mirror of
https://github.com/sshuttle/sshuttle.git
synced 2025-06-01 15:46:43 +02:00
69d3f7dc64
* added sudoers options to command line arguments * added sudoers options to command line arguments * template for sudoers file * Added option for GUI sudo * added support for GUI sudo * script for auto adding sudo file * sudoers auto add works and validates * small change * Clean up for CI * removed code that belongs in another PR * added path for package bins * added sudoers bin * added sudoers-add to setup file * fixed issue with sudoers bash script * auto sudoers now works * added --sudoers-no-modify option * bin now works with ./run * removed debug print * Updated sudoers-add script * Fixed error passing sudoers config to script * more dynamic building of sudoers file * added option to specify sudoers.d file name * fixed indent issue * fixed indent issue * indent issue * clean up * formating * docs * fix for flags * Update usage.rst * removed shell=true * cleared CI errors * cleared CI errors * removed random * cleared linter issue * cleared linter issue * cleared linter issue * updated sudoers-add script * safer temp file * moved bin directory * moved bin directory * removed print * fixed spacing issue * sudoers commands must only containe upper case latters
117 lines
4.1 KiB
Python
117 lines
4.1 KiB
Python
import re
|
|
import socket
|
|
import platform
|
|
import sshuttle.helpers as helpers
|
|
import sshuttle.client as client
|
|
import sshuttle.firewall as firewall
|
|
import sshuttle.hostwatch as hostwatch
|
|
import sshuttle.ssyslog as ssyslog
|
|
from sshuttle.options import parser, parse_ipport
|
|
from sshuttle.helpers import family_ip_tuple, log, Fatal
|
|
from sshuttle.sudoers import sudoers
|
|
|
|
|
|
def main():
|
|
opt = parser.parse_args()
|
|
|
|
if opt.sudoers or opt.sudoers_no_modify:
|
|
if platform.platform().startswith('OpenBSD'):
|
|
log('Automatic sudoers does not work on BSD')
|
|
exit(1)
|
|
|
|
if not opt.sudoers_filename:
|
|
log('--sudoers-file must be set or omited.')
|
|
exit(1)
|
|
|
|
sudoers(
|
|
user_name=opt.sudoers_user,
|
|
no_modify=opt.sudoers_no_modify,
|
|
file_name=opt.sudoers_filename
|
|
)
|
|
|
|
if opt.daemon:
|
|
opt.syslog = 1
|
|
if opt.wrap:
|
|
import sshuttle.ssnet as ssnet
|
|
ssnet.MAX_CHANNEL = opt.wrap
|
|
if opt.latency_buffer_size:
|
|
import sshuttle.ssnet as ssnet
|
|
ssnet.LATENCY_BUFFER_SIZE = opt.latency_buffer_size
|
|
helpers.verbose = opt.verbose
|
|
|
|
try:
|
|
if opt.firewall:
|
|
if opt.subnets or opt.subnets_file:
|
|
parser.error('exactly zero arguments expected')
|
|
return firewall.main(opt.method, opt.syslog)
|
|
elif opt.hostwatch:
|
|
return hostwatch.hw_main(opt.subnets, opt.auto_hosts)
|
|
else:
|
|
includes = opt.subnets + opt.subnets_file
|
|
excludes = opt.exclude
|
|
if not includes and not opt.auto_nets:
|
|
parser.error('at least one subnet, subnet file, '
|
|
'or -N expected')
|
|
remotename = opt.remote
|
|
if remotename == '' or remotename == '-':
|
|
remotename = None
|
|
nslist = [family_ip_tuple(ns) for ns in opt.ns_hosts]
|
|
if opt.seed_hosts:
|
|
sh = re.split(r'[\s,]+', (opt.seed_hosts or "").strip())
|
|
elif opt.auto_hosts:
|
|
sh = []
|
|
else:
|
|
sh = None
|
|
if opt.listen:
|
|
ipport_v6 = None
|
|
ipport_v4 = None
|
|
lst = opt.listen.split(",")
|
|
for ip in lst:
|
|
family, ip, port = parse_ipport(ip)
|
|
if family == socket.AF_INET6:
|
|
ipport_v6 = (ip, port)
|
|
else:
|
|
ipport_v4 = (ip, port)
|
|
else:
|
|
# parse_ipport4('127.0.0.1:0')
|
|
ipport_v4 = "auto"
|
|
# parse_ipport6('[::1]:0')
|
|
ipport_v6 = "auto" if not opt.disable_ipv6 else None
|
|
if opt.syslog:
|
|
ssyslog.start_syslog()
|
|
ssyslog.close_stdin()
|
|
ssyslog.stdout_to_syslog()
|
|
ssyslog.stderr_to_syslog()
|
|
return_code = client.main(ipport_v6, ipport_v4,
|
|
opt.ssh_cmd,
|
|
remotename,
|
|
opt.python,
|
|
opt.latency_control,
|
|
opt.dns,
|
|
nslist,
|
|
opt.method,
|
|
sh,
|
|
opt.auto_hosts,
|
|
opt.auto_nets,
|
|
includes,
|
|
excludes,
|
|
opt.daemon,
|
|
opt.to_ns,
|
|
opt.pidfile,
|
|
opt.user,
|
|
opt.sudo_pythonpath)
|
|
|
|
if return_code == 0:
|
|
log('Normal exit code, exiting...')
|
|
else:
|
|
log('Abnormal exit code %d detected, failing...' % return_code)
|
|
return return_code
|
|
|
|
except Fatal as e:
|
|
log('fatal: %s\n' % e)
|
|
return 99
|
|
except KeyboardInterrupt:
|
|
log('\n')
|
|
log('Keyboard interrupt: exiting.\n')
|
|
return 1
|