def post(self):
active_user = self.get_current_user()
uri = self.request.uri
method = self.request.method
try:
customer_name = (
self.arguments.get(ApiArguments.CUSTOMER_NAME)
)
pkg_url = (
self.arguments.get(ApiArguments.DOWNLOAD_URL, None)
)
net_throttle = (
self.arguments.get(ApiArguments.NET_THROTTLE, 0)
)
cpu_throttle = (
self.arguments.get(
ApiArguments.CPU_THROTTLE, CPUThrottleValues.NORMAL
)
)
server_queue_ttl = (
self.arguments.get(ApiArguments.SERVER_QUEUE_TTL, 10)
)
agent_queue_ttl = (
self.arguments.get(ApiArguments.AGENT_QUEUE_TTL, 10)
)
customer = Customer(
customer_name,
net_throttle,
cpu_throttle,
server_queue_ttl,
agent_queue_ttl,
pkg_url
)
results = create_customer(
customer, active_user,
user_name=active_user, uri=uri, method=method
)
if results[ApiResultKeys.VFENSE_STATUS_CODE] == CustomerCodes.CustomerCreated:
self.application.scheduler.add_jobstore(
RedisJobStore(db=10, key_prefix=customer_name+'.'),
customer_name
)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
except Exception as e:
results = (
GenericResults(
active_user, uri, method
).something_broke(active_user, 'User', e)
)
logger.exception(e)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
def post(self):
active_user = self.get_current_user()
uri = self.request.uri
method = self.request.method
try:
customer_name = (self.arguments.get(ApiArguments.CUSTOMER_NAME))
pkg_url = (self.arguments.get(ApiArguments.DOWNLOAD_URL, None))
net_throttle = (self.arguments.get(ApiArguments.NET_THROTTLE, 0))
cpu_throttle = (self.arguments.get(ApiArguments.CPU_THROTTLE,
CPUThrottleValues.NORMAL))
server_queue_ttl = (self.arguments.get(
ApiArguments.SERVER_QUEUE_TTL, 10))
agent_queue_ttl = (self.arguments.get(ApiArguments.AGENT_QUEUE_TTL,
10))
customer = Customer(customer_name, net_throttle, cpu_throttle,
server_queue_ttl, agent_queue_ttl, pkg_url)
results = create_customer(customer,
active_user,
user_name=active_user,
uri=uri,
method=method)
if results[ApiResultKeys.
VFENSE_STATUS_CODE] == CustomerCodes.CustomerCreated:
self.application.scheduler.add_jobstore(
RedisJobStore(db=10, key_prefix=customer_name + '.'),
customer_name)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
except Exception as e:
results = (GenericResults(active_user, uri,
method).something_broke(
active_user, 'User', e))
logger.exception(e)
self.set_status(results['http_status'])
self.set_header('Content-Type', 'application/json')
self.write(json.dumps(results, indent=4))
def add_agent(system_info, hardware, username=None, customer_name=None, uri=None, method=None):
"""Add a new agent to the database
Args:
system_info (dict): Dictionary with system related info
hardware (list): List of dictionaries that rpresent the hardware
Kwargs:
user_name (str): The name of the user who called this function.
customer_name (str): The name of the customer.
uri (str): The uri that was used to call this function.
method (str): The HTTP methos that was used to call this function.
Basic Usage:
>>> from vFense.core.agent.agents import add_agent
Returns:
Dictionary
"""
results = {ApiResultKeys.USERNAME: username, ApiResultKeys.URI: uri, ApiResultKeys.HTTP_METHOD: method}
try:
now = time()
agent_data = {}
agent_data[AgentKey.AgentStatus] = AgentStatusKeys.UP
agent_data[AgentKey.MachineType] = AgentVirtualKeys.PHYSICAL
agent_data[AgentKey.Tags] = []
agent_data[AgentKey.NeedsReboot] = CommonKeys.NO
agent_data[AgentKey.DisplayName] = None
agent_data[AgentKey.HostName] = None
agent_data[AgentKey.CustomerName] = customer_name
agent_data[AgentKey.Hardware] = hardware
if not AgentKey.ProductionLevel in system_info:
agent_data[AgentKey.ProductionLevel] = ProductionLevels.PRODUCTION
if customer_name != "default":
cexists = get_customer(customer_name)
if not cexists and len(customer_name) >= 1:
customer = Customer(customer_name)
create_customer(customer, username=username, uri=uri, method=method)
for key, value in system_info.items():
agent_data[key] = value
agent_data[AgentKey.LastAgentUpdate] = DbTime.epoch_time_to_db_time(now)
object_status, object_count, error, generated_ids = insert_agent_data(agent_data)
if object_status == DbCodes.Inserted and object_count > 0:
agent_id = generated_ids.pop()
Hardware().add(agent_id, agent_data[AgentKey.Hardware])
data = {
AgentKey.AgentId: agent_id,
AgentKey.CustomerName: agent_data[AgentKey.CustomerName],
AgentKey.ComputerName: agent_data[AgentKey.ComputerName],
AgentKey.Hardware: agent_data[AgentKey.Hardware],
AgentKey.Tags: agent_data[AgentKey.Tags],
AgentKey.OsCode: agent_data[AgentKey.OsCode],
AgentKey.OsString: agent_data[AgentKey.OsString],
}
msg = "new agent_operation succeeded"
generic_status_code = GenericCodes.ObjectCreated
vfense_status_code = AgentResultCodes.NewAgentSucceeded
results[ApiResultKeys.GENERIC_STATUS_CODE] = generic_status_code
results[ApiResultKeys.VFENSE_STATUS_CODE] = vfense_status_code
results[ApiResultKeys.MESSAGE] = msg
results[ApiResultKeys.DATA] = [data]
results[ApiResultKeys.GENERATED_IDS] = [agent_id]
elif object_status == DbCodes.Errors:
msg = "new agent operation failed" % (error)
generic_status_code = GenericFailureCodes.FailedToCreateObject
vfense_status_code = AgentFailureResultCodes.NewAgentFailed
results[ApiResultKeys.GENERIC_STATUS_CODE] = generic_status_code
results[ApiResultKeys.VFENSE_STATUS_CODE] = vfense_status_code
results[ApiResultKeys.MESSAGE] = msg
except Exception as e:
logger.exception(e)
msg = "new agent operation failed" % (e)
generic_status_code = GenericFailureCodes.FailedToCreateObject
vfense_status_code = AgentFailureResultCodes.NewAgentFailed
results[ApiResultKeys.GENERIC_STATUS_CODE] = generic_status_code
results[ApiResultKeys.VFENSE_STATUS_CODE] = vfense_status_code
results[ApiResultKeys.MESSAGE] = msg
return results
def add_agent(system_info,
hardware,
username=None,
customer_name=None,
uri=None,
method=None):
"""Add a new agent to the database
Args:
system_info (dict): Dictionary with system related info
hardware (list): List of dictionaries that rpresent the hardware
Kwargs:
user_name (str): The name of the user who called this function.
customer_name (str): The name of the customer.
uri (str): The uri that was used to call this function.
method (str): The HTTP methos that was used to call this function.
Basic Usage:
>>> from vFense.core.agent.agents import add_agent
Returns:
Dictionary
"""
results = {
ApiResultKeys.USERNAME: username,
ApiResultKeys.URI: uri,
ApiResultKeys.HTTP_METHOD: method
}
try:
now = time()
agent_data = {}
agent_data[AgentKey.AgentStatus] = AgentStatusKeys.UP
agent_data[AgentKey.MachineType] = AgentVirtualKeys.PHYSICAL
agent_data[AgentKey.Tags] = []
agent_data[AgentKey.NeedsReboot] = CommonKeys.NO
agent_data[AgentKey.DisplayName] = None
agent_data[AgentKey.HostName] = None
agent_data[AgentKey.CustomerName] = customer_name
agent_data[AgentKey.Hardware] = hardware
if not AgentKey.ProductionLevel in system_info:
agent_data[AgentKey.ProductionLevel] = ProductionLevels.PRODUCTION
if customer_name != 'default':
cexists = get_customer(customer_name)
if not cexists and len(customer_name) >= 1:
customer = Customer(customer_name)
create_customer(customer,
username=username,
uri=uri,
method=method)
for key, value in system_info.items():
agent_data[key] = value
agent_data[AgentKey.LastAgentUpdate] = (
DbTime.epoch_time_to_db_time(now))
object_status, object_count, error, generated_ids = (
insert_agent_data(agent_data))
if object_status == DbCodes.Inserted and object_count > 0:
agent_id = generated_ids.pop()
Hardware().add(agent_id, agent_data[AgentKey.Hardware])
data = {
AgentKey.AgentId: agent_id,
AgentKey.CustomerName: agent_data[AgentKey.CustomerName],
AgentKey.ComputerName: agent_data[AgentKey.ComputerName],
AgentKey.Hardware: agent_data[AgentKey.Hardware],
AgentKey.Tags: agent_data[AgentKey.Tags],
AgentKey.OsCode: agent_data[AgentKey.OsCode],
AgentKey.OsString: agent_data[AgentKey.OsString],
}
msg = 'new agent_operation succeeded'
generic_status_code = GenericCodes.ObjectCreated
vfense_status_code = AgentResultCodes.NewAgentSucceeded
results[ApiResultKeys.GENERIC_STATUS_CODE] = generic_status_code
results[ApiResultKeys.VFENSE_STATUS_CODE] = vfense_status_code
results[ApiResultKeys.MESSAGE] = msg
results[ApiResultKeys.DATA] = [data]
results[ApiResultKeys.GENERATED_IDS] = [agent_id]
elif object_status == DbCodes.Errors:
msg = 'new agent operation failed' % (error)
generic_status_code = GenericFailureCodes.FailedToCreateObject
vfense_status_code = AgentFailureResultCodes.NewAgentFailed
results[ApiResultKeys.GENERIC_STATUS_CODE] = generic_status_code
results[ApiResultKeys.VFENSE_STATUS_CODE] = vfense_status_code
results[ApiResultKeys.MESSAGE] = msg
except Exception as e:
logger.exception(e)
msg = 'new agent operation failed' % (e)
generic_status_code = GenericFailureCodes.FailedToCreateObject
vfense_status_code = AgentFailureResultCodes.NewAgentFailed
results[ApiResultKeys.GENERIC_STATUS_CODE] = generic_status_code
results[ApiResultKeys.VFENSE_STATUS_CODE] = vfense_status_code
results[ApiResultKeys.MESSAGE] = msg
return results
def initialize_db():
os.umask(0)
if not os.path.exists(VFENSE_TMP_PATH):
os.mkdir(VFENSE_TMP_PATH, 0755)
if not os.path.exists(RETHINK_CONF):
subprocess.Popen(['ln', '-s', RETHINK_SOURCE_CONF, RETHINK_CONF], )
if not os.path.exists('/var/lib/rethinkdb/vFense'):
os.makedirs('/var/lib/rethinkdb/vFense')
subprocess.Popen([
'chown', '-R', 'rethinkdb.rethinkdb', '/var/lib/rethinkdb/vFense'
], )
if not os.path.exists(VFENSE_LOG_PATH):
os.mkdir(VFENSE_LOG_PATH, 0755)
if not os.path.exists(VFENSE_SCHEDULER_PATH):
os.mkdir(VFENSE_SCHEDULER_PATH, 0755)
if not os.path.exists(VFENSE_APP_PATH):
os.mkdir(VFENSE_APP_PATH, 0755)
if not os.path.exists(VFENSE_APP_TMP_PATH):
os.mkdir(VFENSE_APP_TMP_PATH, 0775)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, 'windows/data/xls')):
os.makedirs(os.path.join(VFENSE_VULN_PATH, 'windows/data/xls'), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, 'cve/data/xml')):
os.makedirs(os.path.join(VFENSE_VULN_PATH, 'cve/data/xml'), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, 'ubuntu/data/html')):
os.makedirs(os.path.join(VFENSE_VULN_PATH, 'ubuntu/data/html'), 0755)
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen(['update-rc.d', 'vFense', 'defaults'], )
if not os.path.exists('/etc/init.d/vFense'):
subprocess.Popen([
'ln', '-s',
os.path.join(VFENSE_BASE_SRC_PATH, 'daemon/vFense'),
VFENSE_INIT_D
], )
if get_distro() in REDHAT_DISTROS:
if os.path.exists('/usr/bin/rqworker'):
subprocess.Popen(
['ln', '-s', '/usr/bin/rqworker', '/usr/local/bin/rqworker'], )
if os.path.exists(get_sheduler_location()):
subprocess.Popen([
'patch', '-N',
get_sheduler_location(),
os.path.join(VFENSE_CONF_PATH, 'patches/scheduler.patch')
], )
try:
tp_exists = pwd.getpwnam('vfense')
except Exception as e:
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen([
'adduser',
'--disabled-password',
'--gecos',
'',
'vfense',
], )
elif get_distro() in REDHAT_DISTROS:
subprocess.Popen([
'useradd',
'vfense',
], )
rethink_start = subprocess.Popen(['service', 'rethinkdb', 'start'])
while not db_connect():
print 'Sleeping until rethink starts'
sleep(2)
completed = True
if completed:
conn = db_connect()
r.db_create('vFense').run(conn)
db = r.db('vFense')
conn.close()
ci.initialize_indexes_and_create_tables()
conn = db_connect()
default_customer = Customer(DefaultCustomers.DEFAULT,
server_queue_ttl=args.queue_ttl,
package_download_url=url)
customers.create_customer(default_customer, init=True)
group_data = group.create_group(DefaultGroups.ADMIN,
DefaultCustomers.DEFAULT,
[Permissions.ADMINISTRATOR])
admin_group_id = group_data['generated_ids']
user.create_user(
DefaultUsers.ADMIN,
'vFense Admin Account',
args.admin_password,
admin_group_id,
DefaultCustomers.DEFAULT,
'',
)
print 'Admin username = admin'
print 'Admin password = %s' % (args.admin_password)
agent_pass = generate_pass()
while not check_password(agent_pass)[0]:
agent_pass = generate_pass()
user.create_user(
DefaultUsers.AGENT,
'vFense Agent Communication Account',
agent_pass,
admin_group_id,
DefaultCustomers.DEFAULT,
'',
)
print 'Agent api user = agent_api'
print 'Agent password = %s' % (agent_pass)
monit.monit_initialization()
if args.cve_data:
print "Updating CVE's..."
load_up_all_xml_into_db()
print "Done Updating CVE's..."
print "Updating Microsoft Security Bulletin Ids..."
parse_bulletin_and_updatedb()
print "Done Updating Microsoft Security Bulletin Ids..."
print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
begin_usn_home_page_processing(full_parse=True)
print "Done Updating Ubuntu Security Bulletin Ids..."
conn.close()
completed = True
msg = 'Rethink Initialization and Table creation is now complete'
#rethink_stop = subprocess.Popen(['service', 'rethinkdb','stop'])
rql_msg = 'Rethink stopped successfully\n'
return completed, msg
else:
completed = False
msg = 'Failed during Rethink startup process'
return completed, msg
def initialize_db():
os.umask(0)
if not os.path.exists(VFENSE_TMP_PATH):
os.mkdir(VFENSE_TMP_PATH, 0755)
if not os.path.exists(RETHINK_CONF):
subprocess.Popen(["ln", "-s", RETHINK_SOURCE_CONF, RETHINK_CONF])
if not os.path.exists("/var/lib/rethinkdb/vFense"):
os.makedirs("/var/lib/rethinkdb/vFense")
subprocess.Popen(["chown", "-R", "rethinkdb.rethinkdb", "/var/lib/rethinkdb/vFense"])
if not os.path.exists(VFENSE_LOG_PATH):
os.mkdir(VFENSE_LOG_PATH, 0755)
if not os.path.exists(VFENSE_SCHEDULER_PATH):
os.mkdir(VFENSE_SCHEDULER_PATH, 0755)
if not os.path.exists(VFENSE_APP_PATH):
os.mkdir(VFENSE_APP_PATH, 0755)
if not os.path.exists(VFENSE_APP_TMP_PATH):
os.mkdir(VFENSE_APP_TMP_PATH, 0775)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, "windows/data/xls")):
os.makedirs(os.path.join(VFENSE_VULN_PATH, "windows/data/xls"), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, "cve/data/xml")):
os.makedirs(os.path.join(VFENSE_VULN_PATH, "cve/data/xml"), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, "ubuntu/data/html")):
os.makedirs(os.path.join(VFENSE_VULN_PATH, "ubuntu/data/html"), 0755)
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen(["update-rc.d", "vFense", "defaults"])
if not os.path.exists("/etc/init.d/vFense"):
subprocess.Popen(["ln", "-s", os.path.join(VFENSE_BASE_SRC_PATH, "daemon/vFense"), VFENSE_INIT_D])
if get_distro() in REDHAT_DISTROS:
if os.path.exists("/usr/bin/rqworker"):
subprocess.Popen(["ln", "-s", "/usr/bin/rqworker", "/usr/local/bin/rqworker"])
if os.path.exists(get_sheduler_location()):
subprocess.Popen(
["patch", "-N", get_sheduler_location(), os.path.join(VFENSE_CONF_PATH, "patches/scheduler.patch")]
)
try:
tp_exists = pwd.getpwnam("vfense")
except Exception as e:
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen(["adduser", "--disabled-password", "--gecos", "", "vfense"])
elif get_distro() in REDHAT_DISTROS:
subprocess.Popen(["useradd", "vfense"])
rethink_start = subprocess.Popen(["service", "rethinkdb", "start"])
while not db_connect():
print "Sleeping until rethink starts"
sleep(2)
completed = True
if completed:
conn = db_connect()
r.db_create("vFense").run(conn)
db = r.db("vFense")
conn.close()
ci.initialize_indexes_and_create_tables()
conn = db_connect()
default_customer = Customer(DefaultCustomers.DEFAULT, server_queue_ttl=args.queue_ttl, package_download_url=url)
customers.create_customer(default_customer, init=True)
group_data = group.create_group(DefaultGroups.ADMIN, DefaultCustomers.DEFAULT, [Permissions.ADMINISTRATOR])
admin_group_id = group_data["generated_ids"]
user.create_user(
DefaultUsers.ADMIN,
"vFense Admin Account",
args.admin_password,
admin_group_id,
DefaultCustomers.DEFAULT,
"",
)
print "Admin username = admin"
print "Admin password = %s" % (args.admin_password)
agent_pass = generate_pass()
while not check_password(agent_pass)[0]:
agent_pass = generate_pass()
user.create_user(
DefaultUsers.AGENT,
"vFense Agent Communication Account",
agent_pass,
admin_group_id,
DefaultCustomers.DEFAULT,
"",
)
print "Agent api user = agent_api"
print "Agent password = %s" % (agent_pass)
monit.monit_initialization()
if args.cve_data:
print "Updating CVE's..."
load_up_all_xml_into_db()
print "Done Updating CVE's..."
print "Updating Microsoft Security Bulletin Ids..."
parse_bulletin_and_updatedb()
print "Done Updating Microsoft Security Bulletin Ids..."
print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
begin_usn_home_page_processing(full_parse=True)
print "Done Updating Ubuntu Security Bulletin Ids..."
conn.close()
completed = True
msg = "Rethink Initialization and Table creation is now complete"
# rethink_stop = subprocess.Popen(['service', 'rethinkdb','stop'])
rql_msg = "Rethink stopped successfully\n"
return completed, msg
else:
completed = False
msg = "Failed during Rethink startup process"
return completed, msg
