示例#1
0
def run_stage_remediation_ansible(run_type, test_env, formatting, verbose_path):
    """
       Returns False on error, or True in case of successful Ansible playbook
       run."""
    formatting['output_template'] = _ANSIBLE_TEMPLATE
    send_arf_to_remote_machine_and_generate_remediations_there(
        run_type, test_env, formatting, verbose_path)
    if not get_file_remote(test_env, verbose_path, LogHelper.LOG_DIR,
                           '/' + formatting['output_file']):
        return False
    command = (
        'ansible-playbook', '-v', '-i', '{0},'.format(formatting['domain_ip']),
        '-u' 'root', '--ssh-common-args={0}'.format(' '.join(test_env.ssh_additional_options)),
        formatting['playbook'])
    command_string = ' '.join(command)
    returncode, output = common.run_cmd_local(command, verbose_path)
    # Appends output of ansible-playbook to the verbose_path file.
    with open(verbose_path, 'ab') as f:
        f.write('Stdout of "{}":'.format(command_string).encode("utf-8"))
        f.write(output.encode("utf-8"))
    if returncode != 0:
        msg = (
            'Ansible playbook remediation run has '
            'exited with return code {} instead of expected 0'
            .format(returncode))
        LogHelper.preload_log(logging.ERROR, msg, 'fail')
        return False
    return True
示例#2
0
    def online_scan(self, args, verbose_path):
        command_list = self._oscap_ssh_base_arguments() + args

        env = dict(SSH_ADDITIONAL_OPTIONS=" ".join(common.IGNORE_KNOWN_HOSTS_OPTIONS))
        env.update(os.environ)

        return common.run_cmd_local(command_list, verbose_path, env=env)
示例#3
0
    def online_scan(self, args, verbose_path):
        command_list = self._oscap_ssh_base_arguments() + args

        env = dict(SSH_ADDITIONAL_OPTIONS=" ".join(common.IGNORE_KNOWN_HOSTS_OPTIONS))
        env.update(os.environ)

        return common.run_cmd_local(command_list, verbose_path, env=env)
示例#4
0
def get_result_id_from_arf(arf_path, verbose_path):
    command = ['oscap', 'info', arf_path]
    command_string = ' '.join(command)
    returncode, output = common.run_cmd_local(command, verbose_path)
    if returncode != 0:
        raise RuntimeError('{0} returned {1} exit code'.format(
            command_string, returncode))
    res_id = find_result_id_in_output(output)
    if res_id is None:
        raise RuntimeError('Failed to find result ID in {0}'.format(arf_path))
    return res_id
示例#5
0
def get_file_remote(verbose_path, local_dir, domain_ip, remote_path):
    """Download a file from VM."""
    # remote_path is an absolute path of a file on remote machine
    success = True
    source = 'root@{0}:{1}'.format(domain_ip, remote_path)
    logging.debug('Downloading file {0} to {1}'.format(source, local_dir))
    command = ['scp'] + list(common.SSH_ADDITIONAL_OPTS) + [source, local_dir]
    if common.run_cmd_local(command, verbose_path)[0] != 0:
        logging.error('Failed to download file {0}'.format(remote_path))
        success = False
    return success
示例#6
0
def send_files_remote(verbose_path, remote_dir, domain_ip, *files):
    """Upload files to VM."""
    # files is a list of absolute paths on the host
    success = True
    destination = 'root@{0}:{1}'.format(domain_ip, remote_dir)
    files_string = ' '.join(files)

    logging.debug('Uploading files {0} to {1}'.format(files_string,
                                                      destination))
    command = ['scp'] + list(common.SSH_ADDITIONAL_OPTS) + list(files) + [destination]
    if common.run_cmd_local(command, verbose_path)[0] != 0:
        logging.error('Failed to upload files {0}'.format(files_string))
        success = False
    return success
示例#7
0
 def make_oscap_call(self):
     self.prepare_online_scanning_arguments()
     self._generate_report_file()
     env = dict(
         SSH_ADDITIONAL_OPTIONS=" ".join(common.IGNORE_KNOWN_HOSTS_OPTIONS))
     env.update(os.environ)
     returncode = common.run_cmd_local(self.get_command,
                                       self.verbose_path,
                                       env=env)[0]
     if returncode not in [0, 2]:
         logging.error(('Profile run should end with return code 0 or 2 '
                        'not "{0}" as it did!').format(returncode))
         return False
     return True
示例#8
0
    def offline_scan(self, args, verbose_path):
        command_list = self._local_oscap_check_base_arguments() + args

        return common.run_cmd_local(command_list, verbose_path)
示例#9
0
 def online_scan(self, args, verbose_path):
     os.environ["SSH_ADDITIONAL_OPTIONS"] = " ".join(
         common.SSH_ADDITIONAL_OPTS)
     command_list = self._oscap_ssh_base_arguments() + args
     return common.run_cmd_local(command_list, verbose_path)
示例#10
0
    def offline_scan(self, args, verbose_path):
        command_list = self._local_oscap_check_base_arguments() + args

        return common.run_cmd_local(command_list, verbose_path)
示例#11
0
 def online_scan(self, args, verbose_path):
     os.environ["SSH_ADDITIONAL_OPTIONS"] = " ".join(common.SSH_ADDITIONAL_OPTS)
     command_list = self._oscap_ssh_base_arguments() + args
     return common.run_cmd_local(command_list, verbose_path)