mirror of
https://gitee.com/fit2cloud-feizhiyun/1Panel.git
synced 2024-12-04 12:59:52 +08:00
fix: ufw 防火墙增加 sudo 判断 (#733)
This commit is contained in:
parent
a0b820649e
commit
09ac40846f
@ -368,7 +368,11 @@ func (u *FirewallService) pingStatus() string {
|
||||
if _, err := os.Stat("/etc/sysctl.conf"); err != nil {
|
||||
return constant.StatusNone
|
||||
}
|
||||
stdout, _ := cmd.Exec("sudo cat /etc/sysctl.conf | grep net/ipv4/icmp_echo_ignore_all= ")
|
||||
commond := "cat /etc/sysctl.conf | grep net/ipv4/icmp_echo_ignore_all= "
|
||||
if cmd.HasSudo() {
|
||||
commond = "sudo cat /etc/sysctl.conf | grep net/ipv4/icmp_echo_ignore_all= "
|
||||
}
|
||||
stdout, _ := cmd.Exec(commond)
|
||||
if stdout == "net/ipv4/icmp_echo_ignore_all=1\n" {
|
||||
return constant.StatusEnable
|
||||
}
|
||||
@ -404,7 +408,11 @@ func (u *FirewallService) updatePingStatus(enabel string) error {
|
||||
return err
|
||||
}
|
||||
|
||||
stdout, err := cmd.Exec("sudo sysctl -p")
|
||||
commond := "sysctl -p"
|
||||
if cmd.HasSudo() {
|
||||
commond = "sudo sysctl -p"
|
||||
}
|
||||
stdout, err := cmd.Exec(commond)
|
||||
if err != nil {
|
||||
return fmt.Errorf("update ping status failed, err: %v", stdout)
|
||||
}
|
||||
|
@ -4,10 +4,11 @@ import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"github.com/1Panel-dev/1Panel/backend/buserr"
|
||||
"github.com/1Panel-dev/1Panel/backend/constant"
|
||||
"os/exec"
|
||||
"time"
|
||||
|
||||
"github.com/1Panel-dev/1Panel/backend/buserr"
|
||||
"github.com/1Panel-dev/1Panel/backend/constant"
|
||||
)
|
||||
|
||||
func Exec(cmdStr string) (string, error) {
|
||||
@ -99,3 +100,11 @@ func HasNoPasswordSudo() bool {
|
||||
err2 := cmd2.Run()
|
||||
return err2 == nil
|
||||
}
|
||||
|
||||
func HasSudo() bool {
|
||||
cmd := exec.Command("sudo", "-nv")
|
||||
if err := cmd.Run(); err != nil {
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
@ -7,10 +7,18 @@ import (
|
||||
"github.com/1Panel-dev/1Panel/backend/utils/cmd"
|
||||
)
|
||||
|
||||
type Ufw struct{}
|
||||
type Ufw struct {
|
||||
CmdStr string
|
||||
}
|
||||
|
||||
func NewUfw() (*Ufw, error) {
|
||||
return &Ufw{}, nil
|
||||
var ufw Ufw
|
||||
if cmd.HasSudo() {
|
||||
ufw.CmdStr = "sudo ufw"
|
||||
} else {
|
||||
ufw.CmdStr = "ufw"
|
||||
}
|
||||
return &ufw, nil
|
||||
}
|
||||
|
||||
func (f *Ufw) Name() string {
|
||||
@ -18,7 +26,7 @@ func (f *Ufw) Name() string {
|
||||
}
|
||||
|
||||
func (f *Ufw) Status() (string, error) {
|
||||
stdout, err := cmd.Exec("sudo ufw status | grep Status")
|
||||
stdout, err := cmd.Execf("%s status | grep Status", f.CmdStr)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("load the firewall status failed, err: %s", stdout)
|
||||
}
|
||||
@ -29,7 +37,7 @@ func (f *Ufw) Status() (string, error) {
|
||||
}
|
||||
|
||||
func (f *Ufw) Version() (string, error) {
|
||||
stdout, err := cmd.Exec("sudo ufw version | grep ufw")
|
||||
stdout, err := cmd.Execf("%s version | grep ufw", f.CmdStr)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("load the firewall status failed, err: %s", stdout)
|
||||
}
|
||||
@ -38,7 +46,7 @@ func (f *Ufw) Version() (string, error) {
|
||||
}
|
||||
|
||||
func (f *Ufw) Start() error {
|
||||
stdout, err := cmd.Exec("echo y | sudo ufw enable")
|
||||
stdout, err := cmd.Execf("echo y | %s enable", f.CmdStr)
|
||||
if err != nil {
|
||||
return fmt.Errorf("enable the firewall failed, err: %s", stdout)
|
||||
}
|
||||
@ -46,7 +54,7 @@ func (f *Ufw) Start() error {
|
||||
}
|
||||
|
||||
func (f *Ufw) Stop() error {
|
||||
stdout, err := cmd.Exec("sudo ufw disable")
|
||||
stdout, err := cmd.Execf("%s disable", f.CmdStr)
|
||||
if err != nil {
|
||||
return fmt.Errorf("stop the firewall failed, err: %s", stdout)
|
||||
}
|
||||
@ -58,7 +66,7 @@ func (f *Ufw) Reload() error {
|
||||
}
|
||||
|
||||
func (f *Ufw) ListPort() ([]FireInfo, error) {
|
||||
stdout, err := cmd.Exec("sudo ufw status verbose")
|
||||
stdout, err := cmd.Execf("%s status verbose", f.CmdStr)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -83,7 +91,7 @@ func (f *Ufw) ListPort() ([]FireInfo, error) {
|
||||
}
|
||||
|
||||
func (f *Ufw) ListAddress() ([]FireInfo, error) {
|
||||
stdout, err := cmd.Exec("sudo ufw status verbose")
|
||||
stdout, err := cmd.Execf("%s status verbose", f.CmdStr)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -123,9 +131,9 @@ func (f *Ufw) Port(port FireInfo, operation string) error {
|
||||
return fmt.Errorf("unsupport strategy %s", port.Strategy)
|
||||
}
|
||||
|
||||
command := fmt.Sprintf("sudo ufw %s %s", port.Strategy, port.Port)
|
||||
command := fmt.Sprintf("%s %s %s", f.CmdStr, port.Strategy, port.Port)
|
||||
if operation == "remove" {
|
||||
command = fmt.Sprintf("sudo ufw delete %s %s", port.Strategy, port.Port)
|
||||
command = fmt.Sprintf("%s delete %s %s", f.CmdStr, port.Strategy, port.Port)
|
||||
}
|
||||
if len(port.Protocol) != 0 {
|
||||
command += fmt.Sprintf("/%s", port.Protocol)
|
||||
@ -147,9 +155,9 @@ func (f *Ufw) RichRules(rule FireInfo, operation string) error {
|
||||
return fmt.Errorf("unsupport strategy %s", rule.Strategy)
|
||||
}
|
||||
|
||||
ruleStr := fmt.Sprintf("sudo ufw %s ", rule.Strategy)
|
||||
ruleStr := fmt.Sprintf("%s %s ", f.CmdStr, rule.Strategy)
|
||||
if operation == "remove" {
|
||||
ruleStr = fmt.Sprintf("sudo ufw delete %s ", rule.Strategy)
|
||||
ruleStr = fmt.Sprintf("%s delete %s ", f.CmdStr, rule.Strategy)
|
||||
}
|
||||
if len(rule.Protocol) != 0 {
|
||||
ruleStr += fmt.Sprintf("proto %s ", rule.Protocol)
|
||||
|
Loading…
Reference in New Issue
Block a user