def _doCheckConfig(nodes, installed, list_scripts): results = [] manager = config.Config.manager() all = [(node, os.path.join(config.Config.tmpdir, "check-config-%s" % node.name)) for node in nodes] nodes = [] for (node, cwd) in all: if os.path.isdir(cwd): if not execute.rmdir(config.Config.manager(), cwd): util.output("cannot remove directory %s on manager" % cwd) continue if not execute.mkdir(config.Config.manager(), cwd): util.output("cannot create directory %s on manager" % cwd) continue nodes += [(node, cwd)] cmds = [] for (node, cwd) in nodes: env = _makeEnvParam(node) installed_policies = installed and "1" or "0" print_scripts = list_scripts and "1" or "0" install.makeLayout(cwd, True) install.makeLocalNetworks(cwd, True) install.makeConfig(cwd, True) cmd = os.path.join( config.Config.scriptsdir, "check-config") + " %s %s %s %s" % ( installed_policies, print_scripts, cwd, " ".join( _makeBroParams(node, False))) cmd += " broctl/check" cmds += [((node, cwd), cmd, env, None)] for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds): if success: util.output("%s is ok." % node.name) if list_scripts: for line in output: util.output(" %s" % line) else: ok = False util.output("%s failed." % node.name) for line in output: util.output(" %s" % line) execute.rmdir(manager, cwd) return results
def install(local_only): config.Config.determineBroVersion() manager = config.Config.manager() # Delete previously installed policy files to not mix things up. policies = [ config.Config.policydirsiteinstall, config.Config.policydirsiteinstallauto ] for p in policies: if os.path.isdir(p): util.output("removing old policies in %s ..." % p, False) execute.rmdir(manager, p) util.output(" done.") util.output("creating policy directories ...", False) for p in policies: execute.mkdir(manager, p) util.output(" done.") # Install local site policy. if config.Config.sitepolicypath: util.output("installing site policies ...", False) dst = config.Config.policydirsiteinstall for dir in config.Config.sitepolicypath.split(":"): dir = config.Config.subst(dir) for file in glob.glob(os.path.join(dir, "*")): if execute.isfile(manager, file): execute.install(manager, file, dst) util.output(" done.") makeLayout(config.Config.policydirsiteinstallauto) makeLocalNetworks(config.Config.policydirsiteinstallauto) makeConfig(config.Config.policydirsiteinstallauto) current = config.Config.subst(os.path.join(config.Config.logdir, "current")) try: util.force_symlink(manager.cwd(), current) except (IOError, OSError), e: util.error("failed to update current log symlink")
def install(local_only): config.Config.determineBroVersion() manager = config.Config.manager() # Delete previously installed policy files to not mix things up. policies = [config.Config.policydirsiteinstall, config.Config.policydirsiteinstallauto] for p in policies: if os.path.isdir(p): util.output("removing old policies in %s ..." % p, False) execute.rmdir(manager, p) util.output(" done.") util.output("creating policy directories ...", False) for p in policies: execute.mkdir(manager, p) util.output(" done.") # Install local site policy. if config.Config.sitepolicypath: util.output("installing site policies ...", False) dst = config.Config.policydirsiteinstall for dir in config.Config.sitepolicypath.split(":"): dir = config.Config.subst(dir) for file in glob.glob(os.path.join(dir, "*")): if execute.isfile(manager, file): execute.install(manager, file, dst) elif execute.isdir(manager, file): dstdir = os.path.join(dst, os.path.basename(file)) execute.install(manager, file, dstdir) util.output(" done.") makeLayout(config.Config.policydirsiteinstallauto) makeLocalNetworks(config.Config.policydirsiteinstallauto) makeConfig(config.Config.policydirsiteinstallauto) current = config.Config.subst(os.path.join(config.Config.logdir, "current")) try: util.force_symlink(manager.cwd(), current) except (IOError, OSError), e: util.error("failed to update current log symlink")
def _doCheckConfig(nodes, installed, list_scripts): results = [] manager = config.Config.manager() all = [(node, os.path.join(config.Config.tmpdir, "check-config-%s" % node.name)) for node in nodes] nodes = [] for (node, cwd) in all: if os.path.isdir(cwd): if not execute.rmdir(config.Config.manager(), cwd): util.output("cannot remove directory %s on manager" % cwd) continue if not execute.mkdir(config.Config.manager(), cwd): util.output("cannot create directory %s on manager" % cwd) continue nodes += [(node, cwd)] cmds = [] for (node, cwd) in nodes: env = _makeEnvParam(node) installed_policies = installed and "1" or "0" print_scripts = list_scripts and "1" or "0" install.makeLayout(cwd, True) install.makeLocalNetworks(cwd, True) install.makeConfig(cwd, True) cmd = os.path.join(config.Config.scriptsdir, "check-config") + " %s %s %s %s" % (installed_policies, print_scripts, cwd, " ".join(_makeBroParams(node, False))) cmd += " broctl/check" cmds += [((node, cwd), cmd, env, None)] for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds): results += [(node, success)] if success: util.output("%s is ok." % node.name) if list_scripts: for line in output: util.output(" %s" % line) else: ok = False util.output("%s failed." % node.name) for line in output: util.output(" %s" % line) execute.rmdir(manager, cwd) return results
def processTrace(trace, bro_options, bro_scripts): if not os.path.isfile(trace): util.output("Error: trace file not found: %s" % trace) return False if not os.path.exists(os.path.join(config.Config.scriptsdir, "broctl-config.sh")): util.output("error: broctl-config.sh not found (try 'broctl install')") return False standalone = config.Config.standalone == "1" if standalone: tag = "standalone" else: tag = "workers" node = config.Config.nodes(tag=tag)[0] cwd = os.path.join(config.Config.tmpdir, "testing") if not execute.rmdir(config.Config.manager(), cwd): util.output("cannot remove directory %s on manager" % cwd) return False if not execute.mkdir(config.Config.manager(), cwd): util.output("cannot create directory %s on manager" % cwd) return False env = _makeEnvParam(node) bro_args = " ".join(bro_options + _makeBroParams(node, False)) bro_args += " broctl/process-trace" if bro_scripts: bro_args += " " + " ".join(bro_scripts) cmd = os.path.join(config.Config.scriptsdir, "run-bro-on-trace") + " %s %s %s %s" % (0, cwd, trace, bro_args) print cmd (success, output) = execute.runLocalCmd(cmd, env, donotcaptureoutput=True) for line in output: util.output(line) util.output("") util.output("### Bro output in %s" % cwd) return success
def processTrace(trace, bro_options, bro_scripts): standalone = (config.Config.standalone == "1") if standalone: tag = "standalone" else: tag = "workers" node = config.Config.nodes(tag=tag)[0] cwd = os.path.join(config.Config.tmpdir, "testing") if not execute.rmdir(config.Config.manager(), cwd): util.output("cannot remove directory %s on manager" % cwd) return False if not execute.mkdir(config.Config.manager(), cwd): util.output("cannot create directory %s on manager" % cwd) return False env = _makeEnvParam(node) bro_args = " ".join( bro_options + _makeBroParams(node, False, add_manager=(not standalone))) if bro_scripts: bro_args += " " + " ".join(bro_scripts) cmd = os.path.join( config.Config.scriptsdir, "run-bro-on-trace") + " %s %s %s %s" % (0, cwd, trace, bro_args) cmd += " broctl/process-trace" print cmd (success, output) = execute.runLocalCmd(cmd, env, donotcaptureoutput=True) for line in output: util.output(line) util.output("") util.output("### Bro output in %s" % cwd) return success
def _doCheckConfig(nodes, installed, list_scripts): results = [] manager = config.Config.manager() all = [(node, os.path.join(config.Config.tmpdir, "check-config-%s" % node.name)) for node in nodes] if not os.path.exists(os.path.join(config.Config.scriptsdir, "broctl-config.sh")): util.output("error: broctl-config.sh not found (try 'broctl install')") # Return a failure for one node to indicate that the command failed results += [(all[0][0], False)] return results nodes = [] for (node, cwd) in all: if os.path.isdir(cwd): if not execute.rmdir(config.Config.manager(), cwd): util.output("cannot remove directory %s on manager" % cwd) results += [(node, False)] continue if not execute.mkdir(config.Config.manager(), cwd): util.output("cannot create directory %s on manager" % cwd) results += [(node, False)] continue nodes += [(node, cwd)] cmds = [] for (node, cwd) in nodes: env = _makeEnvParam(node) installed_policies = installed and "1" or "0" print_scripts = list_scripts and "1" or "0" install.makeLayout(cwd, True) install.makeLocalNetworks(cwd, True) install.makeConfig(cwd, True) cmd = os.path.join(config.Config.scriptsdir, "check-config") + " %s %s %s %s" % ( installed_policies, print_scripts, cwd, " ".join(_makeBroParams(node, False)), ) cmd += " broctl/check" cmds += [((node, cwd), cmd, env, None)] for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds): results += [(node, success)] if success: util.output("%s scripts are ok." % node.name) if list_scripts: for line in output: util.output(" %s" % line) else: util.output("%s scripts failed." % node.name) for line in output: util.output(" %s" % line) execute.rmdir(manager, cwd) return results
def _doCheckConfig(nodes, installed, list_scripts, fullpaths): ok = True manager = config.Config.manager() all = [(node, os.path.join(config.Config.tmpdir, "check-config-%s" % node.tag)) for node in nodes] nodes = [] for (node, cwd) in all: if os.path.isdir(cwd): if not execute.rmdir(config.Config.manager(), cwd): util.output("cannot remove directory %s on manager" % cwd) continue if not execute.mkdir(config.Config.manager(), cwd): util.output("cannot create directory %s on manager" % cwd) continue nodes += [(node, cwd)] cmds = [] for (node, cwd) in nodes: env = "" if node.type == "worker" or node.type == "proxy": env = "BRO_%s=%s" % (node.type.upper(), str(node.count)) dashl = list_scripts and ["-l"] or [] broargs = " ".join(dashl + _makeBroParams(node, False)) + " terminate" installed_policies = installed and "1" or "0" cmd = os.path.join( config.Config.scriptsdir, "check-config") + " %s %s %s" % (installed_policies, cwd, broargs) cmds += [((node, cwd), cmd, env, None)] for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds): if not list_scripts: if success: util.output("%s is ok." % node.tag) else: ok = False util.output("%s failed." % node.tag) for line in output: util.output(" %s" % line) else: util.output(node.tag) for line in output: if line.find("loading") >= 0: line = line.replace("loading ", "") if not fullpaths: line = re.sub("\S+/", "", line) util.output(" %s" % line) if not success: ok = False util.output("%s failed to load all scripts correctly." % node.tag) execute.rmdir(manager, cwd) return ok
def install(local_only, make_install): if config.Config.devmode == "1": make_install = True config.Config.determineBroVersion() manager = config.Config.manager() # Delete previously installed policy files to not mix things up. policies = [config.Config.policydirsiteinstall, config.Config.policydirsiteinstallauto] if make_install: policies += [config.Config.subst("${policydir}/broctl")] for p in policies: if os.path.isdir(p): util.output("removing old policies in %s ..." % p, False) execute.rmdir(manager, p) util.output(" done.") util.output("creating policy directories ...", False) for p in policies: execute.mkdir(manager, p) util.output(" done.") custom = [(os.path.expanduser(file), "${bindir}", True, False) for file in config.Config.custominstallbin.split()] pp = [(os.path.expanduser(file), "${postprocdir}", True, False) for file in config.Config.auxpostprocessors.split()] targets = Targets if config.Config.devmode == "1": targets += TargetsDev mandatory = [(src, dst, replace, False) for (src, dst, replace) in targets] optional = [(src, dst, replace, True) for (src, dst, replace) in OptionalTargets] if config.Config.standalone == "0": mandatory += [("${distdir}/aux/broctl/etc/node.cfg.cluster.in", "${cfgdir}/node.cfg.example", False, False)] mandatory += [("${distdir}/aux/broctl/etc/broctl.cfg.cluster.in", "${cfgdir}/broctl.cfg.example", False, False)] mandatory += [("${distdir}/aux/broctl/etc/networks.cfg.in", "${cfgdir}/networks.cfg.example", False, True)] mandatory += [("${distdir}/aux/broctl/policy/local/cluster.local-manager.bro-template", "${defsitepolicypath}/local-manager.bro", False, True)] mandatory += [("${distdir}/aux/broctl/policy/local/cluster.local-worker.bro-template", "${defsitepolicypath}/local-worker.bro", False, True)] mandatory += [("${distdir}/aux/broctl/policy/local/cluster.local.bro-template", "${defsitepolicypath}/local.bro", False, True)] else: mandatory += [("${distdir}/aux/broctl/etc/node.cfg.standalone.in", "${cfgdir}/node.cfg", False, False)] mandatory += [("${distdir}/aux/broctl/etc/broctl.cfg.standalone.in", "${cfgdir}/broctl.cfg", False, False)] mandatory += [("${distdir}/aux/broctl/etc/networks.cfg.in", "${cfgdir}/networks.cfg", False, True)] mandatory += [("${distdir}/aux/broctl/policy/local/standalone.local.bro-template", "${defsitepolicypath}/local.bro", False, True)] all_targets = mandatory + optional + custom + pp if make_install: util.output("creating installation directories ...", False) # Install the static parts of the broctl distribution. dirs = Dirs if config.Config.devmode == "1": dirs += DirsDev for (dir, clean) in dirs: dir = config.Config.subst(dir) if clean: execute.rmdir(manager, dir) execute.mkdir(manager, dir) util.output(" done.") # Copy files. util.output("installing files ...", False) for (src, dst, replace, optional) in all_targets: src = config.Config.subst(src) dst = config.Config.subst(dst) files = glob.glob(src) if not files and not optional: util.warn("file does not exist: %s" % src) continue for file in files: (target, subst) = _canonTarget(file, dst) if not replace and execute.exists(manager, target): continue if subst: # Installation copies to template directory only. # Substitution will be performed later. target = config.Config.templatedir if not execute.install(manager, file, target): continue if manager: if not execute.mkdir(manager, manager.cwd()): util.warn("cannot create %s on manager" % manager.cwd()) util.output(" done.") # Processing the templates by substitung all variables. for (src, dst, replace, optional) in all_targets: # Doesn't work with globs! src = config.Config.subst(src) dst = config.Config.subst(dst) file = os.path.join(config.Config.templatedir, os.path.basename(src)) if not execute.exists(manager, file): continue (target, subst) = _canonTarget(file, dst) assert subst if not replace and execute.exists(manager, target): continue if not execute.install(manager, file, target): continue for line in fileinput.input(target, inplace=1): print config.Config.subst(line, make_dest=False), fileinput.close() # Install local site policy. if config.Config.sitepolicypath: util.output("installing site policies ...", False) dst = config.Config.policydirsiteinstall for dir in config.Config.sitepolicypath.split(":"): dir = config.Config.subst(dir) for file in glob.glob(os.path.join(dir, "*")): if execute.isfile(manager, file): execute.install(manager, file, dst) util.output(" done.") if not config.Config.nodes(): if config.Config.standalone == "0": return # The standalone installs default configs. Start over to read those. util.output("[second install pass]") os.system(config.Config.subst("${bindir}/broctl install")) config.Config.readState() config.Config._readNodes() return makeLayout() makeAnalysisPolicy() makeLocalNetworks() current = config.Config.subst(os.path.join(config.Config.logdir, "current"), make_dest=False) if not execute.exists(manager, current): try: os.symlink(manager.cwd(), current) except (IOError, OSError), e: util.warn("cannot link %s to %s: %s" % (manager.cwd(), current, e))