Current File : //bin/selectorctl
#!/opt/cloudlinux/venv/bin/python3 -sbb
# coding=utf-8
from __future__ import print_function
from __future__ import division
from __future__ import absolute_import
import subprocess
import sys
import getopt
import os

from clselect import (
    clpassenger,
    clprint,
    clselectctl,
    clselectctlphp,
    clselectctlpython,
    clselectctlruby,
    utils,
)

from clselect.utils import in_cagefs, CAGEFS_ENTER_USER_BIN
from clcommon.cpapi import Feature, is_panel_feature_supported


def selector_executed_as_root():
    """
    We check whos run selector: root or user
    :return: True if root, False if user
    """

    return os.geteuid() == 0


def _run_selectorctl_as_user_in_cagefs(user):
    """
    All user-related actions must run inside
    of cagefs for security reasons.

    When selector is executed as root and we
    know username, we start new subprocess using su.
    But when selector is started by user and
    selectorctl is NOT in cagefs, we force cagefs_enter.
    """
    if selector_executed_as_root():
        if user is None:
            return
        cmd = [CAGEFS_ENTER_USER_BIN, user] + sys.argv + ['--skip-cagefs-check']
    elif not in_cagefs():
        cmd = ['/bin/cagefs_enter'] + sys.argv + ['--skip-cagefs-check']
    else:
        return
    p = subprocess.Popen(cmd, stdout=sys.stdout, stdin=sys.stdin, env={})
    p.communicate()
    sys.exit(p.returncode)


def usage():
    print('Usage: ' + sys.argv[0] + ' [OPTIONS]')
    print('Options:')
    print()
    print(' -i | --interpreter               : Interpreter. If omitted php implied')
    print(' -h | --help                      : Show this message')
    print(' -A | --fix-homedir               : Fix paths after home directory change')
    print()
    print('According to selected interpreter options differs')
    print(' PHP:')
    clselectctlphp.usage()
    print()
    print(' Python:')
    clselectctlpython.usage()
    print()
    print(' Ruby:')
    clselectctlruby.usage()


def main():
    try:
        opts, args = getopt.getopt(
            sys.argv[1:],
            'hi:lSsCcB:Y:N:E:D:R:v:Gu:b:ge:d:r:atpVLT:k:m:x:QqPjwWzynfFZo:AK:U', [
                'help',
                'setup-without-cagefs',
                'revert-to-cagefs',
                'interpreter=',
                'list',
                'list-user-webapps',
                'summary',
                'user-summary',
                'current',
                'user-current',
                'set-current=',
                'enable-alternative=',
                'disable-alternative=',
                'enable-extensions=',
                'disable-extensions=',
                'replace-extensions=',
                'version=',
                'list-extensions',
                'user=',
                'domain=',
                'set-user-current=',
                'list-user-extensions',
                'enable-user-extensions=',
                'disable-user-extensions=',
                'replace-user-extensions=',
                'all',
                'reset-user-extensions',
                'print-summary',
                'show-native-version',
                'list-users',
                'change-to-version=',
                'add-options=',
                'replace-options=',
                'delete-options=',
                'base64',
                'quiet',
                'print-options',
                'print-options-safe',
                'apply-symlinks-rules',
                'json',
                'csv',
                'perl',
                'api-version=',
                'verbose',
                'reset-options',
                'create-webapp',
                'update-interpreter',
                'destroy-webapp',
                'relocate-webapp',
                'transit-webapp',
                'restart-webapp',
                'start-webapp',
                'stop-webapp',
                'setup-wsgi=',
                'fix-homedir',
                'list-extensions-version=',
                'recreate-virtualenv',
                'freeze-requirements',
                'update-backup',
                'apply-global-php-ini',
                'app-mode=',
                'startup-file=',
                'env-vars=',
                'set-variables',
                'skip-cagefs-check',
                'exclude-pid-list=',
                'for-all-users'
            ])
    except getopt.GetoptError:
        usage()
        sys.exit(1)

    action = None
    interpreter = 'php'
    fmt = 'text'
    user = None
    domain = None

    # getopt is a little bit stupid parser
    # after a non-option argument, all further arguments are
    # considered also non-options
    # so sometimes my '--skip' option was ignored
    skip_enter_cagefs = '--skip-cagefs-check' in sys.argv
    if skip_enter_cagefs:
        sys.argv.remove('--skip-cagefs-check')

    # Catch this options in any position
    if '-h' in sys.argv or '--help' in sys.argv:
        usage()
        sys.exit(0)

    for o, a in opts:
        if o in ['-i', '--interpreter']:
            interpreter = a.lower()
        elif o in ['-j', '--json']:
            fmt = 'json'
        elif o in ['-w', '--csv']:
            fmt = 'csv'
        elif o in ['-W', '--perl']:
            fmt = 'perl'
        elif o in ['-A', '--fix-homedir']:
            action = 'fix-homedir'
        elif o == '--update-interpreter':
            action = 'update-interpreter'
        elif o in ['-u', '--user']:
            user = a
        elif o == '--domain':
            domain = a

    if interpreter == 'php':
        if not is_panel_feature_supported(Feature.PHP_SELECTOR):
            clprint.print_diag(
                fmt,
                {'status': 'ERROR',
                'details': 'selectorctl for php interpreter is not supported in current environment'
                }
            )
            sys.exit(0)
        else:
            return clselectctlphp.main()

    # Skip special "wildcard user" that is used only with "update-interpreter"
    if not (action == 'update-interpreter' and user == '*'):
        user, _ = utils.safely_resolve_username_and_doc_root(
                user, domain, fmt, True)

    if not skip_enter_cagefs and \
            (interpreter in ['ruby', 'nodejs']
             or (interpreter == 'python' and not action == 'update-interpreter')):
        _run_selectorctl_as_user_in_cagefs(user)

    if action == 'fix-homedir':
        fix_homedir(user)
        sys.exit()

    if interpreter == 'python':
        # no feature check here because "selectorctl utility for --interpreter python is deprecated. Only update-interpreter option is still possible to use"
        # and update-interpreter silently does nothing or prints its own warning in case of unsupported environment
        clselectctlpython.main()
    elif interpreter == 'ruby':
        if not is_panel_feature_supported(Feature.RUBY_SELECTOR):
            clprint.print_diag(
                fmt,
                {'status': 'ERROR',
                'details': 'selectorctl for ruby interpreter is not supported in current environment'
                }
            )
            sys.exit(0)
        else:
            clselectctlruby.main()
    elif interpreter == 'nodejs':
        clprint.print_diag(
            fmt, {'status': 'ERROR',
                  'details': 'For --interpreter nodejs please use cloudlinux-selector utility instead'})
        sys.exit(1)
    else:
        clprint.print_diag(
            fmt, {'status': 'ERROR', 'message': 'Unknown interpreter'})
        sys.exit(1)


def fix_homedir(user):
    user = clselectctl.get_user(user)
    clpassenger.fix_homedir(user)
    clselectctlpython.fix_homedir(user)


if __name__ == '__main__':
    main()