def _doCheckConfig(nodes, installed, list_scripts):
results = []
manager = config.Config.manager()
all = [(node,
os.path.join(config.Config.tmpdir, "check-config-%s" % node.name))
for node in nodes]
nodes = []
for (node, cwd) in all:
if os.path.isdir(cwd):
if not execute.rmdir(config.Config.manager(), cwd):
util.output("cannot remove directory %s on manager" % cwd)
continue
if not execute.mkdir(config.Config.manager(), cwd):
util.output("cannot create directory %s on manager" % cwd)
continue
nodes += [(node, cwd)]
cmds = []
for (node, cwd) in nodes:
env = _makeEnvParam(node)
installed_policies = installed and "1" or "0"
print_scripts = list_scripts and "1" or "0"
install.makeLayout(cwd, True)
install.makeLocalNetworks(cwd, True)
install.makeConfig(cwd, True)
cmd = os.path.join(
config.Config.scriptsdir, "check-config") + " %s %s %s %s" % (
installed_policies, print_scripts, cwd, " ".join(
_makeBroParams(node, False)))
cmd += " broctl/check"
cmds += [((node, cwd), cmd, env, None)]
for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds):
if success:
util.output("%s is ok." % node.name)
if list_scripts:
for line in output:
util.output(" %s" % line)
else:
ok = False
util.output("%s failed." % node.name)
for line in output:
util.output(" %s" % line)
execute.rmdir(manager, cwd)
return results
def install(local_only):
config.Config.determineBroVersion()
manager = config.Config.manager()
# Delete previously installed policy files to not mix things up.
policies = [
config.Config.policydirsiteinstall,
config.Config.policydirsiteinstallauto
]
for p in policies:
if os.path.isdir(p):
util.output("removing old policies in %s ..." % p, False)
execute.rmdir(manager, p)
util.output(" done.")
util.output("creating policy directories ...", False)
for p in policies:
execute.mkdir(manager, p)
util.output(" done.")
# Install local site policy.
if config.Config.sitepolicypath:
util.output("installing site policies ...", False)
dst = config.Config.policydirsiteinstall
for dir in config.Config.sitepolicypath.split(":"):
dir = config.Config.subst(dir)
for file in glob.glob(os.path.join(dir, "*")):
if execute.isfile(manager, file):
execute.install(manager, file, dst)
util.output(" done.")
makeLayout(config.Config.policydirsiteinstallauto)
makeLocalNetworks(config.Config.policydirsiteinstallauto)
makeConfig(config.Config.policydirsiteinstallauto)
current = config.Config.subst(os.path.join(config.Config.logdir,
"current"))
try:
util.force_symlink(manager.cwd(), current)
except (IOError, OSError), e:
util.error("failed to update current log symlink")
def install(local_only):
config.Config.determineBroVersion()
manager = config.Config.manager()
# Delete previously installed policy files to not mix things up.
policies = [config.Config.policydirsiteinstall, config.Config.policydirsiteinstallauto]
for p in policies:
if os.path.isdir(p):
util.output("removing old policies in %s ..." % p, False)
execute.rmdir(manager, p)
util.output(" done.")
util.output("creating policy directories ...", False)
for p in policies:
execute.mkdir(manager, p)
util.output(" done.")
# Install local site policy.
if config.Config.sitepolicypath:
util.output("installing site policies ...", False)
dst = config.Config.policydirsiteinstall
for dir in config.Config.sitepolicypath.split(":"):
dir = config.Config.subst(dir)
for file in glob.glob(os.path.join(dir, "*")):
if execute.isfile(manager, file):
execute.install(manager, file, dst)
elif execute.isdir(manager, file):
dstdir = os.path.join(dst, os.path.basename(file))
execute.install(manager, file, dstdir)
util.output(" done.")
makeLayout(config.Config.policydirsiteinstallauto)
makeLocalNetworks(config.Config.policydirsiteinstallauto)
makeConfig(config.Config.policydirsiteinstallauto)
current = config.Config.subst(os.path.join(config.Config.logdir, "current"))
try:
util.force_symlink(manager.cwd(), current)
except (IOError, OSError), e:
util.error("failed to update current log symlink")
def _doCheckConfig(nodes, installed, list_scripts):
results = []
manager = config.Config.manager()
all = [(node, os.path.join(config.Config.tmpdir, "check-config-%s" % node.name)) for node in nodes]
nodes = []
for (node, cwd) in all:
if os.path.isdir(cwd):
if not execute.rmdir(config.Config.manager(), cwd):
util.output("cannot remove directory %s on manager" % cwd)
continue
if not execute.mkdir(config.Config.manager(), cwd):
util.output("cannot create directory %s on manager" % cwd)
continue
nodes += [(node, cwd)]
cmds = []
for (node, cwd) in nodes:
env = _makeEnvParam(node)
installed_policies = installed and "1" or "0"
print_scripts = list_scripts and "1" or "0"
install.makeLayout(cwd, True)
install.makeLocalNetworks(cwd, True)
install.makeConfig(cwd, True)
cmd = os.path.join(config.Config.scriptsdir, "check-config") + " %s %s %s %s" % (installed_policies, print_scripts, cwd, " ".join(_makeBroParams(node, False)))
cmd += " broctl/check"
cmds += [((node, cwd), cmd, env, None)]
for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds):
results += [(node, success)]
if success:
util.output("%s is ok." % node.name)
if list_scripts:
for line in output:
util.output(" %s" % line)
else:
ok = False
util.output("%s failed." % node.name)
for line in output:
util.output(" %s" % line)
execute.rmdir(manager, cwd)
return results
def processTrace(trace, bro_options, bro_scripts):
if not os.path.isfile(trace):
util.output("Error: trace file not found: %s" % trace)
return False
if not os.path.exists(os.path.join(config.Config.scriptsdir, "broctl-config.sh")):
util.output("error: broctl-config.sh not found (try 'broctl install')")
return False
standalone = config.Config.standalone == "1"
if standalone:
tag = "standalone"
else:
tag = "workers"
node = config.Config.nodes(tag=tag)[0]
cwd = os.path.join(config.Config.tmpdir, "testing")
if not execute.rmdir(config.Config.manager(), cwd):
util.output("cannot remove directory %s on manager" % cwd)
return False
if not execute.mkdir(config.Config.manager(), cwd):
util.output("cannot create directory %s on manager" % cwd)
return False
env = _makeEnvParam(node)
bro_args = " ".join(bro_options + _makeBroParams(node, False))
bro_args += " broctl/process-trace"
if bro_scripts:
bro_args += " " + " ".join(bro_scripts)
cmd = os.path.join(config.Config.scriptsdir, "run-bro-on-trace") + " %s %s %s %s" % (0, cwd, trace, bro_args)
print cmd
(success, output) = execute.runLocalCmd(cmd, env, donotcaptureoutput=True)
for line in output:
util.output(line)
util.output("")
util.output("### Bro output in %s" % cwd)
return success
def processTrace(trace, bro_options, bro_scripts):
standalone = (config.Config.standalone == "1")
if standalone:
tag = "standalone"
else:
tag = "workers"
node = config.Config.nodes(tag=tag)[0]
cwd = os.path.join(config.Config.tmpdir, "testing")
if not execute.rmdir(config.Config.manager(), cwd):
util.output("cannot remove directory %s on manager" % cwd)
return False
if not execute.mkdir(config.Config.manager(), cwd):
util.output("cannot create directory %s on manager" % cwd)
return False
env = _makeEnvParam(node)
bro_args = " ".join(
bro_options +
_makeBroParams(node, False, add_manager=(not standalone)))
if bro_scripts:
bro_args += " " + " ".join(bro_scripts)
cmd = os.path.join(
config.Config.scriptsdir,
"run-bro-on-trace") + " %s %s %s %s" % (0, cwd, trace, bro_args)
cmd += " broctl/process-trace"
print cmd
(success, output) = execute.runLocalCmd(cmd, env, donotcaptureoutput=True)
for line in output:
util.output(line)
util.output("")
util.output("### Bro output in %s" % cwd)
return success
def _doCheckConfig(nodes, installed, list_scripts):
results = []
manager = config.Config.manager()
all = [(node, os.path.join(config.Config.tmpdir, "check-config-%s" % node.name)) for node in nodes]
if not os.path.exists(os.path.join(config.Config.scriptsdir, "broctl-config.sh")):
util.output("error: broctl-config.sh not found (try 'broctl install')")
# Return a failure for one node to indicate that the command failed
results += [(all[0][0], False)]
return results
nodes = []
for (node, cwd) in all:
if os.path.isdir(cwd):
if not execute.rmdir(config.Config.manager(), cwd):
util.output("cannot remove directory %s on manager" % cwd)
results += [(node, False)]
continue
if not execute.mkdir(config.Config.manager(), cwd):
util.output("cannot create directory %s on manager" % cwd)
results += [(node, False)]
continue
nodes += [(node, cwd)]
cmds = []
for (node, cwd) in nodes:
env = _makeEnvParam(node)
installed_policies = installed and "1" or "0"
print_scripts = list_scripts and "1" or "0"
install.makeLayout(cwd, True)
install.makeLocalNetworks(cwd, True)
install.makeConfig(cwd, True)
cmd = os.path.join(config.Config.scriptsdir, "check-config") + " %s %s %s %s" % (
installed_policies,
print_scripts,
cwd,
" ".join(_makeBroParams(node, False)),
)
cmd += " broctl/check"
cmds += [((node, cwd), cmd, env, None)]
for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds):
results += [(node, success)]
if success:
util.output("%s scripts are ok." % node.name)
if list_scripts:
for line in output:
util.output(" %s" % line)
else:
util.output("%s scripts failed." % node.name)
for line in output:
util.output(" %s" % line)
execute.rmdir(manager, cwd)
return results
def _doCheckConfig(nodes, installed, list_scripts, fullpaths):
ok = True
manager = config.Config.manager()
all = [(node,
os.path.join(config.Config.tmpdir, "check-config-%s" % node.tag))
for node in nodes]
nodes = []
for (node, cwd) in all:
if os.path.isdir(cwd):
if not execute.rmdir(config.Config.manager(), cwd):
util.output("cannot remove directory %s on manager" % cwd)
continue
if not execute.mkdir(config.Config.manager(), cwd):
util.output("cannot create directory %s on manager" % cwd)
continue
nodes += [(node, cwd)]
cmds = []
for (node, cwd) in nodes:
env = ""
if node.type == "worker" or node.type == "proxy":
env = "BRO_%s=%s" % (node.type.upper(), str(node.count))
dashl = list_scripts and ["-l"] or []
broargs = " ".join(dashl + _makeBroParams(node, False)) + " terminate"
installed_policies = installed and "1" or "0"
cmd = os.path.join(
config.Config.scriptsdir,
"check-config") + " %s %s %s" % (installed_policies, cwd, broargs)
cmds += [((node, cwd), cmd, env, None)]
for ((node, cwd), success, output) in execute.runLocalCmdsParallel(cmds):
if not list_scripts:
if success:
util.output("%s is ok." % node.tag)
else:
ok = False
util.output("%s failed." % node.tag)
for line in output:
util.output(" %s" % line)
else:
util.output(node.tag)
for line in output:
if line.find("loading") >= 0:
line = line.replace("loading ", "")
if not fullpaths:
line = re.sub("\S+/", "", line)
util.output(" %s" % line)
if not success:
ok = False
util.output("%s failed to load all scripts correctly." %
node.tag)
execute.rmdir(manager, cwd)
return ok
def install(local_only, make_install):
if config.Config.devmode == "1":
make_install = True
config.Config.determineBroVersion()
manager = config.Config.manager()
# Delete previously installed policy files to not mix things up.
policies = [config.Config.policydirsiteinstall, config.Config.policydirsiteinstallauto]
if make_install:
policies += [config.Config.subst("${policydir}/broctl")]
for p in policies:
if os.path.isdir(p):
util.output("removing old policies in %s ..." % p, False)
execute.rmdir(manager, p)
util.output(" done.")
util.output("creating policy directories ...", False)
for p in policies:
execute.mkdir(manager, p)
util.output(" done.")
custom = [(os.path.expanduser(file), "${bindir}", True, False) for file in config.Config.custominstallbin.split()]
pp = [(os.path.expanduser(file), "${postprocdir}", True, False) for file in config.Config.auxpostprocessors.split()]
targets = Targets
if config.Config.devmode == "1":
targets += TargetsDev
mandatory = [(src, dst, replace, False) for (src, dst, replace) in targets]
optional = [(src, dst, replace, True) for (src, dst, replace) in OptionalTargets]
if config.Config.standalone == "0":
mandatory += [("${distdir}/aux/broctl/etc/node.cfg.cluster.in", "${cfgdir}/node.cfg.example", False, False)]
mandatory += [("${distdir}/aux/broctl/etc/broctl.cfg.cluster.in", "${cfgdir}/broctl.cfg.example", False, False)]
mandatory += [("${distdir}/aux/broctl/etc/networks.cfg.in", "${cfgdir}/networks.cfg.example", False, True)]
mandatory += [("${distdir}/aux/broctl/policy/local/cluster.local-manager.bro-template", "${defsitepolicypath}/local-manager.bro", False, True)]
mandatory += [("${distdir}/aux/broctl/policy/local/cluster.local-worker.bro-template", "${defsitepolicypath}/local-worker.bro", False, True)]
mandatory += [("${distdir}/aux/broctl/policy/local/cluster.local.bro-template", "${defsitepolicypath}/local.bro", False, True)]
else:
mandatory += [("${distdir}/aux/broctl/etc/node.cfg.standalone.in", "${cfgdir}/node.cfg", False, False)]
mandatory += [("${distdir}/aux/broctl/etc/broctl.cfg.standalone.in", "${cfgdir}/broctl.cfg", False, False)]
mandatory += [("${distdir}/aux/broctl/etc/networks.cfg.in", "${cfgdir}/networks.cfg", False, True)]
mandatory += [("${distdir}/aux/broctl/policy/local/standalone.local.bro-template", "${defsitepolicypath}/local.bro", False, True)]
all_targets = mandatory + optional + custom + pp
if make_install:
util.output("creating installation directories ...", False)
# Install the static parts of the broctl distribution.
dirs = Dirs
if config.Config.devmode == "1":
dirs += DirsDev
for (dir, clean) in dirs:
dir = config.Config.subst(dir)
if clean:
execute.rmdir(manager, dir)
execute.mkdir(manager, dir)
util.output(" done.")
# Copy files.
util.output("installing files ...", False)
for (src, dst, replace, optional) in all_targets:
src = config.Config.subst(src)
dst = config.Config.subst(dst)
files = glob.glob(src)
if not files and not optional:
util.warn("file does not exist: %s" % src)
continue
for file in files:
(target, subst) = _canonTarget(file, dst)
if not replace and execute.exists(manager, target):
continue
if subst:
# Installation copies to template directory only.
# Substitution will be performed later.
target = config.Config.templatedir
if not execute.install(manager, file, target):
continue
if manager:
if not execute.mkdir(manager, manager.cwd()):
util.warn("cannot create %s on manager" % manager.cwd())
util.output(" done.")
# Processing the templates by substitung all variables.
for (src, dst, replace, optional) in all_targets:
# Doesn't work with globs!
src = config.Config.subst(src)
dst = config.Config.subst(dst)
file = os.path.join(config.Config.templatedir, os.path.basename(src))
if not execute.exists(manager, file):
continue
(target, subst) = _canonTarget(file, dst)
assert subst
if not replace and execute.exists(manager, target):
continue
if not execute.install(manager, file, target):
continue
for line in fileinput.input(target, inplace=1):
print config.Config.subst(line, make_dest=False),
fileinput.close()
# Install local site policy.
if config.Config.sitepolicypath:
util.output("installing site policies ...", False)
dst = config.Config.policydirsiteinstall
for dir in config.Config.sitepolicypath.split(":"):
dir = config.Config.subst(dir)
for file in glob.glob(os.path.join(dir, "*")):
if execute.isfile(manager, file):
execute.install(manager, file, dst)
util.output(" done.")
if not config.Config.nodes():
if config.Config.standalone == "0":
return
# The standalone installs default configs. Start over to read those.
util.output("[second install pass]")
os.system(config.Config.subst("${bindir}/broctl install"))
config.Config.readState()
config.Config._readNodes()
return
makeLayout()
makeAnalysisPolicy()
makeLocalNetworks()
current = config.Config.subst(os.path.join(config.Config.logdir, "current"), make_dest=False)
if not execute.exists(manager, current):
try:
os.symlink(manager.cwd(), current)
except (IOError, OSError), e:
util.warn("cannot link %s to %s: %s" % (manager.cwd(), current, e))
