Example #1
0
        def run(self):

            _logger.debug('Service: setting signal handlers.')
            # Set SIGTERM signal Handler
            signal.signal(signal.SIGTERM, signal_term_handler)
            signal.signal(signal.SIGHUP, signal_hup_handler)

            _logger.info('Starting Silent Dune firewall.')

            # This loop allows for restarting and reloading the configuration after a SIGHUP signal has been received.
            while True:

                # Reset loop controllers
                self.stopProcessing = False
                self.reload = False

                # Read the local configuration file.
                self._config = ClientConfiguration(
                    self._args.config).read_config()

                mods, pmanager, mqueue, cprocs, cqueues, mlist = self.startup_modules(
                )

                # RUn main loop until we get an external signal.
                _logger.debug('Service: starting main processing loop.')
                while not self.stopProcessing:

                    mods, mqueue, cprocs, cqueues = self.check_module_state(
                        mods, mqueue, cprocs, cqueues, mlist)

                    # Check manage queue for any QueueTask object.
                    try:
                        task = mqueue.get_nowait()
                        _logger.debug(
                            'Service: forwarding task ({0}) from {1} to {2}'.
                            format(task.get_task_id(), task.get_sender(),
                                   task.get_dest_name()))

                        if task:
                            # Find the destination module and send task to it.
                            if not task.get_dest_name() or not cqueues[
                                    task.get_dest_name()]:
                                _logger.error(
                                    'Service: task from {0} has unknown destination.'
                                    .format(task.get_sender()))

                            cqueues[task.get_dest_name()].put(task)
                    except:
                        pass

                    # Sleep.
                    time.sleep(0.25)

                # Stop all module processing threads
                _logger.debug('Service: terminating active modules...')

                self.terminate_modules(mods, cprocs, cqueues)

                # If we are not reloading, just shutdown.
                if not self.reload:
                    break

                _logger.debug('Service: reloading firewall.')

            _logger.info('Firewall shutdown complete.')

            # exit process
            sys.exit(0)
Example #2
0
def run():
    class SDCDaemon(Daemon):

        # Node configuration information
        _args = None
        _config = None
        stopProcessing = False
        reload = False

        t_start = time.time()
        t_mod_check = 0

        def __init__(self, *args, **kwargs):

            self._args = kwargs.pop('args', None)

            super(SDCDaemon, self).__init__(*args, **kwargs)

        def startup_modules(self):

            # Get the path where this file is located.
            app_path = os.path.split(os.path.realpath(__file__))[0]
            # Get our package path and package name
            base_path, package_name = os.path.split(app_path)

            # Get loadable module list
            mods = modules.__load_modules__(base_path=base_path)
            active_mods = []  # List of modules marked as active.
            running_mods = []  # List of modules that are really running.

            # Set the configuration in each module.
            for mod in mods:
                mod.set_config(
                    self._config
                )  # Set the configuration information in the module.

                # If the module is enabled, add it to the active_mods list.
                if mod.module_enabled():
                    active_mods.append(mod)
                else:
                    _logger.debug('Service: module {0} is disabled.'.format(
                        mod.get_name()))

            pmanager = Manager()
            mqueue = pmanager.Queue()

            # Keep the created child processes.
            cprocs = dict()  # Dictionary of module process handlers.
            cqueues = dict()  # Dictionary of module Queue objects.
            mlist = list()  # List of module names.

            # Sort modules by the priority attribute so we can start them in the proper order.
            sorted_mods = sorted(active_mods,
                                 key=operator.attrgetter('priority'))

            for mod in sorted_mods:
                _logger.debug('Service: starting module {0}: ({1})'.format(
                    mod.get_name(), mod.priority))

                if mod.service_startup() is False:
                    _logger.critical(
                        'Service: module ({0}) failed during startup.'.format(
                            mod.get_name))
                    # sys.exit(1)
                    continue

                name = mod.get_name()

                running_mods.append(mod)
                mlist.append(name)

                cprocs[
                    name] = None  # Add a place holder for the module process.

                # Setup thread for modules wanting a processing thread.
                if mod.wants_processing_thread:
                    # _logger.debug('Initializing thread for {0}.'.format(name))

                    cqueues[name] = multiprocessing.Queue()
                    cprocs[name] = multiprocessing.Process(
                        target=mod.process_handler,
                        args=(cqueues[name], mqueue, mlist))
                    cprocs[name].start()

                    # Give the firewall manager time to setup the initial rules.
                    if name == 'SilentDuneClientFirewallModule':
                        time.sleep(2)

            return running_mods, pmanager, mqueue, cprocs, cqueues, mlist

        def check_module_state(self,
                               mods,
                               mqueue,
                               cprocs,
                               cqueues,
                               mlist,
                               force=False):
            """
            Check each module that has a thread and make sure it is still alive.
            :param mods:
            :return: False if all threads are running fine, True if failed module.
            """

            # We only want to do a check once a minute.
            time_t = int((time.time() - self.t_start))

            if (time_t > self.t_mod_check and time_t % 60.0 == 0.0) or force:
                self.t_mod_check = int((time.time() - self.t_start))

                # Check to see that module process threads are still running.
                _logger.debug('Service: checking module threads.')
                for mod in mods:
                    name = mod.get_name()
                    _logger.debug(
                        '{0}: checking module thread...'.format(name))
                    if name in cprocs and cprocs[name]:
                        if cprocs[name].is_alive():
                            mod.restart_count = 0
                        else:

                            # See if we should attempt to restart this module
                            if mod.restart_count < 10:

                                _logger.critical(
                                    'service: {0} module has unexpectedly stopped.'
                                    .format(name))

                                mod.restart_count += 1
                                _logger.info(
                                    'service: attempting to restart module {0} (rc:{1})'
                                    .format(name, mod.restart_count))

                                if mod.wants_processing_thread:
                                    # _logger.debug('Initializing thread for {0}.'.format(name))

                                    cqueues[name] = multiprocessing.Queue()
                                    cprocs[name] = multiprocessing.Process(
                                        target=mod.process_handler,
                                        args=(cqueues[name], mqueue, mlist))
                                    cprocs[name].start()

                            else:
                                if mod.restart_count == 10:
                                    _logger.warning(
                                        'service: module restart limit exceeded for {0}, giving up.'
                                        .format(name, mod.restart_count))

                                mod.restart_count += 1
                                if mod.restart_count % 60 == 0:
                                    _logger.warning(
                                        'service: module {0} is dead.'.format(
                                            name))

            return mods, mqueue, cprocs, cqueues

        def terminate_modules(self, mods, cprocs, cqueues):
            """
            Shutdown modules.
            """
            for mod in mods:

                name = mod.get_name()

                if cprocs[name] and cprocs[name].is_alive():
                    _logger.debug(
                        'Service: signalling {0} module to stop processing.'.
                        format(name))
                    cqueues[name].put(
                        modules.QueueTask(modules.TASK_STOP_PROCESSING))
                    cqueues[name].close()
                    cqueues[name].join_thread()
                    cprocs[name].join()

        def run(self):

            _logger.debug('Service: setting signal handlers.')
            # Set SIGTERM signal Handler
            signal.signal(signal.SIGTERM, signal_term_handler)
            signal.signal(signal.SIGHUP, signal_hup_handler)

            _logger.info('Starting Silent Dune firewall.')

            # This loop allows for restarting and reloading the configuration after a SIGHUP signal has been received.
            while True:

                # Reset loop controllers
                self.stopProcessing = False
                self.reload = False

                # Read the local configuration file.
                self._config = ClientConfiguration(
                    self._args.config).read_config()

                mods, pmanager, mqueue, cprocs, cqueues, mlist = self.startup_modules(
                )

                # RUn main loop until we get an external signal.
                _logger.debug('Service: starting main processing loop.')
                while not self.stopProcessing:

                    mods, mqueue, cprocs, cqueues = self.check_module_state(
                        mods, mqueue, cprocs, cqueues, mlist)

                    # Check manage queue for any QueueTask object.
                    try:
                        task = mqueue.get_nowait()
                        _logger.debug(
                            'Service: forwarding task ({0}) from {1} to {2}'.
                            format(task.get_task_id(), task.get_sender(),
                                   task.get_dest_name()))

                        if task:
                            # Find the destination module and send task to it.
                            if not task.get_dest_name() or not cqueues[
                                    task.get_dest_name()]:
                                _logger.error(
                                    'Service: task from {0} has unknown destination.'
                                    .format(task.get_sender()))

                            cqueues[task.get_dest_name()].put(task)
                    except:
                        pass

                    # Sleep.
                    time.sleep(0.25)

                # Stop all module processing threads
                _logger.debug('Service: terminating active modules...')

                self.terminate_modules(mods, cprocs, cqueues)

                # If we are not reloading, just shutdown.
                if not self.reload:
                    break

                _logger.debug('Service: reloading firewall.')

            _logger.info('Firewall shutdown complete.')

            # exit process
            sys.exit(0)

    def signal_term_handler(signal, frame):

        if not _daemon.stopProcessing:
            _logger.debug('Service: received SIGTERM signal.')
        _daemon.stopProcessing = True

    def signal_hup_handler(signal, frame):

        if not _daemon.reload:
            _logger.debug('Service: received SIGHUP signal.')
        _daemon.reload = True
        _daemon.stopProcessing = True

    setup_logging(_logger, '--debug' in sys.argv)

    os.environ['TMPDIR'] = '/var/run/silentdune'

    if not os.path.isdir(os.environ['TMPDIR']):
        os.makedirs(os.environ['TMPDIR'])

    # Setup i18n - Good for 2.x and 3.x python.
    kwargs = {}
    if sys.version_info[0] < 3:
        kwargs['unicode'] = True
    gettext.install('sdc_service', **kwargs)

    # Setup program arguments.
    parser = argparse.ArgumentParser(prog='sdc-firewall')
    parser.add_argument('-c',
                        '--config',
                        help=_('Use config file'),
                        default=None,
                        type=str)  # noqa
    parser.add_argument('--debug',
                        help=_('Enable debug output'),
                        default=False,
                        action='store_true')  # noqa
    parser.add_argument('--nodaemon',
                        help=_('Do not daemonize process'),
                        default=False,
                        action='store_true')  # noqa
    parser.add_argument('action',
                        choices=('start', 'stop', 'restart'),
                        default='')

    args = parser.parse_args()

    if os.getuid() != 0:
        print('sdc-firewall: error: must be run as root')
        sys.exit(4)

    # --nodaemon only valid with start action
    if args.nodaemon and args.action != 'start':
        print(
            'sdc-firewall: error: --nodaemon option not valid with stop or restart action'
        )
        sys.exit(1)

    # Read the local configuration file.
    config = ClientConfiguration(args.config).read_config()

    # Dump debug information
    if args.debug:
        node_info_dump(args)

    if not config:
        _logger.error('Invalid configuration file information, aborting.')
        sys.exit(1)

    # Do not fork the daemon process, run in foreground. For systemd service or debugging.
    if args.nodaemon:
        _daemon = SDCDaemon(args=args)
        _daemon.run()
    else:
        # Setup daemon object
        _daemon = SDCDaemon(os.path.split(config.get('settings',
                                                     'pidfile'))[0],
                            '0o700',
                            os.path.split(config.get('settings',
                                                     'pidfile'))[1],
                            'root',
                            'root',
                            '/dev/null',
                            '/dev/null',
                            '/dev/null',
                            args=args)

        if args.action == 'start':
            _logger.debug('Starting daemon.')
            _daemon.start()
        elif args.action == 'stop':
            _logger.debug('Stopping daemon.')
            _daemon.stop()
        elif args.action == 'restart':
            _logger.debug('Restarting daemon.')
            _daemon.restart()

    return 0
Example #3
0
    def __init__(self, args, modules, node_info):

        self.__modules = modules
        self.args = args
        self.node_info = node_info
        self.__config = ClientConfiguration()
def run():

    class SDCDaemon(Daemon):

        # Node configuration information
        _args = None
        _config = None
        stopProcessing = False
        reload = False

        t_start = time.time()
        t_mod_check = 0

        def __init__(self, *args, **kwargs):

            self._args = kwargs.pop('args', None)

            super(SDCDaemon, self).__init__(*args, **kwargs)

        def startup_modules(self):

            # Get the path where this file is located.
            app_path = os.path.split(os.path.realpath(__file__))[0]
            # Get our package path and package name
            base_path, package_name = os.path.split(app_path)

            # Get loadable module list
            mods = modules.__load_modules__(base_path=base_path)

            # Have each module do their startup work now.
            for mod in mods:
                mod.set_config(self._config)  # Set the configuration information in the module.
                result = mod.service_startup()
                if result is not None and result is False:
                    _logger.critical('Module ({0}) failed during startup.'.format(mod.get_name))
                    sys.exit(1)

            pmanager = Manager()
            mqueue = pmanager.Queue()

            # Keep the created child processes.
            cprocs = dict()   # Dictionary of module process handlers.
            cqueues = dict()  # Dictionary of module Queue objects.
            mlist = list()    # List of module names.

            # Get list of module names
            for mod in mods:
                mlist.append(mod.get_name())

            # Setup thread for modules wanting a processing thread.
            for mod in mods:
                name = mod.get_name()

                cprocs[name] = None  # Add a place holder for the module process

                if mod.wants_processing_thread:
                    _logger.debug('Initializing thread for {0}.'.format(name))

                    cqueues[name] = multiprocessing.Queue()
                    cprocs[name] = multiprocessing.Process(
                        target=mod.process_handler, args=(cqueues[name], mqueue, mlist))
                    cprocs[name].start()

            return mods, pmanager, mqueue, cprocs, cqueues, mlist

        def check_module_state(self, mods, cprocs, force=False):
            """
            Check each module that has a thread and make sure it is still alive.
            :param mods:
            :return: False if all threads are running fine, True if failed module.
            """

            # We only want to do a check once a minute.
            time_t = int((time.time() - self.t_start))

            if (time_t > self.t_mod_check and time_t % 60.0 == 0.0) or force:
                self.t_mod_check = int((time.time() - self.t_start))

                # Check to see that module process threads are still running.
                _logger.debug('Checking module threads.')
                for mod in mods:
                    if mod.get_name() in cprocs and cprocs[mod.get_name()]:
                        if not cprocs[mod.get_name()].is_alive():
                            # TODO: Maybe restart the module?
                            _logger.critical('{0} module has unexpectedly stopped.'.format(mod.get_name()))
                            return True

            return False

        def terminate_modules(self, mods, cprocs, cqueues):
            """
            Shutdown modules.
            """
            for mod in mods:

                name = mod.get_name()

                if cprocs[name] and cprocs[name].is_alive():
                    _logger.debug('Signalling {0} module to stop processing.'.format(name))
                    cqueues[name].put(modules.QueueTask(modules.TASK_STOP_PROCESSING))
                    cqueues[name].close()
                    cqueues[name].join_thread()
                    cprocs[name].join()

        def run(self):

            _logger.debug('Setting signal handlers.')
            # Set SIGTERM signal Handler
            signal.signal(signal.SIGTERM, signal_term_handler)
            signal.signal(signal.SIGHUP, signal_hup_handler)

            _logger.info('Starting firewall service.')

            # This loop allows for restarting and reloading the configuration after a SIGHUP signal has been received.
            while True:

                # Reset loop controllers
                self.stopProcessing = False
                self.reload = False

                # Read the local configuration file.
                self._config = ClientConfiguration(self._args.config).read_config()

                mods, pmanager, mqueue, cprocs, cqueues, mlist = self.startup_modules()

                # RUn main loop until we get an external signal.
                _logger.debug('Starting main processing loop.')
                while not self.stopProcessing:

                    if self.check_module_state(mods, cprocs):
                        self.stopProcessing = True
                        break

                    # Check manage queue for any QueueTask object.
                    try:
                        task = mqueue.get_nowait()
                        _logger.debug('Forwarding task ({0}) from {1} to {2}'.format(
                            task.get_task_id(), task.get_sender(), task.get_dest_name()))

                        if task:
                            # Find the destination module and send task to it.
                            if not task.get_dest_name() or not cqueues[task.get_dest_name()]:
                                _logger.error('Task from {0} has unknown destination.'.format(task.get_sender()))

                            cqueues[task.get_dest_name()].put(task)
                    except:
                        pass

                    # Sleep.
                    time.sleep(0.25)

                # Stop all module processing threads
                _logger.debug('Shutting firewall service down.')

                self.terminate_modules(mods, cprocs, cqueues)

                # If we are not reloading, just shutdown.
                if not self.reload:
                    break

                _logger.debug('Reloading firewall.')

            _logger.info('Firewall shutdown complete.')

            # exit process
            sys.exit(0)

    def signal_term_handler(signal, frame):

        if not _daemon.stopProcessing:
            _logger.debug('Received SIGTERM signal.')
        _daemon.stopProcessing = True

    def signal_hup_handler(signal, frame):

        if not _daemon.reload:
            _logger.debug('Received SIGHUP signal.')
        _daemon.reload = True
        _daemon.stopProcessing = True

    _logger.addHandler(setup_logging('--debug' in sys.argv))

    # Setup i18n - Good for 2.x and 3.x python.
    kwargs = {}
    if sys.version_info[0] < 3:
        kwargs['unicode'] = True
    gettext.install('sdc_service', **kwargs)

    # Setup program arguments.
    parser = argparse.ArgumentParser(prog='sdc-firewall')
    parser.add_argument('-c', '--config', help=_('Use config file'), default=None, type=str)  # noqa
    parser.add_argument('--debug', help=_('Enable debug output'), default=False, action='store_true')  # noqa
    parser.add_argument('--nodaemon', help=_('Do not daemonize process'), default=False, action='store_true')  # noqa
    parser.add_argument('action', choices=('start', 'stop', 'restart'), default='')

    args = parser.parse_args()

    if os.getuid() != 0:
        print('sdc-firewall: error: must be run as root')
        sys.exit(4)

    # --nodaemon only valid with start action
    if args.nodaemon and args.action != 'start':
        print('sdc-firewall: error: --nodaemon option not valid with stop or restart action')
        sys.exit(1)

    # Read the local configuration file.
    config = ClientConfiguration(args.config).read_config()

    # Dump debug information
    if args.debug:
        node_info_dump(args)

    if not config:
        _logger.error('Invalid configuration file information, aborting.')
        sys.exit(1)

    # Do not fork the daemon process, run in foreground. For systemd service or debugging.
    if args.nodaemon:
        _daemon = SDCDaemon(args=args)
        _daemon.run()
    else:
        # Setup daemon object
        _daemon = SDCDaemon(
            os.path.split(config.get('settings', 'pidfile'))[0],
            '0o700',
            os.path.split(config.get('settings', 'pidfile'))[1],
            config.get('settings', 'user'),
            config.get('settings', 'group'),
            '/dev/null',
            config.get('settings', 'logfile'),
            '/dev/null',
            args=args
        )

        if args.action == 'start':
            _logger.debug('Starting daemon.')
            _daemon.start()
        elif args.action == 'stop':
            _logger.debug('Stopping daemon.')
            _daemon.stop()
        elif args.action == 'restart':
            _logger.debug('Restarting daemon.')
            _daemon.restart()

    return 0
Example #5
0
class Installer(ConsoleBase):

    # Modules dictionary list
    __modules = None
    __config = None

    # parser args
    args = None
    bad_arg = False

    node_info = None

    previous_firewall_service = None

    # Location of the installed service unit or script file.
    service_out_file = None

    def __init__(self, args, modules, node_info):

        self.__modules = modules
        self.args = args
        self.node_info = node_info
        self.__config = ClientConfiguration()

    def write_config(self):
        """
        Loop through the modules to set their configuration file items and then save the configuration.
        """

        for mod in self.__modules:
            result = mod.prepare_config(self.__config)

            if result is False:  # If prepare_config() returns None, we just want to continue.
                _logger.error(
                    'Preparing configuration file items failed in module {0}.'.
                    format(mod.get_name()))
                return False

        # Write the configuration file out.
        return self.__config.write_config()

    def install_service(self):
        """
        Based on everything we know, lets install the init service.
        :return: True if successful, otherwise False.
        """

        self.cwrite('Installing firewall service...')

        # Figure out our path
        base_path = os.path.split(os.path.realpath(__file__))[0]

        systemd_in_file = os.path.join(base_path,
                                       'init/sdc-firewall.service.in')
        init_in_file = os.path.join(base_path, 'init/sdc-firewall.init.in')

        # Check and make sure we can find the init scripts.
        if not os.path.exists(systemd_in_file) or \
                not os.path.exists(init_in_file):
            _logger.critical('Unable to find init service files.')
            return False

        firewall_exec = which('sdc-firewall')

        if not firewall_exec:
            self.cwriteline('[Error]',
                            'Unable to locate our firewall executable.')
            return False

        # Install systemd service file.
        if self.node_info.sysd_installed:

            path = None

            # TODO: Need to look for selinux and apply a service policy module before saving to system locations.
            #
            # # Determine systemd service unit install directory.
            # if os.path.exists('/usr/lib/systemd/system/'):  # Redhat based
            #     path = '/usr/lib/systemd/system/'
            # elif os.path.exists('/lib/systemd/system/'):  # Ubuntu based
            #     path = '/lib/systemd/system/'
            # elif os.path.exists('/etc/systemd/system/'):  # Last resort location
            #     path = '/etc/systemd/system/'

            # Just save to the systemd user defined location until we get a selinux serivce policy built.
            if os.path.exists('/etc/systemd/system/'):
                path = '/etc/systemd/system/'

            if not path:
                self.cwriteline('[Error]',
                                'Unable to locate systemd service unit path.')
                return False

            self.service_out_file = os.path.join(path, 'sdc-firewall.service')

            # shutil.copy(systemd_in_file, self.service_out_file)

            # Replace key words with local file locations.
            sed_args = 's/%%KILL%%/{0}/g;s/%%SDC-FIREWALL%%/{1}/g'.format(
                self.node_info.kill.replace('/', '\/'),
                firewall_exec.replace('/', '\/'))

            args = [self.node_info.sed, sed_args, systemd_in_file]

            try:
                _logger.debug('Saving systemd service file to {0}'.format(
                    self.service_out_file))
                with open(self.service_out_file, 'w') as handle:
                    subprocess.call(args, stdout=handle)
            except CalledProcessError:
                _logger.error(
                    'Unable to copy systemd service file to system location.')
                return False

            # Set file permissions.
            os.chmod(self.service_out_file, 0o644)

            # Enable and start service
            if not self.node_info.enable_service('sdc-firewall'):
                self.cwriteline('[Error]',
                                'Firewall service failed to enable.')
                return False

            if not self.node_info.start_service('sdc-firewall'):
                self.cwriteline('[Error]', 'Firewall service failed to start.')
                return False

        if self.node_info.sysv_installed:
            # TODO: Write the sysv service install code.
            # Just save to the systemd user defined location until we get a selinux serivce policy built.
            if os.path.exists('/etc/systemd/system/'):
                path = '/etc/systemd/system/'
            pass

            # http://askubuntu.com/questions/2263/chkconfig-alternative-for-ubuntu-server

        self.cwriteline('[OK]', 'Firewall service installed and started.')

        return True

    def remove_service(self):

        # Remove the systemd service file.
        if self.node_info.sysd_installed:

            if self.node_info.is_service_running('sdc-firewall'):
                if not self.node_info.stop_service('sdc-firewall'):
                    _logger.debug('Firewall service failed to stop.')

                if not self.node_info.disable_service('sdc-firewall'):
                    _logger.debug('Unable to disable firewall service.')

            if os.path.exists(self.service_out_file):
                os.remove(self.service_out_file)

        if self.node_info.sysv_installed:
            # TODO: Write the sysv service removal code.
            pass

        self.cwriteline('[OK]', 'Firewall service removed.')

    def disable_previous_firewall(self):
        """
        Disable the previous firewall service.
        :return: True if successful, otherwise False.
        """

        if not self.node_info.previous_firewall_service:
            return True

        # Check to see if the previous firewall service is running.
        if not is_process_running(self.node_info.previous_firewall_service):
            _logger.info(
                'The current firewall service does not seem to be running.')
            return True

        self.cwrite('Stopping the current firewall service...')

        # Stop and Disable the previous firewall service.
        if not self.node_info.stop_service(
                self.node_info.previous_firewall_service):
            self.cwriteline('[Error]',
                            'Unable to stop the current firewall service.')
            return False

        self.cwriteline('[OK]',
                        'Successfully stopped the current firewall service.')

        self.cwrite('Disabling the current firewall service...')

        if not self.node_info.disable_service(
                self.node_info.previous_firewall_service):
            self.cwriteline('[Error]',
                            'Unable to disable the current firewall service.')
            return False

        self.cwriteline('[OK]',
                        'Successfully disabled the current firewall service.')

        return True

    def clean_up(self):
        """
        Use this method to clean up after a failed install
        """
        self.cwrite('Cleaning up...')
        return

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # Remove our firewall service.
            self.remove_service()

            # Remove the directories the daemon process uses.
            self.__config.delete_directories()
            _logger.debug('Removed daemon process directories.')

            # Remove the system user the daemon process uses.
            self.__config.delete_user()
            _logger.debug('Removed daemon process system user.')

            # Check to see if the previous firewall service is running or not
            if self.node_info.previous_firewall_service:
                if not is_process_running(
                        self.node_info.previous_firewall_service):
                    self.node_info.enable_service(
                        self.node_info.previous_firewall_service)
                    self.node_info.start_service(
                        self.node_info.previous_firewall_service)

            # if we are running as root, delete the configuration directory
            if self.node_info.config_root is not None \
                    and os.path.exists(self.node_info.config_root) \
                    and os.path.realpath(self.node_info.config_root) != '/':
                rmdir(self.node_info.config_root)

        self.cwriteline('[OK]', 'Finished cleaning up.')

    def start_install(self):
        """
        Begin installing the Silent Dune Client.
        """

        # If this node is running systemd, remove the pidfile setting.
        if self.node_info.sysd_installed:
            self.__config.delete('settings', 'pidfile')

        # Check to see that the NodeInformation information gathering was successful.
        if self.node_info.error:
            _logger.error('Gathering information about this node failed.')
            return False

        # See if we haven't determined the configuration root directory.
        if not self.node_info.config_root:
            _logger.error(
                'Error determining the configuration root directory.')
            return False

        if self.node_info.previous_firewall_service == 'sdc-firewall':
            self.cwriteline(
                '[Error]',
                'Silent Dune firewall service is already running, please uninstall first.'
            )
            return False

        #
        # Have each module do their pre install work now.
        #
        for mod in self.__modules:
            result = mod.pre_install()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # # Create the daemon process user
            # if not self.__config.create_service_user():
            #     return False

            # Create the directories the daemon process uses.
            if not self.__config.create_directories():
                return False

        #
        # Have each module do their install work now.
        #
        for mod in self.__modules:
            result = mod.install_module()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # Disable the current firewall service
            if self.node_info.previous_firewall_service:
                if not self.disable_previous_firewall():
                    return False

        if not self.write_config():
            return False

        # Have each module do their post install work now.
        for mod in self.__modules:
            result = mod.post_install()
            if result is not None and result is False:
                return False

        # Finally install and start the firewalls service.
        if self.node_info.root_user:

            if not self.install_service():
                return False

        return True
class Installer(ConsoleBase):

    # Modules dictionary list
    __modules = None
    __config = None

    # parser args
    args = None
    bad_arg = False

    node_info = None

    previous_firewall_service = None

    # Location of the installed service unit or script file.
    service_out_file = None

    def __init__(self, args, modules, node_info):

        self.__modules = modules
        self.args = args
        self.node_info = node_info
        self.__config = ClientConfiguration()

    def write_config(self):
        """
        Loop through the modules to set their configuration file items and then save the configuration.
        """

        for mod in self.__modules:
            result = mod.prepare_config(self.__config)

            if result is False:  # If prepare_config() returns None, we just want to continue.
                _logger.error('Preparing configuration file items failed in module {0}.'.format(mod.get_name()))
                return False

        # Write the configuration file out.
        return self.__config.write_config()

    def install_service(self):
        """
        Based on everything we know, lets install the init service.
        :return: True if successful, otherwise False.
        """

        self.cwrite('Configuring Silent Dune firewall service...')

        # Figure out our path
        base_path = os.path.split(os.path.realpath(__file__))[0]

        systemd_in_file = os.path.join(base_path, 'init/sdc-firewall.systemd.in')
        init_in_file = os.path.join(base_path, 'init/sdc-firewall.sysv.in')

        # Check and make sure we can find the init scripts.
        if not os.path.exists(systemd_in_file) or \
                not os.path.exists(init_in_file):
            _logger.critical('Unable to find init service files.')
            return False

        firewall_exec = which('sdc-firewall')

        if not firewall_exec:
            self.cwriteline('[Error]', 'Unable to locate our firewall executable.')
            return False

        # Install systemd service file.
        if self.node_info.sysd_installed:

            path = None

            # Determine systemd service unit install directory.
            if os.path.exists('/usr/lib/systemd/system/'):  # Redhat based
                path = '/usr/lib/systemd/system/'
            elif os.path.exists('/lib/systemd/system/'):  # Ubuntu based
                path = '/lib/systemd/system/'
            elif os.path.exists('/etc/systemd/system/'):  # Last resort location
                path = '/etc/systemd/system/'

            if not path:
                self.cwriteline('[Error]', 'Unable to locate systemd service unit path.')
                return False

            self.service_out_file = os.path.join(path, 'sdc-firewall.service')

            # See if we need to copy the service unit file to the destination
            if not os.path.isfile(self.service_out_file):
                shutil.copy(systemd_in_file, self.service_out_file)
                os.chmod(self.service_out_file, 0o644)

        if self.node_info.sysv_installed:

            # http://askubuntu.com/questions/2263/chkconfig-alternative-for-ubuntu-server
            path = '/etc/init.d/'
            self.service_out_file = os.path.join(path, 'sdc-firewall')

            # See if we need to copy the service unit file to the destination
            if not os.path.isfile(self.service_out_file):
                shutil.copy(init_in_file, self.service_out_file)
                os.chmod(self.service_out_file, 0o755)

        # Enable service
        # if not self.node_info.enable_service('sdc-firewall'):
        #    self.cwriteline('[Error]', 'Firewall service failed to enable.')
        #    return False

        # Start service
        # if not self.node_info.start_service('sdc-firewall'):
        #     self.cwriteline('[Error]', 'Firewall service failed to start.')
        #     return False

        self.cwriteline('      [OK]', 'Firewall service installed. Please start "sdc-firewall" service now.')

        return True

    def remove_service(self):

        # Remove the systemd service file.
        if self.node_info.sysd_installed:

            if is_service_running('sdc-firewall'):
                if not self.node_info.stop_service('sdc-firewall'):
                    _logger.debug('Firewall service failed to stop.')

                if not self.node_info.disable_service('sdc-firewall'):
                    _logger.debug('Unable to disable firewall service.')

            if os.path.exists(self.service_out_file):
                os.remove(self.service_out_file)

        if self.node_info.sysv_installed:
            # TODO: Write the sysv service removal code.
            pass

        self.cwriteline('[OK]', 'Firewall service removed.')

    def disable_previous_firewall(self):
        """
        Disable the previous firewall service.
        :return: True if successful, otherwise False.
        """

        if not self.node_info.previous_firewall_service or self.node_info.previous_firewall_service == 'sdc-firewall':
            return True

        # Check to see if the previous firewall service is running.
        if not is_service_running(self.node_info.previous_firewall_service):
            _logger.info('The current firewall service does not seem to be running.')
            return True

        self.cwrite('Stopping the current firewall service...')

        # Stop and Disable the previous firewall service.
        if not self.node_info.stop_service(self.node_info.previous_firewall_service):
            self.cwriteline('[Error]', 'Unable to stop the current firewall service.')
            return False

        self.cwriteline('[OK]', 'Successfully stopped the current firewall service.')

        self.cwrite('Disabling the current firewall service...')

        if not self.node_info.disable_service(self.node_info.previous_firewall_service):
            self.cwriteline('[Error]', 'Unable to disable the current firewall service.')
            return False

        self.cwriteline('[OK]', 'Successfully disabled the current firewall service.')

        return True

    def clean_up(self):
        """
        Use this method to clean up after a failed install
        """
        self.cwrite('Cleaning up...')

        # # The following code can only run if we are running under privileged account.
        # if self.node_info.root_user:
        #
        #     # Remove our firewall service.
        #     self.remove_service()
        #
        #     # Remove the directories the daemon process uses.
        #     self.__config.delete_directories()
        #     _logger.debug('Removed daemon process directories.')
        #
        #     # Remove the system user the daemon process uses.
        #     self.__config.delete_user()
        #     _logger.debug('Removed daemon process system user.')
        #
        #     # Check to see if the previous firewall service is running or not
        #     if self.node_info.previous_firewall_service:
        #         if not is_service_running(self.node_info.previous_firewall_service):
        #             self.node_info.enable_service(self.node_info.previous_firewall_service)
        #             self.node_info.start_service(self.node_info.previous_firewall_service)
        #
        #     # if we are running as root, delete the configuration directory
        #     if self.node_info.config_root is not None \
        #             and os.path.exists(self.node_info.config_root) \
        #             and os.path.realpath(self.node_info.config_root) != '/':
        #         rmdir(self.node_info.config_root)

        self.cwriteline('[OK]', 'Finished cleaning up.')

    def start_install(self):
        """
        Begin installing the Silent Dune Client.
        """

        # If this node is running systemd, remove the pidfile setting.
        if self.node_info.sysd_installed:
            self.__config.delete('settings', 'pidfile')

        # Check to see that the NodeInformation information gathering was successful.
        if self.node_info.error:
            _logger.error('Gathering information about this node failed.')
            return False

        # See if we haven't determined the configuration root directory.
        if not self.node_info.config_root:
            _logger.error('Error determining the configuration root directory.')
            return False

        # if self.node_info.previous_firewall_service == 'sdc-firewall':
        #     self.cwriteline('[Error]', 'Silent Dune firewall service is already running, please uninstall first.')
        #     return False

        #
        # Have each module do their pre install work now.
        #
        for mod in self.__modules:
            result = mod.pre_install()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # # Create the daemon process user
            # if not self.__config.create_service_user():
            #     return False

            # Create the directories the daemon process uses.
            if not self.__config.create_directories():
                return False

        #
        # Have each module do their install work now.
        #
        for mod in self.__modules:
            result = mod.install_module()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # Disable the current firewall service
            if self.node_info.previous_firewall_service:
                if not self.disable_previous_firewall():
                    return False

        if not self.write_config():
            return False

        # Have each module do their post install work now.
        for mod in self.__modules:
            result = mod.post_install()
            if result is not None and result is False:
                return False

        # Finally install the firewall service.
        if self.node_info.root_user:

            if not self.install_service():
                return False

            self.node_info.restorecon('/etc/silentdune')

            if not os.path.isdir('/var/run/silentdune'):
                os.makedirs('/var/run/silentdune')

            self.node_info.restorecon('/var/run/silentdune')

        return True
    def __init__(self, args, modules, node_info):

        self.__modules = modules
        self.args = args
        self.node_info = node_info
        self.__config = ClientConfiguration()
class Installer(ConsoleBase):

    # Modules dictionary list
    __modules = None
    __config = None

    # parser args
    args = None
    bad_arg = False

    node_info = None

    previous_firewall_service = None

    # Location of the installed service unit or script file.
    service_out_file = None

    def __init__(self, args, modules, node_info):

        self.__modules = modules
        self.args = args
        self.node_info = node_info
        self.__config = ClientConfiguration()

    def write_config(self):
        """
        Loop through the modules to set their configuration file items and then save the configuration.
        """

        for mod in self.__modules:
            result = mod.prepare_config(self.__config)

            if result is False:  # If prepare_config() returns None, we just want to continue.
                _logger.error('Preparing configuration file items failed in module {0}.'.format(mod.get_name()))
                return False

        # Write the configuration file out.
        return self.__config.write_config()

    def install_service(self):
        """
        Based on everything we know, lets install the init service.
        :return: True if successful, otherwise False.
        """

        self.cwrite('Installing firewall service...')

        # Figure out our path
        base_path = os.path.split(os.path.realpath(__file__))[0]

        systemd_in_file = os.path.join(base_path, 'init/sdc-firewall.service.in')
        init_in_file = os.path.join(base_path, 'init/sdc-firewall.init.in')

        # Check and make sure we can find the init scripts.
        if not os.path.exists(systemd_in_file) or \
                not os.path.exists(init_in_file):
            _logger.critical('Unable to find init service files.')
            return False

        firewall_exec = which('sdc-firewall')

        if not firewall_exec:
            self.cwriteline('[Error]', 'Unable to locate our firewall executable.')
            return False

        # Install systemd service file.
        if self.node_info.sysd_installed:

            path = None

            # TODO: Need to look for selinux and apply a service policy module before saving to system locations.
            #
            # # Determine systemd service unit install directory.
            # if os.path.exists('/usr/lib/systemd/system/'):  # Redhat based
            #     path = '/usr/lib/systemd/system/'
            # elif os.path.exists('/lib/systemd/system/'):  # Ubuntu based
            #     path = '/lib/systemd/system/'
            # elif os.path.exists('/etc/systemd/system/'):  # Last resort location
            #     path = '/etc/systemd/system/'

            # Just save to the systemd user defined location until we get a selinux serivce policy built.
            if os.path.exists('/etc/systemd/system/'):
                path = '/etc/systemd/system/'

            if not path:
                self.cwriteline('[Error]', 'Unable to locate systemd service unit path.')
                return False

            self.service_out_file = os.path.join(path, 'sdc-firewall.service')

            # shutil.copy(systemd_in_file, self.service_out_file)

            # Replace key words with local file locations.
            sed_args = 's/%%KILL%%/{0}/g;s/%%SDC-FIREWALL%%/{1}/g'.format(
                self.node_info.kill.replace('/', '\/'),
                firewall_exec.replace('/', '\/')
            )

            args = [self.node_info.sed, sed_args, systemd_in_file]

            try:
                _logger.debug('Saving systemd service file to {0}'.format(self.service_out_file))
                with open(self.service_out_file, 'w') as handle:
                    subprocess.call(args, stdout=handle)
            except CalledProcessError:
                _logger.error('Unable to copy systemd service file to system location.')
                return False

            # Set file permissions.
            os.chmod(self.service_out_file, 0o644)

            # Enable and start service
            if not self.node_info.enable_service('sdc-firewall'):
                self.cwriteline('[Error]', 'Firewall service failed to enable.')
                return False

            if not self.node_info.start_service('sdc-firewall'):
                self.cwriteline('[Error]', 'Firewall service failed to start.')
                return False

        if self.node_info.sysv_installed:
            # TODO: Write the sysv service install code.
            # Just save to the systemd user defined location until we get a selinux serivce policy built.
            if os.path.exists('/etc/systemd/system/'):
                path = '/etc/systemd/system/'
            pass

            # http://askubuntu.com/questions/2263/chkconfig-alternative-for-ubuntu-server

        self.cwriteline('[OK]', 'Firewall service installed and started.')

        return True

    def remove_service(self):

        # Remove the systemd service file.
        if self.node_info.sysd_installed:

            if self.node_info.is_service_running('sdc-firewall'):
                if not self.node_info.stop_service('sdc-firewall'):
                    _logger.debug('Firewall service failed to stop.')

                if not self.node_info.disable_service('sdc-firewall'):
                    _logger.debug('Unable to disable firewall service.')

            if os.path.exists(self.service_out_file):
                os.remove(self.service_out_file)

        if self.node_info.sysv_installed:
            # TODO: Write the sysv service removal code.
            pass

        self.cwriteline('[OK]', 'Firewall service removed.')

    def disable_previous_firewall(self):
        """
        Disable the previous firewall service.
        :return: True if successful, otherwise False.
        """

        if not self.node_info.previous_firewall_service:
            return True

        # Check to see if the previous firewall service is running.
        if not is_process_running(self.node_info.previous_firewall_service):
            _logger.info('The current firewall service does not seem to be running.')
            return True

        self.cwrite('Stopping the current firewall service...')

        # Stop and Disable the previous firewall service.
        if not self.node_info.stop_service(self.node_info.previous_firewall_service):
            self.cwriteline('[Error]', 'Unable to stop the current firewall service.')
            return False

        self.cwriteline('[OK]', 'Successfully stopped the current firewall service.')

        self.cwrite('Disabling the current firewall service...')

        if not self.node_info.disable_service(self.node_info.previous_firewall_service):
            self.cwriteline('[Error]', 'Unable to disable the current firewall service.')
            return False

        self.cwriteline('[OK]', 'Successfully disabled the current firewall service.')

        return True

    def clean_up(self):
        """
        Use this method to clean up after a failed install
        """
        self.cwrite('Cleaning up...')
        return

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # Remove our firewall service.
            self.remove_service()

            # Remove the directories the daemon process uses.
            self.__config.delete_directories()
            _logger.debug('Removed daemon process directories.')

            # Remove the system user the daemon process uses.
            self.__config.delete_user()
            _logger.debug('Removed daemon process system user.')

            # Check to see if the previous firewall service is running or not
            if self.node_info.previous_firewall_service:
                if not is_process_running(self.node_info.previous_firewall_service):
                    self.node_info.enable_service(self.node_info.previous_firewall_service)
                    self.node_info.start_service(self.node_info.previous_firewall_service)

            # if we are running as root, delete the configuration directory
            if self.node_info.config_root is not None \
                    and os.path.exists(self.node_info.config_root) \
                    and os.path.realpath(self.node_info.config_root) != '/':
                rmdir(self.node_info.config_root)

        self.cwriteline('[OK]', 'Finished cleaning up.')

    def start_install(self):
        """
        Begin installing the Silent Dune Client.
        """

        # If this node is running systemd, remove the pidfile setting.
        if self.node_info.sysd_installed:
            self.__config.delete('settings', 'pidfile')

        # Check to see that the NodeInformation information gathering was successful.
        if self.node_info.error:
            _logger.error('Gathering information about this node failed.')
            return False

        # See if we haven't determined the configuration root directory.
        if not self.node_info.config_root:
            _logger.error('Error determining the configuration root directory.')
            return False

        if self.node_info.previous_firewall_service == 'sdc-firewall':
            self.cwriteline('[Error]', 'Silent Dune firewall service is already running, please uninstall first.')
            return False

        #
        # Have each module do their pre install work now.
        #
        for mod in self.__modules:
            result = mod.pre_install()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # # Create the daemon process user
            # if not self.__config.create_service_user():
            #     return False

            # Create the directories the daemon process uses.
            if not self.__config.create_directories():
                return False

        #
        # Have each module do their install work now.
        #
        for mod in self.__modules:
            result = mod.install_module()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # Disable the current firewall service
            if self.node_info.previous_firewall_service:
                if not self.disable_previous_firewall():
                    return False

        if not self.write_config():
            return False

        # Have each module do their post install work now.
        for mod in self.__modules:
            result = mod.post_install()
            if result is not None and result is False:
                return False

        # Finally install and start the firewalls service.
        if self.node_info.root_user:

            if not self.install_service():
                return False

        return True
Example #9
0
class Installer(ConsoleBase):

    # Modules dictionary list
    __modules = None
    __config = None

    # parser args
    args = None
    bad_arg = False

    node_info = None

    previous_firewall_service = None

    # Location of the installed service unit or script file.
    service_out_file = None

    def __init__(self, args, modules, node_info):

        self.__modules = modules
        self.args = args
        self.node_info = node_info
        self.__config = ClientConfiguration()

    def write_config(self):
        """
        Loop through the modules to set their configuration file items and then save the configuration.
        """

        for mod in self.__modules:
            result = mod.prepare_config(self.__config)

            if result is False:  # If prepare_config() returns None, we just want to continue.
                _logger.error('Preparing configuration file items failed in module {0}.'.format(mod.get_name()))
                return False

        # Write the configuration file out.
        return self.__config.write_config()

    def install_service(self):
        """
        Based on everything we know, lets install the init service.
        :return: True if successful, otherwise False.
        """

        self.cwrite('Configuring Silent Dune firewall service...')

        # Figure out our path
        base_path = os.path.split(os.path.realpath(__file__))[0]

        systemd_in_file = os.path.join(base_path, 'init/sdc-firewall.systemd.in')
        init_in_file = os.path.join(base_path, 'init/sdc-firewall.sysv.in')

        # Check and make sure we can find the init scripts.
        if not os.path.exists(systemd_in_file) or \
                not os.path.exists(init_in_file):
            _logger.critical('Unable to find init service files.')
            return False

        firewall_exec = which('sdc-firewall')

        if not firewall_exec:
            self.cwriteline('[Error]', 'Unable to locate our firewall executable.')
            return False

        # Install systemd service file.
        if self.node_info.sysd_installed:

            path = None

            # Determine systemd service unit install directory.
            if os.path.exists('/usr/lib/systemd/system/'):  # Redhat based
                path = '/usr/lib/systemd/system/'
            elif os.path.exists('/lib/systemd/system/'):  # Ubuntu based
                path = '/lib/systemd/system/'
            elif os.path.exists('/etc/systemd/system/'):  # Last resort location
                path = '/etc/systemd/system/'

            if not path:
                self.cwriteline('[Error]', 'Unable to locate systemd service unit path.')
                return False

            self.service_out_file = os.path.join(path, 'sdc-firewall.service')

            # See if we need to copy the service unit file to the destination
            if not os.path.isfile(self.service_out_file):
                shutil.copy(systemd_in_file, self.service_out_file)
                os.chmod(self.service_out_file, 0o644)

        if self.node_info.sysv_installed:

            # http://askubuntu.com/questions/2263/chkconfig-alternative-for-ubuntu-server
            path = '/etc/init.d/'
            self.service_out_file = os.path.join(path, 'sdc-firewall')

            # See if we need to copy the service unit file to the destination
            if not os.path.isfile(self.service_out_file):
                shutil.copy(init_in_file, self.service_out_file)
                os.chmod(self.service_out_file, 0o755)

        # Enable service
        # if not self.node_info.enable_service('sdc-firewall'):
        #    self.cwriteline('[Error]', 'Firewall service failed to enable.')
        #    return False

        # Start service
        # if not self.node_info.start_service('sdc-firewall'):
        #     self.cwriteline('[Error]', 'Firewall service failed to start.')
        #     return False

        self.cwriteline('      [OK]', 'Firewall service installed. Please start "sdc-firewall" service now.')

        return True

    def remove_service(self):

        # Remove the systemd service file.
        if self.node_info.sysd_installed:

            if is_service_running('sdc-firewall'):
                if not self.node_info.stop_service('sdc-firewall'):
                    _logger.debug('Firewall service failed to stop.')

                if not self.node_info.disable_service('sdc-firewall'):
                    _logger.debug('Unable to disable firewall service.')

            if os.path.exists(self.service_out_file):
                os.remove(self.service_out_file)

        if self.node_info.sysv_installed:
            # TODO: Write the sysv service removal code.
            pass

        self.cwriteline('[OK]', 'Firewall service removed.')

    def disable_previous_firewall(self):
        """
        Disable the previous firewall service.
        :return: True if successful, otherwise False.
        """

        if not self.node_info.previous_firewall_service or self.node_info.previous_firewall_service == 'sdc-firewall':
            return True

        # Check to see if the previous firewall service is running.
        if not is_service_running(self.node_info.previous_firewall_service):
            _logger.info('The current firewall service does not seem to be running.')
            return True

        self.cwrite('Stopping the current firewall service...')

        # Stop and Disable the previous firewall service.
        if not self.node_info.stop_service(self.node_info.previous_firewall_service):
            self.cwriteline('[Error]', 'Unable to stop the current firewall service.')
            return False

        self.cwriteline('[OK]', 'Successfully stopped the current firewall service.')

        self.cwrite('Disabling the current firewall service...')

        if not self.node_info.disable_service(self.node_info.previous_firewall_service):
            self.cwriteline('[Error]', 'Unable to disable the current firewall service.')
            return False

        self.cwriteline('[OK]', 'Successfully disabled the current firewall service.')

        return True

    def clean_up(self):
        """
        Use this method to clean up after a failed install
        """
        self.cwrite('Cleaning up...')

        # # The following code can only run if we are running under privileged account.
        # if self.node_info.root_user:
        #
        #     # Remove our firewall service.
        #     self.remove_service()
        #
        #     # Remove the directories the daemon process uses.
        #     self.__config.delete_directories()
        #     _logger.debug('Removed daemon process directories.')
        #
        #     # Remove the system user the daemon process uses.
        #     self.__config.delete_user()
        #     _logger.debug('Removed daemon process system user.')
        #
        #     # Check to see if the previous firewall service is running or not
        #     if self.node_info.previous_firewall_service:
        #         if not is_service_running(self.node_info.previous_firewall_service):
        #             self.node_info.enable_service(self.node_info.previous_firewall_service)
        #             self.node_info.start_service(self.node_info.previous_firewall_service)
        #
        #     # if we are running as root, delete the configuration directory
        #     if self.node_info.config_root is not None \
        #             and os.path.exists(self.node_info.config_root) \
        #             and os.path.realpath(self.node_info.config_root) != '/':
        #         rmdir(self.node_info.config_root)

        self.cwriteline('[OK]', 'Finished cleaning up.')

    def start_install(self):
        """
        Begin installing the Silent Dune Client.
        """

        # If this node is running systemd, remove the pidfile setting.
        if self.node_info.sysd_installed:
            self.__config.delete('settings', 'pidfile')

        # Check to see that the NodeInformation information gathering was successful.
        if self.node_info.error:
            _logger.error('Gathering information about this node failed.')
            return False

        # See if we haven't determined the configuration root directory.
        if not self.node_info.config_root:
            _logger.error('Error determining the configuration root directory.')
            return False

        # if self.node_info.previous_firewall_service == 'sdc-firewall':
        #     self.cwriteline('[Error]', 'Silent Dune firewall service is already running, please uninstall first.')
        #     return False

        #
        # Have each module do their pre install work now.
        #
        for mod in self.__modules:
            result = mod.pre_install()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # # Create the daemon process user
            # if not self.__config.create_service_user():
            #     return False

            # Create the directories the daemon process uses.
            if not self.__config.create_directories():
                return False

        #
        # Have each module do their install work now.
        #
        for mod in self.__modules:
            result = mod.install_module()
            if result is not None and result is False:
                return False

        # The following code can only run if we are running under privileged account.
        if self.node_info.root_user:

            # Disable the current firewall service
            if self.node_info.previous_firewall_service:
                if not self.disable_previous_firewall():
                    return False

        if not self.write_config():
            return False

        # Have each module do their post install work now.
        for mod in self.__modules:
            result = mod.post_install()
            if result is not None and result is False:
                return False

        # Finally install the firewall service.
        if self.node_info.root_user:

            if not self.install_service():
                return False

            self.node_info.restorecon('/etc/silentdune')

            if not os.path.isdir('/var/run/silentdune'):
                os.makedirs('/var/run/silentdune')

            self.node_info.restorecon('/var/run/silentdune')

        return True