Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wipe as admin user #371

Merged
merged 3 commits into from
Jun 21, 2018
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 44 additions & 22 deletions lib/agent/actions/wipe/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,10 @@ var fs = require('fs'),
Emitter = require('events').EventEmitter,
wipe = require('./wipe'),
common = require('./../../common'),
keys = require('./../../plugins/control-panel/api/keys'),
join = path.join,
os_name = common.os_name,
os_wipe = require('./' + os_name),
logger = common.logger.prefix('wipe'),
system = common.system;

Expand Down Expand Up @@ -49,6 +51,7 @@ exports.start = function(opts, cb) {

exports.directories = [];
var opts = opts || {};
var token = opts.token || null;
var confirm = opts.confirm == 'ireallyknowwhatiamdoing';
var items = valid_types(opts);

Expand Down Expand Up @@ -81,7 +84,7 @@ exports.start = function(opts, cb) {
var spawn = function() {
var args = [join(__dirname, 'runner.js')].concat(items).concat(exports.directories.toString());

system.spawn_as_logged_user(node_bin, args, function(err, child) {
system.spawn_as_admin_user(node_bin, args, function(err, child) {
if (err) {
if (err.toString().includes('No logged user') && os_name == 'windows') {
logger.warn('Not logged user found, proceding without impersonation')
Expand All @@ -90,35 +93,54 @@ exports.start = function(opts, cb) {
else return finished(err);
}

child.stdout.on('data', function(str) {
var lines = str.toString().split(/\n/);
lines.forEach(function(line) {
if (line.toString().match('Removing directory')) {
logger.warn(line.trim());
removed++;
} else if (line.toString().match('Error while removing dir')) {
logger.warn(line.trim());
} else if (line.trim() != '') {
logger.debug(line.trim());
}
});
})
if (typeof child == 'function') { // only for windows
os_wipe.paths.directories = exports.directories;

wipe.fetch_dirs(items, function(err, dirs_to_wipe) {
var opts = {
dirs: dirs_to_wipe,
token: token,
key: keys.get().device.toString()
};

child.on('exit', function(code) {
if (code !== 0)
last_err = new Error('Wipe command failed.');
child('wipe', opts, function(err) {
if (err) last_err = new Error('Wipe command failed through service');
finished(last_err, true);
});
});

finished(last_err);
});
} else {
child.stdout.on('data', function(str) {
var lines = str.toString().split(/\n/);
lines.forEach(function(line) {
if (line.toString().match('Removing directory')) {
logger.warn(line.trim());
removed++;
} else if (line.toString().match('Error while removing dir')) {
logger.warn(line.trim());
} else if (line.trim() != '') {
logger.debug(line.trim());
}
});
})

child.on('exit', function(code) {
if (code !== 0)
last_err = new Error('Wipe command failed.');

finished(last_err);
});

wipe_process = child;
wipe_process = child;
}
});
}

var finished = function(err) {
logger.warn('Process finished! ' + removed + ' dir(s) removed.');
var finished = function(err, service) {
logger.warn('Process finished! ' + (service ? '' : removed + ' dir(s) removed.'));

if (!emitter) return;
if (service) return emitter.emit('end', err);

// if no files were removed, treat that as an error
if (!err && removed == 0) {
Expand Down
6 changes: 3 additions & 3 deletions lib/agent/actions/wipe/runner.js
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ what.shift();
wipe.output(process.stdout);

// process each of the requested items to wipe
what.forEach(function(item) {
console.log('Wiping: ' + item);
wipe[item](function(err, removed) {
wipe.fetch_dirs(what, function(err) {
if (err) last_err = err;
wipe.wipeout(function(err) {
if (err) last_err = err;
})
})
Expand Down
66 changes: 53 additions & 13 deletions lib/agent/actions/wipe/wipe.js
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
var fs = require('fs'),
join = require('path').join,
remove = require('remover'),
os_name = process.platform.replace('win32', 'windows').replace('darwin', 'mac'),
os_wipe = require('./' + os_name),
paths = os_wipe.paths;
var fs = require('fs'),
join = require('path').join,
async = require('async'),
remove = require('remover'),
os_name = process.platform.replace('win32', 'windows').replace('darwin', 'mac'),
os_wipe = require('./' + os_name),
paths = os_wipe.paths;

require('graceful-fs');

Expand All @@ -16,6 +17,8 @@ var wipe_binary = {
fill_only: false
};

var dirs_to_wipe = [];

var secure_wipe_cmd = wipe_binary.path
+ (wipe_binary.secure ? ' -secure' : '')
+ (wipe_binary.fill_only ? ' -fill_only' : '')
Expand Down Expand Up @@ -133,14 +136,42 @@ exports.directories = function(cb) {
wipe('directories', cb)
}

var wipe_opts = {
documents : exports.documents,
emails : exports.emails,
passwords : exports.passwords,
cookies : exports.cookies,
cloud : exports.cloud,
directories: exports.directories
}

exports.stop = function() {
remover.stop();
}

var wipe = function(what, cb) {
exports.fetch_dirs = function(items, cb) {
var array = [];
dirs_to_wipe = [];
items.forEach(function(item) {
array.push(
function(callback) {
wipe_opts[item](function(err) {
if (err) last_err = err;
callback();
})
}
)
})

async.series(array, function(err) {
if (err) last_err = err;
return cb(null, dirs_to_wipe);
});
}

exports.wipeout = function(cb) {
var last_err,
dirs = 0,
root = homes[process.platform];
dirs = 0;

var done = function(err, removed) {
if (err)
Expand All @@ -153,21 +184,30 @@ var wipe = function(what, cb) {
--dirs || cb(last_err, removed);
}

dirs_to_wipe.forEach(function(dir) {
dirs++;
remover = remove(join(dir, '*'), secure_wipe_cmd, done)
})
}

var wipe = function(what, cb) {
var root = homes[process.platform];

if (what == 'directories') {
paths.directories.forEach(function(dir) {
dirs++;
remover = remove(join(dir, '*'), secure_wipe_cmd, done);
dirs_to_wipe.push(dir);
})
return cb();
} else {
fs.readdir(root, function(err, list) {
if (err) return cb(err);

list.forEach(function(user) {
paths[what].forEach(function(dir) {
dirs++;
remover = remove(join(root, user, dir, '*'), secure_wipe_cmd, done)
dirs_to_wipe.push(join(root, user, dir));
})
});
return cb();
});
}
}
47 changes: 42 additions & 5 deletions lib/system/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -82,43 +82,80 @@ system.get_logged_user = remember(function(cb) {
})
});

system.get_admin_user = remember(function(cb) {
system.find_admin_user(function(e, user) {
if (e || !user || user.trim() == '') {
var err = new Error('No admin user detected.');
if (e) err.message += ' ' + e.message;
err.code = 'NO_ADMIN_USER';
return cb(err);
}
cb(null, user);
})
})

system.get_running_user = function() {
var s = process.env.USER ||
process.env.USERNAME ||
process.env.LOGNAME || 'System';
return clean_string(s);
};

var get_user = {
'logged_user': system.get_logged_user,
'admin_user': system.get_admin_user
};

function get(type, cb) {
get_user[type](function(err, user) {
return cb(err, user)
})
}

//////////////////////////////////////////////////////
// impersonation

system.spawn_as_logged_user = function(command, args, opts, cb) {
as_logged_user('spawn', command, args, opts, cb);
as('logged_user', 'spawn', command, args, opts, cb);
};

system.spawn_as_admin_user = function(command, args, opts, cb) {
var options = { command: command, args: args, opts: opts, cb: cb };

if (os_name == 'windows') {
system.check_service(function(err, data) { // An error means the new service isn't available
if (err) return as('logged_user', 'spawn', data.command, data.args, data.opts, data.cb);

var cb = data.cb;
if (typeof data.opts == 'function') cb = data.opts;
return cb(null, system.run_as_admin);
})
} else as('admin_user', 'spawn', command, args, opts, cb);
}

system.run_as_logged_user = function(command, args, opts, cb) {
as_logged_user('exec', command, args, opts, cb);
as('logged_user', 'exec', command, args, opts, cb);
};

system.kill_as_logged_user = function(pid, cb) {
var cb = cb || function() { /* boo-hoo */ };
as_logged_user('exec', 'kill', [ pid ], {}, cb);
as('logged_user', 'exec', 'kill', [ pid ], {}, cb);
}

/**
* run_as_user options have the same signature as as_user.
*/
system.run_as_user = as_user;

function as_logged_user(type, bin, args, opts, cb) {
function as(user_type, type, bin, args, opts, cb) {
if (typeof opts == 'function') {
var cb = opts;
var opts = {};
} else if (!opts) {
var opts = {};
}

system.get_logged_user(function(err, user) {
get(user_type, function(err, user) {
if (err) return cb(err);

var options = {
Expand Down
14 changes: 14 additions & 0 deletions lib/system/linux/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ var cp = require('child_process'),
exec = cp.exec,
execSync = cp.execSync;

var get_admin_user_cmd = "getent group adm | awk -F' |,' '{print $2}'"

exports.get_os_name = distro.name;

exports.get_os_version = function(cb) {
Expand Down Expand Up @@ -40,6 +42,18 @@ exports.find_logged_user = function(callback) {
});
};

exports.find_admin_user = function(cb) {
exec(get_admin_user_cmd, function(err, admin_usr) {
if (err) return cb(err);
admin_usr = admin_usr.replace(/\n/g, '');

if (admin_usr == '' || admin_usr == 'root')
return cb(new Error("Couldn't find admin user."))

return cb(null, admin_usr)
});
}

exports.process_running = function(process_name, callback){
var cmd = 'ps ax | grep -v grep | grep -q ' + process_name + ' && echo 1';
exec(cmd, function(err, stdout){
Expand Down
15 changes: 14 additions & 1 deletion lib/system/mac/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ exports.reconnect = airport.reconnect;
// var get_logged_user_cmd = "stat /dev/console | cut -d' ' -f5";
// var get_logged_user_pid_cmd = "ps ax | grep -v grep | grep loginwindow | awk '{print $1}'"
// var get_logged_users_cmd = "ps aux | grep -v grep | grep loginwindow | awk '{print $1}'"
var get_logged_users_cmd = "stat -f%Su /dev/console"
var get_logged_users_cmd = "stat -f%Su /dev/console",
get_admin_user_cmd = "dscl . read /Groups/admin GroupMembership | awk '{print $3}'";

var get_logged_user_pid = function() {
var cmd = "ps ax | grep loginwindow.app | head -1 | awk '{print $1}'";
Expand Down Expand Up @@ -45,6 +46,18 @@ exports.find_logged_user = function(cb) {
});
}

exports.find_admin_user = function(cb) {
exec(get_admin_user_cmd, function(err, admin_usr) {
if (err) return cb(err);
admin_usr = admin_usr.replace(/\n/g, '');

if (admin_usr == '' || admin_usr == 'root')
return cb(new Error("Couldn't find admin user."))

return cb(null, admin_usr)
});
}

exports.get_os_name = function(cb) {
cb(null, os_name);
}
Expand Down
Binary file added lib/system/windows/bin/updater.exe
Binary file not shown.
Binary file modified lib/system/windows/bin/wpxsvc.exe
100755 → 100644
Binary file not shown.
Loading