#!/usr/bin/env python
"""Configuration parameters for the admin UI."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
from grr_response_core.lib.rdfvalues import config as rdf_config
# The Admin UI web application.
config_lib.DEFINE_integer("AdminUI.port", 8000, "port to listen on")
config_lib.DEFINE_integer(
"AdminUI.port_max", None, "If set and AdminUI.port is in use, attempt to "
"use ports between AdminUI.port and "
"AdminUI.port_max.")
# Override this if you want to access admin ui extenally. Make sure it is
# secured (i.e. AdminUI.webauth_manager is not NullWebAuthManager)!
config_lib.DEFINE_string("AdminUI.bind", "127.0.0.1", "interface to bind to.")
config_lib.DEFINE_string(
"AdminUI.document_root",
"%(grr_response_server/gui/static@grr-response-server|resource)",
"The main path to the static HTML pages.")
config_lib.DEFINE_string(
"AdminUI.template_root",
"%(grr_response_server/gui/templates@grr-response-server|resource)",
"The main path to the templates.")
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_string("BigQuery.service_acct_json", None,
"The json contents of the service account file.")
config_lib.DEFINE_string("BigQuery.project_id", None,
"The BigQuery project_id.")
config_lib.DEFINE_string("BigQuery.dataset_id", "grr",
"The BigQuery project_id.")
config_lib.DEFINE_integer(
"BigQuery.max_file_post_size", 5 * 1000 * 1000,
"Max size of file to put in each POST "
"to bigquery. Note enforcement is not exact.")
config_lib.DEFINE_integer("BigQuery.retry_max_attempts", 2,
"Total number of times to retry an upload.")
config_lib.DEFINE_integer(
"BigQuery.max_upload_failures", 100,
"Total number of times to try uploading to BigQuery"
" for a given hunt or flow.")
config_lib.DEFINE_semantic_value(rdfvalue.Duration, "BigQuery.retry_interval",
"2s", "Time to wait before first retry.")
config_lib.DEFINE_integer(
"BigQuery.retry_multiplier", 2,
config_lib.DEFINE_string("Client.arch", "amd64",
"The architecture we are running on.")
config_lib.DEFINE_string("Client.build_time", "Unknown",
"The time the client was built.")
config_lib.DEFINE_string("Client.deploy_time", "Unknown",
"The time the client was deployed.")
config_lib.DEFINE_string(
"Client.build_environment", None,
"The output of Uname.FromCurrentSystem.signature() "
"on the system the client was built on.")
config_lib.DEFINE_integer("Client.rsa_key_length", 2048,
"The key length of the client keys in bits.")
config_lib.DEFINE_string(
name="Client.install_path",
default=r"%(SystemRoot|env)\\System32\\%(name)\\%(Template.version_string)",
help="Where the client binaries are installed.")
config_lib.DEFINE_string(
name="Client.rekall_profile_cache_path",
default=r"%(Client.install_path)\\rekall_profiles",
help="Where GRR stores cached Rekall profiles needed for memory analysis")
config_lib.DEFINE_list(
name="Client.server_urls", default=[], help="Base URL for client control.")
config_lib.DEFINE_list(
#!/usr/bin/env python
"""Configuration parameters for the check subsystem."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
config_lib.DEFINE_list("Checks.config_dir", [
"%(grr_response_server/checks@grr-response-server|resource)",
], "A list of directories to load checks from.")
config_lib.DEFINE_list("Checks.config_files", [],
"Paths of check configurations to load at start up.")
config_lib.DEFINE_integer("Checks.max_results", 50,
"Maximum items to include as check results.")
config_lib.DEFINE_constant_string(
"Test.srcdir", "%(grr_response_core|module_path)/../../../",
"The directory containing the source code.")
config_lib.DEFINE_constant_string(
"Test.data_dir",
default="%(grr_response_test/test_data@grr-response-test|resource)",
help="The directory where test data exist.")
config_lib.DEFINE_constant_string(
"Test.additional_test_config",
default="%(Test.data_dir)/localtest.yaml",
help="The path to a test config with local customizations.")
config_lib.DEFINE_string("Test.tmpdir",
"/tmp/",
help="Somewhere to write temporary files.")
config_lib.DEFINE_string("Test.data_store", "FakeDataStore",
"The data store to run the tests against.")
config_lib.DEFINE_integer("Test.remote_pdb_port", 2525,
"Remote debugger port.")
config_lib.DEFINE_string("PrivateKeys.ca_key_raw_data", "",
"For testing purposes.")
config_lib.DEFINE_integer(
"SharedFakeDataStore.port", 0,
"Port used to connect to SharedFakeDataStore server.")
default=("%(ClientBuilder.executables_dir)"
"/installers/%(ClientRepacker.output_filename)"),
description="The full path to the generated installer file."))
# These values are determined from the template at repack time.
config_lib.DEFINE_choice(name="Template.build_type",
default="Release",
choices=["Release", "Debug"],
help="Type of build (Debug, Release)")
config_lib.DEFINE_list(
name="Template.build_context",
default=[],
help="List of build contexts that should be reapplied at repack.")
config_lib.DEFINE_integer("Template.version_major", None,
"Major version number of client template.")
config_lib.DEFINE_integer("Template.version_minor", None,
"Minor version number of client template.")
config_lib.DEFINE_integer("Template.version_revision", None,
"Revision number of client template.")
config_lib.DEFINE_integer("Template.version_release", None,
"Release number of client template.")
config_lib.DEFINE_string(
"Template.version_string", "%(version_major).%(version_minor)."
"%(version_revision).%(version_release)",
"Version string of the client template.")
False,
help="If true log more verbosely.")
config_lib.DEFINE_string("Logging.path",
"%(Config.prefix)/var/log/",
help="Path to log file directory.")
config_lib.DEFINE_string("Logging.syslog_path",
"/dev/log",
help="Path to syslog socket. This can be a unix "
"domain socket or in a UDP host:port notation.")
config_lib.DEFINE_string("Logging.filename",
"%(Logging.path)/GRRlog.txt",
help="Filename of the grr log file.")
config_lib.DEFINE_option(
type_info.RDFValueType(rdfclass=rdf_standard.DomainEmailAddress,
name="Monitoring.alert_email",
help="The email address to send events to.",
default="grr-monitoring@localhost"))
config_lib.DEFINE_option(
type_info.RDFValueType(rdfclass=rdf_standard.DomainEmailAddress,
name="Monitoring.emergency_access_email",
help="The email address to notify in an emergency.",
default="grr-emergency@localhost"))
config_lib.DEFINE_integer("Monitoring.http_port", 0,
"Port for stats monitoring server.")
from grr_response_core.lib import config_lib
# Default for running in the current directory
config_lib.DEFINE_constant_string(
"Test.srcdir", "%(grr_response_core|module_path)/../../../",
"The directory containing the source code.")
config_lib.DEFINE_constant_string(
"Test.data_dir",
default="%(grr_response_test/test_data@grr-response-test|resource)",
help="The directory where test data exist.")
config_lib.DEFINE_constant_string(
"Test.additional_test_config",
default="%(Test.data_dir)/localtest.yaml",
help="The path to a test config with local customizations.")
config_lib.DEFINE_string("Test.tmpdir",
"/tmp/",
help="Somewhere to write temporary files.")
config_lib.DEFINE_string("Test.data_store", "FakeDataStore",
"The data store to run the tests against.")
config_lib.DEFINE_integer("Test.remote_pdb_port", 2525,
"Remote debugger port.")
config_lib.DEFINE_string("PrivateKeys.ca_key_raw_data", "",
"For testing purposes.")
#!/usr/bin/env python
"""Configuration parameters for the data stores."""
from grr_response_core.lib import config_lib
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "", "Deprecated")
config_lib.DEFINE_string("Blobstore.implementation", "DbBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
# Deprecated. There is no choice anymore, relational db is always enabled.
config_lib.DEFINE_bool(
"Database.enabled", True,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool("Database.aff4_enabled", False, "Deprecated.")
config_lib.DEFINE_string("Datastore.location",
default="%(Config.prefix)/var/grr-datastore",
help=("Location of the data store (usually a "
"filesystem directory)"))
# SQLite data store.
# NOTE: The SQLite datastore was obsoleted, so these options do not get
# used. We can remove them once users have migrated to MySQL.
#!/usr/bin/env python
"""API config options."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer(
"API.DailyFlowRequestLimit", "10",
"Number of flows a user can run on a single client "
"per day before being blocked by throttling. Set to "
"0 to disable checking.")
config_lib.DEFINE_semantic_value(
rdfvalue.DurationSeconds,
"API.FlowDuplicateInterval",
default="1200s",
help="Amount of time "
"that needs to pass before the throttler will allow "
"an identical flow to run on the same client. Set "
"to 0s to disable checking.")
config_lib.DEFINE_string(
"API.RouterACLConfigFile", "", "The file containing API acls, see "
"grr/config/api_acls.yaml for an example.")
config_lib.DEFINE_string(
"API.DefaultRouter", "DisabledApiCallRouter",
config_lib.DEFINE_constant_string(
"Test.data_dir",
default="%(grr_response_test/test_data@grr-response-test|resource)",
help="The directory where test data exist.")
config_lib.DEFINE_constant_string(
"Test.additional_test_config",
default="%(Test.data_dir)/localtest.yaml",
help="The path to a test config with local customizations.")
config_lib.DEFINE_string("Test.tmpdir",
"/tmp/",
help="Somewhere to write temporary files.")
config_lib.DEFINE_string("Test.data_store", "FakeDataStore",
"The data store to run the tests against.")
config_lib.DEFINE_integer("Test.remote_pdb_port", 2525,
"Remote debugger port.")
config_lib.DEFINE_string("PrivateKeys.ca_key_raw_data", "",
"For testing purposes.")
config_lib.DEFINE_integer("SharedMemoryDB.port", 0,
"Port used to connect to SharedMemoryDB server.")
config_lib.DEFINE_string(
"Mysql.schema_dump_path", "%(grr_response_server/databases/mysql.ddl@"
"grr-response-server|resource)",
"Location of the dumped MySQL schema path.")
help="Path to syslog socket. This can be a unix "
"domain socket or in a UDP host:port notation.")
config_lib.DEFINE_string(
"Logging.filename",
"%(Logging.path)/GRRlog.txt",
help="Filename of the grr log file.")
config_lib.DEFINE_option(
type_info.RDFValueType(
rdfclass=rdf_standard.DomainEmailAddress,
name="Monitoring.alert_email",
description="The email address to send events to.",
default=None))
config_lib.DEFINE_option(
type_info.RDFValueType(
rdfclass=rdf_standard.DomainEmailAddress,
name="Monitoring.emergency_access_email",
description="The email address to notify in an emergency.",
default="grr-emergency@localhost"))
config_lib.DEFINE_integer("Monitoring.http_port", 0,
"Port for stats monitoring server.")
config_lib.DEFINE_integer(
"Monitoring.http_port_max", None,
"If set and Monitoring.http_port is in use, attempt "
"to use ports between Monitoring.http_port and "
"Monitoring.http_port_max.")
#!/usr/bin/env python
"""Settings for ACLs/approvals system."""
from grr_response_core.lib import config_lib
config_lib.DEFINE_string(
"ACL.approvers_config_file", "%(Config.directory)/approvers.yaml",
"File that defines who can approve access to "
"clients with certain labels.")
config_lib.DEFINE_integer("ACL.approvers_required", 2,
"The number of approvers required for access.")
config_lib.DEFINE_string(
"ACL.group_access_manager_class", "NoGroupAccess",
"This class handles interfacing with corporate group"
"directories for granting access. Override with a "
"class that understands your LDAP/AD/whatever setup.")
config_lib.DEFINE_integer(
"ACL.token_expiry", 7 * 24 * 60 * 60,
"The duration in seconds of a valid approval token. "
"Default of one week.")
#!/usr/bin/env python
"""Configuration parameters for the data stores."""
from __future__ import absolute_import
from __future__ import unicode_literals
from grr_response_core.lib import config_lib
from grr_response_core.lib import rdfvalue
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore",
"Storage subsystem to use.")
config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
config_lib.DEFINE_bool(
"Database.useForReads", False,
"Use relational database for reading as well as for writing.")
config_lib.DEFINE_bool(
"Database.useForReads.message_handlers", False,
"Enable message handlers using the relational database.")
config_lib.DEFINE_bool("Database.useForReads.cronjobs", False,
"Enable storing cronjobs in the relational database.")
config_lib.DEFINE_string("Client.arch", "amd64",
"The architecture we are running on.")
config_lib.DEFINE_string("Client.build_time", "Unknown",
"The time the client was built.")
config_lib.DEFINE_string("Client.deploy_time", "Unknown",
"The time the client was deployed.")
config_lib.DEFINE_string(
"Client.build_environment", None,
"The output of Uname.FromCurrentSystem.signature() "
"on the system the client was built on.")
config_lib.DEFINE_integer("Client.rsa_key_length", 2048,
"The key length of the client keys in bits.")
config_lib.DEFINE_string(
name="Client.install_path",
default=r"%(SystemRoot|env)\\System32\\%(name)\\%(Template.version_string)",
help="Where the client binaries are installed.")
config_lib.DEFINE_list(name="Client.server_urls",
default=[],
help="Base URL for client control.")
config_lib.DEFINE_list(
"Client.control_urls", [],
"DEPRECATED List of URLs of the controlling server. "
"Use server_urls instead.")
#!/usr/bin/env python
"""Configuration parameters for the server side subsystems."""
from __future__ import absolute_import
from __future__ import division
from __future__ import unicode_literals
from grr_response_core import version
from grr_response_core.lib import config_lib
from grr_response_core.lib import rdfvalue
from grr_response_core.lib.rdfvalues import crypto as rdf_crypto
VERSION = version.Version()
config_lib.DEFINE_integer("Source.version_major", VERSION["major"],
"Major version number of client binary.")
config_lib.DEFINE_integer("Source.version_minor", VERSION["minor"],
"Minor version number of client binary.")
config_lib.DEFINE_integer("Source.version_revision", VERSION["revision"],
"Revision number of client binary.")
config_lib.DEFINE_integer("Source.version_release", VERSION["release"],
"Release number of client binary.")
config_lib.DEFINE_string(
"Source.version_string", "%(version_major).%(version_minor)."
"%(version_revision).%(version_release)", "Version string of the client.")
config_lib.DEFINE_integer(
#!/usr/bin/env python
"""Configuration parameters for the data stores."""
from grr_response_core.lib import config_lib
config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024,
"Maximum blob size we may store in the datastore.")
config_lib.DEFINE_string("Blobstore.implementation", "DbBlobStore",
"Blob storage subsystem to use.")
config_lib.DEFINE_string("Database.implementation", "",
"Relational database system to use.")
# MySQL configuration.
config_lib.DEFINE_string("Mysql.host", "localhost",
"The MySQL server hostname.")
config_lib.DEFINE_integer("Mysql.port", 0, "The MySQL server port.")
config_lib.DEFINE_string("Mysql.username",
default="root",
help="The user to connect to the database.")
config_lib.DEFINE_string("Mysql.password",
default="",
help="The password to connect to the database.")
config_lib.DEFINE_string("Mysql.database",
default="grr_db",
help="Name of the database to use.")
