hA6dZddlZddlZddlZddlZddlZddlZddlZddlZddl m Z ddl m Z m Z ddlmZddlmZddlmZmZddlmZddlZdd lmZddlZddlZddlZdd lmZdd lm Z m!Z!dd l"m#Z#m$Z$m%Z%m&Z&m'Z'dd l(m)Z)ddl*m+Z+ddl,m-Z-m.Z.ddl/m0Z0ddl1m2Z2ddl3m4Z4ddl5m6Z6m7Z7m8Z8ddl9m:Z:m;Z;mZ>ddl?m@Z@mAZAddlBmCZCmDZDmEZEmFZFddlGmHZHddlImJZJddlKmLZLmMZMddlNmOZOddlPmQZQmRZRmSZSddlTmUZUmVZVddlWZWdZXede&jYzZZdZ[ej\e]Z^eMeL e^j_Z`Gd!d"Zae d#Zbd$Zcd%Zdd&Zed'Zfd(Zgd)ee4ehehffd*Zid+e4fd,Zjd-Zkd.Zld/ehd)dfd0Zmd1Znd2Zod3Zpd4Zqd5ZrdS)6u  This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program.  If not, see . Copyright © 2019 Cloud Linux Software Inc. This software is also available under ImunifyAV commercial license, see N)ThreadPoolExecutor)contextmanagersuppress)partial)Path)CalledProcessError check_output)Tuple) AlreadyLocked)files)health inactivity)ConfigsValidatorCoreMergerModel SimpleRpc) HookEvent) LicenseCLN) MessageSink MessageSource)g)IndependentAgentIDAPI)TheSink)instancesimplification tls_check)NonRootRpcServerNonRootRpcServerAV RpcServer RpcServerAV is_running)persistent_statesystemd_notifier)Taskcreate_task_and_log_exceptions is_root_useris_systemd_boot)is_db_corrupted)EXITCODE_GENERAL_ERROR)DAY rate_limit) flush_sentry)MalwareHitStatusMalwareScanResourceTypeVulnerabilityHitStatus) MalwareHitVulnerabilityHiti4z%s.is_corruptedzImunify360 database is corrupt. Application cannot run with corrupt database. Please, contact Imunify360 support team at https://cloudlinux.zendesk.com)periodceZdZdZdZdS) TaskFactoryc,t|_dSN)setpool)selfs @/opt/imunify360/venv/lib/python3.11/site-packages/imav/server.py__init__zTaskFactory.__init__esEE ct||}|j|||jj|S)Nloop)r%r9addadd_done_callbackdiscard)r:r@corotasks r;__call__zTaskFactory.__call__hsFDt$$$ d ty0111 r=N)__name__ __module__ __qualname__r<rFr=r;r5r5ds2r=r5c#K dVdS#t$r;}td||tj|Yd}~dSd}~wwxYw)z)Log *message* on any error & suppress it.Nzcaught error %r on %s) Exceptionloggererror sentry_sdkcapture_exception)messagees r;log_and_suppress_errorrSosq(  ((( ,a999$Q'''''''''(s A0A  Ac(Ktd5tjt jdddn #1swxYwYt dtjtd5g}tj d4d{VdtvrOtj |tj ||tj|d{Vdddd{Vn#1d{VswxYwYdddn #1swxYwYt%|dD]s}td5t d |jj|jj|d{Vdddn #1swxYwYttd 5t-jd{Vdddn #1swxYwYtjd x}Atd 5tj|d{Vdddn #1swxYwYtd 5|dddn #1swxYwYt5t dtjdS)Nz)marking the start of the shutdown processzshutdown task starting, pid=%sz4preventing new messages (if any) processing to start sensor_serverc|jSr7)SHUTDOWN_PRIORITY)ps r;z _shutdown_task..s A4Gr=)keyz,This happened while shutting down a plugin!!zShutting down %s.%s...zshutting down IAID APIweb_server_restart_taskzwaiting for web server restartz stopping loopzshutdown task finished, pid=%s)rSr sensor shutting_downtimerMinfoosgetpidasynciotimeoutrrVcloseappend wait_closedshutdowngathersorted __class__rHrGrgetwait_forstopr-)r@the_sink plugin_list_tasksplugin restart_tasks r;_shutdown_taskrtys  K L L11 ##DIKK000111111111111111 KK0")++>>> >   * *?2&& * * * * * * * *!##%%''' ao99;;<<< MM(++-- . . ..&) ) ) ) ) ) ) )  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * **G*GHHH $ $ # :  $ $ KK( + )   //## # # # # # # # $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ 8 9 9//#,.........///////////////7888 E #$D E E 1 1"<00 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1  0 0 NNN KK0")++>>>>>s1AAAE52BEE5 E" "E5%E" &E55E9<E9#A G::G> G> H;;H?H?+JJJ,K  KKctd|tj}tj||_d|_tj|_ trd|_ nd|_ tj j|_ |nC#t"$r6tdt'jt*YnwxYwt-jtj jdS)NzRun as daemon [pidfile = %s]FTz*PID file already locked by another process)rMr`daemon DaemonContextpidfile PIDLockFile prevent_corer FILE_UMASKumaskr(detach_processdefence360agent internalsget_fdsfiles_preserveopenr rNsysexitr*gccollect reconfigure) pidfilepathdcs r; _daemonizers  KK. <<<    B++K88BJBOBH!! '18@@BBB)  ))) ABBB '((((()JLLL$0022222s1C=DDc<Ktjd{VdS)zPerform update files on start.N)r !update_all_no_fail_if_files_existrJr=r;_initial_files_updaters-  1 3 3333333333r=cj|tj|tjdSr7)run_until_completerrun_in_executorrresetr?s r;_tls_check_resetrs6&tY_==r=c fd|DS)Nc4g|]}t||SrJ) isinstance).0rYpclasss r; z$plugin_instances..s( 5 5 5!z!V44 5A 5 5 5r=rJ)objsrs `r;plugin_instancesrs 5 5 5 5t 5 5 55r=returncd|D}t|t}|D]E}td||||Ft ||}t|t}|D]F}td|||||G| |||fS)Nc"g|] }| SrJrJ)r plugin_classs r;rz"_start_plugins..sAAA,||~~AAAr=zCreating sink %rzCreating source %r) rrrMr`r create_sinkrr create_sourcestart)r@plugin_classespluginssinkssrosourcess r;_start_pluginsrsAA.AAAG Wk 2 2E 55 &***  d 3 34444ud##Hw 66G AA (!,,, h ? ?@@@@ NN UG ##r=roctdtjrtt f}nt tf}|D]+}|| ||,dS)NzStarting RpcServers...) rMr`rSOCKET_ACTIVATIONr!rr rrcreate)r@ro rpc_serversrpcs r; _start_rpcrsv KK()))"4"$67  "23 <<  4 : :;;;;<.s# 0 0 0$4 0CII 0 0 0r=)r listraenvironrbytesoutputFileNotFoundErrorrMwarningIOErrorstripsplitr8)r outrRlinespidss r;_get_pids_openrs  UOd5kk )-<<    AHoo ?@@@   IIKK  e $ $E 0 0% 0 0 0D D ??s 14 BA)B BBcFtrtj}|dkrtj|}t tjtj }g}|D]} tj|}n#tj $rY)wxYw| }|r|}nd}| ||dt|zf t|5} | } dddn #1swxYwYn#t t"f$rd} YnwxYwt%dt&jd|d|dt|d|d | d t+jt.t1t2j rt6s9t:t>t6 nt:!t>t+jt.dStEtF5t6$ddddS#1swxYwYdS) NrNonezparent process = %sz Instance of z% is already running. Parent process "z " with pid "z". Sockets are in use by z. z file contents z pid)db_path)%r"ragetppidpsutilProcessnamerr SOCKET_PATHNON_ROOT_SOCKET_PATH NoSuchProcessparentrfstrrreadOSErrorrthrottled_log_errorrSVC_NAMErrr*r)rr_DB_IS_CORRUPTED_FLAGexistsrMrN_DB_IS_CORRUPTED_MSGtouchrrrunlink) rxppidrpids_used_socketprocess_used_socketpid_pr _local_parent _parent_namefile written_pids r;_check_able_to_startrs||--z|| 199^D))..00F-%y'E   #% '   .--CC+H #  *#0#5#5#7#7LL#)L#** -L0A0AA #']].d"&))++K...............W% # # #"  #   MMMFFDD+,,,,GGKK     H+ , , ,uz*** +$++-- 1 LL- . . . ! ' ' ) ) ) ) NN/ 0 0 0 '((((( ' ( ( + + ! ( ( * * * + + + + + + + + + + + + + + + + + +sZ;BB"!B"E D>2 E >EE EE E E /JJJrc  ts3tdtjt t }tjj |j |j stj drHtjj|j ptj dtjt"t%|j|jr7t+|jt-jt,jjt4jt;jt=jst4j tCj"}tj#}|$tKtMd|r|dznd|'tQ tS|tTj+,tZj.t_|taj1|2| tfthfD] }| n]#tjj6$rK}t7dtq|tjt Yd}~nd}~wwxYw|2tsj:std  |2twnP#trj<$r>}t7d |tjt Yd}~nd}~wwxYwtzj>?tjAt||\}}} t||td tjEtjGd } t||jI|  tjKn2#t$r%}t7d|Yd}~nd}~wwxYwt|tt|||| z|Ptd|QdS#|QwxYw)zCommon function for agent service startup. plugin_classes is a list of classes implementing message processing plugins. init_actions is a coroutine that will be called prior to starting RPC and message processing.z5Imunify agent could be started by the root user only!IMUNIFY360_LOGGING_CONFIG_FILE ) max_workersz0Failed to stop pending cleanup/patch. Reason: %sNz=Essential files are missing. Performing initial files update.z*Failed to perform initial files update: %szMessage Bus startedF)versionresidentz!Failed to remove unused locks: %sz loop stopped)Rr'rMr`rrr* parse_clir~r setLogLevelverbose log_configrarrlupdate_logging_config_from_filesetrecursionlimit_MAX_RECURSION_DEPTHrrxrvrr$notify AgentState DAEMONIZEDr r]startingr_r is_registered unregisteredrcget_event_loop cpu_countset_default_executorrminset_task_factoryr5rrdbinitrrvalidate_configs_on_startrupdate_merged_configr_stop_pending_cleanup_stop_pending_patchrPeeweeExceptionrNreprr essential_files_existr UpdateErrorrtrack set_timeoutrINACTIVITY_TIMEOUTrrr AgentStartedrVERSIONr&process_messager#remove_unused_locksrL_setup_signal_handlersrrt run_foreverre) r init_actionsargsr@_cpu_stop_outdatedrRrorr agent_starteds r;rrBs >>) KLLL '((( ;;D$00>>>  "*..)IJJ !(HH O Orz~~.NOO   .///&&& {H4<    0 ; FGGG M49;;'''  # % %% ""$$$  ! # #D <>>D s24/FtaxxQ'G'GHHH +--(((: $$$!$'''#%%%  /// -#8:M"N ! !     !- - - - LLBDGG    H+ , , , , , , , , -&&u'B'D'DEE 1 KKO    1''(=(?(?@@@@$ 1 1 1 I1MMM/00000000 1 $$Y%ABBB#1$#G#G %4""" )***!.L5    ' (*M    A  0 2 2 2 2 A A A LL >???s1vv '((((((((( )s B2BB--B2cdfd}tjtjtjtjfD]}|||||dS)NFcs/dtd|t|dStd|dS)NTz Caught %sz9Caught %s. Shutdown task is already running, please wait.)rMr`r&)r@sigcalled shutdowntasks r; _sighandlerz+_setup_signal_handlers.._sighandlers] F KK S ) ) )3D,GGFFF KKK     r=)signalSIGINTSIGTERMSIGUSR1SIGUSR2add_signal_handler)r@rrrrs ` @r;r r sp F       v~v~v~N== [$<<<<==r=c<tjd}|ddddd|d d d |d dd|dd|tjddS)NzRun imunify agent) descriptionz-vrcountrzLevel of logging. Each value corresponds to:1 - console only log level,2 - previous plus add network log,3 - all previous plus add process message log,4 - all previous plus add debug log)destactiondefaulthelpz--daemon store_truez run as daemon)r*r,z --pidfilez/var/run/imunify360.pidzuse with --daemon)r+r,z --log-configzlogging config filename)r,)argparseArgumentParser add_argument parse_argsrargv)parsers r;rrs  $1D E E EF   2      rbs$*  111111////////77777777 """""" ''''!!!!!!22222222<;;;;;888888HHHHHHHH444444@@@@@@666666EEEEEEEEEEFEEEEEEE ;:::::<<<<<<88888888////// ?>>>>>>>.;<<%  8 $ $,jj,,,V\::(((,?,?,?^3332444 666$E'42E,F$$$$*