def __init__(self): usage = _("usage: %prog profile edit [options]") shortdesc = _("edits a given profile") desc = _("edit a given profile") CliCommand.__init__(self, "profile edit", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("NAME of the profile - REQUIRED")) self.parser.add_option("--hosts", dest="hosts", action="callback", callback=multi_arg, metavar="RANGE", default=[], help=_("IP range to scan. See " "'man rho' for supported formats.")) self.parser.add_option("--sshport", dest="sshport", metavar="SSHPORT", help=_("SSHPORT for connection; default=22")) # can only replace auth self.parser.add_option("--auth", dest="auth", metavar="AUTH", action="callback", callback=multi_arg, default=[], help=_("auth" " class" " to associate" " with profile")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def _validate_options(self): CliCommand._validate_options(self) if not self.options.report_path: print(_("No report location specified.")) self.parser.print_help() sys.exit(1) normalized_path = os.path.normpath(self.options.report_path) if not os.path.isfile(normalized_path): print(_('Report location is invalid.')) sys.exit(1) # perform fact validation input_facts = self.options.facts if input_facts == [] or input_facts == ['default']: self.facts_to_hash = facts.SENSITIVE_FACTS elif os.path.isfile(input_facts[0]): self.facts_to_hash = set(_read_in_file(input_facts[0])) else: assert isinstance(input_facts, list) self.facts_to_hash = set(input_facts) # check facts_to_hash is subset of facts.ALL_FACTS if not self.facts_to_hash.issubset(facts.ALL_FACTS): invalid_facts = self.facts_to_hash.difference(facts.ALL_FACTS) print( _("Invalid facts were supplied to the command: " + ",".join(invalid_facts))) self.parser.print_help() sys.exit(1)
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name: self.parser.print_help() sys.exit(1) if not (self.options.filename or self.options.username or self.options.password or self.options.sudo_password): print(_("Should specify an option to update: " "--username, --password, --sshkeyfile " "or --sudo-password")) sys.exit(1) if self.options.filename and self.options.password: print(_('You must provide either "--password" or a value for ' '"--sshkeyfile". You cannot supply both.')) self.parser.print_help() sys.exit(1) if self.options.filename: keyfile_path = os.path.abspath(os.path.normpath( os.path.expanduser(os.path.expandvars(self.options.filename)))) if os.path.isfile(keyfile_path) is False: print(_('You must provide a valid file path for' ' "--sshkeyfile", "%s" could not be found.' % keyfile_path)) self.parser.print_help() sys.exit(1) else: self.options.filename = keyfile_path
def __init__(self): usage = _("usage: %prog auth edit [options]") shortdesc = _("edits a given auth") desc = _("edit a given auth") CliCommand.__init__(self, "auth edit", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("NAME of the auth - REQUIRED")) self.parser.add_option("--username", dest="username", metavar="USERNAME", help=_("user name for authenticating " "against target machine" " - REQUIRED")) self.parser.add_option("--password", dest="password", action="store_true", help=_("password for authenticating" " against target machine")) self.parser.add_option("--sudo-password", dest="sudo_password", action="store_true", help=_("password for running sudo")) self.parser.add_option("--sshkeyfile", dest="filename", metavar="FILENAME", help=_("file containing SSH key")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting")) self.parser.set_defaults(password=False) self.parser.set_defaults(sudo_password=False)
def __init__(self): usage = _('usage: %prog fact hash') shortdesc = _('hash facts within a report created by rho') desc = _('hash sensitive facts within a report created by rho.') CliCommand.__init__(self, 'fact hash', usage, shortdesc, desc) self.parser.add_option("--reportfile", dest="report_path", metavar="REPORTFILE", help=_("Report file path - REQUIRED")) self.parser.add_option("--facts", dest="facts", metavar="FACTS", action="callback", callback=multi_arg, default=[], help=SUPPRESS_HELP) self.parser.add_option("--outputfile", dest="hashed_path", metavar="HASHEDPATH", help=_("Location for the hashed file"), default=None) self.facts_to_hash = None
def _validate_options(self): CliCommand._validate_options(self) if not self.options.hosts: self.parser.print_help() sys.exit(1) if not self.options.auth: self.parser.print_help() sys.exit(1) if not self.options.name: self.parser.print_help() sys.exit(1) if hasattr(self.options, 'sshport') \ and self.options.sshport is not None: ssh_port = self.options.sshport try: ssh_port = utilities.validate_port(ssh_port) self.options.sshport = ssh_port except ValueError as port_error: print(str(port_error)) self.parser.print_help() sys.exit(1) else: self.options.sshport = 22
def _validate_options(self): CliCommand._validate_options(self) if not self.options.report_path: print(_("No report location specified.")) self.parser.print_help() sys.exit(1) normalized_path = os.path.normpath(self.options.report_path) if not os.path.isfile(normalized_path): print(_('Report location is invalid.')) sys.exit(1) # perform fact validation facts = self.options.facts if facts == [] or facts == ['default']: self.facts_to_hash = list(utilities.SENSITIVE_FACTS_TUPLE) elif os.path.isfile(facts[0]): self.facts_to_hash = _read_in_file(facts[0]) else: assert isinstance(facts, list) self.facts_to_hash = facts # check facts_to_hash is subset of utilities.DEFAULT_FACTS all_facts = utilities.DEFAULT_FACTS facts_to_hash_set = set(self.facts_to_hash) if not facts_to_hash_set.issubset(all_facts): invalid_facts = facts_to_hash_set.difference(all_facts) print( _("Invalid facts were supplied to the command: " + ",".join(invalid_facts))) self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog auth add [options]") shortdesc = _("add auth credentials to config") desc = _("adds the authorization credentials to the config") CliCommand.__init__(self, "auth add", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("auth credential name - REQUIRED")) self.parser.add_option("--sshkeyfile", dest="filename", metavar="FILENAME", help=_("file containing SSH key")) self.parser.add_option("--username", dest="username", metavar="USERNAME", help=_("user name for authenticating" " against target machine - REQUIRED")) self.parser.add_option("--password", dest="password", action="store_true", help=_("password for authenticating against" " target machine")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def _validate_options(self): CliCommand._validate_options(self) if not self.options.profile: print(_("No profile specified.")) self.parser.print_help() sys.exit(1) if not self.options.facts: print(_("No facts specified.")) self.parser.print_help() sys.exit(1) if not self.options.report_path: print(_("No report location specified.")) self.parser.print_help() sys.exit(1) if self.options.ansible_forks: try: if int(self.options.ansible_forks) <= 0: print(_("ansible_forks can only be a positive integer.")) self.parser.print_help() sys.exit(1) except ValueError: print(_("ansible_forks can only be a positive integer.")) self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog scan [options] PROFILE") shortdesc = _("scan given host profile") desc = _("scans the host profile") CliCommand.__init__(self, "scan", usage, shortdesc, desc) self.parser.add_option("--cache", dest="cache", action="store_true", metavar="RESET", default=False, help=_("Use if profiles/auths previously " "discovered should be reused")) self.parser.add_option("--profile", dest="profile", metavar="PROFILE", help=_("NAME of the profile - REQUIRED")) self.parser.add_option("--reportfile", dest="report_path", metavar="REPORTFILE", help=_("Report file path - REQUIRED")) self.parser.add_option("--facts", dest="facts", metavar="FACTS", action="callback", callback=multi_arg, default=[], help=_("'default', list or file")) self.parser.add_option("--scan-dirs", dest="scan_dirs", metavar="SCANDIRS", action="callback", callback=multi_arg, default=[], help=_("list of remote directories to scan")) self.parser.add_option("--ansible-forks", dest="ansible_forks", metavar="FORKS", help=_("number of ansible forks")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting")) self.parser.add_option("--logfile", dest="logfile", metavar="LOGFILE", help=_("file to log scan output to")) self.facts_to_collect = None
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name and not self.options.all: self.parser.print_help() sys.exit(1) if self.options.name and self.options.all: self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog auth list [options]") shortdesc = _("list auth credentials") desc = _("list authentication credentials") CliCommand.__init__(self, "auth list", usage, shortdesc, desc) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def test_verbosity(self): """Test that -vv sets verbosity and log level correctly.""" command = CliCommand() sys.argv = ['/bin/rho', '-vv'] # CliCommand.main() will set up the command's environment but # not actually do anything. command.main() self.assertEqual(command.verbosity, 3)
def __init__(self): usage = _("usage: %prog profile list [options]") shortdesc = _("list the network profiles") desc = _("list the network profiles") CliCommand.__init__(self, "profile list", usage, shortdesc, desc) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def __init__(self): usage = _('usage: %prog fact list') shortdesc = _('list facts that rho can detect') desc = _('list facts that rho can detect. Filter fact names with ' '--filter <regex>') CliCommand.__init__(self, 'fact list', usage, shortdesc, desc) self.parser.add_option('--filter', dest='filter', metavar='filter', help=_('regexp to filter facts - optional'))
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name: self.parser.print_help() sys.exit(1) if not self.options.hosts and not self.options.auth \ and not self.options.sshport: print(_("Specify either hosts, sshport, or auths to update.")) self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog auth show [options]") shortdesc = _("show auth credential") desc = _("show authentication credential") CliCommand.__init__(self, "auth show", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("auth credential name - REQUIRED")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name: self.parser.print_help() sys.exit(1) # need to pass in file or username: if not self.options.filename \ and not (self.options.username and self.options.password): self.parser.print_help() sys.exit(1)
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name: self.parser.print_help() sys.exit(1) if not (self.options.filename or self.options.username or self.options.password): print( _("Should specify an option to update:" " --username, --password or --sshkeyfile")) sys.exit(1)
def _validate_options(self): CliCommand._validate_options(self) if not self.options.hosts: self.parser.print_help() sys.exit(1) if not self.options.auth: self.parser.print_help() sys.exit(1) if not self.options.name: self.parser.print_help() sys.exit(1)
def _validate_options(self): CliCommand._validate_options(self) if not self.options.profile: print(_("No profile specified.")) self.parser.print_help() sys.exit(1) if not self.options.report_path: print(_("No report location specified.")) self.parser.print_help() sys.exit(1) if self.options.ansible_forks: try: if int(self.options.ansible_forks) <= 0: print(_("--ansible-forks can only be a positive integer.")) self.parser.print_help() sys.exit(1) except ValueError: print(_("--ansible-forks can only be a positive integer.")) self.parser.print_help() sys.exit(1) # perform fact validation input_facts = self.options.facts assert isinstance(input_facts, list) if input_facts and os.path.isfile(input_facts[0]): input_facts = _read_in_file(input_facts[0]) self.facts_to_collect = facts.expand_facts(input_facts) if self.options.scan_dirs == []: self.options.scan_dirs = ['/', '/opt', '/app', '/home', '/usr'] elif os.path.isfile(self.options.scan_dirs[0]): self.options.scan_dirs = \ _read_in_file(self.options.scan_dirs[0]) else: assert isinstance(self.options.scan_dirs, list) # check that all values in scan_dirs are valid abs paths invalid_paths = utilities.check_path_validity(self.options.scan_dirs) if invalid_paths != []: print( _("Invalid paths were supplied to the --scan-dirs option: " + ",".join(invalid_paths))) self.parser.print_help() sys.exit(1)
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name and not self.options.all: print( _('You must provide either "--all" or a value for ' '"--name".')) self.parser.print_help() sys.exit(1) if self.options.name and self.options.all: print( _('You must provide either "--all" or a value for ' '"--name". You cannot supply both.')) self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog scan [options] PROFILE") shortdesc = _("scan given host profile") desc = _("scans the host profile") CliCommand.__init__(self, "scan", usage, shortdesc, desc) self.parser.add_option("--reset", dest="reset", action="store_true", metavar="RESET", default=False, help=_("Use if profiles/auths have been " "changed")) self.parser.add_option("--profile", dest="profile", metavar="PROFILE", help=_("NAME of the profile - REQUIRED")) self.parser.add_option("--reportfile", dest="report_path", metavar="REPORTFILE", help=_("Report file path - REQUIRED")) self.parser.add_option("--facts", dest="facts", metavar="FACTS", action="callback", callback=multi_arg, default=[], help=_("'default' or list " + " - REQUIRED")) self.parser.add_option("--ansible_forks", dest="ansible_forks", metavar="FORKS", help=_("number of ansible forks")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name: self.parser.print_help() sys.exit(1) if not (self.options.filename or self.options.username or self.options.password or self.options.sudo_password): print(_("Should specify an option to update: " "--username, --password, --sshkeyfile " "or --sudo-password")) sys.exit(1) if self.options.filename and self.options.password: print(_('You must provide either "--password" or a value for ' '"--sshkeyfile". You cannot supply both.')) self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog auth clear") shortdesc = _("clears out the credentials") desc = _("clears out the crendentials") CliCommand.__init__(self, "auth clear", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("NAME of the auth " "credential to be removed")) self.parser.add_option("--all", dest="all", action="store_true", help=_("remove ALL auth credentials")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def _validate_options(self): CliCommand._validate_options(self) if not (self.options.name and self.options.username): print(_('You must provide a value for "--name" and "--username".')) self.parser.print_help() sys.exit(1) if not self.options.username: self.parser.print_help() sys.exit(1) # need to pass in file or password: if not (self.options.filename or self.options.password): print( _('You must provide either "--password" or a value for ' '"--sshkeyfile".')) self.parser.print_help() sys.exit(1) if self.options.filename and self.options.password: print( _('You must provide either "--password" or a value for ' '"--sshkeyfile". You cannot supply both.')) self.parser.print_help() sys.exit(1) if self.options.filename: keyfile_path = os.path.abspath( os.path.normpath( os.path.expanduser( os.path.expandvars(self.options.filename)))) if os.path.isfile(keyfile_path) is False: print( _('You must provide a valid file path for' ' "--sshkeyfile", "%s" could not be found.' % keyfile_path)) self.parser.print_help() sys.exit(1) else: self.options.filename = keyfile_path
def __init__(self): usage = _("usage: %prog profile clear [--name | --all] [options]") shortdesc = _("removes 1 or all profiles from list") desc = _("removes profiles") CliCommand.__init__(self, "profile clear", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("NAME of the profile to be removed")) self.parser.add_option("--all", dest="all", action="store_true", help=_("remove ALL profiles")) self.parser.set_defaults(all=False) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))
def _validate_options(self): CliCommand._validate_options(self) if not (self.options.name and self.options.username): print(_('You must provide a value for "--name" and "--username".')) self.parser.print_help() sys.exit(1) if not self.options.username: self.parser.print_help() sys.exit(1) # need to pass in file or password: if not (self.options.filename or self.options.password): print(_('You must provide either "--password" or a value for ' '"--sshkeyfile".')) self.parser.print_help() sys.exit(1) if self.options.filename and self.options.password: print(_('You must provide either "--password" or a value for ' '"--sshkeyfile". You cannot supply both.')) self.parser.print_help() sys.exit(1)
def _validate_options(self): CliCommand._validate_options(self) if not self.options.name: self.parser.print_help() sys.exit(1) if not self.options.hosts and not self.options.auth \ and not self.options.sshport: print(_("Specify either hosts, sshport, or auths to update.")) self.parser.print_help() sys.exit(1) if hasattr(self.options, 'sshport') \ and self.options.sshport is not None: ssh_port = self.options.sshport try: ssh_port = utilities.validate_port(ssh_port) self.options.sshport = ssh_port except ValueError as port_error: print(str(port_error)) self.parser.print_help() sys.exit(1)
def __init__(self): usage = _("usage: %prog profile add [options]") shortdesc = _("add a network profile") desc = _("add a network profile") CliCommand.__init__(self, "profile add", usage, shortdesc, desc) self.parser.add_option("--name", dest="name", metavar="NAME", help=_("NAME of the profile - REQUIRED")) self.parser.add_option("--hosts", dest="hosts", action="callback", callback=multi_arg, metavar="HOSTS", default=[], help=_("IP range to scan." " See 'man rho' for supported formats.")) self.parser.add_option("--sshport", dest="sshport", metavar="SSHPORT", help=_("SSHPORT for connection; default=22")) self.parser.add_option("--auth", dest="auth", metavar="AUTH", action="callback", callback=multi_arg, default=[], help=_("auth class to " "associate with profile")) self.parser.add_option("--vault", dest="vaultfile", metavar="VAULT", help=_("file containing vault password for" " scripting"))