home *** CD-ROM | disk | FTP | other *** search
/ Clickx 115 / Clickx 115.iso / software / tools / windows / tails-i386-0.16.iso / live / filesystem.squashfs / usr / share / pyshared / GdmGreeter / persistence.py < prev    next >
Encoding:
Python Source  |  2013-01-10  |  4.8 KB  |  127 lines
  1. #!/usr/bin/python
  2. #
  3. # Copyright 2012 Tails developers <tails@boum.org>
  4. # Copyright 2011 Max <govnototalitarizm@gmail.com>
  5. # Copyright 2011 Martin Owens
  6. #
  7. # This program is free software: you can redistribute it and/or modify
  8. #  it under the terms of the GNU General Public License as published by
  9. #  the Free Software Foundation, either version 3 of the License, or
  10. #  (at your option) any later version.
  11. #
  12. #  This program is distributed in the hope that it will be useful,
  13. #  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. #  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15. #  GNU General Public License for more details.
  16. #
  17. #  You should have received a copy of the GNU General Public License
  18. #  along with this program.  If not, see <http://www.gnu.org/licenses/>
  19. #
  20. """Persistence handling
  21.  
  22. """
  23. import logging
  24. import os
  25. import subprocess
  26.  
  27. import gettext
  28. _ = gettext.gettext
  29.  
  30. import GdmGreeter
  31. import GdmGreeter.config
  32. import GdmGreeter.errors
  33. from GdmGreeter.utils import unicode_to_utf8
  34.  
  35. class PersistenceSettings(object):
  36.     """Model storing settings related to persistence
  37.  
  38.     """
  39.     def __init__(self):
  40.         pass
  41.  
  42.     def list_containers(self):
  43.         """Returns a list of persistence containers we might want to unlock."""
  44.         proc = subprocess.Popen(
  45.             [
  46.                 "/usr/bin/sudo", "-n", "/usr/local/sbin/live-persist",
  47.                 "--log-file=/var/log/live-persist",
  48.                 "--encryption=luks", "--media=removable",
  49.                 "list", "TailsData"
  50.             ],
  51.             stdout=subprocess.PIPE,
  52.             stderr=subprocess.PIPE
  53.             )
  54.         out, err = proc.communicate()
  55.         out = unicode_to_utf8(out)
  56.         err = unicode_to_utf8(err)
  57.         if proc.returncode:
  58.             raise GdmGreeter.errors.LivePersistError(
  59.                 _("live-persist failed with return code %(returncode)s:\n%(stderr)s")
  60.                 % { 'returncode': proc.returncode, 'stderr': err }
  61.                 )
  62.         containers = str.splitlines(out)
  63.         logging.debug("found containers: %s", containers)
  64.         return containers
  65.  
  66.     def activate(self, device, password, readonly):
  67.         cleartext_device = self.unlock_device(device, password)
  68.         logging.debug("unlocked cleartext_device: %s", cleartext_device)
  69.         self.setup_persistence(cleartext_device, readonly)
  70.         with open(GdmGreeter.config.persistence_state_file, 'w') as f:
  71.             os.chmod(GdmGreeter.config.persistence_state_file, 0o600)
  72.             f.write('TAILS_PERSISTENCE_ENABLED=true\n')
  73.             if readonly:
  74.                 f.write('TAILS_PERSISTENCE_READONLY=true\n')
  75.  
  76.     def unlock_device(self, device, password):
  77.         """Unlock the LUKS persistent device"""
  78.         cleartext_name = str.rsplit(device, '/', 1)[-1] + '_unlocked'
  79.         cleartext_device = '/dev/mapper/' + cleartext_name
  80.         if not os.path.exists(cleartext_device):
  81.             args = [
  82.                 "/usr/bin/sudo", "-n",
  83.                 "/sbin/cryptsetup", "luksOpen",
  84.                 "--tries", "1",
  85.                 device, cleartext_name
  86.                 ]
  87.             proc = subprocess.Popen(
  88.                 args, stdin=subprocess.PIPE,
  89.                 stdout=subprocess.PIPE, stderr=subprocess.PIPE
  90.                 )
  91.             out, err = proc.communicate(password + "\n")
  92.             out = unicode_to_utf8(out)
  93.             err = unicode_to_utf8(err)
  94.             if proc.returncode:
  95.                 logging.debug(
  96.                     "cryptsetup failed with return code %(returncode)s:\n%(stdout)s\n%(stderr)s"
  97.                     % { 'returncode': proc.returncode, 'stdout': out, 'stderr': err })
  98.                 raise GdmGreeter.errors.WrongPassphraseError(
  99.                     _("cryptsetup failed with return code %(returncode)s:\n%(stdout)s\n%(stderr)s")
  100.                     % { 'returncode': proc.returncode, 'stdout': out, 'stderr': err }
  101.                     )
  102.             logging.debug("crytpsetup success")
  103.         return cleartext_device
  104.  
  105.     def setup_persistence(self, cleartext_device, readonly):
  106.         args = [ "/usr/bin/sudo", "-n", "/usr/local/sbin/live-persist" ]
  107.         if readonly:
  108.             args.append('--read-only')
  109.         else:
  110.             args.append('--read-write')
  111.         args.append('--log-file=/var/log/live-persist')
  112.         args.append('activate')
  113.         args.append(cleartext_device)
  114.         proc = subprocess.Popen(
  115.             args,
  116.             stdout=subprocess.PIPE,
  117.             stderr=subprocess.PIPE
  118.             )
  119.         out, err = proc.communicate()
  120.         out = unicode_to_utf8(out)
  121.         err = unicode_to_utf8(err)
  122.         if proc.returncode:
  123.             raise GdmGreeter.errors.LivePersistError(
  124.                 _("live-persist failed with return code %(returncode)s:\n%(stdout)s\n%(stderr)s")
  125.                 % { 'returncode': proc.returncode, 'stdout': out, 'stderr': err }
  126.                 )
  127.