ï»¿
Your IP : 172.28.240.42

Current Path : /usr/lib/pymodules/python2.7/
Current File : //usr/lib/pymodules/python2.7/lshell.pyc
�
�W�Lc@s�dZddlZddlZddlZddlZddlmZmZddlZddlZddl	Z	ddl
Z
ddlZddlZddl
Z
ddlZddlZdZdZdddgZejd	kr�ejZnd
ZedZdZd
ZdeZdZdZdejefd��YZdfd��YZdefd��YZ d�Z!d�Z"e#dkr�e"�ndS(s'lshell restricts a user's shell environment to limited sets of commands
lshell is a shell coded in Python that lets you restrict a user's environment
to limited sets of commands, choose to enable/disable any command over SSH
(e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing 
i����N(tgetpasstgetusers3Ignace Mouzannar (ghantoos) <ghantoos@ghantoos.org>s0.9.14tallowedt	forbiddentwarning_counters/usrts/etc/lshell.confs	.lhistorys.lshell_locks�Usage: lshell [OPTIONS]
  --config <file> : Config file location (default %s)
  --log    <dir>  : Log files directory
  -h, --help      : Show this help message
  --version       : Show version
s-Limited Shell (lshell) limited help.
Cheers.
sRYou are in a limited shell.
Type '?' or 'help' to get the list of allowed commandstShellCmdcBs�eZdZdddddd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
ddd�Zdd	�Zddd
�Z
d�Zdd�Zd
�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�ZRS(s Main lshell CLI class
    cCs�|dkrtj|_n	||_|dkr?tj|_n	||_|dkrctj|_n	||_||_|jd|_|jddkr�|j|jd�n|jd|_|jj	d�t
jj|�|jj
d�rA|jd|_|jjdt��|_|jjdtj�d	�|_nt�|_d
|j|_|jd|_||_||_dS(Ntlogpathttimeris+./-s	Logged intprompts%us%his%s:~$ tintro(tNonetsyststdintstdouttstderrtconftlogtmytimert
identcharsterrortcmdtCmdt__init__thas_keyt
promptbasetreplaceRtostunameR	R
tg_cmdtg_line(tselftuserconfR
RRRR((s&/usr/lib/pymodules/python2.7/lshell.pyRYs2				%	cCsh|jdkrQ|jjd�|jdkrA|jjd�ntjd�n|j|j|j	d�dkr�t
j||�S|j|j�dkr�t
j||�S|j|j	d	kr�t
jd
d|j	d|j�|_t
jd
d|j	d|j�|_t|j	d�tkrEt|j|j	d�|_n|jjd|j�|jdkrx|j�q;|jdkr�|j�q;|jdkr�|j�q;|jdkr�|j�q;|jdkr�|j�q;tj|j�n@|jdkr;|jjd|j�|jjd|j�nddd|_|_|_t
j||�S(s� This method actually takes care of all the called method that are          not resolved (i.e not existing methods). It actually will simulate             the existance of any method    entered in the 'allowed' variable list. 
        e.g. You just have to add 'uname' in list of allowed commands in               the 'allowed' variable, and lshell will react as if you had                    added a do_uname in the ShellCmd class!
        tquittexittEOFtExiteds
itstrictiRs^~$|^~/s%s/t	home_paths ~/s %s/taliasess	CMD: "%s"tcdtlpathtlsudothistorytexportRt?thelpsINFO: unknown syntax -> "%s"s*** unknown syntax: %s
(squitsexitR#N(RR-shelpN(RRRRtwriteRR"tcheck_secureRRtobjectt__getattribute__t
check_pathtretsubtg_argttypetdicttget_aliasestinfoR(R)R*R+R,RtsystemRtwarnR(Rtattr((s&/usr/lib/pymodules/python2.7/lshell.pyt__getattr__sB	"




cCs�|jddrjtjjd�xF|jddjd�D]'}|r<tjjd|d �q<q<Wn|jddr�tjjd�xF|jddjd�D]'}|r�tjjd|d �q�q�Wnd	S(
s* lists allowed and forbidden path
        tpathis	Allowed:
t|s %s
i����isDenied:
N(RRRR/tsplit(RR?((s&/usr/lib/pymodules/python2.7/lshell.pyR)�s!"!cCsU|jjd�rQtjjd�x,|jdD]}tjjd|�q0WndS(s% lists allowed sudo commands
        t
sudo_commandssAllowed sudo commands:
s - %s
N(RRRRR/(Rtcommand((s&/usr/lib/pymodules/python2.7/lshell.pyR*�scCs�y�ytj|jd�Wn,tk
rI|jjd|jd�nXt|jdd�}d}x8|j�D]*}tj	j
d||f�|d7}qsWWn|jjd�nXdS(s$ print the commands history
        thistory_files(WARN: couldn't write history to file %s
tris%d:  %ss#** Unable to read the history file.N(treadlinetwrite_history_fileRtIOErrorRRtopent	readlinesRRR/tcritical(Rtftititem((s&/usr/lib/pymodules/python2.7/lshell.pyR+�s
cCs�|jjd�r�|jjdd�d}|jd�r�|jd�djd�dd!\}}tjji||6�q�ndS(s export environment variables t it=iiN(RtcountRARtenvirontupdate(Rtenvtvartvalue((s&/usr/lib/pymodules/python2.7/lshell.pyR,�s
)cCs�t|j�dkr�y3tjtjj|j��|jtj��Wq�tk
r�\}}t	j
jd|j|f�q�Xn'tj|jd�|jtj��dS(s, implementation of the "cd" command
        islshell: %s: %s
R&N(
tlenR6RtchdirR?trealpathtupdateprompttgetcwdtOSErrorRRR/R(RtErrorNumbertErrorMessage((s&/usr/lib/pymodules/python2.7/lshell.pyR(�s$cCsx�|jdD]t}|dkr\tjd|||f|�r�|sU|jd�ndSq||kr|s~|jd�ndSqWd}tjd|�}xQ|D]I}||j|d	d
!j��7}||j|d	j�dd�7}q�Wtjd|�}x4|D],}||j|dd
!j�dd�7}qWtjd
|�}x>|D]6}tjd|d�}||j|dd
 �7}qTW|dkr�dS|jd�s�|jd�r�dStjd|�}	tj	dd|�}x.|	D]&}
|
j�jd�}|d}t
|�dkr.|}
nd}
|dkr�|
d|jdkr�|
r�|jddkr�|s�|jd�q�n|jj
d|�dSn|r�|jd|jd<n||jdkr�|r�|r�|s|jd|�qn|jj
d|�dSq�WdS(s�This method is used to check the content on the typed command.              Its purpose is to forbid the user to user to override the lshell               command restrictions. 
        The forbidden characters are placed in the 'forbidden' variable.
        Feel free to update the list. Emptying it would be quite useless..: )

        A warining counter has been added, to kick out of lshell a user if he          is warned more than X time (X beeing the 'warning_counter' variable).
        Rt&R@s[^\%s]\%s[^\%s]tsyntaxiis\$\([^)]+[)]ii����R%s
\`[^`]+[`]s\$\{[^}]+[}]s
=|\+|\?|\-s$(t`s&|\||;s\)$RROtsudoRBRCs*** forbidden sudo -> %stoversshRs*** unknown command: %s(R_R@N(RR4tfindalltcounter_updateR3tstripR0RAt
startswithR5RWRRRK(RtlineR%tsshRNt
returncodet
executionstcurlytvariabletlinestsperate_linetsplitcmdRCtcmdargs((s&/usr/lib/pymodules/python2.7/lshell.pyR0�sf
 '
*


	cCs�|r|}n	|j}|jddkrH|jjd||f�n�|jdcd8<|jddkr�|jjd||f�|jjd�tjd�nE|jjd||f�|jjd|jd�|jjd�d	S(
sK Update the warning_counter, log and display a warning to the user
        Ri����s*** forbidden %s -> "%s"iis*** Kicked outs<*** You have %s warning(s) left, before getting kicked out.
s!This incident has been reported.
N(RRRRKRR"RR/(RtmessagetypeR?Rh((s&/usr/lib/pymodules/python2.7/lshell.pyReBs"		c
	CsYt|jdd�}t|jddd �}|j�j�}x�|D]�}yt|�}WnnXt|�dkr�t|�}ntjj|�}t	j
d|�r;t	jdd	|�}tj
d
|dtdtjd
tj�}|j|j}}	|	j�djd�dj�}tjj|�}ntjj|�}
tjj|
�r||
ddkr||
d7}
nt	j
||
�}|r�t	j
||
�}nd}|s�|rK|s�|s�|jd|
�q�ndSqKW|sUt	j
|tj�d�sU|sN|jdtj��tj|jd�|jtj��ndSndS(s� Check if a path is entered in the line. If so, it checks if user           are allowed to see this path. If user is not allowed, it calls                 self.counter_update. I case of completion, it only returns 0 or 1.
        R?iii����tstrtints\$|\*|\?s"|'Rs`which echo` %stshellR
RROt/R&(sstrsintN(RsRRfRAtevalR7RR?t
expanduserR4RdR5t
subprocesstPopentTruetPIPER
RRJt
expandvarsRYtisdirRReR[RXRZ(
RRht
completionRitallowed_path_retdenied_path_reRNtptcintcoutttomatcht
match_allowedtmatch_denied((s&/usr/lib/pymodules/python2.7/lshell.pyR3]sP
	#"

cCs�||jdkr&d|j|_n\tj|jd|�rld|j|j|jd�df|_nd|j|f|_dS(s/ Update prompt when changing directory
        R&s%s:~$ s%s:~%s$ is%s:%s$ N(RRR	R4RdRA(RR?((s&/usr/lib/pymodules/python2.7/lshell.pyRZ�s	$c
Cs�|j�|jr�|jr�y,tj|jd�tj|jd�WnWtk
r�y2t|jdd�j	�tj|jd�Wq�tk
r�q�XnXtj
�|_tj|j
�tj|jd�nze|dk	r�||_n|jdr$|jjt|jd�d�nd}x|s1|jrQ|jjd�}n�|jr�yt|j�}Wq�tk
r�d}q�tk
r�|jjd�d	}q�XnN|jj|j�|jj�|jj�}t|�s�d}n
|d
 }|j|�}|j|�}|j||�}q-W|j �Wd|jr}|jr}ytj|j�Wq}t!k
ryq}Xnytj"|jd�Wn,tk
r�|j#j$d|jd�nXXdS(
s�Repeatedly issue a prompt, accept input, parse an initial prefix            off the received input, and dispatch to action methods, passing them           the remainder of the line as argument.
        RDthistory_sizetws
: completeR
s
iR#Ri����Ns(WARN: couldn't write history to file %s
(%tprelooptuse_rawinputtcompletekeyRFtread_history_fileRtset_history_lengthRHRItcloset
get_completert
old_completert
set_completertcompletetparse_and_bindRR
RR/Rstcmdqueuetpopt	raw_inputR	tEOFErrortKeyboardInterrupttflushR
RWtprecmdtonecmdtpostcmdtpostlooptImportErrorRGRR(RR
tstopRh((s&/usr/lib/pymodules/python2.7/lshell.pytcmdloop�sf



$			
	


	


cCs�|dkr�tj�}|j�}tjd|�dj�}t|�t|�}tj�|}tj�|}|jd�ddkr�t|jd��dkr�|j}n�t|jd��dkr�|jd�d|j	dkr�|j
}n||dkrp|j|�\}	}
}|	d	kr9|j}qyyt
|d
|	�}Wqytk
rl|j}qyXn	|j}|||||�|_ny|j|SWntk
r�dSXdS(s�Return the next possible completion for 'text'.
        If a command has not been entered, then complete against command list. 
        Otherwise try to call complete_<command> to get list of completions.
        is&|\||;i����RORbiiRRt	complete_N(RFtget_line_buffertlstripR4RARWt
get_begidxt
get_endidxtcompletesudoRt
completechdirt	parselinetcompletedefaulttgetattrtAttributeErrort
completenamestcompletion_matchest
IndexErrorR(RttexttstatetoriglineRhtstrippedtbegidxtendidxtcompfuncRtargstfoo((s&/usr/lib/pymodules/python2.7/lshell.pyR��s44 
	
cCs|jjd�dS(s+ This method overrides the original default method. 
        It was originally used to warn when an unknown command was entered             (e.g. *** Unknown syntax: blabla). 
        It has been implemented in the __getattr__ method.
        So it has no use here. Its output is now empty.
        RN(RR/(RRh((s&/usr/lib/pymodules/python2.7/lshell.pytdefaultscGsid|}|j�}x&|jdD]}|jd|�q$Wg|D]}|j|�rF|d^qFS(s� This method overrides the original completenames method to overload        it's output with the command available in the 'allowed' variable               This is useful when typing 'tab-tab' in the command prompt
        tdo_Ri(t	get_namesRtappendRg(RR�tignoredtdotexttnamesRCta((s&/usr/lib/pymodules/python2.7/lshell.pyR�s

cCs-g|jdD]}|j|�r|^qS(s complete sudo command RB(RRg(RR�RhR�R�R�((s&/usr/lib/pymodules/python2.7/lshell.pyR�sc
Cs�g}|j�d}tjd|jd|�}ytjj|�}Wntj�}nXtjj|�s�|j	dd�d}|dkr�d}ntjj|�s�tj�}q�n|j
|d�dkr�x�tj|�D]|}tjjtjj||��r|d}n
|d}|j
d	�rV|j
d	�rc|j|�qcq�|j|�q�Wg|D]}	|	j
|�rn|	^qnSd
Sd
S(s complete directories i����s^~R&RviiRROt.N(RAR4R5RRR?RYR[R~trsplitR3tlistdirtjoinRgR�R(
RR�RhR�R�ttoreturnt
tocompletet	directorytinstanceR�((s&/usr/lib/pymodules/python2.7/lshell.pyR�#s2	!
&cCs�|j|�\}}}||||_|_|_|sE|j�S|dkr^|j|�S||_|dkr�|j|�Syt|d|�}Wnt	k
r�|j|�SX||�SdS(s� This method overrides the original onecomd method, to put the cmd,         arg and line variables in class global variables: self.g_cmd,                  self.g_arg and self.g_line.
        Thos variables are then used by the __getattr__ method
        RR�N(
R�RR6Rt	emptylineRR�tlastcmdR�R�(RRhRtargtfunc((s&/usr/lib/pymodules/python2.7/lshell.pyR�Bs

	

cCs|jr
dSdS(s� This method overrides the original emptyline method, so it doesn't         repeat the last command if last command was empty.
        I just found this annoying..
        iN(R�(R((s&/usr/lib/pymodules/python2.7/lshell.pyR�Xs	cCs�|r�yt|d|�}Wn�tk
r�y>t|d|�j}|rj|jjdt|��dSWntk
r~nX|jjdt|j|f��dSX|�n5tj|j	d��j
�}|j�|j|�dS(sK This method overrides the original do_help method. 
        Instead of printing out the that are documented or not, it returns the         list of allowed commands when '?' or 'help' is entered. 
        Of course, it doesn't override the help function: any help_* method            will be called (e.g. help_help(self) )
        thelp_R�s%s
NR(
R�R�t__doc__RR/RstnohelpR8tfromkeysR�tkeystsortt	columnize(RR�R�tdoctlist_tmp((s&/usr/lib/pymodules/python2.7/lshell.pytdo_help`s"

$

cCs|jjt�dS(s Print Help on Help N(RR/t	help_help(R((s&/usr/lib/pymodules/python2.7/lshell.pyR�{scCs.tjtj|j�tj|jd�dS(s� This function is kicks you out the the lshell after              the 'timer' variable exprires. 'timer' is set in seconds.
        RN(tsignaltSIGALRMt_timererrortalarmR(Rttimeout((s&/usr/lib/pymodules/python2.7/lshell.pyRscCs
td�dS(Nslshell timer timeout(t
LshellTimeOut(Rtsignumtframe((s&/usr/lib/pymodules/python2.7/lshell.pyR��sN(t__name__t
__module__R�RRR>R)R*R+R,R(R0ReR3RZR�R�R�R�R�R�R�R�R�R�RR�(((s&/usr/lib/pymodules/python2.7/lshell.pyRUs2	%	0				
	
U?	@	#										tCheckConfigcBs�eZdZdddd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d�Zd	�Zd
�Z
d�Zd�Zd
d�Zd�Zd�Zdd�Zd�Zd
d
d�Zd�Zd�ZRS(s# Check the configuration file.
    cCs�|dkrtj|_n	||_|dkr?tj|_n	||_|dkrctj|_n	||_i|_|j||j�\|_|_|j|jd�|j	�|j
�|j�|j�|j
�|j�|j�|j�dS(s0 Force the calling of the methods below
        t
configfileN(RRR
RRRt
getoptionst	argumentst
check_filet
get_globalt	check_logt
get_configtcheck_user_integritytget_config_usert	check_envtcheck_scp_sftptcheck_passwd(RR�R
RR((s&/usr/lib/pymodules/python2.7/lshell.pyR�s(				!






cCs�t|d<y+tj|dddddg�\}}Wn.tjk
re|jjd�|j�nXx�|D]�\}}|dkr�tjj|�|d<n|dkr�tjj|�|d
<n|dkr�||d<n|dkr�|j�n|dkrm|j	�qmqmWd|dg}|j
d
�rH|d	|d
g7}nt|�tjd<tjj
d�r�tjd|d<n||fS(s� This method checks the usage. lshell.py must be called with a              configuration file.
        If no configuration file is specified, it will set the configuration           file path to /etc/lshell.confelf.conf['allowed'].append('exit')
        R�shc:sconfig=slog=R.tversionsMissing or unknown argument(s)
s--configs--logRs-cRis-hs--helps	--versiontLSHELL_ARGStSSH_ORIGINAL_COMMAND(s--config(s--log(s-c(s-hs--help(s	--version(
tconfig_filetgetopttGetoptErrorRR/tusageRR?RYR�RRsRR(RR�RtoptlistR�toptionRV((s&/usr/lib/pymodules/python2.7/lshell.pyR��s4
	

cCs!tjjt�tjd�dS(s Prints the usage iN(RRR/R�R"(R((s&/usr/lib/pymodules/python2.7/lshell.pyR��scCs%tjjdt�tjd�dS(s Prints the version slshell-%s - Limited Shell
iN(RRR/t__version__R"(R((s&/usr/lib/pymodules/python2.7/lshell.pyR��scCsT|jjd�rP|jd}x.|j�D]}t||�tj|<q,WndS(s5 Load environment variable set in configuration file tenv_varsN(RRR�RsRRR(RR�tkey((s&/usr/lib/pymodules/python2.7/lshell.pyR��s
cCsUtjj|�sB|jjd�|jjt�tjd�ntj�|_	dS(sh This method checks the existence of the "argumently" given                 configuration file.
        s!Error: Config file doesn't exist
iN(
RR?texistsRR/R�RR"tConfigParsertconfig(Rtfile((s&/usr/lib/pymodules/python2.7/lshell.pyR��s
cCs�y|jj|jd�Wn@tjtjfk
r]}|jjd|�tj	d�nX|jj
d�s�|jjd�tj	d�nxH|jjd�D]4}|jj|d�s�|d|j|d<q�q�WdS(sD Loads the [global] parameters from the configuration file 
        R�sERR: %s
itglobals%Config file missing [global] section
iN(
R�treadRR�tMissingSectionHeaderErrortParsingErrorRR/RR"thas_sectiontitemsR(RtargumentRN((s&/usr/lib/pymodules/python2.7/lshell.pyR��scCs�itjd6tjd6tjd6tjd6|_|jjd�rtyt|jd�}Wqz|jd}qzXnd}tj	|�}tj
dt��}tj
d|tj
�t�f�}|jtj�tj�}|j|�|jtj
d	��|jtj�|jjd
�s5d|jd
<nyt|jd
�|jd
<Wntk
rsd|jd
<nX|jd
dkr�d|jd
<n#|jd
dkr�d|jd
<n|jjd�r�yt|jd�}Wn|jd}nXtj�}|jd
d|d�}|jdd|d�}|jdd|d�}|jdd|d|df�}|jdt��}n	t�}|jd
dkr�y�|dkrddlm}|dd�}	|	j|�|	j|j|jd
�|j|	�n�tjj|jd|d�}
t|
d�j�}tj|
�|_|jj|�|jj|j|jd
�|j|j�Wq�tk
r�q�Xn||jd<||_ dS(s* Sets the log level and log file 
        iiiit
syslognametlshells%%(asctime)s (%s): %%(message)ss%s[%s]: %s: %%(message)ss%(message)stloglevelitlogfilenames%ys%ss%ms%02ds%ds%hs%02d%02ds%utsyslogi����(t
SysLogHandlertaddresss/dev/logRs.logR�N(!tloggingtCRITICALtERRORtWARNINGtDEBUGtlevelsRRRwt	getLoggert	FormatterRRtgetpidtsetLevelt
StreamHandlert
addHandlertsetFormatterRtt
ValueErrorttimet	localtimeRtlogging.handlersRR?R�RIR�tFileHandlertlogfileRHR(RtlognameR	tloggert	formattertsyslogformattertlogsterrt
currentimeRR
Rtfp((s&/usr/lib/pymodules/python2.7/lshell.pyR�s|

	
	

	



cCs�|jj|jd�t�|_i|_|jd�tj�}|j	�x8|D]0}t
j|�d}d|}|j|�qVW|j|j�dS(s� Load default, group and user configuation. Then merge them all. 
        The loadpriority is done in the following order:
            1- User section
            2- Group section
            3- Default section
        R�R�isgrp:N(R�RRRtusertconf_rawtget_config_subRt	getgroupstreversetgrptgetgrgid(Rtgrplisttgidtgrpnametsection((s&/usr/lib/pymodules/python2.7/lshell.pyR�\s	



c	Cs�|jj|�r|xg|jj|�D]P}|d}|d}tjd|jdd��}t|�dkr�|dkr�x�|D]"}|jd
�s�|jd�r�|jj	|j
|j||��q�|dkr�|jj	i|j�|6�q�|rl|dkrlddg}x4t|�D]&}|dct
jj|�d
7<q"W|jj	it|�|6�q�|r�tt|��tkr�|jj	i||6�q�q�Wq%|dkr�|ddkr�|jj	i|j�|6�q%|dkr\ddg}x:|j|d�D]&}|dct
jj|�d
7<qW|jj	it|�|6�q%|jj	t|g��q%WndS(s[ this function is used to interpret the configuration +/-, 
            'all' etc.
        iis([\+\-\s]+\[[^\]]+\])RORR?RcRRt-t+s'all's/.*|N(spathsoversshsalloweds	forbidden(R�RRR4RARRWRgR(RSt	minusplust
expand_allRwRR?RYRsR7tlisttmyevalR8(	RR1RNR�RVRAtstufftlisteR?((s&/usr/lib/pymodules/python2.7/lshell.pyR)xs>

	
 $ ! $ cCsv|j|�r%|j||�}n!|dkr@ddg}ng}|j|d|�}|jd�r�|dkr�xO|D]&}|dctjj|�d7<q~Wqex�|D]}|j|�q�Wn�|jd�re|dkrxx|D]&}|dctjj|�d7<q�WqexG|D]<}||krD|j|�q"|jj	d||f�q"Wnit
|�|6S(	s= update configuration lists containing -/+ operators
        R?RiR3is/.*|R2s#CONF: -['%s'] ignored in '%s' list.(RR7RgRR?RYR�tremoveRRRs(RtconfdictR�textraR9tsublistR?RN((s&/usr/lib/pymodules/python2.7/lshell.pyR4�s,
'

'
cCs�ddddddddd	d
ddd
dddddddddg}x�tjdjd�D]}}tjj|�r�xbtj|�D]:}tjtjj||�tj�r�|j	|�q�q�Wq_|j
jd|�q_Wt|�S(s) expand allowed, if set to 'all'
        tbgtbreaktcaseR(tcontinueRwtexecR"tfgtiftjobstkilltlogintlogouttsettshiftR�tsuspendtumasktunsettwaittwhiletPATHt:s$CONF: PATH entry "%s" does not exist(
RRRRAR?R�R�taccessR�tX_OKR�RRRs(Rtexpanded_allR�RN((s&/usr/lib/pymodules/python2.7/lshell.pyR5�s$RcCsMyt|�}|SWn2tk
rH|jjd|�tjd�nXdS(s? if eval returns SyntaxError, log it as critical iconf missing s/CONF: Incomplete %s field in configuration fileiN(RwtSyntaxErrorRRKRR"(RRVR:t	evaluated((s&/usr/lib/pymodules/python2.7/lshell.pyR7�s
cCsixbtD]Z}||jj�kr|jjd|d�|jjd|j�tjd�qqWdS(s� This method checks if all the required fields by user are present          for the present user.
        In case fields are missing, the user is notified and exited from lshell.
        sERROR: Missing parameter 's'sCERROR: Add it in the in the [%s] or [default] section of conf file.iN(trequired_configR(R�RRKR'RR"(RRN((s&/usr/lib/pymodules/python2.7/lshell.pyR��s
	cCs*|jjd�r�yt|jd�|jd<Wntk
rCnX|jddkrgd|jd<n#|jddkr�d|jd<ny"|jj|j|jd�Wq�tk
r�q�Xnx3dddddd	d
ddd
dddddgD]�}y$|j	|j||�|j|<Wq�t
k
r�|d0krMg|j|<q�|d1krid|j|<q�|d2kr�d|j|<q�|d3kr�i|j|<q�|d4kr�q�q�d|j|<q�tk
r�|jj
d|�tjd�q�Xq�W|j|jd<|jjd�rq|jdjd|jd�|jd<tjj|j	|jdd��|jd<ntjd|jd<|jjd�r�t|jd�|jd<|jddc|jdd7<n/ddg|jd<|jdd|jdd<|jjd�r:|j	|jdd�|jd<n
d|jd<|jjd�r�|j	|jd�|jd<yOtjj|jd�r�|jd|jd<n|jjd|jd�Wq�tk
r�|jjd �q�Xn|jjd!�r|j	|jd!�|jd!<n
t|jd!<|jjd"�rq|jd"|jd"<|j|j|jd"d�ntjj|jd�r�tj|jd�n(|jj
d#|jd�tjd�|jjd$�r4y1t|jd$jd|jd��|jd$<WqA|jjd%|jd$�qAXn
t|jd$<|jd$jd&�sd'|jd|jd$f|jd$<ntjd(|jdtjd(<|jdjd)�|jdjd*�|jdjd+�|jdjd,�|jdjd-�|jdr&|jdjd.�nd/S(5s� Once all the checks above have passed, the configuration files             values are entered in a dict to be used by the command line it self.
        The lshell command line is then launched!
        RiiRRRBRR�Rtscpt
scp_uploadtscp_downloadtsftpRcR%R'R	R�i����is5ERR: in the -%s- field. Check the configuration file.tusernameR&s%utHOMER?s.*Rtenv_pathtscpforces$CONF: scpforce no such directory: %ss CONF: scpforce must be a string!R
tlock_counters(ERR: home directory "%s" does not exist.RDsCONF: history file error: %sRvs%s/%sRPR"R)R*R+tclearRbN(sallowedsoversshs
sudo_commands(shistory_size(RYRZ(saliasessenv_vars(sprompt( R(RRtRRRRRR�R7tKeyErrort	TypeErrorRRKRR"R'RRR?tnormpathRRRwR�RR
taccount_lockR~RXRDRgR�(RRN((s&/usr/lib/pymodules/python2.7/lshell.pyR��s�
"

$


%

 
 
!


cCs
|r	ndS(s6 check if user account is locked, in which case, exit N((RR'R`tcheck((s&/usr/lib/pymodules/python2.7/lshell.pyReosc	Cs|jjd�rtjjd�r�tjjd�r�d|jdkr�|jddkr�|jjd�tj|jd�|jjd�tjd	�q�|jjd
�tjd	�nt	|jd(d(d(d(|jd�}|j|jdd(dd�r|jd|jd�nt
|jdd	�}t
|jddd
 �}x�|jdj�jd�D]v}tjj|�d}tj||�}|r�tj||�}nd(}|s�|rn|jd|jd�qnqnW|jdjd�r�|jddks$d|jdkr�d|jdkr�|jdrb|jjd|jd�q�|jjd|jd�tjd	�nd|jdkr�|jdr||jjd�r^|jdjd�}tjj|d
�}	tjj|jd�}
|	|
kr^|jjdd|	�|jd
�|j|
�tj|�|jd<q^n|jjd|jd�q�|jjd|jd�tjd	�ntj|jd�|jjd�tjd	�q�|jd|jdd�q|jdr�t|jd|jd �|jd<|j|jdd!ddd�re|jd"|jd�n|jjd#|jd�|jdd$kr�|jd(�ntj|jd�|jjd%�tjd	�q|jd&|jd�q|jd'|jd�nd(S()s� This method checks if the user is trying to SCP a file onto the            server. If this is the case, it checks if the user is allowed to use           SCP or not, and    acts as requested. : )
        Rit
SSH_CLIENTtSSH_TTYssftp-serverR[isSFTP connectsSFTP disconnectis*** forbidden SFTP connections
path over SSHR?i����RORvsscp RXRcs -f RZs
SCP: GET "%s"sSCP: download forbidden: "%s"s -t RYR_sSCP: forced SCP s
directory: %ss
SCP: PUT "%s"sSCP: upload forbidden: "%s"sSCP disconnectsSCP connectionR'R%schar/command over SSHsOver SSH: "%s"R.R$scommand over SSHsshell escapeN(RRRRRRRR;RR"RRR3tssh_warnRsRfRAR?RYR4RdRgR�R�tstringR�R9R0R�(RtcliR�R�RNR�R�R�tcmdsplittscppatht
forcedpath((s&/usr/lib/pymodules/python2.7/lshell.pyR�ys�#
&


	



"cCs�|dkr7|jjd|�|jjd|�n|jjd||f�|jjd�|jjd�tjd�dS(	s+ log and warn if forbidden action over SSH RXs*** forbidden %ss*** SCP command: %ss*** forbidden %s: "%s"s!This incident has been reported.
R$iN(RRKRRR/RR"(RtmessageRCR�((s&/usr/lib/pymodules/python2.7/lshell.pyRi�scCs�|jj|j�rQ|jj|jd�rH|jj|jd�}qWd}nd}|r�td|jd�}||kr�|jjd�|j	j
d�tjd�q�ndSdS(sF As a passwd field is required by user. This method checks in the           configuration file if the password is empty, in wich case, no password         check is required. In the other case, the password is asked to be              entered. 
        If the entered password is wrong, the user is exited from lshell.
        tpasswdsEnter s
's password: s!Error: Wrong password 
Exiting..
sWARN: Wrong passwordiN(
R�RR't
has_optiontgetRRRR/RRKRR"(RRptpassword((s&/usr/lib/pymodules/python2.7/lshell.pyR��s	cCs|jS(s  returns the configuration dict (R(R((s&/usr/lib/pymodules/python2.7/lshell.pyt
returnconfsN(R�R�R�RRR�R�R�R�R�R�R�R�R)R4R5R7R�R�ReR�RiR�Rt(((s&/usr/lib/pymodules/python2.7/lshell.pyR��s*	/				
		V		&		
		�
	i	R�cBs#eZdZdd�Zd�ZRS(s- Custum exception used for timer timeout
    s	Timed OutcCs
||_dS(N(RV(RRV((s&/usr/lib/pymodules/python2.7/lshell.pyRscCs
t|j�S(N(treprRV(R((s&/usr/lib/pymodules/python2.7/lshell.pyt__str__s(R�R�R�RRv(((s&/usr/lib/pymodules/python2.7/lshell.pyR�scCs�x�|j�D]�}d|}x�tj||�r�tj||�dd}tj||�dd}tj|d||||f|d�}|}||kr Pq q Wq
Wx7dddgD]&}|jd||fd	|�}q�W|S(
s0 Replace all configured aliases in the line
    s(^|; |;)%s([ ;&\|]+|$)iis%s%s%st;R_R@s%s%ss%s(R�R4RdR5R(RhR'RNtregt
beforecommandtaftercommandtlinesavetchar((s&/usr/lib/pymodules/python2.7/lshell.pyR9s
$cCs�tjjtjd�tjd<tjjd�rStjdttjd�}n
tjd}t|�j	�}yt
|�}|j�Wnett
fk
r�tjjd�tjd�n2tk
r�|djd�tjjd�nXd	S(
s main function itSHELLR�is
Exited on user request
Rs
Timer expireds

Time is up.
N(RR?RYRtargvRRRRwR�RtRR�R�R�RR/R"R�R(R�R Rk((s&/usr/lib/pymodules/python2.7/lshell.pytmain$s !

t__main__($R�RRRR�RRRjR4R�R
R�RyRFR,Rt
__author__R�RWtexec_prefixtconf_prefixR�RDt	lock_fileR�R�R
RR1RR�t	ExceptionR�R9RR�(((s&/usr/lib/pymodules/python2.7/lshell.pyt<module>sJ

��7���