| Server IP : 213.136.93.164 / Your IP : 216.73.216.20 Web Server : Apache System : Linux m14200.contabo.net 5.14.0-611.54.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Wed May 6 18:03:03 EDT 2026 x86_64 User : ki692510 ( 1047) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /opt/cloudlinux/venv/lib64/python3.11/site-packages/clcagefslib/webisolation/ |
Upload File : |
#!/opt/cloudlinux/venv/bin/python3 -sbb
# -*- coding: utf-8 -*-
#
# Copyright © Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2021 All Rights Reserved
#
# Licensed under CLOUD LINUX LICENSE AGREEMENT
# http://cloudlinux.com/docs/LICENCE.TXT
#
"""
Mount configuration builder for website isolation.
The code handles all standard behavior (docroot isolation, home overlay, etc).
"""
import os.path
from dataclasses import dataclass, field
from .jail_config import MountEntry
@dataclass
class IsolatedRootConfig:
"""
Configuration for a directory overlay.
Closes access to a directory by mounting a fake/empty directory over it,
then selectively exposing only whitelisted paths.
Storage is computed as: {storage_base}/{name}
"""
# Path to the root of this storage (e.g. ~/.clcagefs/website/123/home)
root_path: str
# Real directory to close
target: str
# Use temporary tmpfs for storage (default: real directory)
persistent: bool = True
# List of mounts made inside of this root (dynamically)
mounts: list[MountEntry] = field(default_factory=list)
def mount(self, type_, source, target, opts: tuple = tuple()):
"""Mounts whatever asked into the root of isolated storage"""
relative_path = os.path.relpath(target, self.target)
self.mounts.append(MountEntry(type_, source, f"{self.root_path}/{relative_path}", opts))