nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-01-28 08:03:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/networks/__init__.py
Sunil Mohan Adapa 5f548a9e36
packages: Make modules declare managed packages 
This can then be used by a privileged action to verify that packages
requested for installation are in fact valid.  This slightly improves
security of those privileged actions.
2016-06-11 12:11:32 -04:00

127 lines
3.5 KiB
Python
Raw Blame History

#
# This file is part of Plinth.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
"""
Plinth module to interface with network-manager
"""
from django.utils.translation import ugettext_lazy as _
from logging import Logger
import subprocess
from plinth import action_utils
from plinth import cfg
from plinth import network
version = 1
is_essential = True
depends = ['system']
managed_packages = ['network-manager']
title = _('Networks')
logger = Logger(__name__)
def init():
"""Initialize the Networks module."""
menu = cfg.main_menu.get('system:index')
menu.add_urlname(title, 'glyphicon-signal', 'networks:index')
def setup(helper, old_version=None):
"""Install and configure the module."""
helper.install(managed_packages)
def diagnose():
"""Run diagnostics and return the results."""
results = []
interfaces = _get_shared_interfaces()
addresses = _get_interface_addresses(interfaces)
for address in addresses:
results.append(
action_utils.diagnose_port_listening(53, 'tcp', address))
results.append(
action_utils.diagnose_port_listening(53, 'udp', address))
results.append(_diagnose_dnssec('4'))
results.append(_diagnose_dnssec('6'))
return results
def _get_shared_interfaces():
"""Get active network interfaces in shared mode."""
shared_interfaces = []
for connection in network.get_connection_list():
if not connection['is_active']:
continue
connection_uuid = connection['uuid']
connection = network.get_connection(connection_uuid)
settings_ipv4 = connection.get_setting_ip4_config()
if settings_ipv4.get_method() == 'shared':
settings_connection = connection.get_setting_connection()
interface = settings_connection.get_interface_name()
if interface:
shared_interfaces.append(interface)
return shared_interfaces
def _get_interface_addresses(interfaces):
"""Get the IPv4 addresses for the given interfaces."""
output = subprocess.check_output(['ip', '-o', 'addr'])
lines = output.decode().splitlines()
addresses = []
for line in lines:
parts = line.split()
if parts[1] in interfaces and parts[2] == 'inet':
addresses.append(parts[3].split('/')[0])
return addresses
def _diagnose_dnssec(kind='4'):
"""Perform diagnostic on whether the system is using DNSSEC.
Kind is either '4' or '6' for IPv4 and IPv6 respectively.
"""
kind_option = {'4': '-4', '6': '-6'}[kind]
result = 'failed'
try:
output = subprocess.check_output(
['dig', kind_option, '+time=2', '+tries=1',
'test.dnssec-or-not.net', 'TXT'])
if 'Yes, you are using DNSSEC' in output.decode():
result = 'passed'
except subprocess.CalledProcessError:
pass
return [_('Using DNSSEC on IPv{kind}').format(kind=kind), result]
Reference in New Issue View Git Blame Copy Permalink