示例#1
0
 def Start(self):
   if "/opt" in self.args.path_list[0]:
     mnt = rdf_client.UnixVolume(mount_point="/opt")
     self.SendReply(rdf_client.Volume(unixvolume=mnt, bytes_per_sector=4096,
                                      sectors_per_allocation_unit=1,
                                      actual_available_allocation_units=10,
                                      total_allocation_units=100))
   else:
     mnt = rdf_client.UnixVolume(mount_point="/var")
     self.SendReply(rdf_client.Volume(unixvolume=mnt, bytes_per_sector=1,
                                      sectors_per_allocation_unit=1,
                                      actual_available_allocation_units=784165,
                                      total_allocation_units=78416500))
示例#2
0
    def Run(self, args):
        if platform.system() == "Windows":
            raise RuntimeError("os.statvfs not available on Windows")

        for path in args.path_list:

            try:
                fd = vfs.VFSOpen(rdf_paths.PathSpec(path=path,
                                                    pathtype=args.pathtype),
                                 progress_callback=self.Progress)
                st = fd.StatFS()
                mount_point = fd.GetMountPoint()
            except (IOError, OSError) as e:
                self.SetStatus(rdf_flows.GrrStatus.ReturnedStatus.IOERROR, e)
                continue

            unix = rdf_client.UnixVolume(mount_point=mount_point)

            # On linux pre 2.6 kernels don't have frsize, so we fall back to bsize.
            # The actual_available_allocation_units attribute is set to blocks
            # available to the unprivileged user, root may have some additional
            # reserved space.
            self.SendReply(
                rdf_client.Volume(
                    bytes_per_sector=(st.f_frsize or st.f_bsize),
                    sectors_per_allocation_unit=1,
                    total_allocation_units=st.f_blocks,
                    actual_available_allocation_units=st.f_bavail,
                    unixvolume=unix))
示例#3
0
    def Parse(self, query, result, knowledge_base):
        """Parse the wmi packages output."""
        _ = query, knowledge_base
        result = result.ToDict()
        winvolume = rdf_client.WindowsVolume(
            drive_letter=result.get("DeviceID"),
            drive_type=result.get("DriveType"))

        try:
            size = int(result.get("Size"))
        except (ValueError, TypeError):
            size = None

        try:
            free_space = int(result.get("FreeSpace"))
        except (ValueError, TypeError):
            free_space = None

        # Since we don't get the sector sizes from WMI, we just set them at 1 byte
        volume = rdf_client.Volume(
            windowsvolume=winvolume,
            name=result.get("VolumeName"),
            file_system_type=result.get("FileSystem"),
            serial_number=result.get("VolumeSerialNumber"),
            sectors_per_allocation_unit=1,
            bytes_per_sector=1,
            total_allocation_units=size,
            actual_available_allocation_units=free_space)

        yield volume
示例#4
0
class UnixVolumeClientMock(ActionMock):
  """A mock of client filesystem volumes."""
  unix_local = rdf_client.UnixVolume(mount_point="/usr")
  unix_home = rdf_client.UnixVolume(mount_point="/")
  path_results = [
      rdf_client.Volume(
          unixvolume=unix_local, bytes_per_sector=4096,
          sectors_per_allocation_unit=1, actual_available_allocation_units=50,
          total_allocation_units=100),
      rdf_client.Volume(
          unixvolume=unix_home, bytes_per_sector=4096,
          sectors_per_allocation_unit=1,
          actual_available_allocation_units=10,
          total_allocation_units=100)]

  def StatFS(self, _):
    return self.path_results
示例#5
0
class WindowsVolumeClientMock(ActionMock):
  """A mock of client filesystem volumes."""
  windows_d = rdf_client.WindowsVolume(drive_letter="D:")
  windows_c = rdf_client.WindowsVolume(drive_letter="C:")
  path_results = [
      rdf_client.Volume(
          windowsvolume=windows_d, bytes_per_sector=4096,
          sectors_per_allocation_unit=1,
          actual_available_allocation_units=50, total_allocation_units=100),
      rdf_client.Volume(
          windowsvolume=windows_c, bytes_per_sector=4096,
          sectors_per_allocation_unit=1, actual_available_allocation_units=10,
          total_allocation_units=100)]

  def WmiQuery(self, query):
    if query.query == u"SELECT * FROM Win32_LogicalDisk":
      return client_fixture.WMI_SAMPLE
    else:
      return None
示例#6
0
    def CreateClientWithVolumes(self, available=50):
        client_id = self.SetupClients(1)[0]
        with aff4.FACTORY.Open(client_id, mode="rw",
                               token=self.token) as client_obj:
            volume = rdf_client.Volume(
                total_allocation_units=100,
                actual_available_allocation_units=available)
            client_obj.Set(client_obj.Schema.VOLUMES([volume]))

        self.RequestAndGrantClientApproval(client_id)

        client_obj = aff4.FACTORY.Open(client_id, token=self.token)
        return client_id
示例#7
0
  def CreateClientWithVolumes(self, available=50):
    volume = rdf_client.Volume(
        total_allocation_units=100, actual_available_allocation_units=available)

    client_id = self.SetupClient(0)

    if data_store.RelationalDBReadEnabled():
      snapshot = data_store.REL_DB.ReadClientSnapshot(client_id.Basename())
      snapshot.volumes = [volume]
      data_store.REL_DB.WriteClientSnapshot(snapshot)
    else:
      with aff4.FACTORY.Open(
          client_id, mode="rw", token=self.token) as client_obj:
        client_obj.Set(client_obj.Schema.VOLUMES([volume]))

    self.RequestAndGrantClientApproval(client_id)

    client_obj = aff4.FACTORY.Open(client_id, token=self.token)
    return client_id