wo4hSVddlZddlZddlZddlZddlZddlZddlZddlZddlm Z m Z ddl m Z ddl mZddlmZmZmZddlmZddlmZddlmZdd lmZdd lmZmZmZmZm Z dd l!m"Z"dd l#m$Z$d dl%m&Z&d dl'm(Z(m)Z)ddl%m*Z*edZ+edZ,eej-j.dz Z/dZ0dZ1dZ2dZ3ej4re2ne3Z5dZ6dZ7dZ8ej9e:Z;dZdZ?dZ@iid ZAGd!d"e*jBZCd#ZDGd$d%e$ZEGd&d'e*jFZGdS)(N) OrderedDict defaultdict)suppress)Path)DictListSet)urlparse)Versionis_cpanel_installed)config)antivirus_modeasync_lru_cache check_run CheckRunErrorrun) IPEchoAPI)KWConfig)packages)WHMAPIExceptionwhmapi1)basez/var/cpanel/packages/extensionsz/usr/local/cpanelzcpanel/packages/extensionsz/etc/userplansz6/etc/userdatadomains;/var/cpanel/userdata/{user}/cachezimunify-antivirus imunify360z(/usr/local/cpanel/scripts/install_pluginz*/usr/local/cpanel/scripts/uninstall_pluginz!/etc/sysconfig/imunify360/cpanel/z,/etc/sysconfig/imunify360/cpanel/{name}.confz 2086-2087z/homez/etc/wwwacct.conf) userplansuserdatadomainsceZdZdS)cPanelExceptionN)__name__ __module__ __qualname___/opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/subsys/panels/cpanel/panel.pyr r =sDr%r cfd}|S)zDecorator for functions on cPanel instance methods. Calls original function if _is_dns_only() returns False, otherwise throws cPanelException.c~K|r|d|g|Ri|d{VS)Nz'Method is not allowed for dnsonly panel) _is_dns_only exception)selfargskwargsfns r&wrapperz forbid_dns_only..wrapperGsa      L..!JKK KR.t...v.........r%r$)r.r/s` r&forbid_dns_onlyr0As# ///// Nr%ceZdZdZdZeZdS) AccountConfigz ^{}\s+(.*)?$z{} {}N)r!r"r#SEARCH_PATTERN WRITE_PATTERN WWWACT_CONFDEFAULT_FILENAMEr$r%r&r2r2Os $NM"r%r2ceZdZdZgdezgdezdgdgdddZeZdgZdZ d Z e d Z e d Ze d Ze d Zejd4dZejd4dZedZe edfdZdedeefdZdeefdZdeeeeffdZdZe ddefdZ!de"ddfdZ#ded eddfd!Z$ded eddfd"Z%deeeeefffd#Z&e d$Z'e d%Z(e edfd&Z)e d5d'Z*e d(Z+e d)Z,e d*eddfd+Z-e d,efd-Z.e d.Z/de0efd/Z1e dd0d1Z2deeeffd2Z3deeeeffd3Z4dS)6cPanel)143465z 2077-2080z 2082-208320952096) 37431138732073208921952703627724441)inout)202153443)rIrJrKr?123r@rErF)tcpudpcpanelz/var/cpanel/users.cache/z/var/cpanel/resellersc@tjdS)Nz/var/cpanel/dnsonly)ospathisfiler$r%r&r)zcPanel._is_dns_onlyssw~~3444r%cd}tj|stjSt |5}|cdddS#1swxYwYdS)Nz/var/cpanel/mainip)rRrSexistsrget_ipopenreadstrip)clsip_conffs r& get_server_ipzcPanel.get_server_ipws&w~~g&& &#%% % ']] $a6688>>## $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $s&A77A;>A;ctSNr )r[s r& is_installedzcPanel.is_installeds"$$$r%cKtddgd{V\}}}|}|r|dndS)Nz/usr/local/cpanel/cpanelz-Vrunknown)rdecodesplit)r[_dataversions r&rhzcPanel.versions] :DABBBBBBBB 4++--%%''$3wqzz)3r%NcK|pt}|ttfvsJt|}|dz}t j|rtj ||t| d{Vtdkrt j ddz|ztjdt j d|zdS)Nnamez.rpmnewz65.0z*/bin/sed -i -e "s@^target=.*@target=%s@g" _selfzcPanel: register_appconfig... z)/usr/local/cpanel/bin/register_appconfig ) PLUGIN_NAMEAV_PLUGIN_NAMEIM360_PLUGIN_NAMECONFIG_FILE_TEMPLATEformatrRrSrVshutilmover rhsystemsysstdoutwrite)r+rk plugin_nameconfig_filenamenew_confs r&enable_imunify360_pluginzcPanel.enable_imunify360_plugins)k ~/@AAAAA.55;5GG"Y. 7>>( # # 3 K/ 2 2 2 '''''' ( (76?? : : I>/ * *  J  @ A A A I=O       r%cTKfdd{VDS)zD :return: list: domains hosted on server via cpanel cJg|]}|D]\}}| Sr$) _userdomains).0userdomain user_pathr+s r& z+cPanel.get_user_domains..sR   %)%6%6t%<%<  "      r%N) get_usersr+s`r&get_user_domainszcPanel.get_user_domainssN     "nn........    r%TcJgfd}||||S)Ncz|d}|krdS|d}|d}|||ddS)Nrr)docrootrtype)append)rSd domain_datauser_doc_typerdomainsusernames r&parserz/cPanel.get_user_domains_details..parsersaNE  "1~H!!nG NN&$     r%quiet)_parse_userdatadomains)r[r_pathrrrs ` @r&get_user_domains_detailszcPanel.get_user_domains_detailssK       ""5&">>>r%userplans_pathreturncKtj|sgStddd}|tj|krtddSt |dd5}g}|D]}|ds~|d d kret| d kr@| | d d  dddn #1swxYwYtj|tdd<|tdd<|S) Nrmtimeruserszutf-8surrogateescape)encodingerrors#:r) rRrSrT_CACHEgetgetmtimerX startswithcountlenrZrre)r+r _cached_mtimer]rlines r& _do_get_userszcPanel._do_get_userssw~~n-- I{+//;; BG,,^<< < <+&w/ /  W5F   = E = =,,= 31,,DJJLL))A--LLC!3!9!9!;!;<<<  = = = = = = = = = = = = = = = =(*w'7'7'G'G{G$',{G$ s BD55D9<D9cFK|td{VSr`)rCPANEL_USERPLANS_PATHrs r&rzcPanel.get_userss/''(=>>>>>>>>>r%cKtt}|d{VD]8}||D] \}}|||!9|S)zp Returns dict with domain to list of users pairs :return: dict domain to list of users: Nrlistrrr)r+domain_to_usersrrrfs r&get_domain_to_ownerzcPanel.get_domain_to_owners &d++..******** 5 5D!..t44 5 5 '..t4444 5r%cKtt}|d{VD]8}||D] \}}|||!9|S)zp Returns dict with users to list of domains pairs :return: dict user to list of domains Nr)r+user_to_domainsrrrfs r&get_domains_per_userzcPanel.get_domains_per_users &d++..******** 5 5D!..t44 5 5 %,,V4444 5r%)maxsizecKtd|dd{Vd}t|dkrdSt|}|jd|jd S) z8 Returns panel url :return: str create_user_sessioncpaneld)rserviceNurlrz://z:/cpsess0000000000/frontend/jupiter/imunify/imunify.live.pl)rrr schemenetloc)r+rlinkparseds r&panel_user_linkzcPanel.panel_user_links%Hi         t99>>2$-mmFMmmmmr%myimunify_enabledcKtjrdStdsdS|rdnd}|rdnd}t jdD]z}t|rWt j|}| ||d{V| ||d{V{dS)zK Switch UI panel configuration between Im360 and MyImunify Nz./var/imunify360/i360-userside-plugin.installedmyimunify_confconfz!/usr/local/cpanel/base/frontend/*) renabledrrVglobis_dirrRrSbasenamedisable_config enable_config)r+rconfig_to_enableconfig_to_disable theme_path theme_names r&switch_ui_configzcPanel.switch_ui_config s  ! 4DEELLNN 4/@L++f&7MFF=M)$GHH G GJJ&&(( GW--j99 ))*;ZHHHHHHHHH(()9:FFFFFFFFF  G Gr%rthemecK ttt|d|gd{VdS#t$r'}td||Yd}~dSd}~wwxYw)N--themez!Error in enabling config '%s': %s)rPLUGIN_INSTALL_SCRIPT CONFIG_PATHrloggerwarningr+rres r&rzcPanel.enable_configs K)",F,,           K K K NN> J J J J J J J J J K'- AAAcK ttt|d|gd{VdS#t$r'}td||Yd}~dSd}~wwxYw)Nrz"Error in disabling config '%s': %s)rPLUGIN_UNINSTALL_SCRIPTrrrrrs r&rzcPanel.disable_config,s L+",F,,           L L L NN? K K K K K K K K K LrcVKi} dt|jD}n#t$rd}YnwxYw|d{VD]}t jj}|dkr td5}tj |}dddn #1swxYwY| dd}n#ttjf$rd}YnwxYwd}d} d} t jj}n tt j|j|5}tj |}dddn #1swxYwY| dd}| d d}| d d} | d dd k} n$#ttjf$r d}d}d} d} YnwxYw|r||vrt jj}||| | t+|d ||<|S)zB Returns dict with user to email and locale pairs cFh|]}|dddS)rrr)re)rrs r& z*cPanel.get_user_details..Bs; 3""1%r%Nrootz/etc/wwwacct.conf.cache CONTACTEMAILrenFLOCALEOWNER SUSPENDED1)emaillocaleparent suspendedlevel)rRESELLERS_INFO read_text splitlines Exceptionrr UserLevel REGULAR_USERrXjsonloadrFileNotFoundErrorJSONDecodeErrorADMINrRrSjoin USER_INFO_DIRRESSELERint) r+ user_details resellersrrr] user_inforrrrs r&get_user_detailszcPanel.get_user_details9s    !455??AALLNNII   III ..********' ' DN/Ev~~7881A$(IaLL 111111111111111%MM."==EE)4+?@EEE! , &bgll4+=tDDEE1$(IaLL 111111111111111%MM."==E&]]8R88F&]]7B77F ) k2 > ># EII)4+?@&&&EFF %III & 4!2!2!N3E  &U ""L  sAA AAC"C4 C"C C"C C""C=<C=2G E, G,E0 0G3E0 4AGG54G5cg}d|vr@tjtjj}|d|}|d}|D]S}tj|r2| tj |T|rt|ndS)z^checks mtime of userdatadomains files (including cache) returns max mtime of all files{user};r) pwdgetpwuidrRgetuidpw_namereplacererSrVrrmax)r[r_mtimes call_as_user path_listpath_s r&_get_max_mtimezcPanel._get_max_mtimets  u  < 44.parserspNE +A [^++NNA}#566666&&='9::::: r%r)rrr)rrrrritemsr)r[rrr cached_datarrrs ` @@r&rzcPanel._userdomainss))&%88  " !mm -- ; ; ; ; ; ; ; ""5&">>>{###''..}}- -  !&)}}r%cd|vr@tjtjj}|d|}|d}|D]i} t|d}n5#t$r(}|st d||Yd}~Bd}~wwxYw t|D]\}} | } n,#t$rt d||YCwxYw| s\| ddkr|st d||| d\} } | d } ||| |  |R#|wxYwdS) NrrrbzCan't open file %s [%s]z-Broken %s line in file "%s"; line was ignoredz: rz2Can't parse %s line in file '%s'; line was ignoredz==)rrrRr r r rerXrrr enumeraterdUnicodeDecodeErrorrZrclose) rrrrrrfile_rirrdomain_raw_datars r&rzcPanel._parse_userdatadomainss u  < 44.>+FO"1"7"7"9"9"?"?"E"EKF5&+6666/72  I$ $ sI A11 B#;BB#'F.<CF.&C:7F.9C::BF..Gc4td|DS)Nc3nK|]0}t|V1dSr`)CPANEL_PACKAGE_EXTENSIONS_PATHjoinpathis_file)rfiles r& z0cPanel.is_extension_installed..sP   + 3 3D 9 9 A A C C      r%)all)r[pkgss r&is_extension_installedzcPanel.is_extension_installeds0        r%cvK tdd{V}td|dD}dD]dtfd|dD}td|dD}td |d Dsd Sen#ttf$rYd SwxYwd S) N list_hooksc32K|]}|ddk|VdS)categoryWhostmgrNr$)rcats r&r+z+cPanel.is_hook_installed..s=z?j000000r% categories)zAccounts::change_packagezAccounts::CreatezAccounts::Modifyc34K|]}|dk|VdS)eventNr$)rev event_names r&r+z+cPanel.is_hook_installed..s>'{j000000r%eventsc32K|]}|ddk|VdS)stagepostNr$)rsts r&r+z+cPanel.is_hook_installed..s9BwK64I4IB4I4I4I4Ir%stagesc3.K|]}|ddkVdS)hookzImunifyHook::hook_processingNr$)ractions r&r+z+cPanel.is_hook_installed..s@6N&DDr%actionsFT)rnextany StopIterationr)r[hooksr2r7r<r9s @r&is_hook_installedzcPanel.is_hook_installedsQ !,////////E .H  ! ! &x0 !&x"' "2!!55 ! !$/   55 tsBB!B!!B65B6extention_namecKtddd|D]$}tjt|z t%t j|fi|d{Vtjtj j ddtjtdz ttgdd{VdS)NiT)modeparentsexist_ok)rKrMImunifyHook.pm)"/usr/local/cpanel/bin/manage_hooksaddmodule ImunifyHook)r'mkdirrrcopy2"PREINSTALL_PACKAGE_EXTENSIONS_PATHradd_extension_for_allrRmakedirsrCoreINBOX_HOOKS_DIRCPANEL_HOOKS_PATHr)r[rIextention_filesr-filenames r&install_extensionzcPanel.install_extensions ',,t -   (  H L2X=.     ,^FFvFFFFFFFFF FK/edKKKK .1A A                  r%extension_namecKtgdd{Vtt5tdz dddn #1swxYwYt j|d{V|D]J}tt5t|z dddn #1swxYwYKdS)N)rOdelrQrRrN)rrrrZunlinkrremove_extension_from_allr')r[r^r[r\s r&uninstall_extensionzcPanel.uninstall_extension$s            ' ( ( < < !1 1 9 9 ; ; ; < < < < < < < < < < < < < < <0@@@@@@@@@' E EH+,, E E/(:BBDDD E E E E E E E E E E E E E E E E Es#AAAB==C C cg}tdd5}|D]V}|}t|dkr||dW dddn #1swxYwY|S)Nz /proc/mountsrr)rXrZrerr)mountsr]rvaluess r&rfz cPanel.mounts9s .# & & -! - -++--v;;??MM&),,, - - - - - - - - - - - - - - - -  sAA::A>A>cDtd}td}|tn|}t|h}||S|D]0}||vr*|ds||1|S)aeFetch list of basedirs. On cPanel, basedir is configured as HOMEDIR variable in /etc/wwwacct.conf. Also, there is a way to specify additional mount points as containing user folders, through HOMEMATCH variable. If value from HOMEMATCH variable is contained within a mount point path, cPanel uses this directory too.HOMEDIR HOMEMATCHNz /home/virtfs/)r2rBASE_DIRrfrrP)r+homedir homematchbasedirsmounts r&rnzcPanel.basedirsCs **..00!+..2244 %o((7g&  O[[]] $ $EE!!%*:*:?*K*K! U###r%)rc|KtjjsdStj|sdS|||d}t|jd|d}tj|}t|g| d{V}tj | d S) zG Notify a customer using cPanel iContact Notifications F)r) message_typeparamsrz .notify(%s)zB/usr/local/cpanel/whostmgr/docroot/cgi/imunify/handlers/notify.cgi)inputNr)r) r AdminContactsENABLE_ICONTACT_NOTIFICATIONSshould_send_user_notificationsrinfor!rdumpsrencodeloadsrd)r[rqrrrrgcmdstdinrHs r&notifyz cPanel.notifyYs #A 54dCCC 5 ,MM s|000$777 +  4  se5<<>>:::::::::z#**,=*>>???r%clKtfd}|t|dS)Nc*|d|d<dS)Nrrr$)rSrrresults r&rz$cPanel.list_docroots..parserss%0^F;q> " " "r%Tr)dictrCPANEL_USERDATADOMAINS_PATHr+rrs @r& list_docrootszcPanel.list_docrootspsV 4 4 4 4 4 ## 't $    r%cTKifd}|t|dS)Nc |dg|<dS)Nrr$)rfrrrs r&rz'cPanel.get_domain_paths..parsers$Q(F1IIIr%Tr)rrrs @r&get_domain_pathszcPanel.get_domain_paths|sR ) ) ) ) ) ## 't $    r%r`)T)5r!r"r#NAMETCP_PORTS_CPANEL OPEN_PORTSr r*smtp_allow_usersrr staticmethodr) classmethodr^rarhrensure_valid_panelr{r~r0rrrstrrrrrrrrrboolrrrrrrrrr.rHr]rcrfr rnr}rrr$r%r&r8r8Us DKJJ      $,++KKK  %J. I z.M,N55\5$$[$%%[%44[4 T    $T  _ 8[,#$s),? c???? 4T#Y+?       _S!!!nnnn"!n GGGGGG& K# Kc Kd K K K K L3 Ls Lt L L L L9S$sCx.-@(A9999v . .[ . L L[ L6d[8)))\)V  [ [@        [  DEsEEE[E(\#c(,8<@@@@[@, T#s(^     S$s)^(<      r%r8)HrloggingrRos.pathrrrrru collectionsrr contextlibrpathlibrtypingrrr urllib.parser packaging.versionr 3defence360agent.application.determine_hosting_panelr defence360agent.contractsrdefence360agent.utilsrrrrrdefence360agent.utils.ipechordefence360agent.utils.kwconfigrrrwhmrrrr'rZ PackagingDATADIRrUrrrnrorrmrrr getLoggerr!rrpTCP_PORTS_COMMONrrkr5rPanelExceptionr r0r2 AbstractPanelr8r$r%r&rs    00000000""""""""""!!!!!!%%%%%%-,,,,,322222333333))))))))!%&G!H!HD,--D  !""%AA#)<%  . 6Mnn