def _ValidateFleetspeakServiceConfig(self, config_path):
"""Validates a Fleetspeak service config.
Checks that the given file is a valid TextFormat representation of
a Fleetspeak service config proto.
Args:
config_path: Path to the config file.
Raises:
BuildError: If the config is not valid.
"""
with open(config_path, "rb") as f:
parsed_config = text_format.Parse(
f.read(),
fs_system_pb2.ClientServiceConfig(),
descriptor_pool=fs_config_pb2.DESCRIPTOR.pool)
if parsed_config.factory != "Daemon":
raise build.BuildError(
"Fleetspeak config does not have the expected factory type."
)
daemon_cfg = fs_config_pb2.Config()
parsed_config.config.Unpack(daemon_cfg)
if not daemon_cfg.argv:
raise build.BuildError(
"Fleetspeak daemon service config does not specify command line "
"args.")
def GenerateFleetspeakServiceConfig(self):
"""Generate a service config, used to register the GRR client with FS."""
logging.info("Generating Fleetspeak service config.")
fs_service_config = fs_system_pb2.ClientServiceConfig(
name=config.CONFIG["Client.name"],
factory="Daemon",
required_labels=[
fs_common_pb2.Label(
service_name="client",
label="windows",
),
],
)
daemonservice_config = fs_config_pb2.Config(
argv=[
# Note this is an argv list, so we can't use
# config.CONFIG["Nanny.child_command_line"] directly.
config.CONFIG["Nanny.child_binary"],
"--config=%s.yaml" % config.CONFIG["Nanny.child_binary"],
],
monitor_heartbeats=True,
heartbeat_unresponsive_grace_period_seconds=600,
heartbeat_unresponsive_kill_period_seconds=300,
)
fs_service_config.config.Pack(daemonservice_config)
str_fs_service_config = text_format.MessageToString(fs_service_config,
as_one_line=True)
return str_fs_service_config
def _CreateServiceConfig(config_dir: str) -> None:
"""Creates a fleetspeak service config in the config directory."""
service_config_path = config.CONFIG["ClientBuilder.fleetspeak_config_path"]
with open(service_config_path, "r") as f:
data = config.CONFIG.InterpolateValue(f.read())
service_config = text_format.Parse(data,
fs_system_pb2.ClientServiceConfig())
daemon_config = fs_daemon_config_pb2.Config()
service_config.config.Unpack(daemon_config)
del daemon_config.argv[:]
daemon_config.argv.extend([
"grr_client",
])
service_config.config.Pack(daemon_config)
utils.EnsureDirExists(os.path.join(config_dir, "textservices"))
with open(os.path.join(config_dir, "textservices", "GRR.textproto"),
"w") as f:
f.write(text_format.MessageToString(service_config))
def GenerateFleetspeakServiceConfig(self):
"""Generate a service config, used to register the GRR client with FS."""
fs_service_config = fs_system_pb2.ClientServiceConfig(
name=config.CONFIG["Client.name"],
factory="Daemon",
required_labels=[
fs_common_pb2.Label(
service_name="client",
label="windows",
),
],
)
daemonservice_config = fs_config_pb2.Config(argv=[
# Note this is an argv list, so we can't use
# config.CONFIG["Nanny.child_command_line"] directly.
config.CONFIG["Nanny.child_binary"],
"--config=%s.yaml" % config.CONFIG["Nanny.child_binary"],
])
fs_service_config.config.Pack(daemonservice_config)
str_fs_service_config = text_format.MessageToString(fs_service_config,
as_one_line=True)
return str_fs_service_config
def InitFleetspeakConfigs(
grr_configs: GRRConfigs,
mysql_database: str,
mysql_username: Optional[str] = None,
mysql_password: Optional[str] = None) -> FleetspeakConfigs:
"""Initializes Fleetspeak server and client configs."""
fs_frontend_port, fs_admin_port = api_helpers.GetFleetspeakPortsFromConfig(
grr_configs.server_config)
mysql_username = mysql_username or ""
mysql_password = mysql_password or ""
temp_root = tempfile.mkdtemp(suffix="_fleetspeak")
def TempPath(*args):
return os.path.join(temp_root, *args)
cp = config_pb2.Config(configuration_name="Self-contained testing")
cp.components_config.mysql_data_source_name = "%s:%s@tcp(127.0.0.1:3306)/%s" % (
mysql_username, mysql_password, mysql_database)
cp.components_config.https_config.listen_address = "localhost:%d" % portpicker.pick_unused_port(
)
# TODO(user): Use streaming connections by default. At the moment
# a few tests are failing with MySQL errors when streaming is used.
cp.components_config.https_config.disable_streaming = True
cp.components_config.admin_config.listen_address = ("localhost:%d" %
fs_admin_port)
cp.public_host_port.append(
cp.components_config.https_config.listen_address)
cp.server_component_configuration_file = TempPath("server.config")
cp.trusted_cert_file = TempPath("trusted_cert.pem")
cp.trusted_cert_key_file = TempPath("trusted_cert_key.pem")
cp.server_cert_file = TempPath("server_cert.pem")
cp.server_cert_key_file = TempPath("server_cert_key.pem")
cp.linux_client_configuration_file = TempPath("linux_client.config")
cp.windows_client_configuration_file = TempPath("windows_client.config")
cp.darwin_client_configuration_file = TempPath("darwin_client.config")
built_configurator_config_path = TempPath("configurator.config")
with open(built_configurator_config_path, mode="w",
encoding="utf-8") as fd:
fd.write(text_format.MessageToString(cp))
p = _StartBinary(
"fleetspeak-config",
["--logtostderr", "--config", built_configurator_config_path])
if p.wait() != 0:
raise ConfigInitializationError(
"fleetspeak-config execution failed: {}".format(p.returncode))
# Adjust client config.
with open(cp.linux_client_configuration_file, mode="r",
encoding="utf-8") as fd:
conf_content = fd.read()
conf = text_format.Parse(conf_content, client_config_pb2.Config())
conf.filesystem_handler.configuration_directory = temp_root
conf.filesystem_handler.state_file = TempPath("client.state")
with open(cp.linux_client_configuration_file, mode="w",
encoding="utf-8") as fd:
fd.write(text_format.MessageToString(conf))
# Write client services configuration.
service_conf = system_pb2.ClientServiceConfig(name="GRR", factory="Daemon")
payload = daemonservice_config_pb2.Config()
payload.argv.extend([
sys.executable, "-u", "-m", "grr_response_client.grr_fs_client",
"--config", grr_configs.client_config
])
# TODO(user): remove this condition when Fleetspeak is used as a nanny
# on all platforms.
if platform.system() == "Windows":
payload.monitor_heartbeats = True
payload.heartbeat_unresponsive_grace_period_seconds = 45
payload.heartbeat_unresponsive_kill_period_seconds = 15
service_conf.config.Pack(payload)
os.mkdir(TempPath("textservices"))
with open(TempPath("textservices", "GRR.textproto"),
mode="w",
encoding="utf-8") as fd:
fd.write(text_format.MessageToString(service_conf))
# Server services configuration.
service_config = services_pb2.ServiceConfig(name="GRR", factory="GRPC")
grpc_config = grpcservice_pb2.Config(target="localhost:%d" %
fs_frontend_port,
insecure=True)
service_config.config.Pack(grpc_config)
server_conf = server_pb2.ServerConfig(services=[service_config])
server_conf.broadcast_poll_time.seconds = 1
built_server_services_config_path = TempPath("server.services.config")
with open(built_server_services_config_path, mode="w",
encoding="utf-8") as fd:
fd.write(text_format.MessageToString(server_conf))
return FleetspeakConfigs(cp.server_component_configuration_file,
built_server_services_config_path,
cp.linux_client_configuration_file)
