zscams 2.0.2__tar.gz → 2.0.4__tar.gz

{zscams-2.0.2 → zscams-2.0.4}/PKG-INFO

@@ -1,25 +1,20 @@
 Metadata-Version: 2.1
 Name: zscams
-Version: 2.0.2
+Version: 2.0.4
 Summary: Async TLS tunnel client with SNI routing, auto-reconnect, and health checks
 Author: OCD - Cairo Software Team
 Maintainer: OCD - Cairo Software Team
-Classifier: Programming Language :: Python :: 2
-Classifier: Programming Language :: Python :: 2.7
+Requires-Python: >=3.9
 Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.4
-Classifier: Programming Language :: Python :: 3.5
-Classifier: Programming Language :: Python :: 3.6
-Classifier: Programming Language :: Python :: 3.7
-Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3.13
-Requires-Dist: PyYAML
-Requires-Dist: cryptography
-Requires-Dist: psutil
+Requires-Dist: PyYAML ; sys_platform != "freebsd"
+Requires-Dist: cryptography ; sys_platform != "freebsd"
+Requires-Dist: getmac
+Requires-Dist: psutil ; sys_platform != "freebsd"
 Requires-Dist: requests
 Description-Content-Type: text/markdown
 

{zscams-2.0.2 → zscams-2.0.4}/pyproject.toml

@@ -1,10 +1,9 @@
 [project]
 name = "zscams_agent"
-requires-python = "^3.9.2"
 
 [tool.poetry]
 name = "zscams"
-version = "2.0.2"
+version = "2.0.4"
 description = "Async TLS tunnel client with SNI routing, auto-reconnect, and health checks"
 authors = ["OCD - Cairo Software Team"]
 maintainers = ["OCD - Cairo Software Team"]
@@ -12,10 +11,12 @@ readme = "README.md"
 packages = [ { include = "zscams"}]
 
 [tool.poetry.dependencies]
-PyYAML = "*"
-cryptography = "*"
-psutil = "*"
-requests = "*"
+python = ">=3.9"
+requests = "*" 
+getmac = "*"
+PyYAML = { version = "*", markers = "sys_platform != 'freebsd'" }
+cryptography = { version = "*", markers = "sys_platform != 'freebsd'" }
+psutil = { version = "*", markers = "sys_platform != 'freebsd'" }
 
 [tool.poetry.scripts]
 zscams = "zscams.__main__:main"

zscams-2.0.4/zscams/__init__.py

@@ -0,0 +1,3 @@
+from .deps import ensure_native_deps
+
+ensure_native_deps()

{zscams-2.0.2 → zscams-2.0.4}/zscams/agent/src/core/backend/bootstrap.py

@@ -6,7 +6,7 @@ from typing import cast
 from zscams.agent.src.core.backend.client import backend_client
 from zscams.agent.src.support.configuration import reinitialize
 from zscams.agent.src.support.logger import get_logger
-from zscams.agent.src.support.os import create_system_user, install_systemd_service
+from zscams.agent.src.support.os import create_system_user, install_service
 from zscams.agent.src.support.ssh import add_to_authorized_keys
 from zscams.agent.src.support.cli import prompt
 
@@ -43,9 +43,11 @@ def bootstrap():
         required=True,
         startswith="",
     )
-    equipment_name = f"{equipment_type.lower()}-{customer_name.lower()}-{connector_name.lower()}"
+    equipment_name = (
+        f"{equipment_type.lower()}-{customer_name.lower()}-{connector_name.lower()}"
+    )
     enforced_id = prompt("Enforced ID", "Enforced Agent ID")
-    reinitialize(equipment_name=equipment_name,equipment_type=equipment_type)
+    reinitialize(equipment_name=equipment_name, equipment_type=equipment_type)
     cm_info = backend_client.bootstrap(equipment_name, enforced_id or None)
 
     sys_user = cast(str, cm_info.get("ssh_user"))
@@ -63,6 +65,7 @@ def install_zscams_systemd_service(user_to_run_as: str):
         "user_to_run_as": user_to_run_as,
     }
     import zscams
+
     BASE_DIR = Path(zscams.__file__).resolve().parent
     template_path = f"{BASE_DIR}/agent/configuration/service.j2"
     with open(template_path) as f:
@@ -70,4 +73,4 @@ def install_zscams_systemd_service(user_to_run_as: str):
 
     rendered_config = template.format(**data)
 
-    install_systemd_service("zscams.service", rendered_config)
+    install_service("zscams.service", rendered_config)

{zscams-2.0.2 → zscams-2.0.4}/zscams/agent/src/support/mac.py

@@ -1,6 +1,6 @@
 """Module to retrieve the MAC address of the primary network interface."""
 
-from zscams.lib.getmac import get_mac_address as gma
+from getmac import get_mac_address as gma
 
 
 class MacAddressError(Exception):

{zscams-2.0.2 → zscams-2.0.4}/zscams/agent/src/support/os.py

@@ -1,6 +1,7 @@
 import sys
 import subprocess
-
+import platform
+import subprocess
 from zscams.agent.src.support.logger import get_logger
 
 from .filesystem import write_to_file
@@ -9,7 +10,7 @@ logger = get_logger("os_support")
 
 
 def is_linux():
-    if sys.platform.startswith("linux"):
+    if sys.platform.lower().startswith("linux"):
         return True
     return False
 
@@ -28,10 +29,18 @@ def system_user_exists(username: str):
         return False
 
 
+def is_freebsd():
+    return (
+        platform.system().lower() == "freebsd"
+        or platform.system().lower() == "zscaleros"
+    )
+
+
 def create_system_user(username: str):
-    if not is_linux():
+    # Support both Linux and FreeBSD
+    if not (platform.system() == "Linux" or is_freebsd()):
         logger.error(
-            "Error creating system user: This script is intended to run on Linux systems."
+            "Error creating system user: This script is intended to run on Linux or FreeBSD systems."
         )
         return
 
@@ -39,24 +48,68 @@ def create_system_user(username: str):
         logger.error("Error creating system user: Username must be provided.")
         return
 
+    # Assuming system_user_exists is already updated to handle both
     if system_user_exists(username):
         logger.warning("User '%s' already exists.", username)
         return
 
     try:
-        subprocess.run(["sudo", "useradd","-m", "-s", "/bin/bash", username], check=True)
+        if is_freebsd():
+            cmd = ["sudo", "pw", "useradd", "-n", username, "-m", "-s", "/bin/sh"]
+        else:
+            # Standard Linux useradd
+            cmd = ["sudo", "useradd", "-m", "-s", "/bin/bash", username]
+
+        subprocess.run(cmd, check=True)
         logger.info("System user '%s' created successfully.", username)
+
     except subprocess.CalledProcessError as e:
         logger.error("Failed to create user '%s': %s", username, e)
 
 
-def install_systemd_service(service_name: str, content: str):
-    if not is_linux():
-        logger.error(
-            "Error installing systemd service: This script is intended to run on Linux systems."
-        )
-        return
+def install_service(service_name: str, content: str):
+    """
+    Main entry point to install services.
+    Redirects to systemd for Linux and rc.d for FreeBSD.
+    """
+    if is_linux():
+        install_systemd_service(service_name, content)
+    elif is_freebsd():
+        install_rc_service(service_name, content)
+    else:
+        logger.error("Unsupported OS for service installation.")
+
 
+def install_rc_service(service_name: str, content: str):
+    """
+    Installs a FreeBSD rc.d script.
+    Note: 'content' for FreeBSD should be a valid rc.subr shell script.
+    """
+    service_path = f"/usr/local/etc/rc.d/{service_name}"
+
+    try:
+        # 1. Write the rc script
+        logger.debug("Installing FreeBSD rc script: %s", service_path)
+        # Using sudo tee to ensure write permissions on restricted paths
+        echo_cmd = f"printf '%s' '{content}' | sudo tee {service_path}"
+        subprocess.run(echo_cmd, shell=True, check=True, stdout=subprocess.DEVNULL)
+
+        # 2. Make it executable (Crucial for FreeBSD)
+        subprocess.run(["sudo", "chmod", "+x", service_path], check=True)
+
+        # 3. Enable and Start
+        # In FreeBSD, enabling adds 'service_name_enable="YES"' to /etc/rc.conf
+        logger.debug("Enabling and starting FreeBSD service %s...", service_name)
+        subprocess.run(["sudo", "sysrc", f"{service_name}_enable=YES"], check=True)
+        subprocess.run(["sudo", "service", service_name, "start"], check=True)
+
+        logger.info("Service %s installed and started successfully.", service_name)
+
+    except Exception as e:
+        logger.error("Failed to install FreeBSD service %s: %s", service_name, e)
+
+
+def install_systemd_service(service_name: str, content: str):
     service_path = f"/etc/systemd/system/{service_name}"
 
     try:

zscams-2.0.4/zscams/deps.py

@@ -0,0 +1,86 @@
+import subprocess
+import sys
+import platform
+import os
+import importlib.util
+
+
+def is_installed(name):
+    return importlib.util.find_spec(name) is not None
+
+
+def ensure_native_deps():
+    # Only run this logic on FreeBSD
+    if (
+        platform.system().lower() != "freebsd"
+        and platform.system().lower() != "zscaleros"
+    ):
+        return
+
+    # 1. Define what we need and how FreeBSD names them
+    py_ver = f"py{sys.version_info.major}{sys.version_info.minor}"
+    deps_map = {
+        "cryptography": f"{py_ver}-cryptography",
+        "yaml": f"{py_ver}-pyyaml",
+        "psutil": f"{py_ver}-psutil",
+    }
+
+    # Identify which modules are actually missing
+    missing_mods = [mod for mod in deps_map if not is_installed(mod)]
+
+    if not missing_mods:
+        return  # Everything is already installed
+
+    print(
+        f"--> ZscalerOS/FreeBSD detected. Missing requirements: {', '.join(missing_mods)}"
+    )
+
+    # 2. Ensure the FreeBSD Mirror is configured
+    # We use a custom local file so we don't overwrite Zscaler's system configs
+    repo_conf_dir = "/usr/local/etc/pkg/repos"
+    repo_conf_file = f"{repo_conf_dir}/FreeBSD.conf"
+
+    if not os.path.exists(repo_conf_file):
+        print("--> Mirror not found. Configuring official FreeBSD repository...")
+        # Hardcoding the ABI to 13 because ZscalerOS identifies as 42-RELEASE
+        mirror_config = (
+            "FreeBSD: { "
+            'url: "pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/latest", '
+            'mirror_type: "srv", '
+            'signature_type: "fingerprints", '
+            'fingerprints: "/usr/share/keys/pkg", '
+            "enabled: yes "
+            "}"
+        )
+
+        try:
+            subprocess.run(["sudo", "mkdir", "-p", repo_conf_dir], check=True)
+            # Use printf/tee to handle the sudo write to a restricted path
+            subprocess.run(
+                f"printf '{mirror_config}' | sudo tee {repo_conf_file}",
+                shell=True,
+                check=True,
+                capture_output=True,
+            )
+            print(
+                "--> Mirror configured. Updating package database (this may take a moment)..."
+            )
+            subprocess.run(["sudo", "pkg", "update", "-f"], check=True)
+        except subprocess.CalledProcessError as e:
+            print(f"--> Failed to configure mirror. Error: {e}")
+            sys.exit(1)
+
+    # 3. Install the missing packages
+    targets = [deps_map[m] for m in missing_mods]
+    print(f"--> Attempting auto-install of: {', '.join(targets)}")
+
+    try:
+        # Install via pkg
+        subprocess.run(["sudo", "pkg", "install", "-y"] + targets, check=True)
+        print("--> Dependencies installed successfully!")
+        print("--> Please restart your command to apply changes.")
+        sys.exit(0)
+    except subprocess.CalledProcessError:
+        print("--> Error: Failed to install packages. Check your internet connection.")
+        print(f"--> Manual command: sudo pkg install {' '.join(targets)}")
+        sys.exit(1)

zscams-2.0.2/zscams/lib/getmac/__init__.py

@@ -1,3 +0,0 @@
-from .getmac import __version__, get_mac_address
-
-__all__ = ["get_mac_address"]

zscams-2.0.2/zscams/lib/getmac/__main__.py

@@ -1,123 +0,0 @@
-#!/usr/bin/env python
-# -*- coding: utf-8 -*-
-
-from __future__ import print_function
-
-import argparse
-import logging
-import sys
-
-from . import getmac
-
-
-def main():  # type: () -> None
-    parser = argparse.ArgumentParser(
-        "getmac",
-        description="Get the MAC address of system network "
-        "interfaces or remote hosts on the LAN",
-    )
-    parser.add_argument(
-        "--version", action="version", version="getmac %s" % getmac.__version__
-    )
-    parser.add_argument(
-        "-v", "--verbose", action="store_true", help="Enable output messages"
-    )
-    parser.add_argument(
-        "-d",
-        "--debug",
-        action="count",
-        help="Enable debugging output. Add characters to "
-        "increase verbosity of output, e.g. '-dd'.",
-    )
-    parser.add_argument(
-        "-N",
-        "--no-net",
-        "--no-network-requests",
-        action="store_true",
-        dest="NO_NET",
-        help="Do not use arping or send a UDP packet to refresh the ARP table",
-    )
-    parser.add_argument(
-        "--override-port",
-        type=int,
-        metavar="PORT",
-        help="Override the default UDP port used to refresh the ARP table "
-        "if network requests are enabled and arping is unavailable",
-    )
-    parser.add_argument(
-        "--override-platform",
-        type=str,
-        default=None,
-        metavar="PLATFORM",
-        help="Override the platform detection with the given value "
-        "(e.g. 'linux', 'windows', 'freebsd', etc.'). "
-        "Any values returned by platform.system() are valid.",
-    )
-    parser.add_argument(
-        "--force-method",
-        type=str,
-        default=None,
-        metavar="METHOD",
-        help="Force a specific method to be used, e.g. 'IpNeighborShow'. "
-        "This will be used regardless of it's method type or platform "
-        "compatibility, and Method.test() will NOT be checked!",
-    )
-
-    group = parser.add_mutually_exclusive_group(required=False)
-    group.add_argument(
-        "-i",
-        "--interface",
-        type=str,
-        default=None,
-        help="Name of a network interface on the system",
-    )
-    group.add_argument(
-        "-4", "--ip", type=str, default=None, help="IPv4 address of a remote host"
-    )
-    group.add_argument(
-        "-6", "--ip6", type=str, default=None, help="IPv6 address of a remote host"
-    )
-    group.add_argument(
-        "-n", "--hostname", type=str, default=None, help="Hostname of a remote host"
-    )
-
-    args = parser.parse_args()
-
-    if args.debug or args.verbose:
-        logging.basicConfig(
-            format="%(levelname)-8s %(message)s", level=logging.DEBUG, stream=sys.stderr
-        )
-
-    if args.debug:
-        getmac.DEBUG = args.debug
-
-    if args.override_port:
-        port = int(args.override_port)
-        getmac.log.debug(
-            "Using UDP port %d (overriding the default port %d)", port, getmac.PORT
-        )
-        getmac.PORT = port
-
-    if args.override_platform:
-        getmac.OVERRIDE_PLATFORM = args.override_platform.strip().lower()
-
-    if args.force_method:
-        getmac.FORCE_METHOD = args.force_method.strip().lower()
-
-    mac = getmac.get_mac_address(
-        interface=args.interface,
-        ip=args.ip,
-        ip6=args.ip6,
-        hostname=args.hostname,
-        network_request=not args.NO_NET,
-    )
-
-    if mac is not None:
-        print(mac)  # noqa: T001, T201
-        sys.exit(0)  # Exit success!
-    else:
-        sys.exit(1)  # Exit with error since it failed to find a MAC
-
-
-if __name__ == "__main__":
-    main()