config_lib.DEFINE_string( name="ClientBuilder.output_extension", default=None, help="The file extension for the client (OS dependent).") config_lib.DEFINE_string( name="ClientBuilder.package_dir", default=None, help="OSX package name.") config_lib.DEFINE_string( "ClientBuilder.private_config_validator_class", default=None, help="Set this to a class name that sanity checks your client " "config at repacking time.") config_lib.DEFINE_bool("Client.fleetspeak_enabled", False, "Whether the client uses Fleetspeak to communicate " "with the server.") config_lib.DEFINE_bool("ClientBuilder.fleetspeak_enabled", False, "Whether the client will use Fleetspeak to communicate " "with the server.") config_lib.DEFINE_string( "ClientBuilder.client_path", default="grr_response_client.client", help="Full module path for GRR client's main file.") config_lib.DEFINE_string( "ClientBuilder.fleetspeak_service_dir", "/etc/fleetspeak/services", "Directory where Fleetspeak expects service configs to be. Only applies " "if ClientBuilder.fleetspeak_enabled is true.")
help="Pyinstaller working directory.") config_lib.DEFINE_string( name="Client.prefix", default="", help="A prefix for the client name, usually dbg_ for debug builds.") config_lib.DEFINE_string(name="ClientBuilder.output_basename", default=("%(Client.prefix)%(Client.name)_" "%(Source.version_string)_%(Client.arch)"), help="The base name of the output package.") # Windows client specific options. config_lib.DEFINE_bool( "ClientBuilder.console", default=False, help="Should the application be built as a console program. " "This aids debugging in windows.") config_lib.DEFINE_option( PathTypeInfo(name="ClientBuilder.nanny_source_dir", must_exist=True, default="%(grr.client|module_path)/nanny/", help="Path to the windows nanny VS solution file.")) config_lib.DEFINE_option( PathTypeInfo( name="ClientBuilder.nanny_prebuilt_binaries", must_exist=False, default="%(ClientBuilder.executables_dir)/%(Client.platform)/", help="Path to the pre-build GRRNanny executables (This will be used "
"Number of threads in the shared thread pool.") config_lib.DEFINE_integer("Worker.flow_lease_time", 600, "Duration of a flow lease time in seconds.") config_lib.DEFINE_integer("Worker.well_known_flow_lease_time", 600, "Duration of a well known flow lease time in " "seconds.") config_lib.DEFINE_integer("Worker.compaction_lease_time", 3600, "Duration of collections lease time for compaction " "in seconds.") config_lib.DEFINE_bool("Worker.enable_packed_versioned_collection_journaling", False, "If True, all Add*() operations and all " "compactions of PackedVersionedCollections will be " "journaled so that these collections can be later " "checked for integrity.") config_lib.DEFINE_integer("Worker.queue_shards", 5, "Queue notifications will be sharded across " "this number of datastore subjects.") config_lib.DEFINE_integer("Worker.notification_expiry_time", 600, "The queue manager expires stale notifications " "after this many seconds.") config_lib.DEFINE_integer("Worker.notification_retry_interval", 30, "The queue manager retries to work on requests it " "could not complete after this many seconds.")
config_lib.DEFINE_integer("Worker.flow_lease_time", 7200, "Duration of a flow lease time in seconds.") config_lib.DEFINE_integer( "Worker.well_known_flow_lease_time", 600, "Duration of a well known flow lease time in " "seconds.") config_lib.DEFINE_integer( "Worker.compaction_lease_time", 3600, "Duration of collections lease time for compaction " "in seconds.") config_lib.DEFINE_bool( "Worker.enable_packed_versioned_collection_journaling", False, "If True, all Add*() operations and all " "compactions of PackedVersionedCollections will be " "journaled so that these collections can be later " "checked for integrity.") config_lib.DEFINE_integer( "Worker.queue_shards", 5, "Queue notifications will be sharded across " "this number of datastore subjects.") config_lib.DEFINE_integer( "Worker.notification_expiry_time", 600, "The queue manager expires stale notifications " "after this many seconds.") config_lib.DEFINE_integer( "Worker.notification_retry_interval", 30, "The queue manager retries to work on requests it "
config_lib.DEFINE_string("AdminUI.document_root", "%(grr/gui/static|resource)", "The main path to the static HTML pages.") config_lib.DEFINE_string("AdminUI.local_document_root", "%(grr/gui/local/static|resource)", "The main path to the localized static HTML pages.") config_lib.DEFINE_string("AdminUI.help_root", "%(docs|resource)", "The main path to the locally cached documentation.") config_lib.DEFINE_string( "AdminUI.webauth_manager", "NullWebAuthManager", "The web auth manager for controlling access to the UI.") config_lib.DEFINE_bool("AdminUI.django_debug", True, "Turn on to add django debugging") config_lib.DEFINE_string( "AdminUI.django_secret_key", "CHANGE_ME", "This is a secret key that should be set in the server " "config. It is used in XSRF and session protection.") config_lib.DEFINE_list( "AdminUI.django_allowed_hosts", ["*"], "Set the django ALLOWED_HOSTS parameter. " "See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts") config_lib.DEFINE_bool("AdminUI.enable_ssl", False, "Turn on SSL. This needs AdminUI.ssl_cert to be set.") config_lib.DEFINE_string("AdminUI.ssl_cert_file", "",
from grr.lib import rdfvalue config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024, "Maximum blob size we may store in the datastore.") config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore", "Storage subsystem to use.") config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobstore", "Blob storage subsystem to use.") config_lib.DEFINE_string("Database.implementation", "", "Relational database system to use.") config_lib.DEFINE_bool( "Database.useForReads", False, "Use relational database for reading as well as for writing.") DATASTORE_PATHING = [ r"%{(?P<path>files/hash/generic/sha256/...).*}", r"%{(?P<path>files/hash/generic/sha1/...).*}", r"%{(?P<path>files/hash/generic/md5/...).*}", r"%{(?P<path>files/hash/pecoff/md5/...).*}", r"%{(?P<path>files/hash/pecoff/sha1/...).*}", r"%{(?P<path>files/nsrl/...).*}", r"%{(?P<path>W/[^/]+).*}", r"%{(?P<path>CA/[^/]+).*}", r"%{(?P<path>C\..\{1,16\}?)($|/.*)}", r"%{(?P<path>hunts/[^/]+).*}", r"%{(?P<path>blobs/[^/]+).*}", r"%{(?P<path>[^/]+).*}" ] config_lib.DEFINE_list("Datastore.pathing", DATASTORE_PATHING,
"Allow these well known flows to run directly on the " "frontend. Other flows are scheduled as normal.") config_lib.DEFINE_list( "Frontend.DEBUG_well_known_flows_blacklist", [], "Drop these well known flows requests without " "processing. Useful as an emergency tool to reduce " "the load on the system.") # Smtp settings. config_lib.DEFINE_string("Worker.smtp_server", "localhost", "The smtp server for sending email alerts.") config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.") config_lib.DEFINE_bool("Worker.smtp_starttls", False, "Enable TLS for the smtp connection.") config_lib.DEFINE_string("Worker.smtp_user", None, "Username for the smtp connection.") config_lib.DEFINE_string("Worker.smtp_password", None, "Password for the smtp connection.") # Server Cryptographic settings. config_lib.DEFINE_semantic_value( rdf_crypto.RSAPrivateKey, "PrivateKeys.ca_key", description="CA private key. Used to sign for client enrollment.", ) config_lib.DEFINE_semantic_value(
"""Configuration parameters for logging and error reporting subsystems.""" from grr.lib import config_lib from grr.lib import rdfvalue from grr.lib import type_info config_lib.DEFINE_string("Logging.domain", "localhost", "The email domain belonging to this installation. " "Leave blank to not restrict email to this domain") config_lib.DEFINE_list("Logging.engines", ["stderr"], "Enabled logging engines. Valid values are " "combinations of stderr,file,syslog,event_log.") config_lib.DEFINE_bool("Logging.verbose", False, help="If true log more verbosely.") config_lib.DEFINE_string("Logging.path", "%(TEMP|env)/tmp/", help="Path to log file directory.") config_lib.DEFINE_string("Logging.syslog_path", "localhost:514", help="Path to syslog socket. This can be a unix " "domain socket or in a UDP host:port notation.") config_lib.DEFINE_string("Logging.filename", "%(Logging.path)/GRRlog.txt", help="Filename of the grr log file.") config_lib.DEFINE_string( "Logging.format", # Use a literal block here to prevent config system expansion as this should # be a python format string.
config_lib.DEFINE_string("AdminUI.document_root", "%(grr/gui/static|resource)", "The main path to the static HTML pages.") config_lib.DEFINE_string("AdminUI.local_document_root", "%(grr/gui/local/static|resource)", "The main path to the localized static HTML pages.") config_lib.DEFINE_string("AdminUI.help_root", "%(docs|resource)", "The main path to the locally cached documentation.") config_lib.DEFINE_string( "AdminUI.webauth_manager", "NullWebAuthManager", "The web auth manager for controlling access to the UI.") config_lib.DEFINE_bool("AdminUI.django_debug", True, "Turn on to add django debugging") config_lib.DEFINE_string( "AdminUI.django_secret_key", "CHANGE_ME", "This is a secret key that should be set in the server " "config. It is used in XSRF and session protection.") config_lib.DEFINE_list( "AdminUI.django_allowed_hosts", ["*"], "Set the django ALLOWED_HOSTS parameter. " "See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts") config_lib.DEFINE_bool("AdminUI.enable_ssl", False, "Turn on SSL. This needs AdminUI.ssl_cert to be set.") config_lib.DEFINE_string("AdminUI.ssl_cert_file", "",
config_lib.DEFINE_integer("Worker.flow_lease_time", 7200, "Duration of a flow lease time in seconds.") config_lib.DEFINE_integer( "Worker.well_known_flow_lease_time", 600, "Duration of a well known flow lease time in " "seconds.") config_lib.DEFINE_integer( "Worker.compaction_lease_time", 3600, "Duration of collections lease time for compaction " "in seconds.") config_lib.DEFINE_bool( "Worker.enable_packed_versioned_collection_journaling", False, "If True, all Add*() operations and all " "compactions of PackedVersionedCollections will be " "journaled so that these collections can be later " "checked for integrity.") config_lib.DEFINE_integer( "Worker.queue_shards", 5, "Queue notifications will be sharded across " "this number of datastore subjects.") config_lib.DEFINE_integer( "Worker.notification_expiry_time", 600, "The queue manager expires stale notifications " "after this many seconds.") config_lib.DEFINE_integer( "Worker.notification_retry_interval", 30, "The queue manager retries to work on requests it "
"Number of threads in the shared thread pool.") config_lib.DEFINE_integer("Worker.flow_lease_time", 7200, "Duration of a flow lease time in seconds.") config_lib.DEFINE_integer("Worker.well_known_flow_lease_time", 600, "Duration of a well known flow lease time in " "seconds.") config_lib.DEFINE_integer("Worker.compaction_lease_time", 3600, "Duration of collections lease time for compaction " "in seconds.") config_lib.DEFINE_bool("Worker.enable_packed_versioned_collection_journaling", False, "If True, all Add*() operations and all " "compactions of PackedVersionedCollections will be " "journaled so that these collections can be later " "checked for integrity.") config_lib.DEFINE_integer("Worker.queue_shards", 5, "Queue notifications will be sharded across " "this number of datastore subjects.") config_lib.DEFINE_integer("Worker.notification_expiry_time", 600, "The queue manager expires stale notifications " "after this many seconds.") config_lib.DEFINE_integer("Worker.notification_retry_interval", 30, "The queue manager retries to work on requests it " "could not complete after this many seconds.")
"Time interval over which average request rate is " "calculated when throttling is enabled.") config_lib.DEFINE_list( "Frontend.well_known_flows", ["aff4:/flows/W:TransferStore", "aff4:/flows/W:Stats"], "Allow these well known flows to run directly on the " "frontend. Other flows are scheduled as normal.") # Smtp settings. config_lib.DEFINE_string("Worker.smtp_server", "localhost", "The smtp server for sending email alerts.") config_lib.DEFINE_integer("Worker.smtp_port", 25, "The smtp server port.") config_lib.DEFINE_bool("Worker.smtp_starttls", False, "Enable TLS for the smtp connection.") config_lib.DEFINE_string("Worker.smtp_user", None, "Username for the smtp connection.") config_lib.DEFINE_string("Worker.smtp_password", None, "Password for the smtp connection.") # Server Cryptographic settings. config_lib.DEFINE_semantic( rdfvalue.PEMPrivateKey, "PrivateKeys.ca_key", description="CA private key. Used to sign for client enrollment.", ) config_lib.DEFINE_semantic(rdfvalue.PEMPrivateKey,
type_info.RDFValueType( rdfclass=rdfvalue.RDFURN, name="Executables.aff4_path", description="The aff4 path to signed executables.", default="%(Config.aff4_root)/executables/%(Client.platform)")) config_lib.DEFINE_string( name="Executables.installer", default=("%(Executables.aff4_path)/installers/" "%(ClientRepacker.output_basename)" "%(ClientBuilder.output_extension)"), help="The location of the generated installer in the config directory.") config_lib.DEFINE_bool( "Client.build_service", True, help="Used to disable service installation in the client installer. If " "False, GRR will not run automatically after installation and on boot.") config_lib.DEFINE_string( name="ClientBuilder.output_extension", default=None, help="The file extension for the client (OS dependent).") config_lib.DEFINE_string( name="ClientBuilder.package_dir", default=None, help="OSX package name.") config_lib.DEFINE_string( "ClientBuilder.private_config_validator_class", default=None, help="Set this to a class name that sanity checks your client "
from grr.lib import rdfvalue config_lib.DEFINE_integer("Datastore.maximum_blob_size", 512 * 1024, "Maximum blob size we may store in the datastore.") config_lib.DEFINE_string("Datastore.implementation", "FakeDataStore", "Storage subsystem to use.") config_lib.DEFINE_string("Blobstore.implementation", "MemoryStreamBlobstore", "Blob storage subsystem to use.") config_lib.DEFINE_string("Database.implementation", "", "Relational database system to use.") config_lib.DEFINE_bool( "Database.useForReads", False, "Use relational database for reading as well as for writing.") config_lib.DEFINE_bool( "Database.useForReads.message_handlers", False, "Enable message handlers using the relational database.") config_lib.DEFINE_bool("Database.useForReads.foreman", False, "Enable the foreman using the relational database.") DATASTORE_PATHING = [ r"%{(?P<path>files/hash/generic/sha256/...).*}", r"%{(?P<path>files/hash/generic/sha1/...).*}", r"%{(?P<path>files/hash/generic/md5/...).*}", r"%{(?P<path>files/hash/pecoff/md5/...).*}", r"%{(?P<path>files/hash/pecoff/sha1/...).*}",
default="grr", help="Name of the database to use.") config_lib.DEFINE_string("Mysql.table_name", default="aff4", help="Name of the table to use.") config_lib.DEFINE_string("Mysql.database_username", default="root", help="The user to connect to the database.") config_lib.DEFINE_string("Mysql.database_password", default="", help="The password to connect to the database.") config_lib.DEFINE_bool("Cron.active", False, "Set to true to run a cron thread on this binary.") config_lib.DEFINE_integer("ACL.approvers_required", 2, "The number of approvers required for access.") config_lib.DEFINE_string("AdminUI.url", "http://localhost:8000/", "The direct external URL for the user interface.") config_lib.DEFINE_string("Frontend.bind_address", "::", "The ip address to bind.") config_lib.DEFINE_integer("Frontend.bind_port", 8080, "The port to bind.") config_lib.DEFINE_integer("Frontend.processes", 1, "Number of processes to use for the HTTP server")