def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
protocol = self.protocol_util.get_protocol()
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
success = self.osutil.enable_firewall(
dst_ip=protocol.endpoint,
uid=os.getuid())
add_periodic(
logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.purge_disk_cache()
time.sleep(5)
def test_periodic_forwards_args(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
mock_event.assert_called_once_with(
"FauxEvent",
duration=0, evt_type='', is_internal=False, is_success=True,
log_event=True, message='', op='', version=str(CURRENT_VERSION))
def test_periodic_does_not_emit_if_previously_sent(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
def test_periodic_emits_if_forced(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent", force=True)
self.assertEqual(2, mock_event.call_count)
def test_periodic_emits_if_forced(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent", force=True)
self.assertEqual(2, mock_event.call_count)
def test_periodic_does_not_emit_if_previously_sent(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
def test_periodic_forwards_args(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
mock_event.assert_called_once_with(
"FauxEvent",
duration=0, evt_type='', is_internal=False, is_success=True,
log_event=True, message='', op=WALAEventOperation.Unknown,
version=str(CURRENT_VERSION))
def test_periodic_forwards_args(self, mock_event):
event.__event_logger__.reset_periodic()
event_time = datetime.utcnow().__str__()
event.add_periodic(logger.EVERY_DAY, "FauxEvent", op=WALAEventOperation.Log, is_success=True, duration=0,
version=str(CURRENT_VERSION), message="FauxEventMessage", evt_type="", is_internal=False,
log_event=True, force=False)
mock_event.assert_called_once_with("FauxEvent", op=WALAEventOperation.Log, is_success=True, duration=0,
version=str(CURRENT_VERSION), message="FauxEventMessage", evt_type="",
is_internal=False, log_event=True)
def test_periodic_forwards_args_default_values(self, mock_event,
mock_datetime): # pylint: disable=unused-argument
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY,
"FauxEvent",
message="FauxEventMessage")
mock_event.assert_called_once_with("FauxEvent",
op=WALAEventOperation.Unknown,
is_success=True,
duration=0,
version=str(CURRENT_VERSION),
message="FauxEventMessage",
log_event=True)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
# The initialization of ProtocolUtil for the Environment thread should be done within the thread itself rather
# than initializing it in the ExtHandler thread. This is done to avoid any concurrency issues as each
# thread would now have its own ProtocolUtil object as per the SingletonPerThread model.
self.protocol_util = get_protocol_util()
protocol = self.protocol_util.get_protocol()
reset_firewall_fules = False
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not reset_firewall_fules:
self.osutil.remove_firewall(dst_ip=protocol.get_endpoint(),
uid=os.getuid())
reset_firewall_fules = True
success = self.osutil.enable_firewall(
dst_ip=protocol.get_endpoint(), uid=os.getuid())
add_periodic(logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.archive_history()
time.sleep(5)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
protocol = self.protocol_util.get_protocol()
reset_firewall_fules = False
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not reset_firewall_fules:
self.osutil.remove_firewall(dst_ip=protocol.endpoint, uid=os.getuid())
reset_firewall_fules = True
success = self.osutil.enable_firewall(
dst_ip=protocol.endpoint,
uid=os.getuid())
add_periodic(
logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.archive_history()
time.sleep(5)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
protocol = self.protocol_util.get_protocol()
reset_firewall_fules = False
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not reset_firewall_fules:
self.osutil.remove_firewall(dst_ip=protocol.endpoint,
uid=os.getuid())
reset_firewall_fules = True
success = self.osutil.enable_firewall(dst_ip=protocol.endpoint,
uid=os.getuid())
add_periodic(logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.archive_history()
time.sleep(5)
def _enable_firewall(self):
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not self._reset_firewall_rules:
self.osutil.remove_firewall(dst_ip=self._protocol.get_endpoint(), uid=os.getuid())
self._reset_firewall_rules = True
success = self.osutil.enable_firewall(dst_ip=self._protocol.get_endpoint(), uid=os.getuid())
add_periodic(
logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
def _operation(self):
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26. Removing only the legacy rule and keeping other rules intact.
#
# We only try to remove the legacy firewall rule once on service start (irrespective of its exit code).
if not self._try_remove_legacy_firewall_rule:
self._osutil.remove_legacy_firewall_rule(
dst_ip=self._protocol.get_endpoint())
self._try_remove_legacy_firewall_rule = True
success = self._osutil.enable_firewall(
dst_ip=self._protocol.get_endpoint(), uid=os.getuid())
add_periodic(logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
def test_periodic_emits_after_elapsed_delta(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
h = hash("FauxEvent"+WALAEventOperation.Unknown+ustr(True))
event.__event_logger__.periodic_events[h] = \
datetime.now() - logger.EVERY_DAY - logger.EVERY_HOUR
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(2, mock_event.call_count)
def test_periodic_emits_after_elapsed_delta(self, mock_event):
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
h = hash("FauxEvent"+WALAEventOperation.Unknown+ustr(True))
event.__event_logger__.periodic_events[h] = \
datetime.now() - logger.EVERY_DAY - logger.EVERY_HOUR
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(2, mock_event.call_count)
def test_add_periodic_should_create_events_that_have_all_the_parameters_in_the_telemetry_schema(
self):
self._test_create_event_function_should_create_events_that_have_all_the_parameters_in_the_telemetry_schema(
create_event_function=lambda: add_periodic(
delta=logger.EVERY_MINUTE,
name="TestPeriodicEvent",
op=WALAEventOperation.HostPlugin,
is_success=False,
duration=4321,
version="4.3.2.1",
message="Test Periodic Message"),
expected_parameters={
'Name': 'TestPeriodicEvent',
'Version': '4.3.2.1',
'Operation': 'HostPlugin',
'OperationSuccess': False,
'Message': 'Test Periodic Message',
'Duration': 4321,
'ExtensionType': ''
})
def test_periodic_emits_after_elapsed_delta(self, mock_event):
init_event_logger(tempfile.mkdtemp())
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(1, mock_event.call_count)
h = hash("FauxEvent"+""+ustr(True)+"")
event.__event_logger__.periodic_messages[h] = \
datetime.now() - logger.EVERY_DAY - logger.EVERY_HOUR
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
self.assertEqual(2, mock_event.call_count)
def test_periodic_emits_if_not_previously_sent(self, mock_event):
init_event_logger(tempfile.mkdtemp())
event.__event_logger__.reset_periodic()
event.add_periodic(logger.EVERY_DAY, "FauxEvent")
mock_event.assert_called_once()