From a612d59132f14dbd2196bb4b777337c40f155645 Mon Sep 17 00:00:00 2001 From: wangsong Date: Wed, 26 Oct 2022 14:44:49 +0800 Subject: [PATCH] =?UTF-8?q?=E5=9C=A8=E5=AE=89=E8=A3=85=E6=97=B6=E5=88=BB?= =?UTF-8?q?=E5=85=B3=E9=97=AD=E8=81=94=E7=BD=91=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/SystemUpdater/UpdateManager.py | 49 --------------- .../backend/InstallBackendAptdaemon.py | 2 +- backend/SystemUpdater/backend/__init__.py | 62 ++++++++++++++++++- 3 files changed, 61 insertions(+), 52 deletions(-) diff --git a/backend/SystemUpdater/UpdateManager.py b/backend/SystemUpdater/UpdateManager.py index 46f6f84..198e0bc 100644 --- a/backend/SystemUpdater/UpdateManager.py +++ b/backend/SystemUpdater/UpdateManager.py @@ -64,7 +64,6 @@ class UpdateManager(): self.simulate_mode = SimulateTerminal() self.install_mode = UpdateInstallMode(self) self.apt_p2p_config = AptP2pConfigManager() - self.safe_manager = UpdateSafeManager() self._reload_options_config() self._refresh_cache_only() @@ -920,54 +919,6 @@ class SimulateTerminal(): return terminal_msg -class UpdateSafeManager(): - KYSEC_STATUS = "/sys/kernel/security/kysec/status" - KYSEC_EXECTL = "/sys/kernel/security/kysec/exectl" - def __init__(self): - self.bus = dbus.SystemBus() - self.safe_status = False - self.safe_exectl = 0 - self.check_status() - - def check_status(self): - self._check_safe_status() - self._check_safe_exectl() - - def _check_safe_status(self): - if os.path.exists(self.KYSEC_STATUS): - with open(self.KYSEC_STATUS, 'r') as f: - data = f.read() - if data != "0": - self.safe_status = True - logging.info("Safe mode is turned on...") - - def _check_safe_exectl(self): - if self.safe_status == True: - if os.path.exists(self.KYSEC_EXECTL): - with open(self.KYSEC_EXECTL, 'r') as f: - data = f.read() - self.safe_exectl = int(data) - logging.info("Safe exectl is %s...",data) - - def reset_safe(self): - if self.safe_status == True: - self._set_fun_status(self.safe_exectl) - def shutdown_safe(self): - if self.safe_status == True: - self._set_fun_status(0) - - #设置aptdeamon的环境变量 - def _set_fun_status(self,value): - try: - logging.info("Set kysec_xattr_set_func_status %s...",str(value)) - obj = self.bus.get_object('com.kylin.kysec', '/xattr') - interface = dbus.Interface(obj,dbus_interface='com.kylin.kysec.xattr') - retval = interface.kysec_xattr_set_func_status(0,value,timeout=2) - return retval - except Exception as e: - logging.error(str(e)) - return False - class UpdateInstallMode(): OPENKYLIN_DISTTRIBUTOR = "Openkylin" KYLIN_DISTTRIBUTOR = "Kylin" diff --git a/backend/SystemUpdater/backend/InstallBackendAptdaemon.py b/backend/SystemUpdater/backend/InstallBackendAptdaemon.py index 00baeb5..3df507b 100644 --- a/backend/SystemUpdater/backend/InstallBackendAptdaemon.py +++ b/backend/SystemUpdater/backend/InstallBackendAptdaemon.py @@ -355,7 +355,7 @@ class InstallBackendAptdaemon(InstallBackend): if progress > 51 and progress < 90 and self.on_install_stage == False: logging.info("The process is now in the installtion phase") self.on_install_stage = True - self.window_main.safe_manager.shutdown_safe() + self.safe_manager.shutdown_safe() self._start_install_lock(_("Kylin System Updater")) #只处理从下载切换到安装时出现的网络问题 diff --git a/backend/SystemUpdater/backend/__init__.py b/backend/SystemUpdater/backend/__init__.py index 79f8685..763f4f6 100644 --- a/backend/SystemUpdater/backend/__init__.py +++ b/backend/SystemUpdater/backend/__init__.py @@ -12,6 +12,7 @@ import subprocess import traceback import shutil import fcntl +import dbus import threading from apt import Cache from gettext import gettext as _ @@ -179,6 +180,9 @@ class InstallBackend(): self.update_essential = UpdateEssentialItem(self) + if self.action == self.ACTION_INSTALL: + self.safe_manager = UpdateSafeManager() + #更新的时候此对象还未生成 if self.window_main.update_list != None: self.upgrade_data = window_main.update_list.upgrade_meta @@ -664,7 +668,7 @@ class InstallBackend(): #升级完成后走的分支 if action == self.ACTION_INSTALL: false_num = 0 - self.window_main.safe_manager.reset_safe() + self.safe_manager.reset_safe() self._release_install_lock() self._send_error_code(error_code) @@ -1182,4 +1186,58 @@ class InhibitShutdownLock(): logging.error("unlock failed." + str(e)) self.pidfile.close() self.pidfile = None - return False \ No newline at end of file + return False + +class UpdateSafeManager(): + KYSEC_STATUS = "/sys/kernel/security/kysec/status" + KYSEC_EXECTL = "/sys/kernel/security/kysec/exectl" + + KYSEC_EXECUT_CONTROL = 0 + KYSEC_NETWORK_CONTROL = 1 + KYSEC_SHUTDOWN_CODE = 0 + + def __init__(self): + self.bus = dbus.SystemBus() + self.safe_status = False + self.safe_exectl_code = self.KYSEC_SHUTDOWN_CODE + self.check_status() + + def check_status(self): + self._check_safe_status() + self._check_safe_exectl() + + def _check_safe_status(self): + if os.path.exists(self.KYSEC_STATUS): + with open(self.KYSEC_STATUS, 'r') as f: + data = f.read() + if data != "0": + self.safe_status = True + + def _check_safe_exectl(self): + if self.safe_status == True: + if os.path.exists(self.KYSEC_EXECTL): + with open(self.KYSEC_EXECTL, 'r') as f: + data = f.read() + self.safe_exectl_code = int(data) + logging.info("Now kylin Sec has opened and exectl status:%s...",data) + + def reset_safe(self): + if self.safe_status == True: + self._set_kysec_status(self.KYSEC_EXECUT_CONTROL,self.safe_exectl_code) + self._set_kysec_status(self.KYSEC_NETWORK_CONTROL,2) + + def shutdown_safe(self): + if self.safe_status == True: + self._set_kysec_status(self.KYSEC_EXECUT_CONTROL,self.KYSEC_SHUTDOWN_CODE) + self._set_kysec_status(self.KYSEC_NETWORK_CONTROL,self.KYSEC_SHUTDOWN_CODE) + + def _set_kysec_status(self,fun,value): + try: + obj = self.bus.get_object('com.kylin.kysec', '/xattr') + interface = dbus.Interface(obj,dbus_interface='com.kylin.kysec.xattr') + retval = interface.kysec_xattr_set_func_status(fun,value,timeout=0.5) + logging.info("Set kysec_xattr_set_func_status %s...",str(value)) + return True + except Exception as e: + logging.error("Set kylin Sec Failed and fun:%d value:%d Error msg:" + str(e),fun,value) + return False