def ansible_add_ip_to_inventory(system_ip):
try:
aim = AnsibleInventoryManager()
aim.add_host(system_ip)
aim.save_inventory()
except Exception, msg:
api_log.error(str(msg))
return False, 'Error adding ip to ansible inventory'
def ansible_add_system(local_system_id, remote_system_ip, password):
"""
Add a new system.
Create and set the crypto files and update the ansible inventory manager
"""
from ansiblemethods.ansibleinventory import AnsibleInventoryManager
result = False
response = None
# sanity check
if not os.path.isfile('/var/ossim/ssl/local/ssh_capubkey.pem'):
response = "Cannot access public key file"
return (result, response)
success, message = ansible_remove_key_from_known_host_file(
"127.0.0.1",
remote_system_ip)
if not success:
return success, message
evars = {"remote_system_ip": "%s" % remote_system_ip,
"local_system_id": "%s" % local_system_id}
response = ansible.run_playbook(playbook=PLAYBOOKS['SET_CRYPTO_FILES'],
host_list=[remote_system_ip],
extra_vars=evars,
ans_remote_user="******",
ans_remote_pass=password,
use_sudo=True)
if response[remote_system_ip]['unreachable'] == 0 and \
response[remote_system_ip]['failures'] == 0:
result = True
response = "System with IP %s added correctly" % (remote_system_ip)
else:
result = False
api_log.error(str(response))
response = "Cannot add system with IP %s. " % (remote_system_ip) + \
"Please verify that the system is reachable " + \
"and the password is correct."
# Add the system to the Ansible Inventory
aim = AnsibleInventoryManager()
aim.add_host(remote_system_ip)
aim.save_inventory()
return (result, response)
def ansible_add_ip_to_inventory(system_ip):
try:
from ansiblemethods.ansibleinventory import AnsibleInventoryManager
aim = AnsibleInventoryManager()
aim.add_host(system_ip)
aim.save_inventory()
except Exception, msg:
api_log.error(str(msg))
return False, 'Error adding ip to ansible inventory'
def ansible_add_system(local_system_id, remote_system_ip, password):
"""
Add a new system.
Create and set the crypto files and update the ansible inventory manager
"""
from ansiblemethods.ansibleinventory import AnsibleInventoryManager
result = False
response = None
# sanity check
if not os.path.isfile('/var/ossim/ssl/local/ssh_capubkey.pem'):
response = "Cannot access public key file"
return (result, response)
success, message = ansible_remove_key_from_known_host_file(
"127.0.0.1", remote_system_ip)
if not success:
return success, message
evars = {
"remote_system_ip": "%s" % remote_system_ip,
"local_system_id": "%s" % local_system_id
}
response = ansible.run_playbook(playbook=PLAYBOOKS['SET_CRYPTO_FILES'],
host_list=[remote_system_ip],
extra_vars=evars,
ans_remote_user="******",
ans_remote_pass=password,
use_sudo=True)
if response[remote_system_ip]['unreachable'] == 0 and \
response[remote_system_ip]['failures'] == 0:
result = True
response = "System with IP %s added correctly" % (remote_system_ip)
else:
result = False
api_log.error(str(response))
response = "Cannot add system with IP %s. " % (remote_system_ip) + \
"Please verify that the system is reachable " + \
"and the password is correct."
# Add the system to the Ansible Inventory
aim = AnsibleInventoryManager()
aim.add_host(remote_system_ip)
aim.save_inventory()
return (result, response)
def apimethod_delete_system(system_id):
success, local_system_id = get_system_id_from_local()
if not success:
return success, "Error: Can not retrieve the local system id. %s" %str(local_system_id)
if system_id == 'local' or get_hex_string_from_uuid(local_system_id) == get_hex_string_from_uuid(system_id):
return False, "Error: You're trying to remove the local system, which it's not allowed"
(success, system_ip) = get_system_ip_from_system_id(system_id)
if not success:
return success, "Error retrieving the system ip for the system id %s -> %s" % (system_ip, str(system_ip))
# 1 - Remove it from the database
success, msg = db_remove_system(system_id)
if not success:
return success, "Error while removing the system from the database: %s" % str(msg)
# 2 - Remove the remote certificates
# success, msg = ansible_remove_certificates(system_ip)
# if not success:
# return success, "Error while removing the remote certificates: %s" % str(msg)
# 3 - Remove the local certificates and keys
success, local_ip = get_system_ip_from_local()
if not success:
return success, "Error while getting the local ip: %s" % str(local_ip)
success, msg = ansible_remove_certificates(system_ip=local_ip, system_id_to_remove=system_id)
if not success:
return success, "Error while removing the local certificates: %s" % str(msg)
# 4 - Remove it from the ansible inventory.
try:
aim = AnsibleInventoryManager()
aim.delete_host(system_ip)
aim.save_inventory()
del aim
except Exception as aim_error:
return False, "An error occurred while removing the system from the ansible inventory file: %s" % str(aim_error)
# 5 - Try to connect to the child and remove the parent using it's server_id
success, own_server_id = get_server_id_from_local()
if not success:
return success, "Error while retrieving server_id from local: %s" % str(msg)
success, msg = ansible_delete_parent_server(system_ip, own_server_id)
if not success:
return success, "Error while deleting parent server in child: %s" % str(msg)
return True, ""
def apimethod_delete_system(system_id):
success, local_system_id = get_system_id_from_local()
if not success:
error_msg = "Cannot retrieve the " + \
"local system id. %s" % str(local_system_id)
return success, error_msg
if system_id == 'local' or get_hex_string_from_uuid(local_system_id) == get_hex_string_from_uuid(system_id):
error_msg = "You're trying to remove the local system, " + \
"which it's not allowed"
return False, error_msg
(success, system_ip) = get_system_ip_from_system_id(system_id)
if not success:
error_msg = "Cannot retrieve the system ip " + \
"for the given system-id %s" % (str(system_ip))
return success, error_msg
# Check whether the remote system is reachable or not:
try:
remote_system_is_reachable = ping_system(system_id, no_cache=True)
except APIException:
remote_system_is_reachable = False
# We need to take the sensor_id from the database before removing it from the db
(success_f, sensor_id) = get_sensor_id_from_system_id(system_id)
# 1 - Remove it from the database
success, msg = db_remove_system(system_id)
if not success:
error_msg = "Cannot remove the system " + \
"from the database <%s>" % str(msg)
return success, error_msg
# 2 - Remove the firewall rules.
if success_f:
trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
trigger="alienvault-del-sensor")
if not trigger_success:
api_log.error(msg)
else:
trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
trigger="alienvault-del-server")
if not trigger_success:
api_log.error(msg)
# 3 - Remove the remote certificates
# success, msg = ansible_remove_certificates(system_ip)
# if not success:
# return (success,
# "Error while removing the remote certificates: %s" % str(msg))
# 4 - Remove the local certificates and keys
success, local_ip = get_system_ip_from_local()
if not success:
error_msg = "Cannot retrieve the local ip " + \
"<%s>" % str(local_ip)
return success, error_msg
#Remove remote system certificates on the local system
success, msg = ansible_remove_certificates(system_ip=local_ip,
system_id_to_remove=system_id)
if not success:
return success, "Cannot remove the local certificates <%s>" % str(msg)
# 5 - Remove it from the ansible inventory.
try:
aim = AnsibleInventoryManager()
aim.delete_host(system_ip)
aim.save_inventory()
del aim
except Exception as aim_error:
error_msg = "Cannot remove the system from the " + \
"ansible inventory file " + \
"<%s>" % str(aim_error)
return False, error_msg
# 6 - Try to connect to the child and remove the parent
# using it's server_id
success, own_server_id = get_server_id_from_local()
if not success:
error_msg = "Cannot retrieve the server-id " + \
"from local <%s>" % str(msg)
return success, error_msg
if remote_system_is_reachable:
success, msg = ansible_delete_parent_server(system_ip, own_server_id)
if not success:
error_msg = "Cannot delete parent server in child <%s>" % str(msg)
return success, error_msg
return True, ""
msg = "The remote system is not reachable. " + \
"We had not been able to remove the parent configuration"
return True, msg
def test_save_inventory(self):
""" Test save process """
# Copy real data into temp_file
temp_inventory_file = mktemp(prefix='test_inventory')
temp_bkp_inventory_file = mktemp(prefix='test_bkp_inventory')
try:
copyfile(TEST_FILES_PATH + "hosts3", temp_inventory_file)
ansible_file = AnsibleInventoryManager(inventory_file=temp_inventory_file)
ansible_file.save_inventory(backup_file=temp_bkp_inventory_file)
bk_ansible_file = AnsibleInventoryManager(inventory_file=temp_bkp_inventory_file)
self.assertEqual(ansible_file.get_hosts(), bk_ansible_file.get_hosts())
self.assertEqual([group.name for group in ansible_file.get_groups()],
[group.name for group in bk_ansible_file.get_groups()])
ansible_file.add_host("host7")
ansible_file.save_inventory(backup_file=temp_bkp_inventory_file)
bk_ansible_file = AnsibleInventoryManager(inventory_file=temp_bkp_inventory_file)
self.assertNotEqual(ansible_file.get_hosts(), bk_ansible_file.get_hosts())
self.assertEqual([group.name for group in ansible_file.get_groups()],
[group.name for group in bk_ansible_file.get_groups()])
finally:
os.unlink(temp_inventory_file)
os.unlink(temp_bkp_inventory_file)
def apimethod_delete_system(system_id):
success, local_system_id = get_system_id_from_local()
if not success:
error_msg = "Cannot retrieve the " + \
"local system id. %s" % str(local_system_id)
return success, error_msg
if system_id == 'local' or get_hex_string_from_uuid(
local_system_id) == get_hex_string_from_uuid(system_id):
error_msg = "You're trying to remove the local system, " + \
"which it's not allowed"
return False, error_msg
(success, system_ip) = get_system_ip_from_system_id(system_id)
if not success:
error_msg = "Cannot retrieve the system ip " + \
"for the given system-id %s" % (str(system_ip))
return success, error_msg
# Check whether the remote system is reachable or not:
try:
remote_system_is_reachable = ping_system(system_id, no_cache=True)
except APIException:
remote_system_is_reachable = False
# We need to take the sensor_id from the database before removing it from the db
(success_f, sensor_id) = get_sensor_id_from_system_id(system_id)
# 1 - Remove it from the database
success, msg = db_remove_system(system_id)
if not success:
error_msg = "Cannot remove the system " + \
"from the database <%s>" % str(msg)
return success, error_msg
# 2 - Remove the firewall rules.
if success_f:
trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
trigger="alienvault-del-sensor")
if not trigger_success:
api_log.error(msg)
else:
trigger_success, msg = fire_trigger(system_ip="127.0.0.1",
trigger="alienvault-del-server")
if not trigger_success:
api_log.error(msg)
# 3 - Remove the remote certificates
# success, msg = ansible_remove_certificates(system_ip)
# if not success:
# return (success,
# "Error while removing the remote certificates: %s" % str(msg))
# 4 - Remove the local certificates and keys
success, local_ip = get_system_ip_from_local()
if not success:
error_msg = "Cannot retrieve the local ip " + \
"<%s>" % str(local_ip)
return success, error_msg
#Remove remote system certificates on the local system
success, msg = ansible_remove_certificates(system_ip=local_ip,
system_id_to_remove=system_id)
if not success:
return success, "Cannot remove the local certificates <%s>" % str(msg)
# 5 - Remove it from the ansible inventory.
try:
aim = AnsibleInventoryManager()
aim.delete_host(system_ip)
aim.save_inventory()
del aim
except Exception as aim_error:
error_msg = "Cannot remove the system from the " + \
"ansible inventory file " + \
"<%s>" % str(aim_error)
return False, error_msg
# 6 - Try to connect to the child and remove the parent
# using it's server_id
success, own_server_id = get_server_id_from_local()
if not success:
error_msg = "Cannot retrieve the server-id " + \
"from local <%s>" % str(msg)
return success, error_msg
if remote_system_is_reachable:
success, msg = ansible_delete_parent_server(system_ip, own_server_id)
if not success:
error_msg = "Cannot delete parent server in child <%s>" % str(msg)
return success, error_msg
return True, ""
msg = "The remote system is not reachable. " + \
"We had not been able to remove the parent configuration"
return True, msg
def _get_inventory_from_test_file(self, file_name):
return AnsibleInventoryManager(inventory_file=TEST_FILES_PATH +
file_name)
def test_save_inventory(self):
""" Test save process """
# Copy real data into temp_file
temp_inventory_file = mktemp(prefix='test_inventory')
temp_bkp_inventory_file = mktemp(prefix='test_bkp_inventory')
try:
copyfile(TEST_FILES_PATH + "hosts3", temp_inventory_file)
ansible_file = AnsibleInventoryManager(
inventory_file=temp_inventory_file)
ansible_file.save_inventory(backup_file=temp_bkp_inventory_file)
bk_ansible_file = AnsibleInventoryManager(
inventory_file=temp_bkp_inventory_file)
self.assertEqual(ansible_file.get_hosts(),
bk_ansible_file.get_hosts())
self.assertEqual(
[group.name for group in ansible_file.get_groups()],
[group.name for group in bk_ansible_file.get_groups()])
ansible_file.add_host("host7")
ansible_file.save_inventory(backup_file=temp_bkp_inventory_file)
bk_ansible_file = AnsibleInventoryManager(
inventory_file=temp_bkp_inventory_file)
self.assertNotEqual(ansible_file.get_hosts(),
bk_ansible_file.get_hosts())
self.assertEqual(
[group.name for group in ansible_file.get_groups()],
[group.name for group in bk_ansible_file.get_groups()])
finally:
os.unlink(temp_inventory_file)
os.unlink(temp_bkp_inventory_file)
