wo4hB$ddlZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl Z ddl Z ddl m Z mZddlmZddlZddlZddlmZmZddlmZddlmZddlmZddlmZmZdd lmZej !d d Z"ej#e$Z%Gd d ej&j'Z(d"dZ)GddZ*eddZ+dZ,dZ-dZ.dZ/dZ0dZ1dZ2dZ3dZ4dZ5dZ6e dZ7Gd d!Z8dS)#N)contextmanagersuppress) lru_cache)configsentry) AcronisBackup)Logger)Sentry)antivirus_mode is_root_user)tagsIMUNIFY360_LOGGING_PREFIXc$eZdZfdZdZxZS)RotatingCompressionFileHandlerc t|S#t$r?}||_t d|Yd}~dSd}~wwxYw)Nz2Failed on shouldRollover to rollover log file [%s]F)supershouldRollover Exception_openstreamloggererror)selfrecorde __class__s U/opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/internals/logger.pyrz-RotatingCompressionFileHandler.shouldRolloversx 77))&11 1   **,,DK LLDa   55555  s $ A-4A((A-c&|jr|j|jdkr t|jdz ddD]}d|j|fz}d|j|dzfz}t j|rHt j|rt j|t j |||jdz}t j|rt j|tj |j|t j |jdt|d5}tj d|zd5}tj||dddn #1swxYwYdddn #1swxYwYt j|n2#t $r%}t"d |Yd}~nd}~wwxYwd |_||_dS) Nrz%s.%d.gzz.1rbz%s.gzwbz.Failed on doRollover to rollover log file [%s]w)rclose backupCountrange baseFilenameospathexistsremoverenameshutilcopy2truncateopengzip copyfileobjOSErrorrrmoder)risfndfnf_inf_outrs r doRolloverz)RotatingCompressionFileHandler.doRollover(s ; K       a   t/!3Q;;,,A$(91'==C$(91q5'AACw~~c**,7>>#..+IcNNN #s+++'$.7>>#&&#IcNNN T.444 D-q111#t__4dicM4//4&tU333444444444444444444444444444444 #    Da  jjll s`DF? F&F< FF FF F F?F##F?&F#'F?? G. G))G.)__name__ __module__ __qualname__rr; __classcell__)rs@rrrsG#######rFc tj}n#ttf$rd}YnwxYw|rt jtj|tjj dt j 5}tj D]\}}|||dtjdi|_dddn #1swxYwYdddSd d dS) NTon)dsndebugreleaseattach_stacktraceid server_idERRORz-sentry_sdk.integrations.logging.SentryHandler)levelclassNOTSETzlogging.NullHandler)r ENABLEKeyErrorAssertionError sentry_sdkinitDSNrCoreVERSIONconfigure_scoperr itemsset_tagtaguser)rDerror_reportingscoperXvalues r _sentry_initr]FsR - n %  K'"      ' ) ) 9U$kmm1133 * * U c5)))) ; 7 78EJ 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 D   *   s %%.ACCCcHeZdZdejjzZedZdZ dS)_LoggerDynConfigz /var/log/%scxdtjjdtjpt jS)Nz /var/log/z _user_logs/)rrSPRODUCTgetpassgetuserr)getuidr@r _user_log_dirz_LoggerDynConfig._user_log_dirfs7 K    O   , ,  r@ctr|jn||_dgddgddgdddt ddd|jzd t jt jd d ddd |jzd t jt jd d ddd |jzd t jt jd d ddd|jzd t jt jd d ddd|jzd t jt jd d ddddddddd|jzd t jt jd dddgdddddtdiddtd idd!id"d#d$|_ dgd|j d%d&<dddtj |jtjd t jt jd d|j d'd(<dS))NDEBUG)rJhandlersINFO)network"defence360agent.internals.the_sink event_hookr WARNING abstimestampz %s/error.logz?defence360agent.internals.logger.RotatingCompressionFileHandlerutf8)rJ formatterfilenamerKmaxBytesr&encodingz%s/network.logz %s/debug.logz%s/console.log eventhookz %s/hook.logzlogging.StreamHandlerzext://sys.stderr)rqrKrrJ reltimestampr$z%s/process_message.log)rqr5rJrrrKrsr&rt)r error_log network_log debug_log console_loghook_logconsoleprocess_message_logrL)rzrwrlogsformatz*%(levelname)-7s [+%(relativeCreated)5dms] z%(name)50s|%(message)sz%(levelname)-7s [%(asctime)s] z%(name)s: %(message)sz%(created)d : %(message)s)rvroruF)loggersversionrirootmkdir formattersdisable_existing_loggersrAcronisClientInstallerriacronis_installer_log)r _ROOT_LOG_DIRrflog_dirr]ConfigMAX_LOG_FILE_SIZE BACKUP_COUNTPREFIXmutableDictConfigr)r*joinrLOG_NAMErs r__init__z_LoggerDynConfig.__init__ms"... JD  d6H6H6J6J % " % "77 $ " &..&!/ . =9!' 8#)#6 &  %!/ 04< ?9!' 8#)#6 &  %!/ . =9!' 8#)#6 &  $!/ 04< ?9!' 8#)#6 &  $!, - <9!' 8#)#6 &  "040# "0$ 84< G9!' 8#)#6 & ( (IQQf":!:::!''''! '(CD).{~" ~" BG G y)*BC ( T\=3IJJ10!. G G z*+BCCCr@N) r<r=r>rrSrar staticmethodrfrrer@rr_r_csP!FK$77M  \ U U U U U r@r_r ctSN)r_rer@r _late_initrs   r@ctt5tjdcdddS#1swxYwYdS)ay :return bool: True if python interpreter is being run in CageFS container, otherwise False :raise: never Current implementation simply checks "/var/.cagefs" presence, as Anton Volkov consulted us to do. Placing this function not in 'subsys' package, because 'logger' module is one of cornerstones dependency for 'subsys' package as well. z /var/.cagefsN)rr4r)r*r+rer@r_we_are_in_cagefsr s '  ..w~~n--..................sAAAcd}|||tj|D]d\}}}|D],}|tj|||-|D],}|tj|||-edS)zChange file/dir modes recursively. Starting at dirname, change all inner directory permissions to dir_perm, file permissions to file_perm Permission errors are logged to stderr and are ignored in any case. c tj||dS#t$r>}tjd||Yd}~dSd}~wwxYw)Nz [WARNING] cannot chmod on {}: {})r)chmodPermissionErrorsysstderrwriter) file_dir_path permissionrs r _os_chmodz"_chmod_log_dirs.._os_chmod#s  H]J / / / / /    J  299-KK          s A!3AA!N)r)walkr*r) dirnamedir_perm file_permrr*dirsfiles directorynames r_chmod_log_dirsrsIgx   WW--;;dE ? ?I Ibgll433X > > > > ; ;D Ibgll4.. : : : : ;;;r@c*tjdrdS tjt j}tj|tjdt|tjtj tj t jtt _dS#t$$ret'sSt)jt jt jdtjjzYdSYdSt4$rTt)jt jt jdtjjzYdSwxYw)z> Re-catch with _LoggerDynConfig and re-open log files IMUNIFY360_DISABLE_LOGGINGT)exist_ok)filez%s logger is not available. N)r)getenvr cached_fillrrmakedirsr LOG_DIR_PERMr LOG_FILE_PERMloggingr dictConfigr_log_uncaught_exceptionsr excepthookr4r traceback print_excrrrSrar)rs r reconfigurer3s y-..6  6      ll*G K!4t D D D D GV%8&:N O O O N % %jll&D E E E,6CNNN+   %&& #4444   3fk6II         SZ 0 0 0 0 J  /&+2EE       sBCA(F5AFFct|trtj|||dStd|||fdS)Nzuncaught exception)exc_info) issubclassKeyboardInterruptr__excepthook__rcritical)exc_type exc_value exc_tracebacks rrrYs`(-.. 8Y >>> OO)]'Kr@ct|5}tj|}dddn #1swxYwYtj|t dSr)r1yaml safe_loadrrupdater)rr config_filers rupdate_logging_config_from_filercs h-; ,,---------------LL"))&111MMMMMs 155ctjj}tjdD].}|tj|j/d|DS)Nrcg|]C}t|dr1t|jdr|jtjk<|jDS)rfileno)hasattrrrr).0hs r zget_fds..ps_    1h    AHh ' '   H " "  # " "r@)rrrirrkeysextend getLogger)ri_loggers rget_fdsrksw|$H<<1)<AACC==)'22;<<<<     r@cldtjdDS)Nc,g|]\}}d|v |dS)rrre)r_valuess rrz&get_log_file_names..zs6    Av    z   r@ri)rrrVrer@rget_log_file_namesrys;  #7 CIIKK   r@c|tjvr,tjdtj|jzStjd|zS)Nznetwork.)rmodulesrrr<)rs rgetNetworkLoggerrsE s{ ck$.?.H!HIII d!2333r@ctjr8tjdddd|dkr8tjdddd|dkr8tjdd dd |d kr2tjd dd tjddddt dS)Nrrrirrkrxrlr}rryrmr{)r disabledrrappendr)verboses r setLogLevelrs* &y12JK  &( ) ) )!|| &y1)<  &   !|| &y1 0  f2333!|| &v.z:AA+NNNLL"9-l;JGNNMMMMMr@cf|tjddd<tdS)z' also results in reconfigure() rir|rJN)rrr) newloglevels rsetConsoleLogLevelrs4 LL":.y9MMMMMr@c(tjdd}ttj|dtj }|D]B}t t5tj |dddn #1swxYwYCdS)N/zmalware_scan_*.log) rrsortedglobrrrr4r)unlink)MALWARESCANLOG_GLOBfiles_run_gc_for oldlogfiles r_runMalwareScanLogGCrs  di(;<<==6  '"" g   " " Ij ! ! ! " " " " " " " " " " " " " " """s%BB B c#Kttjdtjd}t |d5}|VddddS#1swxYwYdS)Nrzmalware_scan_%y%m%d%H%M.logr$)rrrtimestrftimer1)r*fs ropenMalwareScanLogrs   3444 D dCAs AA!$A!c4eZdZGddZdZdZdS)EventHookLoggercBeZdZGddZdZd dZdZdZdS) EventHookLogger._EventLoggerc8eZdZdZdZdZdZd dZdZdZ d S) (EventHookLogger._EventLogger._HookLoggerzD{uuid:s} : {action:s} {native:s}: {event:s} : {subtype:s} : {path:s}c||_|j|_|j|_|j|_|j|_||_dSr)r*eventsubtypeuuidlognative)rparentr*rs rrz1EventHookLogger._EventLogger._HookLogger.__init__s8  #\ %~ "K !:$ r@c|Srrers r __enter__z2EventHookLogger._EventLogger._HookLogger.__enter__s r@cdSrrerrexc_valexc_tbs r__exit__z1EventHookLogger._EventLogger._HookLogger.__exit__sr@rct|j||jrdnd|j|j|jd}|jjdi|}|rd||g}| |dS)Nznative r)ractionrrrr*z : re) strrrrrr*tplrrr)rr messagedatamsgs r_logz-EventHookLogger._EventLogger._HookLogger._logs NN$+/;>iiB!Z#| I &dho----5**c7^44C r@c0|ddS)Nstarted)rrs rbeginz.EventHookLogger._EventLogger._HookLogger.begins )$$$$$r@c|dkrdnd}|r$d|t|g}|rBt|tr|d}d||g}|d|dS) NrOKrI:backslashreplace)errors done)rr isinstancebytesdecoder)r exit_codeerrrs rfinishz/EventHookLogger._EventLogger._HookLogger.finishs"+q..$$gB!hhY'@AAG8!#u--D!jj0BjCC"ii#77G &'*****r@N)r) r<r=r>rrrr rrr#rer@r _HookLoggerrs}5   % % %            % % % + + + + +r@r$cj||_||_tj|_|j|_dSr)rrruuid4r)rrrrs rrz%EventHookLogger._EventLogger.__init__s*DJ"DL DIzDHHHr@Fc2||||S)N)r)r$)rr*rs r__call__z%EventHookLogger._EventLogger.__call__s##D$v#>> >r@c|Srrers rrz&EventHookLogger._EventLogger.__enter__sKr@cdSrrers rr z%EventHookLogger._EventLogger.__exit__s Dr@NF)r<r=r>r$rr(rr rer@r _EventLoggerrs~0 +0 +0 +0 +0 +0 +0 +0 +d " " "  ? ? ? ?        r@r,cFtjd}|j|_dS)Nrm)rrinfor)rrs rrzEventHookLogger.__init__s"<00;r@c0||||Sr)r,)rrrs rr(zEventHookLogger.__call__ s  ug666r@N)r<r=r>r,rr(rer@rrrsc@@@@@@@@D77777r@rr+)9rbrr2rlogging.configlogging.handlersr)r.rrrr contextlibrr functoolsrrPrdefence360agent.contractsrr defence360agent.contracts.configrr rr defence360agent.utilsr r defence360agent.applicationr environgetrrr<rriRotatingFileHandlerrr]r_rrrrrrrrrrrrrrrer@rr;s   //////// 44444444::::::======333333>>>>>>>>,,,,,, 3R 8 8  8 $ $&#&#&#&#&#W%5%I&#&#&#R    :_ _ _ _ _ _ _ _ D 1 . . . ;;;2#6#6#6L   444. " " "H7H7H7H7H7H7H7H7H7H7r@