Пример #1
0
    def test_configure_ossec_alert_threshold_change(self):
        conf1 = config.AgentConfig([])

        def check_version(conf):
            unsupported_platform_version = [("ubuntu", "10.04"),
                                            ("debian", "6.0")]
            for p, v in unsupported_platform_version:
                if conf.platform_name == p and conf.platform_version.startswith(
                        v):
                    return True
            return False

        if check_version(conf1):
            return

        conf_args = [
            "-c", "Amazon", "-u", "http://doesntmatter.org/ws", "-p",
            self.test_base_path, "-C", "ws", "--intrusion-detection-ossec",
            "true", "--ids-alert-threshold", "5"
        ]
        rc = configure.main(conf_args)
        self.assertEqual(rc,
                         0,
                         msg="Failed for " + conf1.platform_name + " : " +
                         conf1.platform_version)
        conf = config.AgentConfig(
            [os.path.join(self.test_base_path, "etc/agent.conf")])
        self.assertTrue(conf.intrusion_detection_ossec)
        self.assertEqual(conf.intrusion_detection_alert_threshold, 5)
Пример #2
0
 def setUp(self):
     logger.clear_dcm_logging()
     test_conf_path = test_utils.get_conf_file()
     self.conf_obj = config.AgentConfig([test_conf_path])
     self.test_base_path = tempfile.mkdtemp()
     self.db_path = os.path.join(self.test_base_path, "agentdb.db")
     self.db = persistence.SQLiteAgentDB(self.db_path)
Пример #3
0
def guess_default_cloud(conf_d):
    (h, cloud_name) = conf_d["cloud"]["type"]
    if cloud_name != cloudmetadata.CLOUD_TYPES.UNKNOWN:
        return
    conf = config.AgentConfig([])
    name = cloudmetadata.guess_effective_cloud(conf)
    if name is None:
        raise Exception("Cloud %s is not a known type." % cloud_name)
    print("The detected cloud is " + name)
    conf_d["cloud"]["type"] = (h, name)
Пример #4
0
 def test_install_extras_passes_with_good_return_code(
         self, extras_installed_cmd, mock_http_get_to_file):
     extras_installed_cmd.return_value = False
     mock_http_get_to_file.return_value = False
     config_files = config.get_config_files()
     conf = config.AgentConfig(config_files)
     conf.extra_location = "fake"
     with patch('dcm.agent.utils.run_command') as mock_run_cmd:
         mock_run_cmd.return_value = ('stdout', 'stderr', 0)
         result = agent_utils.install_extras(conf)
     self.assertTrue(result)
Пример #5
0
 def test_get_conf_files(self):
     conf = config.AgentConfig([self.conf_path])
     hs = handshake.HandshakeManager(conf, mock.Mock())
     handshake_doc = hs.get_send_document()
     features = handshake_doc['features']
     self.assertIsNotNone(features['plugins'])
     self.assertIn("add_user", features['plugins'])
     self.assertIn("hello", features)
     self.assertIn("test", features)
     self.assertEqual(features["hello"], "world")
     self.assertEqual(features["test"], '2')
Пример #6
0
 def test_install_extras_fails_with_bad_return_code(self,
                                                    extras_installed_cmd,
                                                    mock_http_get_to_file):
     extras_installed_cmd.return_value = False
     mock_http_get_to_file.return_value = False
     config_files = config.get_config_files()
     conf = config.AgentConfig(config_files)
     conf.extra_location = "fake"
     conf_args = [conf]
     with patch('dcm.agent.utils.run_command') as mock_run_cmd:
         mock_run_cmd.return_value = ('stdout', 'stderr', 1)
         self.assertRaises(Exception, agent_utils.install_extras, conf_args)
Пример #7
0
    def setUp(self):
        self.test_conf_path = \
            os.path.join(self.test_base_path, "etc", "agent.conf")
        self.conf_obj = config.AgentConfig([self.test_conf_path])
        self.svc = service.DCMAgent(self.conf_obj)

        self._event = threading.Event()

        utils.verify_config_file(self.conf_obj)
        # script_dir must be forced to None so that we get the built in dir
        self.svc.pre_threads()
        self.conf_obj.start_job_runner()

        self.disp = dispatcher.Dispatcher(self.conf_obj)

        self.req_conn = test_conn.RequestConnection()
        self.reply_conn = test_conn.ReplyConnection()

        self.db = persistence.SQLiteAgentDB(
            os.path.join(self.test_base_path, "etc", "agentdb.sql"))
        self.request_listener = reply.RequestListener(self.conf_obj,
                                                      self.reply_conn,
                                                      self.disp, self.db)
        observers = self.request_listener.get_reply_observers()
        observers.append(self)
        self.req_conn.set_request_listener(self.request_listener)

        self.agent_id = "theAgentID" + str(uuid.uuid4())
        self.customer_id = 50

        handshake_doc = {}
        handshake_doc["version"] = "1"
        handshake_doc["agentID"] = self.agent_id
        handshake_doc["cloudId"] = "Amazon"
        handshake_doc["customerId"] = self.customer_id
        handshake_doc["regionId"] = None
        handshake_doc["zoneId"] = "rack2"
        handshake_doc["serverId"] = "thisServer"
        handshake_doc["serverName"] = "dcm.testagent.com"
        handshake_doc["ephemeralFileSystem"] = "/tmp"
        handshake_doc["encryptedEphemeralFsKey"] = "DEADBEAF"

        self.svc.conn = self.reply_conn
        self.svc.disp = self.disp
        self.svc.request_listener = self.request_listener

        self.svc.handshaker.incoming_document({
            "handshake": handshake_doc,
            "return_code": 200
        })

        self.disp.start_workers(self.request_listener)
Пример #8
0
    def test_connection_backoff(self):
        test_base = self._write_conf()
        agent_conf_path = os.path.join(test_base, "etc", "agent.conf")
        conf = config.AgentConfig([agent_conf_path])
        conf.connection_max_backoff = 200
        conf.connection_backoff = 200
        test_run_time = 5000
        expected_connections = test_run_time / conf.connection_max_backoff

        serversocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        serversocket.listen(100)
        _, port = serversocket.getsockname()

        conf.connection_agentmanager_url = "ws://127.0.0.1:%d/ws" % port

        agent = service.DCMAgent(conf)
        conf.start_job_runner()

        def _run_agent(agent):
            agent.run_agent()

        t1 = threading.Thread(target=_run_agent, args=(agent,))
        t1.start()

        # run for time after the first connect.  that way we know it is up
        try:
            print("getting the first one")
            (clientsocket, address) = serversocket.accept()
            clientsocket.close()
            print("got it")
            connect_count = 0
            now = datetime.datetime.now()
            end_time = now + datetime.timedelta(seconds=test_run_time/1000)

            while now < end_time:
                print("waiting to connect " + str(now))
                (clientsocket, address) = serversocket.accept()
                clientsocket.close()
                connect_count += 1
                now = datetime.datetime.now()
                print("connected " + str(now))
        finally:
            serversocket.close()
            agent.shutdown_main_loop()
            t1.join()
        self.assertTrue(expected_connections * .9 - 1 < connect_count
                        < expected_connections * 1.1 + 1,
                        "connect_count is %d, expected %d" %
                        (connect_count, expected_connections))
Пример #9
0
    def setUpClass(cls):

        basedir = os.path.dirname((os.path.dirname(__file__)))
        cls.test_conf_path = \
            os.path.join(basedir, "etc", "agent.conf")
        cls.conf_obj = config.AgentConfig([cls.test_conf_path])

        if test_utils.S3_ACCESS_KEY_ENV not in os.environ\
                or test_utils.S3_SECRET_KEY_ENV not in os.environ:
            return

        cls.bucket_name = "agentfetchtest" + str(uuid.uuid4()).split("-")[0]

        cls.conn = boto.connect_s3(os.environ[test_utils.S3_ACCESS_KEY_ENV],
                                   os.environ[test_utils.S3_SECRET_KEY_ENV])
        cls.bucket = cls.conn.create_bucket(cls.bucket_name)
Пример #10
0
 def setUpClass(cls):
     test_utils.connect_to_debugger()
     cls.run_as_user = getpass.getuser()
     cls.test_base_path = tempfile.mkdtemp()
     conf_args = [
         "-c", "Amazon", "-u", "http://doesntmatter.org/ws", "-p",
         cls.test_base_path, "-t",
         os.path.join(cls.test_base_path, "tmp"), "-C", "success_tester",
         "-U", cls.run_as_user, "-l", "/tmp/agent_test_log.log"
     ]
     rc = configure.main(conf_args)
     if rc != 0:
         raise Exception("We could not configure the test env")
     cls.test_conf_path = \
         os.path.join(cls.test_base_path, "etc", "agent.conf")
     cls.conf = config.AgentConfig([cls.test_conf_path])
     cls.conf.start_job_runner()
Пример #11
0
def clean_agent_files(opts, tar):
    console_output(opts, 2, "Cleaning the agent files.")
    files_to_clean = ['/var/lib/waagent/provisioned',
                      '/tmp/boot.log',
                      '/tmp/agent_info.tar.gz',
                      '/tmp/meta_info.txt',
                      '/tmp/process_info.txt',
                      '/tmp/startup_script.txt',
                      '/tmp/error.log',
                      '/tmp/installer.sh']

    conf = config.AgentConfig(config.get_config_files())
    log_dir = os.path.join(conf.storage_base_dir, "logs")

    if not opts.agent_running:
        clean_agent_logs(opts, tar, log_dir)
        files_to_clean.append(conf.storage_dbfile)

    for f in files_to_clean:
        if os.path.exists(f):
            secure_delete(opts, tar, f)
Пример #12
0
def start_main_service(cli_args):
    agent = None
    try:
        config_files = config.get_config_files(conffile=cli_args.conffile)
        conf = config.AgentConfig(config_files)
        agent = DCMAgent(conf)
        if cli_args.version:
            print("Version %s" % dcm.agent.g_version)
            return 0

        agent.pre_threads()
        if cli_args.report:
            utils._g_logger.disabled = True
            cm._g_logger.disabled = True
            config._g_logger.disabled = True
            agent.g_logger.disabled = True
            _gather_info(conf)
            return 0

        utils.verify_config_file(conf)
        conf.start_job_runner()
        agent.run_agent()
    except exceptions.AgentOptionException as aoex:
        console_log(
            cli_args, 0, "The agent is not configured properly. "
            "please check the config file.")
        console_log(cli_args, 0, str(aoex))
        if agent:
            agent.shutdown_main_loop()
        if getattr(cli_args, "verbose", 0) > 2:
            raise
    except Exception:
        _g_logger = logging.getLogger(__name__)
        console_log(cli_args, 0, "Shutting down due to a top level exception")
        _g_logger.exception("An unknown exception bubbled to the top")
        if agent:
            agent.shutdown_main_loop()
        raise
    return 0
Пример #13
0
 def setUp(self):
     self.db = persistence.SQLiteAgentDB(":memory:")
     self.conf = config.AgentConfig([])
Пример #14
0
 def setUpClass(cls):
     test_utils.connect_to_debugger()
     cls.conf = config.AgentConfig([])
Пример #15
0
def main(argv=sys.argv[1:]):
    parser = setup_command_line_parser()
    opts = parser.parse_args(args=argv)

    opts.loglevel = opts.loglevel.upper()
    if opts.loglevel not in ["ERROR", "WARN", "INFO", "DEBUG"]:
        print("WARNING: %s is an invalid log level.  Using INFO"
              % opts.loglevel)
        opts.loglevel = "INFO"
    opts.intrusion_detection_ossec = opts.intrusion_detection_ossec.lower()
    opts.intrusion_detection_ossec =\
        opts.intrusion_detection_ossec in ['y', 'yes', 't', 'true']

    conf_d = gather_values(opts)
    if not opts.initial:
        guess_default_cloud(conf_d)
    do_interactive(opts, conf_d)
    normalize_cloud_name(conf_d)
    pick_meta_data(conf_d)
    validate_cacerts(conf_d)

    # before writing anything make sure that all the needed values are
    # set
    if not opts.initial:
        if not conf_d["system"]["user"]:
            raise Exception("You must set the user name that will run "
                            "this service.")
        if not conf_d["storage"]["base_dir"]:
            raise Exception("You must set the base dir for this service "
                            "installation.")

    try:
        make_dirs(conf_d)
        (_, base_dir) = conf_d["storage"]["base_dir"]
        if not opts.reload:
            copy_scripts(conf_d)
            do_plugin_conf(conf_d)
            do_logging_conf(conf_d, opts)
        else:
            if not os.path.isfile(os.path.join(base_dir, "etc", "plugin.conf")) or opts.rewrite_logging_plugin:
                do_plugin_conf(conf_d)
            if not os.path.isfile(os.path.join(base_dir, "etc", "logging.yaml")) or opts.rewrite_logging_plugin:
                do_logging_conf(conf_d, opts)
        cleanup_previous_install(conf_d)
        conf_file_name = os.path.join(base_dir, "etc", "agent.conf")
        write_conf_file(conf_file_name, conf_d)
        do_set_owner_and_perms(conf_d)
        if not opts.initial:
            enable_start_agent(opts)

        conf = config.AgentConfig([conf_file_name])
        if opts.install_extras:
            if opts.package_name:
                agent_utils.install_extras(conf, package=opts.package_name)
            else:
                agent_utils.install_extras(conf)
        if opts.intrusion_detection_ossec and not agent_utils.ossec_installed(conf):
            # call out to install ossec
            agent_utils.install_ossec(conf)

    except Exception as ex:
        print(str(ex), file=sys.stderr)
        if opts.verbose:
            raise
        return 1
    return 0
Пример #16
0
 def setUpClass(cls):
     basedir = os.path.dirname((os.path.dirname(__file__)))
     cls.test_conf_path = \
         os.path.join(basedir, "etc", "agent.conf")
     cls.conf_obj = config.AgentConfig([cls.test_conf_path])
Пример #17
0
def get_status(cli_args):
    config_files = config.get_config_files(conffile=cli_args.conffile)
    conf = config.AgentConfig(config_files)

    db_obj = messaging.persistence.SQLiteAgentDB(conf.storage_dbfile)

    complete = db_obj.get_all_complete()
    replied = db_obj.get_all_reply()
    rejected = db_obj.get_all_rejected()
    acked = db_obj.get_all_ack()
    reply_nacked = db_obj.get_all_reply_nacked()
    status = "UNKNOWN"
    color_func = clint.textui.colored.yellow

    def _check_command(cmd):
        try:
            payload_doc = request_doc['payload']
            command = payload_doc['command']
            if command == cmd:
                return True
        except:
            pass
        return False

    for r in complete:
        request_doc = json.loads(r.request_doc)
        if _check_command("initialize"):
            status = "INITIALIZED"
            color_func = clint.textui.colored.green
    for r in acked:
        request_doc = json.loads(r.request_doc)
        if _check_command("initialize"):
            status = "INITIALIZING"
            color_func = clint.textui.colored.green
    for r in replied:
        request_doc = json.loads(r.request_doc)
        if _check_command("initialize"):
            status = "INITIALIZING"
            color_func = clint.textui.colored.green
    for r in reply_nacked:
        request_doc = json.loads(r.request_doc)
        if _check_command("initialize"):
            status = "UNKNOWN INITIALIZATION STATE"
            color_func = clint.textui.colored.red

    for r in rejected:
        request_doc = json.loads(r.request_doc)
        if _check_command("initialize"):
            status = "INITIALIZATION REJECTED"
            color_func = clint.textui.colored.red

    clint.textui.puts(color_func(status))
    complete = db_obj.get_all_complete()
    replied = db_obj.get_all_reply()
    rejected = db_obj.get_all_rejected()
    acked = db_obj.get_all_ack()
    reply_nacked = db_obj.get_all_reply_nacked()

    label_col_width = 30
    vals = [(complete, "Commands processed: "),
            (rejected, "Commands rejected: "),
            (acked, "Commands being processed: "),
            (replied, "Commands being replying to: "),
            (reply_nacked, "Replies rejected: ")]
    with clint.textui.indent(4):
        for v, k in vals:
            clint.textui.puts(
                clint.textui.columns([k, label_col_width], [str(len(v)), 5]))

    try:
        pid_file = os.path.join(conf.storage_base_dir, "dcm-agent.pid")
        if not os.path.exists(pid_file):
            run_status = "NOT RUNNING"
            run_reason = "PID file not found"
        else:
            with open(pid_file, "r") as fptr:
                pid = int(fptr.read().strip())
            p = psutil.Process(pid)
            clint.textui.puts(clint.textui.colored.green("RUNNING"))
            start_time_str = datetime.datetime.fromtimestamp(
                p.create_time()).strftime("%Y-%m-%d %H:%M:%S")
            with clint.textui.indent(4):
                clint.textui.puts(
                    clint.textui.columns(
                        ["Started at:", label_col_width],
                        [start_time_str, 70 - label_col_width]))
                clint.textui.puts(
                    clint.textui.columns(["User:"******"Status:", label_col_width],
                                         [p.status(), 70 - label_col_width]))
                clint.textui.puts(
                    clint.textui.columns(["Pid:", label_col_width],
                                         [str(pid), 70 - label_col_width]))

            return 0
    except psutil.NoSuchProcess:
        run_status = "NOT RUNNING"
        run_reason = "The PID %d was not found" % pid
    except Exception as ex:
        run_reason = str(ex)
        run_status = "UNKNOWN"

    clint.textui.puts(clint.textui.colored.red(run_status))
    clint.textui.puts(clint.textui.colored.red(run_reason))

    return 1