def test_configure_ossec_alert_threshold_change(self): conf1 = config.AgentConfig([]) def check_version(conf): unsupported_platform_version = [("ubuntu", "10.04"), ("debian", "6.0")] for p, v in unsupported_platform_version: if conf.platform_name == p and conf.platform_version.startswith( v): return True return False if check_version(conf1): return conf_args = [ "-c", "Amazon", "-u", "http://doesntmatter.org/ws", "-p", self.test_base_path, "-C", "ws", "--intrusion-detection-ossec", "true", "--ids-alert-threshold", "5" ] rc = configure.main(conf_args) self.assertEqual(rc, 0, msg="Failed for " + conf1.platform_name + " : " + conf1.platform_version) conf = config.AgentConfig( [os.path.join(self.test_base_path, "etc/agent.conf")]) self.assertTrue(conf.intrusion_detection_ossec) self.assertEqual(conf.intrusion_detection_alert_threshold, 5)
def setUp(self): logger.clear_dcm_logging() test_conf_path = test_utils.get_conf_file() self.conf_obj = config.AgentConfig([test_conf_path]) self.test_base_path = tempfile.mkdtemp() self.db_path = os.path.join(self.test_base_path, "agentdb.db") self.db = persistence.SQLiteAgentDB(self.db_path)
def guess_default_cloud(conf_d): (h, cloud_name) = conf_d["cloud"]["type"] if cloud_name != cloudmetadata.CLOUD_TYPES.UNKNOWN: return conf = config.AgentConfig([]) name = cloudmetadata.guess_effective_cloud(conf) if name is None: raise Exception("Cloud %s is not a known type." % cloud_name) print("The detected cloud is " + name) conf_d["cloud"]["type"] = (h, name)
def test_install_extras_passes_with_good_return_code( self, extras_installed_cmd, mock_http_get_to_file): extras_installed_cmd.return_value = False mock_http_get_to_file.return_value = False config_files = config.get_config_files() conf = config.AgentConfig(config_files) conf.extra_location = "fake" with patch('dcm.agent.utils.run_command') as mock_run_cmd: mock_run_cmd.return_value = ('stdout', 'stderr', 0) result = agent_utils.install_extras(conf) self.assertTrue(result)
def test_get_conf_files(self): conf = config.AgentConfig([self.conf_path]) hs = handshake.HandshakeManager(conf, mock.Mock()) handshake_doc = hs.get_send_document() features = handshake_doc['features'] self.assertIsNotNone(features['plugins']) self.assertIn("add_user", features['plugins']) self.assertIn("hello", features) self.assertIn("test", features) self.assertEqual(features["hello"], "world") self.assertEqual(features["test"], '2')
def test_install_extras_fails_with_bad_return_code(self, extras_installed_cmd, mock_http_get_to_file): extras_installed_cmd.return_value = False mock_http_get_to_file.return_value = False config_files = config.get_config_files() conf = config.AgentConfig(config_files) conf.extra_location = "fake" conf_args = [conf] with patch('dcm.agent.utils.run_command') as mock_run_cmd: mock_run_cmd.return_value = ('stdout', 'stderr', 1) self.assertRaises(Exception, agent_utils.install_extras, conf_args)
def setUp(self): self.test_conf_path = \ os.path.join(self.test_base_path, "etc", "agent.conf") self.conf_obj = config.AgentConfig([self.test_conf_path]) self.svc = service.DCMAgent(self.conf_obj) self._event = threading.Event() utils.verify_config_file(self.conf_obj) # script_dir must be forced to None so that we get the built in dir self.svc.pre_threads() self.conf_obj.start_job_runner() self.disp = dispatcher.Dispatcher(self.conf_obj) self.req_conn = test_conn.RequestConnection() self.reply_conn = test_conn.ReplyConnection() self.db = persistence.SQLiteAgentDB( os.path.join(self.test_base_path, "etc", "agentdb.sql")) self.request_listener = reply.RequestListener(self.conf_obj, self.reply_conn, self.disp, self.db) observers = self.request_listener.get_reply_observers() observers.append(self) self.req_conn.set_request_listener(self.request_listener) self.agent_id = "theAgentID" + str(uuid.uuid4()) self.customer_id = 50 handshake_doc = {} handshake_doc["version"] = "1" handshake_doc["agentID"] = self.agent_id handshake_doc["cloudId"] = "Amazon" handshake_doc["customerId"] = self.customer_id handshake_doc["regionId"] = None handshake_doc["zoneId"] = "rack2" handshake_doc["serverId"] = "thisServer" handshake_doc["serverName"] = "dcm.testagent.com" handshake_doc["ephemeralFileSystem"] = "/tmp" handshake_doc["encryptedEphemeralFsKey"] = "DEADBEAF" self.svc.conn = self.reply_conn self.svc.disp = self.disp self.svc.request_listener = self.request_listener self.svc.handshaker.incoming_document({ "handshake": handshake_doc, "return_code": 200 }) self.disp.start_workers(self.request_listener)
def test_connection_backoff(self): test_base = self._write_conf() agent_conf_path = os.path.join(test_base, "etc", "agent.conf") conf = config.AgentConfig([agent_conf_path]) conf.connection_max_backoff = 200 conf.connection_backoff = 200 test_run_time = 5000 expected_connections = test_run_time / conf.connection_max_backoff serversocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) serversocket.listen(100) _, port = serversocket.getsockname() conf.connection_agentmanager_url = "ws://127.0.0.1:%d/ws" % port agent = service.DCMAgent(conf) conf.start_job_runner() def _run_agent(agent): agent.run_agent() t1 = threading.Thread(target=_run_agent, args=(agent,)) t1.start() # run for time after the first connect. that way we know it is up try: print("getting the first one") (clientsocket, address) = serversocket.accept() clientsocket.close() print("got it") connect_count = 0 now = datetime.datetime.now() end_time = now + datetime.timedelta(seconds=test_run_time/1000) while now < end_time: print("waiting to connect " + str(now)) (clientsocket, address) = serversocket.accept() clientsocket.close() connect_count += 1 now = datetime.datetime.now() print("connected " + str(now)) finally: serversocket.close() agent.shutdown_main_loop() t1.join() self.assertTrue(expected_connections * .9 - 1 < connect_count < expected_connections * 1.1 + 1, "connect_count is %d, expected %d" % (connect_count, expected_connections))
def setUpClass(cls): basedir = os.path.dirname((os.path.dirname(__file__))) cls.test_conf_path = \ os.path.join(basedir, "etc", "agent.conf") cls.conf_obj = config.AgentConfig([cls.test_conf_path]) if test_utils.S3_ACCESS_KEY_ENV not in os.environ\ or test_utils.S3_SECRET_KEY_ENV not in os.environ: return cls.bucket_name = "agentfetchtest" + str(uuid.uuid4()).split("-")[0] cls.conn = boto.connect_s3(os.environ[test_utils.S3_ACCESS_KEY_ENV], os.environ[test_utils.S3_SECRET_KEY_ENV]) cls.bucket = cls.conn.create_bucket(cls.bucket_name)
def setUpClass(cls): test_utils.connect_to_debugger() cls.run_as_user = getpass.getuser() cls.test_base_path = tempfile.mkdtemp() conf_args = [ "-c", "Amazon", "-u", "http://doesntmatter.org/ws", "-p", cls.test_base_path, "-t", os.path.join(cls.test_base_path, "tmp"), "-C", "success_tester", "-U", cls.run_as_user, "-l", "/tmp/agent_test_log.log" ] rc = configure.main(conf_args) if rc != 0: raise Exception("We could not configure the test env") cls.test_conf_path = \ os.path.join(cls.test_base_path, "etc", "agent.conf") cls.conf = config.AgentConfig([cls.test_conf_path]) cls.conf.start_job_runner()
def clean_agent_files(opts, tar): console_output(opts, 2, "Cleaning the agent files.") files_to_clean = ['/var/lib/waagent/provisioned', '/tmp/boot.log', '/tmp/agent_info.tar.gz', '/tmp/meta_info.txt', '/tmp/process_info.txt', '/tmp/startup_script.txt', '/tmp/error.log', '/tmp/installer.sh'] conf = config.AgentConfig(config.get_config_files()) log_dir = os.path.join(conf.storage_base_dir, "logs") if not opts.agent_running: clean_agent_logs(opts, tar, log_dir) files_to_clean.append(conf.storage_dbfile) for f in files_to_clean: if os.path.exists(f): secure_delete(opts, tar, f)
def start_main_service(cli_args): agent = None try: config_files = config.get_config_files(conffile=cli_args.conffile) conf = config.AgentConfig(config_files) agent = DCMAgent(conf) if cli_args.version: print("Version %s" % dcm.agent.g_version) return 0 agent.pre_threads() if cli_args.report: utils._g_logger.disabled = True cm._g_logger.disabled = True config._g_logger.disabled = True agent.g_logger.disabled = True _gather_info(conf) return 0 utils.verify_config_file(conf) conf.start_job_runner() agent.run_agent() except exceptions.AgentOptionException as aoex: console_log( cli_args, 0, "The agent is not configured properly. " "please check the config file.") console_log(cli_args, 0, str(aoex)) if agent: agent.shutdown_main_loop() if getattr(cli_args, "verbose", 0) > 2: raise except Exception: _g_logger = logging.getLogger(__name__) console_log(cli_args, 0, "Shutting down due to a top level exception") _g_logger.exception("An unknown exception bubbled to the top") if agent: agent.shutdown_main_loop() raise return 0
def setUp(self): self.db = persistence.SQLiteAgentDB(":memory:") self.conf = config.AgentConfig([])
def setUpClass(cls): test_utils.connect_to_debugger() cls.conf = config.AgentConfig([])
def main(argv=sys.argv[1:]): parser = setup_command_line_parser() opts = parser.parse_args(args=argv) opts.loglevel = opts.loglevel.upper() if opts.loglevel not in ["ERROR", "WARN", "INFO", "DEBUG"]: print("WARNING: %s is an invalid log level. Using INFO" % opts.loglevel) opts.loglevel = "INFO" opts.intrusion_detection_ossec = opts.intrusion_detection_ossec.lower() opts.intrusion_detection_ossec =\ opts.intrusion_detection_ossec in ['y', 'yes', 't', 'true'] conf_d = gather_values(opts) if not opts.initial: guess_default_cloud(conf_d) do_interactive(opts, conf_d) normalize_cloud_name(conf_d) pick_meta_data(conf_d) validate_cacerts(conf_d) # before writing anything make sure that all the needed values are # set if not opts.initial: if not conf_d["system"]["user"]: raise Exception("You must set the user name that will run " "this service.") if not conf_d["storage"]["base_dir"]: raise Exception("You must set the base dir for this service " "installation.") try: make_dirs(conf_d) (_, base_dir) = conf_d["storage"]["base_dir"] if not opts.reload: copy_scripts(conf_d) do_plugin_conf(conf_d) do_logging_conf(conf_d, opts) else: if not os.path.isfile(os.path.join(base_dir, "etc", "plugin.conf")) or opts.rewrite_logging_plugin: do_plugin_conf(conf_d) if not os.path.isfile(os.path.join(base_dir, "etc", "logging.yaml")) or opts.rewrite_logging_plugin: do_logging_conf(conf_d, opts) cleanup_previous_install(conf_d) conf_file_name = os.path.join(base_dir, "etc", "agent.conf") write_conf_file(conf_file_name, conf_d) do_set_owner_and_perms(conf_d) if not opts.initial: enable_start_agent(opts) conf = config.AgentConfig([conf_file_name]) if opts.install_extras: if opts.package_name: agent_utils.install_extras(conf, package=opts.package_name) else: agent_utils.install_extras(conf) if opts.intrusion_detection_ossec and not agent_utils.ossec_installed(conf): # call out to install ossec agent_utils.install_ossec(conf) except Exception as ex: print(str(ex), file=sys.stderr) if opts.verbose: raise return 1 return 0
def setUpClass(cls): basedir = os.path.dirname((os.path.dirname(__file__))) cls.test_conf_path = \ os.path.join(basedir, "etc", "agent.conf") cls.conf_obj = config.AgentConfig([cls.test_conf_path])
def get_status(cli_args): config_files = config.get_config_files(conffile=cli_args.conffile) conf = config.AgentConfig(config_files) db_obj = messaging.persistence.SQLiteAgentDB(conf.storage_dbfile) complete = db_obj.get_all_complete() replied = db_obj.get_all_reply() rejected = db_obj.get_all_rejected() acked = db_obj.get_all_ack() reply_nacked = db_obj.get_all_reply_nacked() status = "UNKNOWN" color_func = clint.textui.colored.yellow def _check_command(cmd): try: payload_doc = request_doc['payload'] command = payload_doc['command'] if command == cmd: return True except: pass return False for r in complete: request_doc = json.loads(r.request_doc) if _check_command("initialize"): status = "INITIALIZED" color_func = clint.textui.colored.green for r in acked: request_doc = json.loads(r.request_doc) if _check_command("initialize"): status = "INITIALIZING" color_func = clint.textui.colored.green for r in replied: request_doc = json.loads(r.request_doc) if _check_command("initialize"): status = "INITIALIZING" color_func = clint.textui.colored.green for r in reply_nacked: request_doc = json.loads(r.request_doc) if _check_command("initialize"): status = "UNKNOWN INITIALIZATION STATE" color_func = clint.textui.colored.red for r in rejected: request_doc = json.loads(r.request_doc) if _check_command("initialize"): status = "INITIALIZATION REJECTED" color_func = clint.textui.colored.red clint.textui.puts(color_func(status)) complete = db_obj.get_all_complete() replied = db_obj.get_all_reply() rejected = db_obj.get_all_rejected() acked = db_obj.get_all_ack() reply_nacked = db_obj.get_all_reply_nacked() label_col_width = 30 vals = [(complete, "Commands processed: "), (rejected, "Commands rejected: "), (acked, "Commands being processed: "), (replied, "Commands being replying to: "), (reply_nacked, "Replies rejected: ")] with clint.textui.indent(4): for v, k in vals: clint.textui.puts( clint.textui.columns([k, label_col_width], [str(len(v)), 5])) try: pid_file = os.path.join(conf.storage_base_dir, "dcm-agent.pid") if not os.path.exists(pid_file): run_status = "NOT RUNNING" run_reason = "PID file not found" else: with open(pid_file, "r") as fptr: pid = int(fptr.read().strip()) p = psutil.Process(pid) clint.textui.puts(clint.textui.colored.green("RUNNING")) start_time_str = datetime.datetime.fromtimestamp( p.create_time()).strftime("%Y-%m-%d %H:%M:%S") with clint.textui.indent(4): clint.textui.puts( clint.textui.columns( ["Started at:", label_col_width], [start_time_str, 70 - label_col_width])) clint.textui.puts( clint.textui.columns(["User:"******"Status:", label_col_width], [p.status(), 70 - label_col_width])) clint.textui.puts( clint.textui.columns(["Pid:", label_col_width], [str(pid), 70 - label_col_width])) return 0 except psutil.NoSuchProcess: run_status = "NOT RUNNING" run_reason = "The PID %d was not found" % pid except Exception as ex: run_reason = str(ex) run_status = "UNKNOWN" clint.textui.puts(clint.textui.colored.red(run_status)) clint.textui.puts(clint.textui.colored.red(run_reason)) return 1