Exemple #1
0
    def _check_config(self, nodes, installed, list_scripts):
        results = cmdresult.CmdResult()

        nodetmpdirs = [(node,
                        os.path.join(self.config.tmpdir,
                                     "check-config-%s" % node.name))
                       for node in nodes]

        nodes = []
        for (node, cwd) in nodetmpdirs:
            if os.path.isdir(cwd):
                try:
                    shutil.rmtree(cwd)
                except OSError as err:
                    self.ui.error("cannot remove directory: %s" % err)
                    results.ok = False
                    return results

            try:
                os.makedirs(cwd)
            except OSError as err:
                self.ui.error("cannot create temporary directory: %s" % err)
                results.ok = False
                return results

            nodes += [(node, cwd)]

        cmds = []
        for (node, cwd) in nodes:

            env = _make_env_params(node)

            installed_policies = installed and "1" or "0"
            print_scripts = list_scripts and "1" or "0"

            install.make_layout(cwd, self.ui, True)
            if not install.make_local_networks(cwd, self.ui, True):
                results.ok = False
                return results

            install.make_broctl_config_policy(cwd, self.ui, True)

            cmd = os.path.join(
                self.config.scriptsdir, "check-config") + " %s %s %s %s" % (
                    installed_policies, print_scripts, cwd, " ".join(
                        _make_bro_params(node, False)))
            cmd += " broctl/check"

            cmds += [((node, cwd), cmd, env, None)]

        for ((node, cwd), success, output) in execute.run_localcmds(cmds):
            results.set_node_output(node, success, output)
            shutil.rmtree(cwd)

        return results
Exemple #2
0
    def _check_config(self, nodes, installed, list_scripts):
        results = cmdresult.CmdResult()

        nodetmpdirs = [(node, os.path.join(self.config.tmpdir, "check-config-%s" % node.name)) for node in nodes]

        nodes = []
        for (node, cwd) in nodetmpdirs:
            if os.path.isdir(cwd):
                try:
                    shutil.rmtree(cwd)
                except OSError as err:
                    self.ui.error("cannot remove directory: %s" % err)
                    results.ok = False
                    return results

            try:
                os.makedirs(cwd)
            except OSError as err:
                self.ui.error("cannot create temporary directory: %s" % err)
                results.ok = False
                return results

            nodes += [(node, cwd)]

        cmds = []
        for (node, cwd) in nodes:

            env = _make_env_params(node)

            installed_policies = installed and "1" or "0"
            print_scripts = list_scripts and "1" or "0"

            install.make_layout(cwd, self.ui, True)
            if not install.make_local_networks(cwd, self.ui, True):
                results.ok = False
                return results

            install.make_broctl_config_policy(cwd, self.ui, True)

            cmd = os.path.join(self.config.scriptsdir, "check-config") + " %s %s %s %s" % (installed_policies, print_scripts, cwd, " ".join(_make_bro_params(node, False)))
            cmd += " broctl/check"

            cmds += [((node, cwd), cmd, env, None)]

        for ((node, cwd), success, output) in execute.run_localcmds(cmds):
            results.set_node_output(node, success, output)
            shutil.rmtree(cwd)

        return results
Exemple #3
0
    def install(self, local_only):
        results = cmdresult.CmdResult()

        try:
            self.config.record_bro_version()
        except config.ConfigurationError as err:
            self.ui.error("%s" % err)
            results.ok = False
            return results

        manager = self.config.manager()

        # Delete previously installed policy files to not mix things up.
        policies = [self.config.policydirsiteinstall, self.config.policydirsiteinstallauto]

        for dirpath in policies:
            if os.path.isdir(dirpath):
                self.ui.info("removing old policies in %s ..." % dirpath)
                try:
                    shutil.rmtree(dirpath)
                except OSError as err:
                    self.ui.error("failed to remove directory: %s" % err)
                    results.ok = False
                    return results

        self.ui.info("creating policy directories ...")
        for dirpath in policies:
            try:
                os.makedirs(dirpath)
            except OSError as err:
                self.ui.error("failed to create directory: %s" % err)
                results.ok = False
                return results

        # Install local site policy.

        if self.config.sitepolicypath:
            self.ui.info("installing site policies ...")
            dst = self.config.policydirsiteinstall
            for dir in self.config.sitepolicypath.split(":"):
                dirpath = self.config.subst(dir)
                for pathname in glob.glob(os.path.join(dirpath, "*")):
                    if not execute.install(pathname, dst, self.ui):
                        results.ok = False
                        return results

        install.make_layout(self.config.policydirsiteinstallauto, self.ui)

        self.ui.info("generating local-networks.bro ...")
        if not install.make_local_networks(self.config.policydirsiteinstallauto, self.ui):
            results.ok = False
            return results

        self.ui.info("generating broctl-config.bro ...")
        install.make_broctl_config_policy(self.config.policydirsiteinstallauto, self.ui)

        current = self.config.subst(os.path.join(self.config.logdir, "current"))
        try:
            util.force_symlink(manager.cwd(), current)
        except (IOError, OSError) as err:
            results.ok = False
            self.ui.error("failed to update symlink '%s': %s" % (current, err))
            return results

        self.ui.info("generating broctl-config.sh ...")
        if not install.make_broctl_config_sh(self.ui):
            results.ok = False
            return results

        if local_only:
            return results

        # Make sure we install each remote host only once.
        nodes = self.config.hosts(nolocal=True)

        # If there are no remote hosts, then we're done.
        if not nodes:
            # Save current configuration state.
            self.config.update_cfg_hash()
            return results

        # Sync to clients.
        self.ui.info("updating nodes ...")

        dirs = []

        if not self.config.havenfs:
            # Non-NFS, need to explicitly synchronize.
            syncs = install.get_syncs()
        else:
            # NFS. We only need to take care of the spool/log directories.

            # We need this only on the manager.
            dirs.append((manager, self.config.logdir))

            syncs = install.get_nfssyncs()

        createdirs = [self.config.subst(dir) for (dir, mirror) in syncs if not mirror]
        for n in nodes:
            for dir in createdirs:
                dirs.append((n, dir))

        for (node, success, output) in self.executor.mkdirs(dirs):
            if not success:
                self.ui.error("cannot create a directory on node %s" % node.name)
                self.ui.error("\n".join(output))
                results.ok = False
                return results

        paths = [self.config.subst(dir) for (dir, mirror) in syncs if mirror]
        if not execute.sync(nodes, paths, self.ui):
            results.ok = False
            return results

        # Save current configuration state.
        self.config.update_cfg_hash()

        return results
Exemple #4
0
    def install(self, local_only):
        results = cmdresult.CmdResult()

        try:
            self.config.record_bro_version()
        except config.ConfigurationError as err:
            self.ui.error("%s" % err)
            results.ok = False
            return results

        manager = self.config.manager()

        # Delete previously installed policy files to not mix things up.
        policies = [
            self.config.policydirsiteinstall,
            self.config.policydirsiteinstallauto
        ]

        for dirpath in policies:
            if os.path.isdir(dirpath):
                self.ui.info("removing old policies in %s ..." % dirpath)
                try:
                    shutil.rmtree(dirpath)
                except OSError as err:
                    self.ui.error("failed to remove directory: %s" % err)
                    results.ok = False
                    return results

        self.ui.info("creating policy directories ...")
        for dirpath in policies:
            try:
                os.makedirs(dirpath)
            except OSError as err:
                self.ui.error("failed to create directory: %s" % err)
                results.ok = False
                return results

        # Install local site policy.

        if self.config.sitepolicypath:
            self.ui.info("installing site policies ...")
            dst = self.config.policydirsiteinstall
            for dir in self.config.sitepolicypath.split(":"):
                dirpath = self.config.subst(dir)
                for pathname in glob.glob(os.path.join(dirpath, "*")):
                    if not execute.install(pathname, dst, self.ui):
                        results.ok = False
                        return results

        install.make_layout(self.config.policydirsiteinstallauto, self.ui)

        self.ui.info("generating local-networks.bro ...")
        if not install.make_local_networks(
                self.config.policydirsiteinstallauto, self.ui):
            results.ok = False
            return results

        self.ui.info("generating broctl-config.bro ...")
        install.make_broctl_config_policy(self.config.policydirsiteinstallauto,
                                          self.ui)

        current = self.config.subst(os.path.join(self.config.logdir,
                                                 "current"))
        try:
            util.force_symlink(manager.cwd(), current)
        except (IOError, OSError) as err:
            results.ok = False
            self.ui.error("failed to update symlink '%s': %s" % (current, err))
            return results

        self.ui.info("generating broctl-config.sh ...")
        if not install.make_broctl_config_sh(self.ui):
            results.ok = False
            return results

        if local_only:
            return results

        # Make sure we install each remote host only once.
        nodes = self.config.hosts(nolocal=True)

        # If there are no remote hosts, then we're done.
        if not nodes:
            # Save current configuration state.
            self.config.update_cfg_hash()
            return results

        # Sync to clients.
        self.ui.info("updating nodes ...")

        dirs = []

        if not self.config.havenfs:
            # Non-NFS, need to explicitly synchronize.
            syncs = install.get_syncs()
        else:
            # NFS. We only need to take care of the spool/log directories.

            # We need this only on the manager.
            dirs.append((manager, self.config.logdir))

            syncs = install.get_nfssyncs()

        createdirs = [
            self.config.subst(dir) for (dir, mirror) in syncs if not mirror
        ]
        for n in nodes:
            for dir in createdirs:
                dirs.append((n, dir))

        for (node, success, output) in self.executor.mkdirs(dirs):
            if not success:
                self.ui.error("cannot create a directory on node %s" %
                              node.name)
                self.ui.error("\n".join(output))
                results.ok = False
                return results

        paths = [self.config.subst(dir) for (dir, mirror) in syncs if mirror]
        if not execute.sync(nodes, paths, self.ui):
            results.ok = False
            return results

        # Save current configuration state.
        self.config.update_cfg_hash()

        return results