*vhaR\ddlZddlZddlZddlZddlZddlZddlZddlZddlm Z m Z ddl m Z ddl mZddlmZmZmZddlmZddlmZddlmZdd lmZdd lmZmZmZmZm Z dd l!m"Z"dd l#m$Z$d dl%m&Z&d dl'm(Z(m)Z)ddl%m*Z*ddl*m+Z+edZ,edZ-eej.j/dz Z0dZ1dZ2dZ3dZ4ej5re3ne4Z6dZ7dZ8dZ9ej:e;ZdgzZ?dZ@d ZAiid!ZBGd"d#e*jCZDGd$d%e$ZEGd&d'e*jFZGdS)(N) OrderedDict defaultdict)suppress)Path)DictListSet)urlparse)Versionis_cpanel_installed)config)antivirus_modeasync_lru_cache check_run CheckRunErrorrun) IPEchoAPI)KWConfig)packages)WHMAPIExceptionwhmapi1)base)forbid_dns_onlyz/var/cpanel/packages/extensionsz/usr/local/cpanelzcpanel/packages/extensionsz/etc/userplansz6/etc/userdatadomains;/var/cpanel/userdata/{user}/cachezimunify-antivirus imunify360z(/usr/local/cpanel/scripts/install_pluginz*/usr/local/cpanel/scripts/uninstall_pluginz!/etc/sysconfig/imunify360/cpanel/z,/etc/sysconfig/imunify360/cpanel/{name}.confz 2086-2087z/homez/etc/wwwacct.conf) userplansuserdatadomainsceZdZdS)cPanelExceptionN)__name__ __module__ __qualname___/opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/subsys/panels/cpanel/panel.pyr!r!>sDr&r!ceZdZdZdZeZdS) AccountConfigz ^{}\s+(.*)?$z{} {}N)r"r#r$SEARCH_PATTERN WRITE_PATTERN WWWACT_CONFDEFAULT_FILENAMEr%r&r'r)r)Bs $NM"r&r)ceZdZdZgdezgdezdgdgdddZeZdgZdZ d Z e d Z e d Ze d Ze d Zejd4dZejd4dZedZe edfdZdedeefdZdeefdZdeeeeffdZdZe ddefdZ!de"ddfdZ#ded eddfd!Z$ded eddfd"Z%deeeeefffd#Z&e d$Z'e d%Z(e edfd&Z)e d5d'Z*e d(Z+e d)Z,e d*eddfd+Z-e d,efd-Z.e d.Z/de0efd/Z1e dd0d1Z2deeeffd2Z3deeeeffd3Z4dS)6cPanel)143465z 2077-2080z 2082-208320952096) 37431138732073208921952703627724441)inout)202153443)r@rArBr6123r7r<r=)tcpudpcpanelz/var/cpanel/users.cache/z/var/cpanel/resellersc@tjdS)Nz/var/cpanel/dnsonly)ospathisfiler%r&r' _is_dns_onlyzcPanel._is_dns_onlyfsw~~3444r&cd}tj|stjSt |5}|cdddS#1swxYwYdS)Nz/var/cpanel/mainip)rIrJexistsrget_ipopenreadstrip)clsip_conffs r' get_server_ipzcPanel.get_server_ipjs&w~~g&& &#%% % ']] $a6688>>## $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $s&A77A;>A;ctSNr )rSs r' is_installedzcPanel.is_installedss"$$$r&cKtddgd{V\}}}|}|r|dndS)Nz/usr/local/cpanel/cpanelz-Vrunknown)rdecodesplit)rS_dataversions r'r`zcPanel.versionws] :DABBBBBBBB 4++--%%''$3wqzz)3r&NcK|pt}|ttfvsJt|}|dz}t j|rtj ||t| d{Vtdkrt j ddz|ztjdt j d|zdS)Nnamez.rpmnewz65.0z*/bin/sed -i -e "s@^target=.*@target=%s@g" _selfzcPanel: register_appconfig... z)/usr/local/cpanel/bin/register_appconfig ) PLUGIN_NAMEAV_PLUGIN_NAMEIM360_PLUGIN_NAMECONFIG_FILE_TEMPLATEformatrIrJrNshutilmover r`systemsysstdoutwrite)selfrc plugin_nameconfig_filenamenew_confs r'enable_imunify360_pluginzcPanel.enable_imunify360_plugin}s)k ~/@AAAAA.55;5GG"Y. 7>>( # # 3 K/ 2 2 2 '''''' ( (76?? : : I>/ * *  J  @ A A A I=O       r&cTKfdd{VDS)zD :return: list: domains hosted on server via cpanel cJg|]}|D]\}}| Sr%) _userdomains).0userdomain user_pathrps r' z+cPanel.get_user_domains..sR   %)%6%6t%<%<  "      r&N) get_usersrps`r'get_user_domainszcPanel.get_user_domainssN     "nn........    r&TcJgfd}||||S)Ncz|d}|krdS|d}|d}|||ddS)Nrr)docrootr}type)append)rJd domain_datauser_doc_typerdomainsusernames r'parserz/cPanel.get_user_domains_details..parsersaNE  "1~H!!nG NN&$     r&quiet)_parse_userdatadomains)rSr_pathrrrs ` @r'get_user_domains_detailszcPanel.get_user_domains_detailssK       ""5&">>>r&userplans_pathreturncKtj|sgStddd}|tj|krtddSt |dd5}g}|D]}|ds~|d d kret| d kr@| | d d  dddn #1swxYwYtj|tdd<|tdd<|S) Nrmtimeruserszutf-8surrogateescape)encodingerrors#:r) rIrJrK_CACHEgetgetmtimerP startswithcountlenrRrr])rpr _cached_mtimerUrlines r' _do_get_userszcPanel._do_get_userssw~~n-- I{+//;; BG,,^<< < <+&w/ /  W5F   = E = =,,= 31,,DJJLL))A--LLC!3!9!9!;!;<<<  = = = = = = = = = = = = = = = =(*w'7'7'G'G{G$',{G$ s BD55D9<D9cFK|td{VSrX)rCPANEL_USERPLANS_PATHrs r'rzcPanel.get_userss/''(=>>>>>>>>>r&cKtt}|d{VD]8}||D] \}}|||!9|S)zp Returns dict with domain to list of users pairs :return: dict domain to list of users: Nrlistrrzr)rpdomain_to_usersr|r}r^s r'get_domain_to_ownerzcPanel.get_domain_to_owners &d++..******** 5 5D!..t44 5 5 '..t4444 5r&cKtt}|d{VD]8}||D] \}}|||!9|S)zp Returns dict with users to list of domains pairs :return: dict user to list of domains Nr)rpuser_to_domainsr|r}r^s r'get_domains_per_userzcPanel.get_domains_per_users &d++..******** 5 5D!..t44 5 5 %,,V4444 5r&)maxsizecKtd|dd{Vd}t|dkrdSt|}|jd|jd S) z8 Returns panel url :return: str create_user_sessioncpaneld)r|serviceNurlrz://z:/cpsess0000000000/frontend/jupiter/imunify/imunify.live.pl)rrr schemenetloc)rprlinkparseds r'panel_user_linkzcPanel.panel_user_links%Hi         t99>>2$-mmFMmmmmr&myimunify_enabledcKtjrdStdsdS|rdnd}|rdnd}t jdD]z}t|rWt j|}| ||d{V| ||d{V{dS)zK Switch UI panel configuration between Im360 and MyImunify Nz./var/imunify360/i360-userside-plugin.installedmyimunify_confconfz!/usr/local/cpanel/base/frontend/*) renabledrrNglobis_dirrIrJbasenamedisable_config enable_config)rprconfig_to_enableconfig_to_disable theme_path theme_names r'switch_ui_configzcPanel.switch_ui_configs  ! 4DEELLNN 4/@L++f&7MFF=M)$GHH G GJJ&&(( GW--j99 ))*;ZHHHHHHHHH(()9:FFFFFFFFF  G Gr&rthemecK ttt|d|gd{VdS#t$r'}td||Yd}~dSd}~wwxYw)N--themez!Error in enabling config '%s': %s)rPLUGIN_INSTALL_SCRIPT CONFIG_PATHrloggerwarningrprres r'rzcPanel.enable_configs K)",F,,           K K K NN> J J J J J J J J J K'- AAAcK ttt|d|gd{VdS#t$r'}td||Yd}~dSd}~wwxYw)Nrz"Error in disabling config '%s': %s)rPLUGIN_UNINSTALL_SCRIPTrrrrrs r'rzcPanel.disable_configs L+",F,,           L L L NN? K K K K K K K K K LrcVKi} dt|jD}n#t$rd}YnwxYw|d{VD]}t jj}|dkr td5}tj |}dddn #1swxYwY| dd}n#ttjf$rd}YnwxYwd}d} d} t jj}n tt j|j|5}tj |}dddn #1swxYwY| dd}| d d}| d d} | d dd k} n$#ttjf$r d}d}d} d} YnwxYw|r||vrt jj}||| | t+|d ||<|S)zB Returns dict with user to email and locale pairs cFh|]}|dddS)rrr)r])r{rs r' z*cPanel.get_user_details..5s; 3""1%r&Nrootz/etc/wwwacct.conf.cache CONTACTEMAILrenFLOCALEOWNER SUSPENDED1)emaillocaleparent suspendedlevel)rRESELLERS_INFO read_text splitlines Exceptionrr UserLevel REGULAR_USERrPjsonloadrFileNotFoundErrorJSONDecodeErrorADMINrIrJjoin USER_INFO_DIRRESSELERint) rp user_details resellersr|rrU user_inforrrrs r'get_user_detailszcPanel.get_user_details,s    !455??AALLNNII   III ..********' ' DN/Ev~~7881A$(IaLL 111111111111111%MM."==EE)4+?@EEE! , &bgll4+=tDDEE1$(IaLL 111111111111111%MM."==E&]]8R88F&]]7B77F ) k2 > ># EII)4+?@&&&EFF %III & 4!2!2!N3E  &U ""L  sAA AAC"C4 C"C C"C C""C=<C=2G E, G,E0 0G3E0 4AGG54G5cg}d|vr@tjtjj}|d|}|d}|D]S}tj|r2| tj |T|rt|ndS)z^checks mtime of userdatadomains files (including cache) returns max mtime of all files{user};r) pwdgetpwuidrIgetuidpw_namereplacer]rJrNrrmax)rSr_mtimes call_as_user path_listpath_s r'_get_max_mtimezcPanel._get_max_mtimegs  u  < 44.parserspNE +A [^++NNA}#566666&&='9::::: r&r)rrr)r rrrr itemsr)rSr rr cached_datarrrs ` @@r'rzzcPanel._userdomainss))&%88  " !mm -- ; ; ; ; ; ; ; ""5&">>>{###''..}}- -  !&)}}r&cd|vr@tjtjj}|d|}|d}|D]i} t|d}n5#t$r(}|st d||Yd}~Bd}~wwxYw t|D]\}} | } n,#t$rt d||YCwxYw| s\| ddkr|st d||| d\} } | d } ||| |  |R#|wxYwdS) NrrrbzCan't open file %s [%s]z-Broken %s line in file "%s"; line was ignoredz: rz2Can't parse %s line in file '%s'; line was ignoredz==)rrrIrrrr]rPrrr enumerater\UnicodeDecodeErrorrRrclose) rrrrrr file_rirr}domain_raw_datars r'rzcPanel._parse_userdatadomainss u  < 44.>+FO"1"7"7"9"9"?"?"E"EKF5&+6666/72  I$ $ sI A11 B#;BB#'F.<CF.&C:7F.9C::BF..Gc4td|DS)Nc3nK|]0}t|V1dSrX)CPANEL_PACKAGE_EXTENSIONS_PATHjoinpathis_file)r{files r' z0cPanel.is_extension_installed..sP   + 3 3D 9 9 A A C C      r&)all)rSpkgss r'is_extension_installedzcPanel.is_extension_installeds0        r&cvK tdd{V}td|dD}dD]dtfd|dD}td|dD}td |d Dsd Sen#ttf$rYd SwxYwd S) N list_hooksc32K|]}|ddk|VdS)categoryWhostmgrNr%)r{cats r'r$z+cPanel.is_hook_installed..s=z?j000000r& categories)zAccounts::change_packagezAccounts::CreatezAccounts::Modifyc34K|]}|dk|VdS)eventNr%)r{ev event_names r'r$z+cPanel.is_hook_installed..s>'{j000000r&eventsc32K|]}|ddk|VdS)stagepostNr%)r{sts r'r$z+cPanel.is_hook_installed..s9BwK64I4IB4I4I4I4Ir&stagesc3.K|]}|ddkVdS)hookzImunifyHook::hook_processingNr%)r{actions r'r$z+cPanel.is_hook_installed..s@6N&DDr&actionsFT)rnextany StopIterationr)rShooksr+r0r5r2s @r'is_hook_installedzcPanel.is_hook_installedsQ !,////////E .H  ! ! &x0 !&x"' "2!!55 ! !$/   55 tsBB!B!!B65B6extention_namecKtddd|D]$}tjt|z t%t j|fi|d{Vtjtj j ddtjtdz ttgdd{VdS)NiT)modeparentsexist_ok)rDrFImunifyHook.pm)"/usr/local/cpanel/bin/manage_hooksaddmodule ImunifyHook)r mkdirrjcopy2"PREINSTALL_PACKAGE_EXTENSIONS_PATHradd_extension_for_allrImakedirsrCoreINBOX_HOOKS_DIRCPANEL_HOOKS_PATHr)rSrBextention_fileskwargsfilenames r'install_extensionzcPanel.install_extensions ',,t -   (  H L2X=.     ,^FFvFFFFFFFFF FK/edKKKK .1A A                  r&extension_namecKtgdd{Vtt5tdz dddn #1swxYwYt j|d{V|D]J}tt5t|z dddn #1swxYwYKdS)N)rHdelrJrKrG)rrrrSunlinkrremove_extension_from_allr )rSrXrTrVs r'uninstall_extensionzcPanel.uninstall_extensions            ' ( ( < < !1 1 9 9 ; ; ; < < < < < < < < < < < < < < <0@@@@@@@@@' E EH+,, E E/(:BBDDD E E E E E E E E E E E E E E E E Es#AAAB==C C cg}tdd5}|D]V}|}t|dkr||dW dddn #1swxYwY|S)Nz /proc/mountsrr)rPrRr]rr)mountsrUrvaluess r'r`z cPanel.mounts,s .# & & -! - -++--v;;??MM&),,, - - - - - - - - - - - - - - - -  sAA::A>A>cDtd}td}|tn|}t|h}||S|D]0}||vr*|ds||1|S)aeFetch list of basedirs. On cPanel, basedir is configured as HOMEDIR variable in /etc/wwwacct.conf. Also, there is a way to specify additional mount points as containing user folders, through HOMEMATCH variable. If value from HOMEMATCH variable is contained within a mount point path, cPanel uses this directory too.HOMEDIR HOMEMATCHNz /home/virtfs/)r)rBASE_DIRr`rrI)rphomedir homematchbasedirsmounts r'rhzcPanel.basedirs6s **..00!+..2244 %o((7g&  O[[]] $ $EE!!%*:*:?*K*K! U###r&)r|c|KtjjsdStj|sdS|||d}t|jd|d}tj|}t|g| d{V}tj | d S) zG Notify a customer using cPanel iContact Notifications F)r) message_typeparamsr|z .notify(%s)zB/usr/local/cpanel/whostmgr/docroot/cgi/imunify/handlers/notify.cgi)inputNr)r) r AdminContactsENABLE_ICONTACT_NOTIFICATIONSshould_send_user_notificationsrinfor"rdumpsrencodeloadsr\)rSrkrlr|r_cmdstdinr?s r'notifyz cPanel.notifyLs #A 54dCCC 5 ,MM s|000$777 +  4  se5<<>>:::::::::z#**,=*>>???r&clKtfd}|t|dS)Nc*|d|d<dS)Nrrr%)rJrrresults r'rz$cPanel.list_docroots..parserfs%0^F;q> " " "r&Tr)dictrCPANEL_USERDATADOMAINS_PATHrprrzs @r' list_docrootszcPanel.list_docrootscsV 4 4 4 4 4 ## 't $    r&cTKifd}|t|dS)Nc |dg|<dS)Nrr%)r^rrrzs r'rz'cPanel.get_domain_paths..parserrs$Q(F1IIIr&Tr)rr|r}s @r'get_domain_pathszcPanel.get_domain_pathsosR ) ) ) ) ) ## 't $    r&rX)T)5r"r#r$NAMETCP_PORTS_CPANEL OPEN_PORTSr! exceptionsmtp_allow_usersrr staticmethodrL classmethodrVrYr`rensure_valid_panelrtrwrrr|rstrrrrrrrrrboolrrrrr r rzrr'rArWr]r`r rhrwr~rr%r&r'r/r/Hs DKJJ      $,++KKK  %J. I z.M,N55\5$$[$%%[%44[4 T    $T  _ 8[,#$s),? c???? 4T#Y+?       _S!!!nnnn"!n GGGGGG& K# Kc Kd K K K K L3 Ls Lt L L L L9S$sCx.-@(A9999v . .[ . L L[ L6d[8)))\)V  [ [@        [  DEsEEE[E(\#c(,8<@@@@[@, T#s(^     S$s)^(<      r&r/)HrloggingrIos.pathrrrjrm collectionsrr contextlibrpathlibrtypingrrr urllib.parser packaging.versionr 3defence360agent.application.determine_hosting_panelr defence360agent.contractsrdefence360agent.utilsrrrrrdefence360agent.utils.ipechordefence360agent.utils.kwconfigrrrwhmrrrrr rS PackagingDATADIRrNrr|rfrgrrerrr getLoggerr"rrhTCP_PORTS_COMMONrrer,rPanelExceptionr!r) AbstractPanelr/r%r&r'rs   00000000""""""""""!!!!!!%%%%%%-,,,,,322222333333))))))))""""""!%&G!H!HD,--D  !""%AA#)<%  . 6Mnn