def initialize_db():
os.umask(0)
if not os.path.exists('/opt/TopPatch/var/tmp'):
os.mkdir('/opt/TopPatch/var/tmp')
if not os.path.exists('/opt/TopPatch/var/log'):
os.mkdir('/opt/TopPatch/var/log')
if not os.path.exists('/opt/TopPatch/var/rethinkdb'):
os.mkdir('/opt/TopPatch/var/rethinkdb')
if not os.path.exists('/opt/TopPatch/var/scheduler'):
os.mkdir('/opt/TopPatch/var/scheduler')
if not os.path.exists('/opt/TopPatch/var/packages'):
os.mkdir('/opt/TopPatch/var/packages')
if not os.path.exists('/opt/TopPatch/logs'):
os.mkdir('/opt/TopPatch/logs')
if not os.path.exists('/opt/TopPatch/var/packages/tmp'):
os.mkdir('/opt/TopPatch/var/packages/tmp', 0773)
if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xls'):
os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/xls', 0773)
if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xml'):
os.mkdir('/opt/TopPatch/tp/src/plugins/cve/data/xml', 0773)
if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu'):
os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu', 0773)
if not os.path.exists('/usr/lib/libpcre.so.1'):
os.symlink('/opt/TopPatch/lib/libpcre.so.1', '/usr/lib')
if not os.path.exists('/etc/init.d/vFense'):
subprocess.Popen(
[
'ln', '-s',
'/opt/TopPatch/tp/src/daemon/vFense',
'/etc/init.d/vFense'
],
)
subprocess.Popen(
[
'update-rc.d', 'vFense',
'defaults'
],
)
if not os.path.exists('/etc/init.d/nginx'):
subprocess.Popen(
[
'ln', '-s',
'/opt/TopPatch/tp/src/daemon/nginx',
'/etc/init.d/nginx'
],
)
subprocess.Popen(
[
'update-rc.d', 'nginx',
'defaults'
],
)
try:
tp_exists = pwd.getpwnam('toppatch')
except Exception as e:
subprocess.Popen(
[
'adduser', 'toppatch',
],
)
os.chdir(RETHINK_PATH)
rethink_init = subprocess.Popen(['./rethinkdb', 'create',
'-d', RETHINK_INSTANCES_PATH],
stdout=subprocess.PIPE)
rethink_init.poll()
rethink_init.wait()
if rethink_init.returncode == 0:
rethink_start = subprocess.Popen(['./rethinkdb', '--config-file',
RETHINK_CONF,
'--web-static-directory',
RETHINK_WEB])
rethink_start.poll()
completed = True
sleep(2)
while not db_connect():
print 'Sleeping until rethink starts'
sleep(2)
else:
completed = False
msg = 'Failed during Rethink initialization'
return(completed, msg)
if completed:
conn = r.connect(port=9009)
r.db_create('toppatch_server').run(conn)
db = r.db('toppatch_server')
conn.close()
ci.initialize_indexes_and_create_tables()
conn = db_connect()
hierarchy_db.init()
Hierarchy.create_customer(
DefaultCustomer,
{
CoreProperty.NetThrottle: '0',
CoreProperty.CpuThrottle: 'idle',
CoreProperty.PackageUrl: url
}
)
admin_pass = args.admin_password
Hierarchy.create_user(
'admin',
'TopPatch Admin Account',
'*****@*****.**',
admin_pass,
groups=[DefaultGroup.Administrator]
)
if args.cve_data:
print "Updating CVE's..."
load_up_all_xml_into_db()
print "Done Updating CVE's..."
print "Updating Microsoft Security Bulletin Ids..."
parse_bulletin_and_updatedb()
print "Done Updating Microsoft Security Bulletin Ids..."
print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
begin_usn_home_page_processing(full_parse=True)
print "Done Updating Ubuntu Security Bulletin Ids..."
print 'Admin user and password = admin:%s' % (admin_pass)
agent_pass = generate_pass()
agent = Hierarchy.create_user(
'agent',
'TopPatch Agent Communication Account',
'*****@*****.**',
agent_pass,
groups=[DefaultGroup.Administrator]
)
print 'Agent user and password = agent:%s' % (agent_pass)
monit.monit_initialization()
conn.close()
completed = True
msg = 'Rethink Initialization and Table creation is now complete'
pid = open(RETHINK_PID_FILE, 'r').read()
if re.search(r'[0-9]+', pid):
try:
os.kill(int(pid), signal.SIGTERM)
os.remove(RETHINK_PID_FILE)
except Exception as e:
if e.errno == 3:
os.remove(RETHINK_PID_FILE)
rql_msg = 'Rethink stopped successfully\n'
else:
rql_msg = 'Rethink could not be stopped\n'
print rql_msg
return completed, msg
else:
completed = False
msg = 'Failed during Rethink startup process'
return completed, msg
if os.getuid() != 0:
print 'MUST BE ROOT IN ORDER TO RUN'
sys.exit(1)
parser = argparse.ArgumentParser(description='Initialize vFense Options')
parser.add_argument(
'--dnsname', dest='dns_name', default=None,
help='Pass the DNS Name of the patching Server'
)
parser.add_argument(
'--ipaddress', dest='ip_address', default=pick_valid_ip_address(),
help='Pass the IP Address of the patching Server'
)
parser.add_argument(
'--password', dest='admin_password', default=generate_pass(),
help='Pass the password to use for the admin User. Default is a random generated password'
)
parser.add_argument(
'--listener_count', dest='listener_count', default=10,
help='The number of vFense_listener daemons to run at once, cannot surpass 40'
)
parser.add_argument(
'--web_count', dest='web_count', default=1,
help='The number of vFense_web daemons to run at once, cannot surpass 40'
)
parser.add_argument(
'--server_cert', dest='server_cert', default='server.crt',
help='ssl certificate to use, default is to use server.crt'
)
parser.add_argument(
def initialize_db():
os.umask(0)
if not os.path.exists('/opt/TopPatch/var/tmp'):
os.mkdir('/opt/TopPatch/var/tmp')
if not os.path.exists('/opt/TopPatch/var/log'):
os.mkdir('/opt/TopPatch/var/log')
if not os.path.exists('/opt/TopPatch/var/rethinkdb'):
os.mkdir('/opt/TopPatch/var/rethinkdb')
if not os.path.exists('/opt/TopPatch/var/scheduler'):
os.mkdir('/opt/TopPatch/var/scheduler')
if not os.path.exists('/opt/TopPatch/var/packages'):
os.mkdir('/opt/TopPatch/var/packages')
if not os.path.exists('/opt/TopPatch/logs'):
os.mkdir('/opt/TopPatch/logs')
if not os.path.exists('/opt/TopPatch/var/packages/tmp'):
os.mkdir('/opt/TopPatch/var/packages/tmp', 0773)
if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xls'):
os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/xls', 0773)
if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xml'):
os.mkdir('/opt/TopPatch/tp/src/plugins/cve/data/xml', 0773)
if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu'):
os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu', 0773)
if not os.path.exists('/usr/lib/libpcre.so.1'):
os.symlink('/opt/TopPatch/lib/libpcre.so.1', '/usr/lib')
if not os.path.exists('/etc/init.d/vFense'):
subprocess.Popen([
'ln', '-s', '/opt/TopPatch/tp/src/daemon/vFense',
'/etc/init.d/vFense'
], )
subprocess.Popen(['update-rc.d', 'vFense', 'defaults'], )
if not os.path.exists('/etc/init.d/nginx'):
subprocess.Popen([
'ln', '-s', '/opt/TopPatch/tp/src/daemon/nginx',
'/etc/init.d/nginx'
], )
subprocess.Popen(['update-rc.d', 'nginx', 'defaults'], )
try:
tp_exists = pwd.getpwnam('toppatch')
except Exception as e:
subprocess.Popen([
'adduser',
'toppatch',
], )
os.chdir(RETHINK_PATH)
rethink_init = subprocess.Popen(
['./rethinkdb', 'create', '-d', RETHINK_INSTANCES_PATH],
stdout=subprocess.PIPE)
rethink_init.poll()
rethink_init.wait()
if rethink_init.returncode == 0:
rethink_start = subprocess.Popen([
'./rethinkdb', '--config-file', RETHINK_CONF,
'--web-static-directory', RETHINK_WEB
])
rethink_start.poll()
completed = True
sleep(2)
while not db_connect():
print 'Sleeping until rethink starts'
sleep(2)
else:
completed = False
msg = 'Failed during Rethink initialization'
return (completed, msg)
if completed:
conn = r.connect(port=9009)
r.db_create('toppatch_server').run(conn)
db = r.db('toppatch_server')
conn.close()
ci.initialize_indexes_and_create_tables()
conn = db_connect()
hierarchy_db.init()
Hierarchy.create_customer(
DefaultCustomer, {
CoreProperty.NetThrottle: '0',
CoreProperty.CpuThrottle: 'idle',
CoreProperty.PackageUrl: url
})
admin_pass = args.admin_password
Hierarchy.create_user('admin',
'TopPatch Admin Account',
'*****@*****.**',
admin_pass,
groups=[DefaultGroup.Administrator])
if args.cve_data:
print "Updating CVE's..."
load_up_all_xml_into_db()
print "Done Updating CVE's..."
print "Updating Microsoft Security Bulletin Ids..."
parse_bulletin_and_updatedb()
print "Done Updating Microsoft Security Bulletin Ids..."
print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
begin_usn_home_page_processing(full_parse=True)
print "Done Updating Ubuntu Security Bulletin Ids..."
print 'Admin user and password = admin:%s' % (admin_pass)
agent_pass = generate_pass()
agent = Hierarchy.create_user('agent',
'TopPatch Agent Communication Account',
'*****@*****.**',
agent_pass,
groups=[DefaultGroup.Administrator])
print 'Agent user and password = agent:%s' % (agent_pass)
monit.monit_initialization()
conn.close()
completed = True
msg = 'Rethink Initialization and Table creation is now complete'
pid = open(RETHINK_PID_FILE, 'r').read()
if re.search(r'[0-9]+', pid):
try:
os.kill(int(pid), signal.SIGTERM)
os.remove(RETHINK_PID_FILE)
except Exception as e:
if e.errno == 3:
os.remove(RETHINK_PID_FILE)
rql_msg = 'Rethink stopped successfully\n'
else:
rql_msg = 'Rethink could not be stopped\n'
print rql_msg
return completed, msg
else:
completed = False
msg = 'Failed during Rethink startup process'
return completed, msg
def create_user(user_name=None,
full_name=None,
email=None,
password=None,
groups=None,
default_customer=None,
customers=None):
"""Create a new User and save it.
All parameters are required *except* groups and customers.
Args:
name: Name of the user.
full_name: Full name of the user (ie First and last name).
email: User's email address.
password: User's plain text password.
groups: A list of dicts consisting of either an id key or name key
describing the group.
customers: Customers this user should be added to. List of customer
names.
default_customer: The default customer for this user. Will be the
first data available to the user.
Returns:
The newly created User if added successfully, None otherwise.
"""
if (not user_name):
return False, "Username/password is needed."
try:
if Hierarchy.get_user(user_name):
return False, ("Username `%s` already exist." % user_name)
# Get the Customer(s) that will be added to this user.
customers_to_add = []
if customers:
for customer_name in customers:
c = Hierarchy.get_customer(customer_name)
if c:
customers_to_add.append(c)
if default_customer:
defult_cusomter = Hierarchy.get_customer(default_customer)
add_customer = True
if default_customer:
for c in customer_to_add:
if c.customer_name == dc.customer_name:
add_customer = False
break
if add_customer:
customers_to_add.append(default_cusotmer)
else:
if customers_to_add:
default_customer = customers_to_add[0]
else:
default_customer = Hierarchy.get_customer(DefaultCustomer)
customers_to_add.append(default_customer)
#if not customers:
# customers = [default_customer]
#if added_default:
# if DefaultCustomer not in customers:
# customers.append(DefaultCustomer)
# Now a Customer type.
#default_customer = Hierarchy.get_customer(default_customer)
#if not customers_to_add:
# customers_to_add.append(default_customer)
#############################################################
# Get the Group(s) that will be added to this user.
groups_to_add = []
if groups:
groups_list = []
for group_name in groups:
g = Hierarchy.get_group(group_name,
default_customer.customer_name)
if g:
groups_list.append(g)
groups_to_add.extend(groups_list)
else:
g = Hierarchy.get_group(DefaultGroup.ReadOnly,
default_customer.customer_name)
if g:
groups_to_add.append(g)
#############################################################
user_name = user_name.strip()
full_name = full_name.strip()
if not password:
password = generate_pass()
password = Crypto.hash_bcrypt(password.encode('utf-8'))
user = User(user_name, password, full_name, email,
default_customer.customer_name,
default_customer.customer_name)
saved = Hierarchy.save_user(user)
if saved:
for group in groups_to_add:
Hierarchy.toggle_group_of_user(group=group,
user=user,
customer=default_customer)
for customer in customers_to_add:
Hierarchy.toggle_user_from_customer(user=user,
customer=customer)
return user, ''
except Exception as e:
logger.error("Unable to create user `%s`." % user_name)
logger.exception(e)
return None
print 'MUST BE ROOT IN ORDER TO RUN'
sys.exit(1)
parser = argparse.ArgumentParser(description='Initialize vFense Options')
parser.add_argument('--dnsname',
dest='dns_name',
default=None,
help='Pass the DNS Name of the patching Server')
parser.add_argument('--ipaddress',
dest='ip_address',
default=pick_valid_ip_address(),
help='Pass the IP Address of the patching Server')
parser.add_argument(
'--password',
dest='admin_password',
default=generate_pass(),
help=
'Pass the password to use for the admin User. Default is a random generated password'
)
parser.add_argument(
'--listener_count',
dest='listener_count',
default=10,
help=
'The number of vFense_listener daemons to run at once, cannot surpass 40')
parser.add_argument(
'--web_count',
dest='web_count',
default=1,
help='The number of vFense_web daemons to run at once, cannot surpass 40')
parser.add_argument(
