ok
Direktori : /opt/imunify360/venv/bin/ |
Current File : //opt/imunify360/venv/bin/pam_pureftpd_hook.py |
#!/opt/imunify360/venv/bin/python3 import argparse import os import re import subprocess from pam_i360.internals import logger_init PUREFTPD_CONFIG = "/etc/pure-ftpd.conf" CPANEL_CONFIG = "/var/cpanel/cpanel.config" IMUNIFY360_CONFIG = "/etc/sysconfig/imunify360/imunify360-merged.config" logger = logger_init() def is_pureftpd_enabled(): if not os.path.isfile(IMUNIFY360_CONFIG): return False ftp_protection = re.compile( rb"^(?!#).*ftp_protection:[^\S\r\n]*true", re.MULTILINE ) return ftp_protection.search( open(IMUNIFY360_CONFIG, "rb").read()) is not None def is_imunify360_pam_pureftpd_enabled(): imunify360_sock = re.compile( rb"^(?!#).*\/var\/run\/ftpd.imunify360.sock", re.MULTILINE ) return imunify360_sock.search( open(PUREFTPD_CONFIG, "rb").read()) is not None def enable_pureftpd(no_restart=False, timeout=60): cmd = [ "/usr/sbin/imunify360-pam", "enable-pureftpd", ] if no_restart: cmd.append("--no-restart-pureftpd") try: return subprocess.run(cmd, timeout=timeout, check=True) except subprocess.TimeoutExpired as e: return subprocess.CompletedProcess( e.cmd, returncode=None, stdout=e.stdout, stderr=e.stderr ) def main(): parser = argparse.ArgumentParser() parser.add_argument( "-n", "--no-restart", dest="norestart", action="store_true", help="Don't restart pureftpd", ) args = parser.parse_args() no_restart = args.norestart with open(CPANEL_CONFIG, "r") as cpcfg: data = cpcfg.read() if not "ftpserver=pure-ftpd" in data: return if not os.path.isfile(PUREFTPD_CONFIG): return imunify360_pam_pureftpd_enabled = is_imunify360_pam_pureftpd_enabled() pureftpd_enabled = is_pureftpd_enabled() if pureftpd_enabled and not imunify360_pam_pureftpd_enabled: enable_pureftpd(no_restart, timeout=60) if __name__ == "__main__": try: main() except Exception as e: logger.error("failed to check and enable pure-ftpd: %s", e)