From a612d59132f14dbd2196bb4b777337c40f155645 Mon Sep 17 00:00:00 2001 From: wangsong Date: Wed, 26 Oct 2022 14:44:49 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E5=9C=A8=E5=AE=89=E8=A3=85=E6=97=B6?= =?UTF-8?q?=E5=88=BB=E5=85=B3=E9=97=AD=E8=81=94=E7=BD=91=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/SystemUpdater/UpdateManager.py | 49 --------------- .../backend/InstallBackendAptdaemon.py | 2 +- backend/SystemUpdater/backend/__init__.py | 62 ++++++++++++++++++- 3 files changed, 61 insertions(+), 52 deletions(-) diff --git a/backend/SystemUpdater/UpdateManager.py b/backend/SystemUpdater/UpdateManager.py index 46f6f84..198e0bc 100644 --- a/backend/SystemUpdater/UpdateManager.py +++ b/backend/SystemUpdater/UpdateManager.py @@ -64,7 +64,6 @@ class UpdateManager(): self.simulate_mode = SimulateTerminal() self.install_mode = UpdateInstallMode(self) self.apt_p2p_config = AptP2pConfigManager() - self.safe_manager = UpdateSafeManager() self._reload_options_config() self._refresh_cache_only() @@ -920,54 +919,6 @@ class SimulateTerminal(): return terminal_msg -class UpdateSafeManager(): - KYSEC_STATUS = "/sys/kernel/security/kysec/status" - KYSEC_EXECTL = "/sys/kernel/security/kysec/exectl" - def __init__(self): - self.bus = dbus.SystemBus() - self.safe_status = False - self.safe_exectl = 0 - self.check_status() - - def check_status(self): - self._check_safe_status() - self._check_safe_exectl() - - def _check_safe_status(self): - if os.path.exists(self.KYSEC_STATUS): - with open(self.KYSEC_STATUS, 'r') as f: - data = f.read() - if data != "0": - self.safe_status = True - logging.info("Safe mode is turned on...") - - def _check_safe_exectl(self): - if self.safe_status == True: - if os.path.exists(self.KYSEC_EXECTL): - with open(self.KYSEC_EXECTL, 'r') as f: - data = f.read() - self.safe_exectl = int(data) - logging.info("Safe exectl is %s...",data) - - def reset_safe(self): - if self.safe_status == True: - self._set_fun_status(self.safe_exectl) - def shutdown_safe(self): - if self.safe_status == True: - self._set_fun_status(0) - - #设置aptdeamon的环境变量 - def _set_fun_status(self,value): - try: - logging.info("Set kysec_xattr_set_func_status %s...",str(value)) - obj = self.bus.get_object('com.kylin.kysec', '/xattr') - interface = dbus.Interface(obj,dbus_interface='com.kylin.kysec.xattr') - retval = interface.kysec_xattr_set_func_status(0,value,timeout=2) - return retval - except Exception as e: - logging.error(str(e)) - return False - class UpdateInstallMode(): OPENKYLIN_DISTTRIBUTOR = "Openkylin" KYLIN_DISTTRIBUTOR = "Kylin" diff --git a/backend/SystemUpdater/backend/InstallBackendAptdaemon.py b/backend/SystemUpdater/backend/InstallBackendAptdaemon.py index 00baeb5..3df507b 100644 --- a/backend/SystemUpdater/backend/InstallBackendAptdaemon.py +++ b/backend/SystemUpdater/backend/InstallBackendAptdaemon.py @@ -355,7 +355,7 @@ class InstallBackendAptdaemon(InstallBackend): if progress > 51 and progress < 90 and self.on_install_stage == False: logging.info("The process is now in the installtion phase") self.on_install_stage = True - self.window_main.safe_manager.shutdown_safe() + self.safe_manager.shutdown_safe() self._start_install_lock(_("Kylin System Updater")) #只处理从下载切换到安装时出现的网络问题 diff --git a/backend/SystemUpdater/backend/__init__.py b/backend/SystemUpdater/backend/__init__.py index 79f8685..763f4f6 100644 --- a/backend/SystemUpdater/backend/__init__.py +++ b/backend/SystemUpdater/backend/__init__.py @@ -12,6 +12,7 @@ import subprocess import traceback import shutil import fcntl +import dbus import threading from apt import Cache from gettext import gettext as _ @@ -179,6 +180,9 @@ class InstallBackend(): self.update_essential = UpdateEssentialItem(self) + if self.action == self.ACTION_INSTALL: + self.safe_manager = UpdateSafeManager() + #更新的时候此对象还未生成 if self.window_main.update_list != None: self.upgrade_data = window_main.update_list.upgrade_meta @@ -664,7 +668,7 @@ class InstallBackend(): #升级完成后走的分支 if action == self.ACTION_INSTALL: false_num = 0 - self.window_main.safe_manager.reset_safe() + self.safe_manager.reset_safe() self._release_install_lock() self._send_error_code(error_code) @@ -1182,4 +1186,58 @@ class InhibitShutdownLock(): logging.error("unlock failed." + str(e)) self.pidfile.close() self.pidfile = None - return False \ No newline at end of file + return False + +class UpdateSafeManager(): + KYSEC_STATUS = "/sys/kernel/security/kysec/status" + KYSEC_EXECTL = "/sys/kernel/security/kysec/exectl" + + KYSEC_EXECUT_CONTROL = 0 + KYSEC_NETWORK_CONTROL = 1 + KYSEC_SHUTDOWN_CODE = 0 + + def __init__(self): + self.bus = dbus.SystemBus() + self.safe_status = False + self.safe_exectl_code = self.KYSEC_SHUTDOWN_CODE + self.check_status() + + def check_status(self): + self._check_safe_status() + self._check_safe_exectl() + + def _check_safe_status(self): + if os.path.exists(self.KYSEC_STATUS): + with open(self.KYSEC_STATUS, 'r') as f: + data = f.read() + if data != "0": + self.safe_status = True + + def _check_safe_exectl(self): + if self.safe_status == True: + if os.path.exists(self.KYSEC_EXECTL): + with open(self.KYSEC_EXECTL, 'r') as f: + data = f.read() + self.safe_exectl_code = int(data) + logging.info("Now kylin Sec has opened and exectl status:%s...",data) + + def reset_safe(self): + if self.safe_status == True: + self._set_kysec_status(self.KYSEC_EXECUT_CONTROL,self.safe_exectl_code) + self._set_kysec_status(self.KYSEC_NETWORK_CONTROL,2) + + def shutdown_safe(self): + if self.safe_status == True: + self._set_kysec_status(self.KYSEC_EXECUT_CONTROL,self.KYSEC_SHUTDOWN_CODE) + self._set_kysec_status(self.KYSEC_NETWORK_CONTROL,self.KYSEC_SHUTDOWN_CODE) + + def _set_kysec_status(self,fun,value): + try: + obj = self.bus.get_object('com.kylin.kysec', '/xattr') + interface = dbus.Interface(obj,dbus_interface='com.kylin.kysec.xattr') + retval = interface.kysec_xattr_set_func_status(fun,value,timeout=0.5) + logging.info("Set kysec_xattr_set_func_status %s...",str(value)) + return True + except Exception as e: + logging.error("Set kylin Sec Failed and fun:%d value:%d Error msg:" + str(e),fun,value) + return False From 0a2b8dd86793d4991bba9bd8e1a48d7150c42d96 Mon Sep 17 00:00:00 2001 From: luoxueyi Date: Thu, 27 Oct 2022 16:21:14 +0800 Subject: [PATCH 2/3] =?UTF-8?q?=E6=98=BE=E7=A4=BA=E5=88=97=E8=A1=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/SystemUpdater/UpdateManagerDbus.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/SystemUpdater/UpdateManagerDbus.py b/backend/SystemUpdater/UpdateManagerDbus.py index 125ab5e..beba797 100755 --- a/backend/SystemUpdater/UpdateManagerDbus.py +++ b/backend/SystemUpdater/UpdateManagerDbus.py @@ -403,15 +403,15 @@ class UpdateManagerDbusController(dbus.service.Object): os.environ["LANGUAGE"] = user_lang self.parent.aptd_lang_switch = True reload(enums) + + purge_list = [str(pkg) for pkg in _purge_list] sender_name = get_proc_from_dbus_name(sender) - logging.info(COLORMETHOR_PREFIX+'Method'+COLORLOG_SUFFIX+' DistPurgePackages Sender:%s and purge list is:%s...',sender_name,_purge_list) + logging.info(COLORMETHOR_PREFIX+'Method'+COLORLOG_SUFFIX+' DistPurgePackages Sender:%s and purge list is:%s...',sender_name, purge_list) (status, details) = PolicyKit_Authority(get_source_name_from_enum(sender_name)+_(" requires authentication to uninstall software packages."), sender) if not status: self.PurgePackagesFinished(False,details,'') return self.RETURN_UNKNOWN_CODE,details - purge_list = [str(pkg) for pkg in _purge_list] - #目前只有360使用这个环境变量 当其他包也使用时 可以将这个权限放开 if "360epp" in purge_list: #需要对aptdeamon加这两个环境变量 才可以提示弹窗 From 6c5150273ac6cf63e1c846ea794329cf195717d5 Mon Sep 17 00:00:00 2001 From: wangsong Date: Thu, 27 Oct 2022 17:25:21 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E8=B0=83=E6=95=B4=E8=BF=9B=E5=85=A5?= =?UTF-8?q?=E5=AE=89=E8=A3=85=E9=98=B6=E6=AE=B5=E7=9A=84=E6=97=B6=E5=88=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/SystemUpdater/backend/InstallBackendAptdaemon.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/SystemUpdater/backend/InstallBackendAptdaemon.py b/backend/SystemUpdater/backend/InstallBackendAptdaemon.py index 3df507b..8c60761 100644 --- a/backend/SystemUpdater/backend/InstallBackendAptdaemon.py +++ b/backend/SystemUpdater/backend/InstallBackendAptdaemon.py @@ -352,7 +352,7 @@ class InstallBackendAptdaemon(InstallBackend): elif action == self.ACTION_INSTALL: #50%时候 属于下载状态切换到安装状态的过程 下面的代码只执行一次 #Fix 取消的时候进度会直接跳到100 出现判断错误进入安装状态 所以只有在进度51 - 90 之前的一次进度进入安装态 - if progress > 51 and progress < 90 and self.on_install_stage == False: + if progress >= 50 and progress < 90 and self.on_install_stage == False: logging.info("The process is now in the installtion phase") self.on_install_stage = True self.safe_manager.shutdown_safe()