def loadFile(self, ruleset_context, filetype, name, editable=False, from_template=None, action=None, ruleset_id=0, filename=None, content=None): # Log the action logger = ruleset_context.logger text = "Load %s: %s" % (filetype, name) if ruleset_id == 0: logger.info(text) else: logger.debug(text) if not content: # Get the filename if not filename: if filetype == "library": filename = LIBRARY_FILENAME else: filename = rulesetFilename(filetype, name) # Parse the XML file try: with open(filename) as fp: ruleset = etree.parse(fp).getroot() except IOError, err: if err.errno == ENOENT: if filetype == 'template': message = tr('The "%s" template does not exist. It has been deleted or renamed.') else: message = tr('The "%s" rule set does not exist. It has been deleted or renamed.') raise RulesetError(message, name) else: raise RulesetError( tr('Unable to open file "%s" (%s): %s'), basename(filename), filetype, exceptionAsUnicode(err))
def rulesetUpload(component, logger, filetype, input_filename, content, netcfg): # Extract ruleset name from the input filename name = basename(input_filename) if not name.lower().endswith(".xml"): raise RulesetError('File extension is not ".xml"!') name = name[:-4] # Ensure that the ruleset doesn't exist on disk rulesetFilename(filetype, name, check_existing=True) # Decode the content content = decodeFileContent(content) # Open the ruleset the check the consistency ruleset = Ruleset(component, logger, netcfg, read_only=True) ruleset.load(logger, filetype, name, content=content) if component.core.getMultisiteType() == MULTISITE_SLAVE: if exists(MULTISITE_TEMPLATE_FILENAME): template = MULTISITE_TEMPLATE_NAME else: template = None replaceTemplate(logger, ruleset, template) # Write the ruleset try: ruleset.save() except IOError, err: raise RulesetError( tr("Unable to write into the file %s (%s): %s!"), basename(ruleset.filename), ruleset.filetype, exceptionAsUnicode(err), )
def start(self): """ Create a connection to database. """ if self.dbpool: self.dbpool.close() self.dbpool = None try: self.info('Connecting to database %s' % self.conf['database']) kwargs = {} kwargs[ self.dbkw['host'] ] = self.conf['hostname'] kwargs[ self.dbkw['db'] ] = self.conf['database'] kwargs[ self.dbkw['user'] ] = self.conf['username'] kwargs[ self.dbkw['pass'] ] = self.conf['password'] self.dbpool = adbapi.ConnectionPool(self.dbapi, **kwargs) self.dbpool.connect() self.info('Connected!') except self.error_type, e: self.dbpool = None try: error = e[1] except IndexError: error = e raise DatabaseError( tr("Unable to connect to database, check your configuration: %s"), exceptionAsUnicode(error))
def parseIPAddress(text): try: return IP(text) except ValueError, err: raise RulesetError( tr('Invalid IP address "%s": %s'), text, exceptionAsUnicode(err))
def __init__(self): self.objects = {} try: from .mysql import MySQLDataBase self.objects['mysql'] = MySQLDataBase except ImportError, e: self.objects['mysql'] = exceptionAsUnicode(e)
def discover(self, ip_flow=None, route_flow=None, route6_flow=None): """ ip_flow, route_flow: file descriptors for stdout of 'ip addr list' and 'ip route list' """ added = set() ignored = set() self.important("Auto discovering network parameters") self.discovering = True if ip_flow == None: ip_flow = self.runCmd(NetCfgAutoConf.IP_NET_CMD) cur_iface = None wait = NetCfgAutoConf.IFACE for line in ip_flow: try: line_class, data = self.matchLineClass(line) if data is IGNORED_INTERFACE: cur_iface = None self.debug("Ignoring interface specified by <%s>" % line) continue except IgnoredData, err: self.debug("ignored %s" % line) wait = err.wait continue except Exception, err: reraise(ParseError(u"Error on line %r: %s" % (line, exceptionAsUnicode(err))))
def apply(self, responsible, optim=True): ha_status = ENOHA if EDENWALL: try: ha_status = yield self.core.callService(self.context, 'ha', 'getHAMode') except Exception, err: self.error(exceptionAsUnicode(err))
def getValidLicenses(self): """Display valid licenses in the table.""" try: licenses = self.client.call("license", 'getValidLicenses') except RpcdError, err: licenses = [] self.mainwindow.addToInfoArea(exceptionAsUnicode(err), category=COLOR_CRITICAL)
def validatePage(self): selected = list(self.getSelected()) user_label = self.getUserLabel() try: self.q_netobject.netcfg.createBonding(user_label, selected) except NetCfgError, err: QMessageBox.warning(self, "Could not create bonding interface", exceptionAsUnicode(err)) return False
def error_sync(self, error): self.addToInfoArea(tr("NTP synchronization failed"), category=COLOR_ERROR) warning = QMessageBox(self) warning.setWindowTitle(tr('NTP synchronization failed')) warning.setText(tr('An error occurred during NTP synchronization')) warning.setDetailedText(exceptionAsUnicode(error)) warning.setIcon(QMessageBox.Warning) warning.exec_()
def destroy(self): if not self.on_disk: return self.on_disk = False try: unlink(self.filename) except IOError, err: raise LockError("Could not delete lock file: %s" % exceptionAsUnicode(err))
def _save(self, root, filename): umask(0077) try: return xml_save(root, filename) except IOError, err: raise ConfigError(CONFIG_ERR_XML_WRITE, tr('Unable to write into %s XML file: %s'), filename, exceptionAsUnicode(err))
def __handle_errors(self, err): debug = self.mainwindow.debug if debug: html = Html(formatException(err, debug), escape=False) + BR self.mainwindow.addHTMLToInfoArea(html, category=COLOR_WARNING) else: text = exceptionAsUnicode(err) self.addToInfoArea(text, category=COLOR_WARNING) self.__handle_SessionError(err)
def errorDiag(self, error): self.mainwindow.addToInfoArea(tr("Fetching %s failed.") % self.desc) warning = QMessageBox(self) warning.setWindowTitle(tr('Fetching diagnostic failed')) warning.setText(tr('An error has occurred while fetching %s.') % self.desc) warning.setDetailedText(exceptionAsUnicode(error)) warning.setIcon(QMessageBox.Warning) warning.exec_()
def validatePage(self): user_label = self.getUserLabel() vlan_base = self.getVlanBase() vlan_number = self.getVlanNumber() try: self.q_netobject.netcfg.createVlan(vlan_base, user_label, vlan_number) except NetCfgError, err: QMessageBox.warning(self, "Could not create vlan interface", exceptionAsUnicode(err)) return False
def validatePage(self, hard_label): """ Compulsory subclassing. PyQt visible signature must be 'def validatePage(self)' """ try: user_label = self.getUserLabel() except NetCfgError, err: QMessageBox.warning(self, "Invalid name", exceptionAsUnicode(err)) return False
def init(self, core): ConfigServiceComponent.init(self, core) self.addConfFile("/etc/snort_inline/edenwall-home-net.conf", "root:root", "0644") try: self.handle_transition() except Exception, err: self.critical( "Could not handle configuration transition to new IDS-IPS backend (%s)." % exceptionAsUnicode(err))
def __init__(self, logger): self.store = VariablesStore() # Read the user configuration if exists(CONFIG_FILENAME): logger.info("Read the config") try: self.store.load(CONFIG_FILENAME) except ConfigError, err: logger.warning("Unable to read the config: %s" % exceptionAsUnicode(err))
def init(self, core): var_dir = core.config.get('CORE', 'vardir') self.FINGERPRINT_CREATED = join(var_dir, 'ufwi_conf', 'FINGERPRINT_CREATED') self.createFingerprint() try: self.FINGERPRINT = self.getFingerprint() except Exception, err: msg = exceptionAsUnicode(err) self.critical("Can not read fingerprint : '%s'" % msg)
def loadError(self, err, when): message = u"[%s] %s" % (err.__class__.__name__, exceptionAsUnicode(err)) if self.name: err = RulesetError( tr('Error while loading %s from the "%s" rule set: %s'), when, self.name, message) else: err = RulesetError( tr('Error on new rule set creation (while loading %s): %s'), when, message) reraise(err)
def writeConf(netcfg, interfaces_file, ha_status): if isinstance(interfaces_file, file): f = interfaces_file close_f = False else: close_f = True try: f = open(interfaces_file, 'w') except IOError, err: raise NetCfgError( 'Unable to write the configuration to "%s"! %s', interfaces_file, exceptionAsUnicode(err))
def genConfigFiles(self, responsible): if self.__hascustom(): custom = CUSTOM_DHCP else: custom = False try: context = Context.fromComponent(self) ha_status = yield self.core.callService(context, 'ha', 'getHAMode') except Exception, err: self.error(exceptionAsUnicode(err)) ha_status = ENOHA
def init(self, core): AbstractNuConfComponent.init(self, core) self.core = core self.license_dir = DEFAULT_LICENSE_DIR self.gpg_homedir = DEFAULT_LICENSE_GPG_DIR try: self.license_dir = self.core.config.get('license', 'license_dir') self.gpg_homedir = self.core.config.get('license', 'gpg_homedir') except Exception, err: self.error("Missing or incorrect 'license' configuration in /etc " "Rpcd configuration file (%s)." % exceptionAsUnicode(err))
def load(self, filename): """ Loads an xml file and fills this VariablesStore object with it. """ try: with open(filename) as fp: tree = ET.parse(fp) root = tree.getroot() except IOError, err: raise ConfigError(CONFIG_NO_SUCH_FILE, tr('Unable to open %s XML file: %s!'), filename, exceptionAsUnicode(err))
def errorHandler(self, e): """ This method is called when fetcher raises an error. """ # Store error in fragment, and the ErrorFragmentView will able to # load it error = exceptionAsUnicode(e) self.fragment.error = error # We keep last view in the fragment, to prevent setView() method to # put 'error' in the fragment.view string attribute. last_view = self.fragment.view self.setView('error', update=False) # load the error fragment self.fragment.view = last_view
def errorJoin(self, error): self.splash.hide() self.mainwindow.addToInfoArea(tr('Joining secondary: fail'), category=COLOR_ERROR) warning = QMessageBox(self) warning.setWindowTitle(tr('Joining secondary: fail')) warning.setText(tr('An error was encountered while joining secondary.')) errmsg = exceptionAsUnicode(error) if "current state=ENOHA" in errmsg: errmsg = tr( "Can not join yet: the appliance is still not configured for " "high availability. Did you save and apply your changes?" ) warning.setDetailedText(errmsg) warning.setIcon(QMessageBox.Warning) warning.exec_()
def formatException(err, debug, traceback=None, errtype=None): if errtype is None: errtype = type(err) if isinstance(err, RpcdError): message = unicode(err) if debug or (not message): message = u"[%s] %s" % (err.type, message) else: message = exceptionAsUnicode(err, add_type=False) if debug or (not message): message = u"[%s] %s" % (errtype.__name__, message) message = htmlParagraph(message) if debug: traceback = _getTraceback(err, errtype, traceback) if traceback: message += traceback return unicode(message)
def handleerror(error): message = exceptionAsUnicode(error) if error.type == "CoreError": return tr("This service is not available on your server. " "You may want to upgrade the server" ) if error.type == "NoSuchUser": return tr("No account named '%(USERNAME)s' was found") % { "USERNAME":re.sub(_USER_REGEX, '', message, ) } if error.type == "NoSuchGroup": return tr("No group named '%(GROUPNAME)s' was found.") % { "GROUPNAME": re.sub(_GROUP_REGEX, '', message) } if error.type == "AuthError": return tr("Could not authenticate '%(USERNAME)s' with the supplied credentials.") % { "USERNAME": re.sub(_AUTH_REGEX, '', message) } return "[%s] %s" % (error.type, message)
def save(self): try: hostname = unicode(self.ui.hostname.text()) self.checkHostname(hostname) name = unicode(self.ui.name.text()) for edw in self.edw_list: if edw.getID() == name: if QMessageBox.warning(None, APP_TITLE, tr("A firewall with this name is already registered. Do you want to register it again?"), QMessageBox.Yes | QMessageBox.No) == QMessageBox.No: return False break port = self.ui.port.value() protocol = unicode(self.ui.protocol.currentText()).lower() login = unicode(self.ui.login.text()) password = unicode(self.ui.password.text()) self.client.call('multisite_master', 'register_firewall', name, hostname, port, protocol, login, password) return True except (RpcdError, InvalidHostname), e: QMessageBox.critical(self, self.tr('Rpcd error'), exceptionAsUnicode(e)) return False
def createContext(self, logger): logger.debug("SSL context: protocol=%s, fqdn_check=%s" % (self.protocol, self.fqdn_check)) context = SSL.Context(self.protocol) # Reset options: only disable SSLv2. M2Crypto uses SSL_OP_ALL (enable # all bug workarounds), but we control the client and the server and # both use the OpenSSL library (a recent version). context.set_options(SSL_OP_NO_SSLv2) logger.debug("Use cipher list: %s" % self.cipher_list) context.set_cipher_list(self.cipher_list) if self.send_cert: logger.debug("Load certificate chain (%s) and key (%s) files" % (self.cert, self.key)) try: context.load_cert_chain( self.encodeFilename(self.cert), self.encodeFilename(self.key), self.get_key_password) except Exception, err: raise SSLConfigError( tr("Unable to open the certificate chain or key: %s") % exceptionAsUnicode(err))