def run_stage_remediation_ansible(run_type, test_env, formatting, verbose_path): """ Returns False on error, or True in case of successful Ansible playbook run.""" formatting['output_template'] = _ANSIBLE_TEMPLATE send_arf_to_remote_machine_and_generate_remediations_there( run_type, test_env, formatting, verbose_path) if not get_file_remote(test_env, verbose_path, LogHelper.LOG_DIR, '/' + formatting['output_file']): return False command = ( 'ansible-playbook', '-v', '-i', '{0},'.format(formatting['domain_ip']), '-u' 'root', '--ssh-common-args={0}'.format(' '.join(test_env.ssh_additional_options)), formatting['playbook']) command_string = ' '.join(command) returncode, output = common.run_cmd_local(command, verbose_path) # Appends output of ansible-playbook to the verbose_path file. with open(verbose_path, 'ab') as f: f.write('Stdout of "{}":'.format(command_string).encode("utf-8")) f.write(output.encode("utf-8")) if returncode != 0: msg = ( 'Ansible playbook remediation run has ' 'exited with return code {} instead of expected 0' .format(returncode)) LogHelper.preload_log(logging.ERROR, msg, 'fail') return False return True
def online_scan(self, args, verbose_path): command_list = self._oscap_ssh_base_arguments() + args env = dict(SSH_ADDITIONAL_OPTIONS=" ".join(common.IGNORE_KNOWN_HOSTS_OPTIONS)) env.update(os.environ) return common.run_cmd_local(command_list, verbose_path, env=env)
def online_scan(self, args, verbose_path): command_list = self._oscap_ssh_base_arguments() + args env = dict(SSH_ADDITIONAL_OPTIONS=" ".join(common.IGNORE_KNOWN_HOSTS_OPTIONS)) env.update(os.environ) return common.run_cmd_local(command_list, verbose_path, env=env)
def get_result_id_from_arf(arf_path, verbose_path): command = ['oscap', 'info', arf_path] command_string = ' '.join(command) returncode, output = common.run_cmd_local(command, verbose_path) if returncode != 0: raise RuntimeError('{0} returned {1} exit code'.format( command_string, returncode)) res_id = find_result_id_in_output(output) if res_id is None: raise RuntimeError('Failed to find result ID in {0}'.format(arf_path)) return res_id
def get_file_remote(verbose_path, local_dir, domain_ip, remote_path): """Download a file from VM.""" # remote_path is an absolute path of a file on remote machine success = True source = 'root@{0}:{1}'.format(domain_ip, remote_path) logging.debug('Downloading file {0} to {1}'.format(source, local_dir)) command = ['scp'] + list(common.SSH_ADDITIONAL_OPTS) + [source, local_dir] if common.run_cmd_local(command, verbose_path)[0] != 0: logging.error('Failed to download file {0}'.format(remote_path)) success = False return success
def send_files_remote(verbose_path, remote_dir, domain_ip, *files): """Upload files to VM.""" # files is a list of absolute paths on the host success = True destination = 'root@{0}:{1}'.format(domain_ip, remote_dir) files_string = ' '.join(files) logging.debug('Uploading files {0} to {1}'.format(files_string, destination)) command = ['scp'] + list(common.SSH_ADDITIONAL_OPTS) + list(files) + [destination] if common.run_cmd_local(command, verbose_path)[0] != 0: logging.error('Failed to upload files {0}'.format(files_string)) success = False return success
def make_oscap_call(self): self.prepare_online_scanning_arguments() self._generate_report_file() env = dict( SSH_ADDITIONAL_OPTIONS=" ".join(common.IGNORE_KNOWN_HOSTS_OPTIONS)) env.update(os.environ) returncode = common.run_cmd_local(self.get_command, self.verbose_path, env=env)[0] if returncode not in [0, 2]: logging.error(('Profile run should end with return code 0 or 2 ' 'not "{0}" as it did!').format(returncode)) return False return True
def offline_scan(self, args, verbose_path): command_list = self._local_oscap_check_base_arguments() + args return common.run_cmd_local(command_list, verbose_path)
def online_scan(self, args, verbose_path): os.environ["SSH_ADDITIONAL_OPTIONS"] = " ".join( common.SSH_ADDITIONAL_OPTS) command_list = self._oscap_ssh_base_arguments() + args return common.run_cmd_local(command_list, verbose_path)
def offline_scan(self, args, verbose_path): command_list = self._local_oscap_check_base_arguments() + args return common.run_cmd_local(command_list, verbose_path)
def online_scan(self, args, verbose_path): os.environ["SSH_ADDITIONAL_OPTIONS"] = " ".join(common.SSH_ADDITIONAL_OPTS) command_list = self._oscap_ssh_base_arguments() + args return common.run_cmd_local(command_list, verbose_path)