8e:(dZddlZddlZddlZddlZddlZddlZddlZddlZddl Z ddl m Z ddl m Z mZddlmZddlmZddlmZmZmZddlmZddlZdd lmZddlZddlZddlZdd lmZdd l m!Z!m"Z"dd l#m$Z$m%Z%m&Z&m'Z'm(Z(dd l)m*Z*ddl+m,Z,ddl-m.Z.m/Z/ddl0m1Z1ddl2m3Z3ddl4m5Z5ddl6m7Z7m8Z8m9Z9ddl:m;Z;mZ>m?Z?ddl@mAZAddlBmCZCmDZDmEZEmFZFmGZGddlHmIZIddlJmKZKddlLmMZMmNZNddlOmPZPmQZQddlRmSZSddlTZTdZUede'jVzZWdZXejYeZZ[eNeMe[j\Z]Gd d!Z^e d"Z_d#Z`d$Zad%Zbd&Zcd'Zdd(ee5eeeeffd)Zfd*e5fd+Zgd,Zhd-Zid.eed(dfd/Zjd0Zkd1Zld2Zmd3ZndS)4u  This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program.  If not, see . Copyright © 2019 Cloud Linux Software Inc. This software is also available under ImunifyAV commercial license, see N)ThreadPoolExecutor)contextmanagersuppress)partial)Path)DEVNULLCalledProcessError check_output)Tuple) AlreadyLocked)files)health inactivity)ConfigsValidatorCoreMergerModel SimpleRpc) HookEvent) LicenseCLN) MessageSink MessageSource)g)IndependentAgentIDAPI)TheSink)instancesimplification tls_check)NonRootRpcServerNonRootRpcServerAV RpcServer RpcServerAV is_running)systemd_notifier) OsReleaseInfoTaskcreate_task_and_log_exceptions is_root_useris_systemd_boot)is_db_corrupted)EXITCODE_GENERAL_ERROR)DAY rate_limit)MalwareHitStatusMalwareScanResourceType) MalwareHiti4z%s.is_corruptedzImunify360 database is corrupt. Application cannot run with corrupt database. Please, contact Imunify360 support team at https://cloudlinux.zendesk.com)periodceZdZdZdZdS) TaskFactoryc,t|_dSN)setpool)selfs @/opt/imunify360/venv/lib/python3.11/site-packages/imav/server.py__init__zTaskFactory.__init__esEE ct||}|j|||jj|S)Nloop)r&r7addadd_done_callbackdiscard)r8r>corotasks r9__call__zTaskFactory.__call__hsFDt$$$ d ty0111 r;N)__name__ __module__ __qualname__r:rDr;r9r3r3ds2r;r3c#K dVdS#t$r9}tj|t|Yd}~dSd}~wwxYw)z)Log *message* on any error & suppress it.N) Exception sentry_sdkcapture_exceptionloggererror)messagees r9log_and_suppress_errorrQosl  $Q''' Ws A .AA cKtd5tjt jdddn #1swxYwYt dtjtd5tj tj tj |d{Vdddn #1swxYwY|D]s}td5t d|jj|jj|d{Vdddn #1swxYwYttd5t'jd{Vdddn #1swxYwYtjdx}Atd5tj|d{Vdddn #1swxYwYtd 5|dddn #1swxYwYt d tjdS) Nz)marking the start of the shutdown processzshutdown task starting, pid=%sz4preventing new messages (if any) processing to startz,This happened while shutting down a plugin!!zShutting down %s.%s...zshutting down IAID APIweb_server_restart_taskzwaiting for web server restartz stopping loopzshutdown task finished, pid=%s)rQrsensor shutting_downtimerMinfoosgetpidr sensor_servercloseasynciogather wait_closedshutdown __class__rFrErgetwait_forstop)r>the_sink plugin_listplugin restart_tasks r9_shutdown_taskrhys  K L L11 ##DIKK000111111111111111 KK0")++>>> >     n O ' ' ) )8+<+<+>+>                         $ $ # :  $ $ KK( + )   //## # # # # # # # $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ 8 9 9//#,.........///////////////7888 E #$D E E 1 1"<00 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1  0 0  KK0")++>>>>>sm1AAAA(D  D D 'A E>>F F F??GG/HHH0IIIctd|tj}tj||_d|_tj|_ trd|_ nd|_ tj j|_ |nC#t"$r6tdt'jt*YnwxYwt-jtj jdS)NzRun as daemon [pidfile = %s]FTz*PID file already locked by another process)rMrWdaemon DaemonContextpidfile PIDLockFile prevent_corer FILE_UMASKumaskr)detach_processdefence360agent internalsget_fdsfiles_preserveopenr rNsysexitr+gccollect reconfigure) pidfilepathdcs r9 _daemonizer~s  KK. <<<    B++K88BJBOBH!! '18@@BBB)  ))) ABBB '((((()JLLL$0022222s1C=DDc<Ktjd{VdS)zPerform update files on start.N)r !update_all_no_fail_if_files_existrHr;r9_initial_files_updaters-  1 3 3333333333r;cj|tj|tjdSr5)run_until_completerrun_in_executorrresetr=s r9_tls_check_resetrs6&tY_==r;c fd|DS)Nc4g|]}t||SrH) isinstance).0ppclasss r9 z$plugin_instances..s( 5 5 5!z!V44 5A 5 5 5r;rH)objsrs `r9plugin_instancesrs 5 5 5 5t 5 5 55r;returncd|D}t|t}|D]E}td||||Ft ||}t|t}|D]F}td|||||G| |||fS)Nc"g|] }| SrHrH)r plugin_classs r9rz"_start_plugins..sAAA,||~~AAAr;zCreating sink %rzCreating source %r) rrrMrWr create_sinkrr create_sourcestart)r>plugin_classespluginssinkssrdsourcess r9_start_pluginsrsAA.AAAG Wk 2 2E 55 &***  d 3 34444ud##Hw 66G AA (!,,, h ? ?@@@@ NN UG ##r;rdctdtjrtt f}nt tf}|D]+}|| ||,dS)NzStarting RpcServers...) rMrWrSOCKET_ACTIVATIONr"r r!rrcreate)r>rd rpc_serversrpcs r9 _start_rpcrsv KK()))"4"$67  "23 <<  4 : :;;;;<.s# 0 0 0$4 0CII 0 0 0r;)r listrXenvironr bytesoutputFileNotFoundErrorrMwarningIOErrorstripsplitr6)r outrPlinespidss r9_get_pids_openrs  UOd5kk )-<<    AHoo ?@@@   IIKK  e $ $E 0 0% 0 0 0D D ??s 14 BA)B BBc8trtj}tj|}t tjtj }g}|D]} tj|}n#tj $rY)wxYw| }|r|}nd}| ||dt|zf t|5} | } dddn #1swxYwYn#t t"f$rd} YnwxYwt%dt&jd|d|dt|d|d| d t+jt.t1t2j rt6s9t:t>t6 nt:!t>t+jt.dStEtF5t6$ddddS#1swxYwYdS) NNonezparent process = %sz Instance of z% is already running. Parent process "z " with pid "z". Sockets are in use by z. z file contents z pid)db_path)%r#rXgetppidpsutilProcessnamerr SOCKET_PATHNON_ROOT_SOCKET_PATH NoSuchProcessparentappendstrrvreadOSErrorrthrottled_log_errorrSVC_NAMErwrxr+r*rr_DB_IS_CORRUPTED_FLAGexistsrMrN_DB_IS_CORRUPTED_MSGtouchrrrunlink) rlppidrpids_used_socketprocess_used_socketpid_pr _local_parent _parent_namefile written_pids r9_check_able_to_startrs ||()z||%%**,,)  !9#A  !#  C nS))'    JJLLM &,1133 %  & &chhjj"7#l:K:K"KL     g *$"iikk  * * * * * * * * * * * * * * *!   KKK   '((((    '(((uz*** +$++-- 1 LL- . . . ! ' ' ) ) ) ) NN/ 0 0 0 '((((( ' ( ( + + ! ( ( * * * + + + + + + + + + + + + + + + + + +sZ4B  BBED7+ E7D;;E>D;?EEE(JJJrc @ts3tdtjt t }tjj |j |j stj drHtjj|j ptj dtjt"t%|j|jr7t+|jt-jt,jjt4jt;jt=jst4j tCj"}tj#}|$tKtMd|r|dznd|'tQ tS|tTj+,tZj.t_|taj1|2|tg|2tij5s;td|2tmtnj89ttj;ty||\}}}t{||tdt}j?tjA }t||jC|t|tt||||z|G|Hd S#|HwxYw) zCommon function for agent service startup. plugin_classes is a list of classes implementing message processing plugins. init_actions is a coroutine that will be called prior to starting RPC and message processing.z5Imunify agent could be started by the root user only!IMUNIFY360_LOGGING_CONFIG_FILE ) max_workersz=Essential files are missing. Performing initial files update.zMessage Bus started)versionN)Ir(rMrWrwrxr+ parse_clirrrs setLogLevelverbose log_configrXrraupdate_logging_config_from_filesetrecursionlimit_MAX_RECURSION_DEPTHrrlrjr~r$notify AgentState DAEMONIZEDrrTstartingrVr is_registered unregisteredr\get_event_loop cpu_countset_default_executorrminset_task_factoryr3rrdbinitrrvalidate_configs_on_startrupdate_merged_configr_stop_pending_cleanupr essential_files_existrrtrack set_timeoutrINACTIVITY_TIMEOUTrrr AgentStartedrVERSIONr'process_message_setup_signal_handlersrrh run_foreverr[) r init_actionsargsr>_cpurdrr agent_starteds r9rr8sg >>) KLLL '((( ;;D$00>>>  "*..)IJJ !(HH O Orz~~.NOO   .///&&& {H4<    0 ; FGGG M49;;'''  # % %% ""$$$  ! # #D <>>D s24/FtaxxQ'G'GHHH +--(((% $$$!$'''#%%%  /// &&u'B'D'DEE = KKO     # #$9$;$; < < <$$Y%ABBB#1$#G#G %4""" )***!.t|DDD & (*M    '.$%'/JJ      s 3F>PPcj tjdS#t$r}ddlm}t jt|}|||t t|tj tYd}~dSd}~wwxYw)Nr) execute_hooks)rN)rvalidate_config_layersrJdefence360agent.hooks.executerrAgentMisconfigreprrrMrrrwrxr+)r>rPragent_misconfigs r9rrs)/11111 )))??????#2aAAA  o > >???s1vv '((((((((( )s B2BB--B2cdfd}tjtjtjtjfD]}|||||dS)NFcs/dtd|t|dStd|dS)NTz Caught %sz9Caught %s. Shutdown task is already running, please wait.)rMrWr')r>sigcalled shutdowntasks r9 _sighandlerz+_setup_signal_handlers.._sighandlers] F KK S ) ) )3D,GGFFF KKK     r;)signalSIGINTSIGTERMSIGUSR1SIGUSR2add_signal_handler)r>rrr r s ` @r9rrsp F       v~v~v~N== [$<<<<==r;c<tjd}|ddddd|d d d |d dd|dd|tjddS)NzRun imunify agent) descriptionz-vrcountrzLevel of logging. Each value corresponds to:1 - console only log level,2 - previous plus add network log,3 - all previous plus add process message log,4 - all previous plus add debug log)destactiondefaulthelpz--daemon store_truez run as daemon)rrz --pidfilez/var/run/imunify360.pidzuse with --daemon)rrz --log-configzlogging config filename)r)argparseArgumentParser add_argument parse_argsrwargv)parsers r9rrs  $1D E E EF   2      rMs*   111111////////@@@@@@@@@@ """""" ''''!!!!!!22222222<;;;;;888888HHHHHHHH444444@@@@@@666666EEEEEEEEEE433333;:::::<<<<<<88888888-,,,,,.;<<%  8 $ $,jj,,,V\::'?'?'?T3332444 666$E'42E,F$$$$*