr��pids_used_socket�process_used_socket�pid�_pr�
_local_parent�_parent_name�file�written_pids           r8�_check_able_to_startr�s���|�|�--��z�|�|���1�9�9��^�D�)�)�.�.�0�0�F�-��%�y�'E� � ��#%��'�
�
��� �.��-�-�C�C���+�����H����� #�
�
���
� �*�#0�#5�#5�#7�#7�L�L�#)�L�#�*�*�����
�
�-��L�0A�0A�A������
#��'�]�]�.�d�"&�)�)�+�+�K�.�.�.�.�.�.�.�.�.�.�.����.�.�.�.����W�%�
#�
#�
#�"����
#�������M�M�M��F�F��D�D��+�,�,�,�,��G�G��K�K��

�

�

�
�H�+�,�,�,��u�z�*�*�*�	+�$�+�+�-�-�	1��L�L�-�.�.�.�!�'�'�)�)�)�)��N�N�/�0�0�0���'�(�(�(�(�(�
�'�
(�
(�	+�	+�!�(�(�*�*�*�	+�	+�	+�	+�	+�	+�	+�	+�	+�	+�	+�	+����	+�	+�	+�	+�	+�	+sZ�;B�B"�!B"�E
�D>�2E
�>E�E
�E�E
�
E �E �/J�J�Jr�c
�4	�t��s3t�d��tjt
��t
��}tjj�	|j
��|jstj
�d��rHtjj�|jptj
�d����tjt"��t%|j��|jr7t+|j��t-jt,jj��t4j�t;j����t=j��st4j� ��tCj"��}tj#��}|�$tKtMd|r|dznd�������|�'tQ����	tS|��tTj+�,tZj.��t_|��taj1��|�2|����	tg��n]#thj5$rK}t�6dto|����tjt
��Yd}~nd}~wwxYw|�2tqj9����s;t�d	��|�2tu����tvj<�=t|j?��t�||��\}}}t�||��t�d
��t�jCt�jEd���}	t�||jG|	��t�|t�t�||||z����|�K��t�d
��|�L��dS#|�L��wxYw)z�Common function for agent service startup.

    plugin_classes is a list of classes implementing message processing
    plugins. init_actions is a coroutine that will be called prior to starting
    RPC and message processing.z5Imunify agent could be started by the root user only!�IMUNIFY360_LOGGING_CONFIG_FILE� ��)�max_workersz*Failed to stop pending cleanup. Reason: %sNz=Essential files are missing. Performing initial files update.zMessage Bus startedF)�version�residentzloop stopped)Mr&rJr]r�r�r)�	parse_clir{r|�setLogLevel�verbose�
log_configr^r�ri�update_logging_config_from_file�setrecursionlimit�_MAX_RECURSION_DEPTHr�rursr�r#�notify�
AgentState�
DAEMONIZEDr
rZ�startingr\r�
is_registered�unregisteredr`�get_event_loop�	cpu_count�set_default_executorr�min�set_task_factoryr2r�r�db�initrr��validate_configs_on_startr�update_merged_configr��_stop_pending_cleanupr�PeeweeExceptionrK�reprr�essential_files_existr�r�track�set_timeoutr�INACTIVITY_TIMEOUTr�r�r�AgentStartedr�VERSIONr%�process_message�_setup_signal_handlersrrq�run_foreverrb)
r��init_actions�argsr=�_cpurOrlr�r��
agent_starteds
          r8r�r�As����>�>�)����K�L�L�L���'�(�(�(��;�;�D���$�0�0���>�>�>���
�"�*�.�.�)I�J�J�
��!�(�H�H��O�O�r�z�~�~�.N�O�O�	
�	
�	
���.�/�/�/����&�&�&��{�H��4�<� � � ��� 0� ;� F�G�G�G�
�M���4�9�;�;�'�'�'��#�%�%�%��
�"�"�$�$�$��!�#�#�D�
�<�>�>�D�	����s�2�4�/F�t�a�x�x�Q�'G�'G�H�H�H����	���+�-�-�(�(�(�/������������$�$�$�!�$�'�'�'��#�%�%�%��������/�/�/�	-�!�#�#�#�#���-�	-�	-�	-�
�L�L�E�t�A�w�w�O�O�O��H�+�,�,�,�,�,�,�,�,�����	-�����&�&�u�'B�'D�'D�E�E�	=��K�K�O�
�
�
�
�#�#�$9�$;�$;�<�<�<���$�$�Y�%A�B�B�B�#1�$��#G�#G� ��%���4��"�"�"����)�*�*�*�!�.��L�5�
�
�
�
�	'��(�*�M�	
�	
�	
�	��'�.�$��%�'�/�J�J�	
�	
�	
�	
���������N�#�#�#�	
�
�
��������
�
�������s9�3A7R�+J:�9R�:L�	AL�
R�L�ER�Rc�j�	tj��dS#t$r�}ddlm}tjt|�����}|�||����t�
t|����tj
t��Yd}~dSd}~wwxYw)Nr)�
execute_hooks)rK)r�validate_config_layersrI�defence360agent.hooks.executerr�AgentMisconfigr�r�rJr�r�r�r�r))r=rOr�agent_misconfigs    r8r�r��s���)��/�1�1�1�1�1���)�)�)�?�?�?�?�?�?�#�2��a���A�A�A�����
�
�o� >� >�?�?�?����s�1�v�v������'�(�(�(�(�(�(�(�(�(�����
)���s��
B2�BB-�-B2c����d���fd�}tjtjtjtjfD]}|�||||���dS)NFc����s/d�t�d|��t|����dSt�d|��dS)NTz	Caught %sz9Caught %s. Shutdown task is already running, please wait.)rJr]r%)r=�sig�called�shutdowntasks  ��r8�_sighandlerz+_setup_signal_handlers.<locals>._sighandler�s]����		��F��K�K��S�)�)�)�3�D�,�G�G�F�F�F��K�K�K��
�
�
�
�
r:)�signal�SIGINT�SIGTERM�SIGUSR1�SIGUSR2�add_signal_handler)r=rrrrs `  @r8rr�sp����
�F��������
�v�~�v�~�v�~�N�=�=������[�$��<�<�<�<�=�=r:c�<�tjd���}|�ddddd���|�d	d
d���|�d
dd���|�dd���|�tjdd���S)NzRun imunify agent)�descriptionz-vr��countrz�Level of logging. Each value corresponds to:1 - console only log level,2 - previous plus add network log,3 - all previous plus add process message log,4 - all previous plus add debug log)�dest�action�default�helpz--daemon�
store_truez
run as daemon)r#r%z	--pidfilez/var/run/imunify360.pidzuse with --daemon)r$r%z--log-configzlogging config filename)r%�)�argparse�ArgumentParser�add_argument�
parse_argsr��argv)�parsers r8r�r��s���
�
$�1D�
E�
E�
E�F�
����
���
2�
�������
�<�o��N�N�N�
����)�
 �����
����-F��G�G�G����S�X�a�b�b�\�*�*�*r:c��tj���tjtjktjtjj	k��}tj
|tj��dS)zP
    Get back to FOUND all malware hits which have stuck in CLEANUP_STARTED
    N)r/�select�where�statusr-�CLEANUP_STARTED�
resource_typer.�FILE�value�
set_status�FOUND)�hitss r8r�r��sb������$�$���-�=�=�� �$;�$@�$F�F���D���$� 0� 6�7�7�7�7�7r:)o�__doc__r(r`r��loggingr^rr�r\�concurrent.futuresr�
contextlibrr�	functoolsr�pathlibr�
subprocessrr	�typingr
rs�lockfiler�daemon.pidfiler�� defence360agent.internals.loggerr{r�defence360agent.apir
r� defence360agent.contracts.configrrrrr�%defence360agent.contracts.hook_eventsr�!defence360agent.contracts.licenser�!defence360agent.contracts.pluginsrr�&defence360agent.internals.global_scoper�defence360agent.internals.iaidr�"defence360agent.internals.the_sinkr�defence360agent.modelrrr�defence360agent.simple_rpcrrr r!r"�defence360agent.subsysr#�defence360agent.utilsr$r%r&r'�defence360agent.utils.check_dbr(�defence360agent.utils.clir)�defence360agent.utils.commonr*r+�defence360agent.sentryr,�imav.malwarelib.configr-r.�imav.malwarelib.modelr/rLr�r�r�r��	getLoggerrDrJrKr�r2rPrqr�r�r�r�r�r�r�r�r�r�r�rr�r�rGr:r8�<module>rWs�����*��������	�	�	�	�����	�	�	�	�
�
�
�
�
�
�
�
�����1�1�1�1�1�1�/�/�/�/�/�/�/�/�������������7�7�7�7�7�7�7�7�������
�
�
�
�"�"�"�"�"�"�����
�
�
�
�'�'�'�'�!�!�!�!�!�!�2�2�2�2�2�2�2�2���������������<�;�;�;�;�;�8�8�8�8�8�8�H�H�H�H�H�H�H�H�4�4�4�4�4�4�@�@�@�@�@�@�6�6�6�6�6�6�E�E�E�E�E�E�E�E�E�E���������������4�3�3�3�3�3�������������;�:�:�:�:�:�<�<�<�<�<�<�8�8�8�8�8�8�8�8�/�/�/�/�/�/���������-�,�,�,�,�,���������.���;�<�<��%��
��	�8�	$�	$��,�j�j��,�,�,�V�\�:�:�����������(�(���(�,?�,?�,?�^3�3�3�24�4�4�
���6�6�6�$�E�'�4��2E�,F�$�$�$�$�*<�w�<�<�<�<����$9+�9+�9+�xU�$�U��U�U�U�U�p	)�	)�	)�=�=�=�(+�+�+�28�8�8�8�8r: