def _make_zeek_params(node, live):
args = []
if live and node.interface:
try:
# Interface name needs quotes so that shell doesn't interpret any
# potential metacharacters in the name.
args += ["-i", "'%s'" % node.interface]
except AttributeError:
pass
if config.Config.savetraces:
args += ["-w", "trace.pcap"]
args += ["-U", ".status"]
args += ["-p", "zeekctl"]
if live:
args += ["-p", "zeekctl-live"]
if node_mod.is_standalone(node):
args += ["-p", "standalone"]
for prefix in config.Config.prefixes.split(":"):
args += ["-p", "%s" % prefix]
args += ["-p", "%s" % node.name]
# The order of loaded scripts is as follows:
# 1) SitePolicyScripts (local.zeek by default) gives a common set of loaded
# scripts for all nodes.
# 2) The common configuration of zeekctl is loaded via the zeekctl package.
# 3) The distribution's default settings for node configuration are loaded
# from either the cluster framework or standalone scripts. At this point
# anything in the distribution's default per-node is overridable and any
# identifiers in local.zeek are able to be used (e.g. in defining
# a notice policy).
# 4) Autogenerated zeekctl scripts are loaded, which may contain
# settings that override the previously loaded scripts.
# (e.g. see Log::default_rotation_interval)
args += config.Config.sitepolicyscripts.split()
args += ["zeekctl"]
if node_mod.is_standalone(node):
args += ["zeekctl/standalone"]
else:
args += ["base/frameworks/cluster"]
args += ["zeekctl/auto"]
if getattr(node, "aux_scripts", None):
args += [node.aux_scripts]
if config.Config.zeekargs:
# Some args in zeekargs might contain spaces, so we cannot split it.
args += [config.Config.zeekargs]
return args
def _check_nodestore(self, nodestore):
if not nodestore:
raise ConfigurationError("no nodes found in node config")
standalone = False
manager = False
proxy = False
manageronlocalhost = False
# Note: this is a subset of localaddrs
localhostaddrs = "127.0.0.1", "::1"
for n in nodestore.values():
if node_mod.is_manager(n):
if manager:
raise ConfigurationError(
"only one manager can be defined in node config")
manager = True
if n.addr in localhostaddrs:
manageronlocalhost = True
if n.addr not in self.localaddrs:
raise ConfigurationError(
"must run zeekctl on same machine as the manager node. The manager node has IP address %s and this machine has IP addresses: %s"
% (n.addr, ", ".join(self.localaddrs)))
elif node_mod.is_proxy(n):
proxy = True
elif node_mod.is_standalone(n):
standalone = True
if n.addr not in self.localaddrs:
raise ConfigurationError(
"must run zeekctl on same machine as the standalone node. The standalone node has IP address %s and this machine has IP addresses: %s"
% (n.addr, ", ".join(self.localaddrs)))
if standalone:
if len(nodestore) > 1:
raise ConfigurationError(
"more than one node defined in standalone node config")
else:
if not manager:
raise ConfigurationError("no manager defined in node config")
elif not proxy:
raise ConfigurationError("no proxy defined in node config")
# If manager is on localhost, then all other nodes must be on localhost
if manageronlocalhost:
for n in nodestore.values():
if not node_mod.is_manager(n) and n.addr not in localhostaddrs:
raise ConfigurationError(
"all nodes must use localhost/127.0.0.1/::1 when manager uses it"
)
def _make_env_params(node, returnlist=False):
envs = []
if not node_mod.is_standalone(node):
envs.append("CLUSTER_NODE=%s" % node.name)
envs += ["%s=%s" % (key, val) for (key, val) in sorted(node.env_vars.items())]
if returnlist:
envlist = [("-v", i) for i in envs]
return [j for i in envlist for j in i]
return " ".join(envs)
def df(self, nodes):
results = cmdresult.CmdResult()
DiskInfo = namedtuple("DiskInfo", ("fs", "total", "used", "available", "percent"))
dirs = ("logdir", "bindir", "helperdir", "cfgdir", "spooldir",
"policydir", "libdir", "libdir64", "tmpdir", "staticdir", "scriptsdir")
df = {}
for node in nodes:
df[node.name] = {}
cmds = []
for node in nodes:
for key in dirs:
if key == "logdir" and not (node_mod.is_logger(node) or node_mod.is_manager(node) or node_mod.is_standalone(node)):
# Don't need to check this on nodes that don't write logs.
continue
path = self.config.config[key]
if key == "libdir" or key == "libdir64":
if not os.path.exists(path):
continue
cmds += [(node, "df", [path])]
for (node, success, output) in self.executor.run_helper(cmds):
if success:
fields = output.split()
if len(fields) != 4:
df[node.name]["FAIL"] = "wrong number of fields from df helper"
continue
fs = fields[0]
# Ignore NFS mounted volumes.
if not fs.startswith("/") and ":" in fs:
continue
try:
total = float(fields[1])
used = float(fields[2])
avail = float(fields[3])
except ValueError as err:
df[node.name]["FAIL"] = "bad output from df helper: %s" % err
continue
perc = used * 100.0 / (used + avail)
df[node.name][fs] = DiskInfo(fs, total, used, avail, perc)
else:
df[node.name]["FAIL"] = output if output else "no output"
for node in nodes:
success = "FAIL" not in df[node.name]
results.set_node_data(node, success, df[node.name])
return results