def create_user(
user_name=None,
full_name=None,
email=None,
password=None,
groups=None,
default_customer=None,
customers=None
):
"""Create a new User and save it.
All parameters are required *except* groups and customers.
Args:
name: Name of the user.
full_name: Full name of the user (ie First and last name).
email: User's email address.
password: User's plain text password.
groups: A list of dicts consisting of either an id key or name key
describing the group.
customers: Customers this user should be added to. List of customer
names.
default_customer: The default customer for this user. Will be the
first data available to the user.
Returns:
The newly created User if added successfully, None otherwise.
"""
if (
not user_name
):
return False, "Username/password is needed."
try:
if Hierarchy.get_user(user_name):
return False, (
"Username `%s` already exist." % user_name
)
# Get the Customer(s) that will be added to this user.
customers_to_add = []
if customers:
for customer_name in customers:
c = Hierarchy.get_customer(customer_name)
if c:
customers_to_add.append(c)
if default_customer:
defult_cusomter = Hierarchy.get_customer(default_customer)
add_customer = True
if default_customer:
for c in customer_to_add:
if c.customer_name == dc.customer_name:
add_customer = False
break
if add_customer:
customers_to_add.append(default_cusotmer)
else:
if customers_to_add:
default_customer = customers_to_add[0]
else:
default_customer = Hierarchy.get_customer(DefaultCustomer)
customers_to_add.append(default_customer)
#if not customers:
# customers = [default_customer]
#if added_default:
# if DefaultCustomer not in customers:
# customers.append(DefaultCustomer)
# Now a Customer type.
#default_customer = Hierarchy.get_customer(default_customer)
#if not customers_to_add:
# customers_to_add.append(default_customer)
#############################################################
# Get the Group(s) that will be added to this user.
groups_to_add = []
if groups:
groups_list = []
for group_name in groups:
g = Hierarchy.get_group(
group_name,
default_customer.customer_name
)
if g:
groups_list.append(g)
groups_to_add.extend(groups_list)
else:
g = Hierarchy.get_group(
DefaultGroup.ReadOnly,
default_customer.customer_name
)
if g:
groups_to_add.append(g)
#############################################################
user_name = user_name.strip()
full_name = full_name.strip()
if not password:
password = generate_pass()
password = Crypto.hash_bcrypt(password.encode('utf-8'))
user = User(
user_name,
password,
full_name,
email,
default_customer.customer_name,
default_customer.customer_name
)
saved = Hierarchy.save_user(user)
if saved:
for group in groups_to_add:
Hierarchy.toggle_group_of_user(
group=group,
user=user,
customer=default_customer
)
for customer in customers_to_add:
Hierarchy.toggle_user_from_customer(
user=user,
customer=customer
)
return user, ''
except Exception as e:
logger.error("Unable to create user `%s`." % user_name)
logger.exception(e)
return None
def initialize_db():
os.umask(0)
if not os.path.exists(VFENSE_TMP_PATH):
os.mkdir(VFENSE_TMP_PATH, 0755)
if not os.path.exists(RETHINK_CONF):
subprocess.Popen(['ln', '-s', RETHINK_SOURCE_CONF, RETHINK_CONF], )
if not os.path.exists('/var/lib/rethinkdb/vFense'):
os.makedirs('/var/lib/rethinkdb/vFense')
subprocess.Popen([
'chown', '-R', 'rethinkdb.rethinkdb', '/var/lib/rethinkdb/vFense'
], )
if not os.path.exists(VFENSE_LOG_PATH):
os.mkdir(VFENSE_LOG_PATH, 0755)
if not os.path.exists(VFENSE_SCHEDULER_PATH):
os.mkdir(VFENSE_SCHEDULER_PATH, 0755)
if not os.path.exists(VFENSE_APP_PATH):
os.mkdir(VFENSE_APP_PATH, 0755)
if not os.path.exists(VFENSE_APP_TMP_PATH):
os.mkdir(VFENSE_APP_TMP_PATH, 0775)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, 'windows/data/xls')):
os.makedirs(os.path.join(VFENSE_VULN_PATH, 'windows/data/xls'), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, 'cve/data/xml')):
os.makedirs(os.path.join(VFENSE_VULN_PATH, 'cve/data/xml'), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, 'ubuntu/data/html')):
os.makedirs(os.path.join(VFENSE_VULN_PATH, 'ubuntu/data/html'), 0755)
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen(['update-rc.d', 'vFense', 'defaults'], )
if not os.path.exists('/etc/init.d/vFense'):
subprocess.Popen([
'ln', '-s',
os.path.join(VFENSE_BASE_SRC_PATH, 'daemon/vFense'),
VFENSE_INIT_D
], )
if get_distro() in REDHAT_DISTROS:
if os.path.exists('/usr/bin/rqworker'):
subprocess.Popen(
['ln', '-s', '/usr/bin/rqworker', '/usr/local/bin/rqworker'], )
if os.path.exists(get_sheduler_location()):
subprocess.Popen([
'patch', '-N',
get_sheduler_location(),
os.path.join(VFENSE_CONF_PATH, 'patches/scheduler.patch')
], )
try:
tp_exists = pwd.getpwnam('vfense')
except Exception as e:
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen([
'adduser',
'--disabled-password',
'--gecos',
'',
'vfense',
], )
elif get_distro() in REDHAT_DISTROS:
subprocess.Popen([
'useradd',
'vfense',
], )
rethink_start = subprocess.Popen(['service', 'rethinkdb', 'start'])
while not db_connect():
print 'Sleeping until rethink starts'
sleep(2)
completed = True
if completed:
conn = db_connect()
r.db_create('vFense').run(conn)
db = r.db('vFense')
conn.close()
ci.initialize_indexes_and_create_tables()
conn = db_connect()
default_customer = Customer(DefaultCustomers.DEFAULT,
server_queue_ttl=args.queue_ttl,
package_download_url=url)
customers.create_customer(default_customer, init=True)
group_data = group.create_group(DefaultGroups.ADMIN,
DefaultCustomers.DEFAULT,
[Permissions.ADMINISTRATOR])
admin_group_id = group_data['generated_ids']
user.create_user(
DefaultUsers.ADMIN,
'vFense Admin Account',
args.admin_password,
admin_group_id,
DefaultCustomers.DEFAULT,
'',
)
print 'Admin username = admin'
print 'Admin password = %s' % (args.admin_password)
agent_pass = generate_pass()
while not check_password(agent_pass)[0]:
agent_pass = generate_pass()
user.create_user(
DefaultUsers.AGENT,
'vFense Agent Communication Account',
agent_pass,
admin_group_id,
DefaultCustomers.DEFAULT,
'',
)
print 'Agent api user = agent_api'
print 'Agent password = %s' % (agent_pass)
monit.monit_initialization()
if args.cve_data:
print "Updating CVE's..."
load_up_all_xml_into_db()
print "Done Updating CVE's..."
print "Updating Microsoft Security Bulletin Ids..."
parse_bulletin_and_updatedb()
print "Done Updating Microsoft Security Bulletin Ids..."
print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
begin_usn_home_page_processing(full_parse=True)
print "Done Updating Ubuntu Security Bulletin Ids..."
conn.close()
completed = True
msg = 'Rethink Initialization and Table creation is now complete'
#rethink_stop = subprocess.Popen(['service', 'rethinkdb','stop'])
rql_msg = 'Rethink stopped successfully\n'
return completed, msg
else:
completed = False
msg = 'Failed during Rethink startup process'
return completed, msg
def initialize_db():
os.umask(0)
if not os.path.exists(VFENSE_TMP_PATH):
os.mkdir(VFENSE_TMP_PATH, 0755)
if not os.path.exists(RETHINK_CONF):
subprocess.Popen(["ln", "-s", RETHINK_SOURCE_CONF, RETHINK_CONF])
if not os.path.exists("/var/lib/rethinkdb/vFense"):
os.makedirs("/var/lib/rethinkdb/vFense")
subprocess.Popen(["chown", "-R", "rethinkdb.rethinkdb", "/var/lib/rethinkdb/vFense"])
if not os.path.exists(VFENSE_LOG_PATH):
os.mkdir(VFENSE_LOG_PATH, 0755)
if not os.path.exists(VFENSE_SCHEDULER_PATH):
os.mkdir(VFENSE_SCHEDULER_PATH, 0755)
if not os.path.exists(VFENSE_APP_PATH):
os.mkdir(VFENSE_APP_PATH, 0755)
if not os.path.exists(VFENSE_APP_TMP_PATH):
os.mkdir(VFENSE_APP_TMP_PATH, 0775)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, "windows/data/xls")):
os.makedirs(os.path.join(VFENSE_VULN_PATH, "windows/data/xls"), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, "cve/data/xml")):
os.makedirs(os.path.join(VFENSE_VULN_PATH, "cve/data/xml"), 0755)
if not os.path.exists(os.path.join(VFENSE_VULN_PATH, "ubuntu/data/html")):
os.makedirs(os.path.join(VFENSE_VULN_PATH, "ubuntu/data/html"), 0755)
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen(["update-rc.d", "vFense", "defaults"])
if not os.path.exists("/etc/init.d/vFense"):
subprocess.Popen(["ln", "-s", os.path.join(VFENSE_BASE_SRC_PATH, "daemon/vFense"), VFENSE_INIT_D])
if get_distro() in REDHAT_DISTROS:
if os.path.exists("/usr/bin/rqworker"):
subprocess.Popen(["ln", "-s", "/usr/bin/rqworker", "/usr/local/bin/rqworker"])
if os.path.exists(get_sheduler_location()):
subprocess.Popen(
["patch", "-N", get_sheduler_location(), os.path.join(VFENSE_CONF_PATH, "patches/scheduler.patch")]
)
try:
tp_exists = pwd.getpwnam("vfense")
except Exception as e:
if get_distro() in DEBIAN_DISTROS:
subprocess.Popen(["adduser", "--disabled-password", "--gecos", "", "vfense"])
elif get_distro() in REDHAT_DISTROS:
subprocess.Popen(["useradd", "vfense"])
rethink_start = subprocess.Popen(["service", "rethinkdb", "start"])
while not db_connect():
print "Sleeping until rethink starts"
sleep(2)
completed = True
if completed:
conn = db_connect()
r.db_create("vFense").run(conn)
db = r.db("vFense")
conn.close()
ci.initialize_indexes_and_create_tables()
conn = db_connect()
default_customer = Customer(DefaultCustomers.DEFAULT, server_queue_ttl=args.queue_ttl, package_download_url=url)
customers.create_customer(default_customer, init=True)
group_data = group.create_group(DefaultGroups.ADMIN, DefaultCustomers.DEFAULT, [Permissions.ADMINISTRATOR])
admin_group_id = group_data["generated_ids"]
user.create_user(
DefaultUsers.ADMIN,
"vFense Admin Account",
args.admin_password,
admin_group_id,
DefaultCustomers.DEFAULT,
"",
)
print "Admin username = admin"
print "Admin password = %s" % (args.admin_password)
agent_pass = generate_pass()
while not check_password(agent_pass)[0]:
agent_pass = generate_pass()
user.create_user(
DefaultUsers.AGENT,
"vFense Agent Communication Account",
agent_pass,
admin_group_id,
DefaultCustomers.DEFAULT,
"",
)
print "Agent api user = agent_api"
print "Agent password = %s" % (agent_pass)
monit.monit_initialization()
if args.cve_data:
print "Updating CVE's..."
load_up_all_xml_into_db()
print "Done Updating CVE's..."
print "Updating Microsoft Security Bulletin Ids..."
parse_bulletin_and_updatedb()
print "Done Updating Microsoft Security Bulletin Ids..."
print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
begin_usn_home_page_processing(full_parse=True)
print "Done Updating Ubuntu Security Bulletin Ids..."
conn.close()
completed = True
msg = "Rethink Initialization and Table creation is now complete"
# rethink_stop = subprocess.Popen(['service', 'rethinkdb','stop'])
rql_msg = "Rethink stopped successfully\n"
return completed, msg
else:
completed = False
msg = "Failed during Rethink startup process"
return completed, msg
print 'MUST BE ROOT IN ORDER TO RUN'
sys.exit(1)
parser = argparse.ArgumentParser(description='Initialize vFense Options')
parser.add_argument('--dnsname',
dest='dns_name',
default=None,
help='Pass the DNS Name of the patching Server')
parser.add_argument('--ipaddress',
dest='ip_address',
default=pick_valid_ip_address(),
help='Pass the IP Address of the patching Server')
parser.add_argument(
'--password',
dest='admin_password',
default=generate_pass(),
help=
'Pass the password to use for the admin User. Default is a random generated password'
)
parser.add_argument(
'--listener_count',
dest='listener_count',
default=10,
help=
'The number of vFense_listener daemons to run at once, cannot surpass 40')
parser.add_argument(
'--queue_ttl',
dest='queue_ttl',
default=10,
help=
'How many minutes until an operation for an agent is considered expired in the server queue'
logger = logging.getLogger("rvapi")
if os.getuid() != 0:
print "MUST BE ROOT IN ORDER TO RUN"
sys.exit(1)
parser = argparse.ArgumentParser(description="Initialize vFense Options")
parser.add_argument("--dnsname", dest="dns_name", default=None, help="Pass the DNS Name of the patching Server")
parser.add_argument(
"--ipaddress", dest="ip_address", default=pick_valid_ip_address(), help="Pass the IP Address of the patching Server"
)
parser.add_argument(
"--password",
dest="admin_password",
default=generate_pass(),
help="Pass the password to use for the admin User. Default is a random generated password",
)
parser.add_argument(
"--listener_count",
dest="listener_count",
default=10,
help="The number of vFense_listener daemons to run at once, cannot surpass 40",
)
parser.add_argument(
"--queue_ttl",
dest="queue_ttl",
default=10,
help="How many minutes until an operation for an agent is considered expired in the server queue",
)
parser.add_argument(