From bc3c504fe3a8e59672b8f4226877daf34fdc4a70 Mon Sep 17 00:00:00 2001 From: Simonmicro Date: Thu, 23 Dec 2021 17:28:24 +0100 Subject: [PATCH 1/5] Corrected permissions on database file (and parent folder for #48) --- docker/entrypoint.py | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docker/entrypoint.py b/docker/entrypoint.py index cd4999a..53f05af 100755 --- a/docker/entrypoint.py +++ b/docker/entrypoint.py @@ -10,7 +10,7 @@ import subprocess import sys PYTHON3 = '/usr/bin/python3' -dbPath = os.path.join(os.sep, 'home', 'py-kms', 'db', 'pykms_database.db') +dbPath = os.path.join(os.sep, 'home', 'py-kms', 'db') # Do not include the database file name, as we must correct the folder permissions (the db file is recursively reachable) log_level_bootstrap = log_level = os.getenv('LOGLEVEL', 'INFO') if log_level_bootstrap == "MININFO": log_level_bootstrap = "INFO" @@ -34,8 +34,13 @@ def change_uid_grp(): os.chown("/home/py-kms", new_uid, new_gid) os.chown("/usr/bin/start.py", new_uid, new_gid) if os.path.isfile(dbPath): - os.chown(dbPath, new_uid, new_gid) - loggersrv.debug("%s" %str(subprocess.check_output("ls -al " + dbPath, shell=True))) + # Corret permissions recursively, as to access the database file, also its parent folder must be accessible + for root, dirs, files in os.walk(dbPath): + for dName in dirs: + os.chown(os.path.join(root, dName), new_uid, new_gid) + for fName in files: + os.chown(os.path.join(root, fName), new_uid, new_gid) + loggersrv.debug(str(subprocess.check_output(['ls', '-la', dbPath]))) loggersrv.info("Setting gid to '%s'." % str(new_gid)) os.setgid(new_gid) From 05fdd33353d9b536e406b3c39d28678f1994b9b5 Mon Sep 17 00:00:00 2001 From: Simonmicro Date: Thu, 23 Dec 2021 17:53:17 +0100 Subject: [PATCH 2/5] Added permission unlocker for log files --- docker/entrypoint.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docker/entrypoint.py b/docker/entrypoint.py index 53f05af..589f13a 100755 --- a/docker/entrypoint.py +++ b/docker/entrypoint.py @@ -41,7 +41,10 @@ def change_uid_grp(): for fName in files: os.chown(os.path.join(root, fName), new_uid, new_gid) loggersrv.debug(str(subprocess.check_output(['ls', '-la', dbPath]))) - + if 'LOGFILE' in os.environ and os.path.exists(os.environ['LOGFILE']): + # Oh, the user also wants a custom log file -> make sure start.py can access it by setting the correct permissions (777) + os.chmod(os.environ['LOGFILE'], 777) + loggersrv.error(str(subprocess.check_output(['ls', '-la', os.environ['LOGFILE']]))) loggersrv.info("Setting gid to '%s'." % str(new_gid)) os.setgid(new_gid) From 81e616ddd12b9be7467ff027fe7edca367e9498e Mon Sep 17 00:00:00 2001 From: Simonmicro Date: Thu, 23 Dec 2021 18:42:54 +0100 Subject: [PATCH 3/5] Proper failure if entry in database is not found --- py-kms/pykms_Client.py | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/py-kms/pykms_Client.py b/py-kms/pykms_Client.py index bd6d3ec..5a47fb7 100644 --- a/py-kms/pykms_Client.py +++ b/py-kms/pykms_Client.py @@ -156,18 +156,25 @@ def client_check(): def client_update(): kmsdb = kmsDB2Dict() + loggerclt.debug(f'Searching in kms database for machine "{clt_config["mode"]}"...') + appitems = kmsdb[2] for appitem in appitems: kmsitems = appitem['KmsItems'] for kmsitem in kmsitems: - name = re.sub('\(.*\)', '', kmsitem['DisplayName']).replace('2015', '').replace(' ', '') + name = re.sub('\(.*\)', '', kmsitem['DisplayName']) # Remove bracets + name = name.replace('2015', '') # Remove specific years + name = name.replace(' ', '') # Ignore whitespaces + name = name.replace('/11', '', 1) # Cut out Windows 11, as it is basically Windows 10 if name == clt_config['mode']: skuitems = kmsitem['SkuItems'] # Select 'Enterprise' for Windows or 'Professional Plus' for Office. for skuitem in skuitems: - if skuitem['DisplayName'].replace(' ','') == name + 'Enterprise' or \ - skuitem['DisplayName'].replace(' ','') == name[:6] + 'ProfessionalPlus' + name[6:]: - + sName = skuitem['DisplayName'] + sName = sName.replace(' ', '') # Ignore whitespaces + sName = sName.replace('/11', '', 1) # Cut out Windows 11, as it is basically Windows 10 + if sName == name + 'Enterprise' or \ + sName == name[:6] + 'ProfessionalPlus' + name[6:]: clt_config['KMSClientSkuID'] = skuitem['Id'] clt_config['RequiredClientCount'] = int(kmsitem['NCountPolicy']) clt_config['KMSProtocolMajorVersion'] = int(float(kmsitem['DefaultKmsProtocol'])) @@ -175,7 +182,8 @@ def client_update(): clt_config['KMSClientLicenseStatus'] = 2 clt_config['KMSClientAppID'] = appitem['Id'] clt_config['KMSClientKMSCountedID'] = kmsitem['Id'] - break + return + raise RuntimeError(f'Client failed to find machine configuration in kms database - make sure it contains an entry for "{clt_config["mode"]}"') def client_connect(): loggerclt.info("Connecting to %s on port %d" % (clt_config['ip'], clt_config['port'])) From cd07807a808cb1330a91c19d1898a26735fe3164 Mon Sep 17 00:00:00 2001 From: Simonmicro Date: Thu, 23 Dec 2021 18:59:31 +0100 Subject: [PATCH 4/5] Added more debug logging & FINALLY corrected permission fixer --- docker/entrypoint.py | 18 ++++++++++++------ py-kms/pykms_Sql.py | 1 + 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/docker/entrypoint.py b/docker/entrypoint.py index 589f13a..1483579 100755 --- a/docker/entrypoint.py +++ b/docker/entrypoint.py @@ -33,14 +33,20 @@ def change_uid_grp(): new_uid = int(os.getenv('UID', str(uid))) os.chown("/home/py-kms", new_uid, new_gid) os.chown("/usr/bin/start.py", new_uid, new_gid) - if os.path.isfile(dbPath): + if os.path.isdir(dbPath): # Corret permissions recursively, as to access the database file, also its parent folder must be accessible - for root, dirs, files in os.walk(dbPath): - for dName in dirs: - os.chown(os.path.join(root, dName), new_uid, new_gid) + loggersrv.debug(f'Correcting owner permissions on {dbPath}.') + os.chown(dbPath, new_uid, new_gid) + for root, dirs, files in os.walk(dbPath): + for dName in dirs: + dPath = os.path.join(root, dName) + loggersrv.debug(f'Correcting owner permissions on {dPath}.') + os.chown(dPath, new_uid, new_gid) for fName in files: - os.chown(os.path.join(root, fName), new_uid, new_gid) - loggersrv.debug(str(subprocess.check_output(['ls', '-la', dbPath]))) + fPath = os.path.join(root, fName) + loggersrv.debug(f'Correcting owner permissions on {fPath}.') + os.chown(fPath, new_uid, new_gid) + loggersrv.debug(subprocess.check_output(['ls', '-la', dbPath]).decode()) if 'LOGFILE' in os.environ and os.path.exists(os.environ['LOGFILE']): # Oh, the user also wants a custom log file -> make sure start.py can access it by setting the correct permissions (777) os.chmod(os.environ['LOGFILE'], 777) diff --git a/py-kms/pykms_Sql.py b/py-kms/pykms_Sql.py index 1e8c47d..6afa889 100644 --- a/py-kms/pykms_Sql.py +++ b/py-kms/pykms_Sql.py @@ -18,6 +18,7 @@ loggersrv = logging.getLogger('logsrv') def sql_initialize(dbName): if not os.path.isfile(dbName): # Initialize the database. + loggersrv.debug(f'Initializing database file "{dbName}"...') con = None try: con = sqlite3.connect(dbName) From 882eeb8dce95b13a1b4e112993acc9f9f7bf493b Mon Sep 17 00:00:00 2001 From: Simonmicro Date: Thu, 23 Dec 2021 19:02:04 +0100 Subject: [PATCH 5/5] Removed link to special file, as it does not work anyways --- docs/Getting Started.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/Getting Started.md b/docs/Getting Started.md index 7aa157c..2ad3ec8 100644 --- a/docs/Getting Started.md +++ b/docs/Getting Started.md @@ -52,7 +52,6 @@ services: - SQLITE=true - HWID=RANDOM - LOGLEVEL=INFO - - LOGFILE=/dev/stdout restart: always volumes: - ./db:/home/py-kms/db