shell bypass 403
UnknownSec Shell
:
/
proc
/
thread-self
/
root
/
lib
/
Acronis
/
BackupAndRecovery
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
post_mount.py
#!/usr/sbin/acropsh import re import os import stat import subprocess import sys from optparse import OptionParser import time import signal from collections import defaultdict import zlib import abc # path-name: //var/lib/Acronis/mount/{crc32(arch)-timestamp}_{cont_id}_{pit}_{index} VERBOSE = True ACRONIS_DIR = "/var/lib/Acronis" MOUNT_DIR_DEFAULT = "/var/lib/Acronis/mount" IOSTAMP_DIR = "/var/lib/Acronis/IOStamp" DEV_DIR = "/dev" TI_MNT_NONE = "none" CONTAINER_ID_NONE = "0" FS_NONE = "none" FS_XFS = "xfs" FS_EXT3 = "ext3" FS_EXT4 = "ext4" FS_FAT = "vfat" FS_NTFS = "ntfs" MOUNT_OPT_NOATIME = "noatime" MOUNT_OPT_NOUUID = "nouuid" MOUNT_OPT_NOINIT_ITABLE = "noinit_itable" MOUNT_DIR = os.getenv("ACRONIS_MOUNT_DIR", MOUNT_DIR_DEFAULT) DOES_JOURNALING = os.getenv("ACRONIS_MOUNT_JOURNALING", False) def log(arg): global VERBOSE if VERBOSE: print(arg) def outprint(arg): print(arg) class MntDevMgr(object): """ Mount Device Manager """ __metaclass__ = abc.ABCMeta def __init__(self, options): self.archive = options.archive self.pit = options.pit self.index = options.index self.device = options.device self.fstype = options.fstype @staticmethod def extract_name(device): """ Extract device name from '/dev/xxx' -> 'xxx' """ if not device: return device return device.split("/")[-1] @staticmethod def execute(cmd): log("Executing: " + cmd) p = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE) stdout, stderr = p.communicate() p.wait() out = stdout.splitlines() err = stderr.splitlines() log("ret={0}".format(p.returncode)) log("out={0}".format(out)) log("err={0}".format(err)) return p.returncode, out, err @staticmethod def build_mount_folder(arch, cid, pit, index): return "{0}/{1}-{2}_{3}_{4}_{5}".format(MOUNT_DIR, format(zlib.crc32(arch.encode()) % (1 << 32), 'x'), int(time.time() * 1000), cid, pit, index) @staticmethod def print_device(device): outprint("DEVICE:{0}".format(device)) @staticmethod def print_mount_dir(mount_dir): outprint("MNTDIR:{0}".format(mount_dir)) @staticmethod def dev_timestamp(device, timestamp_type): try: if timestamp_type == "ctime": return int(os.stat(device).st_ctime) with open("{0}/{1}".format(IOSTAMP_DIR, MntDevMgr.extract_name(device))) as f: s_stamp = f.read().replace('\n', '') return int(s_stamp) except Exception as ex: print("Error {0}".format(ex)) return None @staticmethod def get_idle(stamp): if stamp is None: raise ValueError("Timestamp is 'None'") t = int(time.time()) return max(0, t - stamp) @staticmethod def dev_idle_time(device, timestamp_type): stamp = MntDevMgr.dev_timestamp(device, timestamp_type) return MntDevMgr.get_idle(stamp) @staticmethod def get_max_timestamp(devices, timestamp_type): return max([0] + [MntDevMgr.dev_timestamp(dev["dev"], timestamp_type) for dev in devices]) @staticmethod def dev2obj(elem): mount_point = elem[1] components = MntDevMgr.extract_name(mount_point).split("_") cid = CONTAINER_ID_NONE pit = "0" if len(components) > 1 and len(components[1]) > 0: cid = components[1] if len(components) > 2 and len(components[2]) > 0: pit = components[2] arch = "" fstype = "" majmin = "" pid = "" index = "" if len(elem) >= 6: arch = elem[2] fstype = elem[3] majmin = elem[4] pid = elem[5] index = elem[6] return { 'dev': elem[0], 'mpoint': elem[1], 'arch': arch, 'fstype': fstype, 'majmin': majmin, 'pid': pid, 'index': index, 'cid': cid, 'pit': pit } @staticmethod def get_devices(key): devices = [] ret, out, _ = MntDevMgr.execute("trueimagemnt {0}".format(key)) if ret != 0: raise SystemError("Error code: {0}".format(ret)) for elem in out: components = elem.decode().split(" ") devices.append(MntDevMgr.dev2obj(components)) return devices @staticmethod def get_used_devices(): return MntDevMgr.get_devices("--list") @staticmethod def get_orphaned_devices(): return MntDevMgr.get_devices("--list-orphanes") @staticmethod def stop_service(pid): MntDevMgr.execute("trueimagemnt --stop {0}".format(pid)) @staticmethod def daemon_status(pid): try: with open("/proc/{0}/cmdline".format(pid)) as f: cmdline = f.read() if "TrueImageMountDemonBin" in cmdline: return True except Exception as ex: print("Error {0}".format(ex)) return False @staticmethod def get_devices_groupped_by_pid(): devices = MntDevMgr.get_used_devices() pids = defaultdict(list) for dev in devices: pids[dev['pid']].append(dev) return dict(pids) @staticmethod def status_str(b): return "On" if b else "Off" @abc.abstractmethod def get_mount_folder(self): pass @abc.abstractmethod def mount_prepare(self, folder): pass @abc.abstractmethod def umount_done(self, folder): pass @abc.abstractmethod def create_folder(self, folder): pass @abc.abstractmethod def mount_to_folder(self, folder): pass @abc.abstractmethod def remove_folder(self, folder): pass @abc.abstractmethod def umount_from_folder(self, folder): pass @abc.abstractmethod def check_folder_is_mount(self, folder): pass @abc.abstractmethod def check_folder_is_busy(self, folder): pass def equal_dev(self, dev): return self.pit == dev['pit'] def get_mount_options(self): opts = [MOUNT_OPT_NOATIME] if self.fstype == FS_XFS: opts.append(MOUNT_OPT_NOUUID) if self.fstype == FS_EXT4: opts.append(MOUNT_OPT_NOINIT_ITABLE) return opts def get_mount_options_with_key(self): opts = self.get_mount_options() return "-o " + ",".join(opts) if opts else "" def journal_if_needed(self): if self.fstype not in [FS_EXT3, FS_EXT4]: return # check if journaling was enabled _, out, _ = self.execute("tune2fs -l {0}".format(self.device)) if "has_journal" not in out: return # does the journaling self.execute("e2fsck -p -E journal_only {0}".format(self.device)) # switch journaling off self.execute("tune2fs -O ^has_journal {0}".format(self.device)) def mount(self): self.print_device(self.device) log("mounting device {0}".format(self.device)) if self.fstype in [FS_NONE, FS_FAT, FS_NTFS]: log("skipped mounting a device with '{0}' file system".format(self.fstype)) return if DOES_JOURNALING: self.journal_if_needed() folder = self.get_mount_folder() self.mount_prepare(folder) if self.mount_to_folder(folder): self.print_mount_dir(folder) elif self.fstype == FS_XFS: # workaround for ABR-388306. ret, _, _ = self.execute("xfs_repair {0}".format(self.device)) if ret == 2: self.execute("xfs_repair -L {0}".format(self.device)) self.execute("xfs_repair {0}".format(self.device)) if self.mount_to_folder(folder): self.print_mount_dir(folder) else: self.remove_folder(folder) else: self.remove_folder(folder) def umount_device(self, dev): if self.umount_from_folder(dev['mpoint']): self.umount_done(dev['mpoint']) return True return False def umount_device_with_check(self, dev): if self.check_device_is_mount(dev): return self.umount_device(dev) return True def check_devices_is_umount(self, devices, silent=True): for dev in devices: if self.check_device_is_mount(dev, silent): return False return True def check_device_is_mount(self, dev, silent=True): folder = dev['mpoint'] if self.check_folder_is_mount(folder): if not silent: self.print_mount_dir(folder) return True return False def check_device_is_busy(self, dev): if not self.check_device_is_mount(dev): return False return self.check_folder_is_busy(dev['mpoint']) def status(self): devices = MntDevMgr.get_used_devices() for dev in devices: if self.pit is None or self.equal_dev(dev): self.print_device(dev['dev']) self.check_device_is_mount(dev, False) class HostMntDevMgr(MntDevMgr): def __init__(self, options): super(HostMntDevMgr, self).__init__(options) def get_mount_folder(self): return self.build_mount_folder(self.archive, CONTAINER_ID_NONE, self.pit, self.index) def mount_prepare(self, folder): if os.environ.get('ACRONIS_ENABLE_FSCK_BEFORE_MOUNT', 0) == '1': self.execute("fsck -y {0}".format(self.device)) self.create_folder(folder) if MOUNT_DIR == MOUNT_DIR_DEFAULT: log("Reset 751 for {0}".format(ACRONIS_DIR)) self.execute("chmod 751 {0}".format(ACRONIS_DIR)) else: log("Reset 751 for {0}".format(MOUNT_DIR)) self.execute("chmod 751 {0}".format(MOUNT_DIR)) def umount_done(self, folder): self.remove_folder(folder) def create_folder(self, folder): self.execute("mkdir -p {0}".format(folder)) def mount_to_folder(self, folder): ret, _, _ = self.execute("mount {0} {1} {2}".format(self.get_mount_options_with_key(), self.device, folder)) return ret == 0 def remove_folder(self, folder): self.execute("rm -rf {0}".format(folder)) def umount_from_folder(self, folder): self.execute("umount {0}".format(folder)) return not self.check_folder_is_mount(folder) def check_folder_is_mount(self, folder): ret, _, _ = self.execute("mountpoint {0}".format(folder)) return ret == 0 def check_folder_is_busy(self, folder): ret, _, _ = self.execute("fuser -vm {0}".format(folder)) return ret == 0 class VzCtMntDevMgr(MntDevMgr): def __init__(self, options, cont_id): super(VzCtMntDevMgr, self).__init__(options) self.cont_id = cont_id if cont_id != CONTAINER_ID_NONE else options.cont_id def get_mount_folder(self): return self.build_mount_folder(self.archive, self.cont_id, self.pit, self.index) def mount_prepare(self, folder): self.create_folder(folder) log("Reset 751 for {0}".format(MOUNT_DIR)) self.execute("vzctl exec {0} chmod 751 {1}".format(self.cont_id, MOUNT_DIR)) def umount_done(self, folder): self.remove_folder(folder) def create_folder(self, folder): self.execute("mkdir -p {0}".format(folder)) self.execute("vzctl exec {0} mkdir -p {1}".format(self.cont_id, folder)) def mount_to_folder(self, folder): if not self._check_folder_is_mount_host(folder): self.execute("mount {0} {1} {2}".format(self.get_mount_options_with_key(), self.device, folder)) # Virtuozzo 7.5 ret, _, _ = self.execute("vzctl set {0} --save --bindmount_add {1}:{2}".format(self.cont_id, folder, folder)) if ret != 0: # Fallback for VZ < 7.5 ret_bind, _, _ = self.execute("mount -o bind {0} /vz/root/{1}/{2}".format(folder, self.cont_id, folder)) return ret_bind == 0 return True def remove_folder(self, folder): self.execute("rm -rf {0}".format(folder)) self.execute("vzctl exec {0} rm -rf {1}".format(self.cont_id, folder)) def umount_from_folder(self, folder): # Virtuozzo 7.5 ret, _, _ = self.execute("vzctl set {0} --save --bindmount_del {1}".format(self.cont_id, folder)) check_mount_cont = False if ret != 0: # Fallback for VZ < 7.5 self.execute("umount /vz/root/{0}/{1}".format(self.cont_id, folder)) check_mount_cont = self.check_folder_is_mount(folder) check_mount_host = self._check_folder_is_mount_host(folder) if check_mount_host: self.execute("umount {0}".format(folder)) check_mount_host = self._check_folder_is_mount_host(folder) return not check_mount_cont and not check_mount_host def _check_folder_is_mount_host(self, folder): ret, _, _ = self.execute("mountpoint {0}".format(folder)) return ret == 0 def check_folder_is_mount(self, folder): ret, _, _ = self.execute("vzctl exec {0} mountpoint {1}".format(self.cont_id, folder)) return ret == 0 def check_folder_is_busy(self, folder): ret, _, _ = self.execute("vzctl exec {0} fuser -vm {1}".format(self.cont_id, folder)) return ret == 0 def equal_dev(self, dev): return self.cont_id == dev['cid'] and self.pit == dev['pit'] def create_mount_manager(cont_id, options): if cont_id == CONTAINER_ID_NONE: mount_manager = HostMntDevMgr(options) else: mount_manager = VzCtMntDevMgr(options, cont_id) return mount_manager def umount_devices(options, devices): for dev in devices: if dev['mpoint'] == TI_MNT_NONE: continue mount_manager = create_mount_manager(dev["cid"], options) if not mount_manager.umount_device_with_check(dev): log("Can't umount folder {0} in container {1}: filesystem is busy".format(dev['mpoint'], dev['cid'])) return False return True def purge_devices_by_attr(options, value, attr): pids = MntDevMgr.get_devices_groupped_by_pid() for pid, devices in pids.items(): mount_manager = None for dev in devices: if dev[attr] == value: mount_manager = create_mount_manager(dev["cid"], options) if dev['mpoint'] == TI_MNT_NONE: continue log("purge dev={0}".format(dev['dev'])) mount_manager.umount_device_with_check(dev) if mount_manager and mount_manager.check_devices_is_umount(devices): mount_manager.stop_service(pid) def purge_devices_by_name(options): purge_devices_by_attr(options, options.device, "dev") def purge_devices_by_names_list(options): pids = MntDevMgr.get_devices_groupped_by_pid() purge_devices = options.purge_devices.split(",") for pid, devices in pids.items(): mount_manager = None for dev in devices: if dev["dev"] in purge_devices: mount_manager = create_mount_manager(dev["cid"], options) if dev['mpoint'] == TI_MNT_NONE: continue log("purge dev={0}".format(dev['dev'])) mount_manager.umount_device_with_check(dev) if mount_manager and mount_manager.check_devices_is_umount(devices): mount_manager.stop_service(pid) def purge_devices_by_pit(options): purge_devices_by_attr(options, options.pit, "pit") def need_umount_devices(options, devices): if options.exclusions: exclusions = options.exclusions.split(",") for dev in devices: if dev["pit"] in exclusions: log("skipping umount for dev={0} device is in exclusions list".format(dev)) return False if options.exclude_device: exclude_devices = options.exclude_device.split(",") for dev in devices: if dev["dev"] in exclude_devices: log("skipping umount for dev={0} device is in exclusions list".format(dev)) return False if options.timeout == 0: return True max_timestamps = MntDevMgr.get_max_timestamp(devices, options.timestamp_type) idle = MntDevMgr.get_idle(max_timestamps) return idle >= options.timeout def purge_all_devices(options): cleanup_orphaned_devices(options) pids = MntDevMgr.get_devices_groupped_by_pid() for pid, devices in pids.items(): if need_umount_devices(options, devices): if umount_devices(options, devices): MntDevMgr.stop_service(pid) def info_all_devices(options): devices = MntDevMgr.get_used_devices() for dev in devices: mount_manager = create_mount_manager(dev["cid"], options) device = dev['dev'] pid = dev['pid'] outprint("Daemon: {0}".format(pid)) s = mount_manager.daemon_status(pid) outprint("Status: {0}".format(mount_manager.status_str(s))) if s: outprint("Device: {0}".format(device)) outprint("Idle: {0}".format(mount_manager.dev_idle_time(device, options.timestamp_type))) outprint("Busy: {0}".format(mount_manager.check_device_is_busy(dev))) def cleanup_orphaned_devices(options): devices = MntDevMgr.get_orphaned_devices() for dev in devices: mount_manager = create_mount_manager(dev["cid"], options) mount_manager.umount_device(dev) def main(): global VERBOSE parser = OptionParser() parser.add_option("-I", "--info", action="store_true", dest="info", help="print info", default=False) parser.add_option("-u", "--purge", action="store_true", dest="purge", help="purge devices", default=False) parser.add_option("-z", "--purge-devices", action="store", dest="purge_devices", help="purge passed devices", default=None) parser.add_option("-s", "--status", action="store_true", dest="status", help="status of mount", default=False) parser.add_option("-i", "--cont_id", action="store", dest="cont_id", help="container id", default=CONTAINER_ID_NONE, type="string", metavar="CONT_ID") parser.add_option("-p", "--pit", action="store", dest="pit", help="point in time", default=None, type="string", metavar="PIT") parser.add_option("-d", "--device", action="store", dest="device", help="device", default=None, type="string", metavar="DEVICE") parser.add_option("-t", "--timeout", action="store", dest="timeout", help="timeout", default=0, type="int", metavar="TIMEOUT") parser.add_option("-T", "--timestamp-type", action="store", dest="timestamp_type", help="timestamp type", default="io", type="string", metavar="TIMESTAMP_TYPE") parser.add_option("-e", "--exclusions", action="store", dest="exclusions", help="exclusions", default=None) parser.add_option("-l", "--exclude_device", action="store", dest="exclude_device", help="devices to exclude", default=None) parser.add_option("-v", "--verbose", action="store_true", dest="verbose", help="verbose output", default=True) parser.add_option("-f", "--fstype", action="store", dest="fstype", help="type of file system", default=None) parser.add_option("-a", "--archive", action="store", dest="archive", help="archive", default=None, type="string") parser.add_option("-x", "--index", action="store", dest="index", help="index of volume", default=None, type="string") parser.add_option("-c", "--cleanup", action="store_true", dest="cleanup", help="cleanup devices", default=False) options, args = parser.parse_args() VERBOSE = options.verbose if options.info: VERBOSE = False log("status: {0}".format(options.status)) log("purge: {0}".format(options.purge)) log("cont_id: {0}".format(options.cont_id)) log("pit: {0}".format(options.pit)) log("device: {0}".format(options.device)) log("timeout: {0}".format(options.timeout)) log("timestamp type: {0}".format(options.timestamp_type)) log("exclusions: {0}".format(options.exclusions)) log("exclude_device: {0}".format(options.exclude_device)) log("fstype: {0}".format(options.fstype)) log("cleanup: {0}".format(options.cleanup)) log("purge-devices: {0}".format(options.purge_devices)) try: if options.purge: if options.pit: purge_devices_by_pit(options) return if options.device: purge_devices_by_name(options) return if options.purge_devices: purge_devices_by_names_list(options) return purge_all_devices(options) return if options.cleanup: cleanup_orphaned_devices(options) return if options.info: info_all_devices(options) return mount_manager = create_mount_manager(options.cont_id, options) if options.status: mount_manager.status() return mount_manager.mount() except Exception as ex: sys.exit(ex) if __name__ == "__main__": # execute only if run as a script main()
© 2025 UnknownSec