To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to mandos-monitor
- browse files at revision 237.7.157
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.157
- Committer: Teddy Hogeborn
- Date: 2012-06-23 00:58:49 UTC
- mto: (237.7.272 trunk)
- mto: This revision was merged to the branch mainline in revision 303.
- Revision ID: teddy@recompile.se-20120623005849-02wj82cng433rt2k
* clients.conf: Convert all time intervals to new RFC 3339 syntax.
* mandos: All client options for time intervals now take an RFC 3339
duration.
(rfc3339_duration_to_delta): New function.
(string_to_delta): Try rfc3339_duration_to_delta first.
* mandos-clients.conf.xml (OPTIONS/timeout): Document new format.
(EXAMPLE): Update to new interval format.
(SEE ALSO): Reference RFC 3339.
* mandos: All client options for time intervals now take an RFC 3339
duration.
(rfc3339_duration_to_delta): New function.
(string_to_delta): Try rfc3339_duration_to_delta first.
* mandos-clients.conf.xml (OPTIONS/timeout): Document new format.
(EXAMPLE): Update to new interval format.
(SEE ALSO): Reference RFC 3339.
added
removed
mandos-monitor
3
3
#
4
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
#
6
# Copyright © 2009-2016 Teddy Hogeborn
7
# Copyright © 2009-2016 Björn Påhlsson
6
# Copyright © 2009-2012 Teddy Hogeborn
7
# Copyright © 2009-2012 Björn Påhlsson
8
8
#
9
9
# This program is free software: you can redistribute it and/or modify
10
10
# it under the terms of the GNU General Public License as published by
25
25
26
26
from __future__ import (division, absolute_import, print_function,
27
27
unicode_literals)
28
try:
29
from future_builtins import *
30
except ImportError:
31
pass
28
29
from future_builtins import *
32
30
33
31
import sys
34
32
import os
33
import signal
35
34
36
35
import datetime
37
36
39
38
import urwid
40
39
41
40
from dbus.mainloop.glib import DBusGMainLoop
42
from gi.repository import GLib
41
import gobject
43
42
44
43
import dbus
45
44
45
import UserList
46
46
47
import locale
47
48
48
if sys.version_info.major == 2:
49
str = unicode
50
51
49
locale.setlocale(locale.LC_ALL, '')
52
50
53
51
import logging
57
55
domain = 'se.recompile'
58
56
server_interface = domain + '.Mandos'
59
57
client_interface = domain + '.Mandos.Client'
60
version = "1.7.6"
61
62
try:
63
dbus.OBJECT_MANAGER_IFACE
64
except AttributeError:
65
dbus.OBJECT_MANAGER_IFACE = "org.freedesktop.DBus.ObjectManager"
58
version = "1.6.0"
59
60
# Always run in monochrome mode
61
urwid.curses_display.curses.has_colors = lambda : False
62
63
# Urwid doesn't support blinking, but we want it. Since we have no
64
# use for underline on its own, we make underline also always blink.
65
urwid.curses_display.curses.A_UNDERLINE |= (
66
urwid.curses_display.curses.A_BLINK)
66
67
67
68
def isoformat_to_datetime(iso):
68
69
"Parse an ISO 8601 date string to a datetime.datetime()"
89
90
self.proxy = proxy_object # Mandos Client proxy object
90
91
self.properties = dict() if properties is None else properties
91
92
self.property_changed_match = (
92
self.proxy.connect_to_signal("PropertiesChanged",
93
self.properties_changed,
94
dbus.PROPERTIES_IFACE,
93
self.proxy.connect_to_signal("PropertyChanged",
94
self._property_changed,
95
client_interface,
95
96
byte_arrays=True))
96
97
97
98
if properties is None:
102
103
103
104
super(MandosClientPropertyCache, self).__init__(**kwargs)
104
105
105
def properties_changed(self, interface, properties, invalidated):
106
"""This is called whenever we get a PropertiesChanged signal
107
It updates the changed properties in the "properties" dict.
106
def _property_changed(self, property, value):
107
"""Helper which takes positional arguments"""
108
return self.property_changed(property=property, value=value)
109
110
def property_changed(self, property=None, value=None):
111
"""This is called whenever we get a PropertyChanged signal
112
It updates the changed property in the "properties" dict.
108
113
"""
109
114
# Update properties dict with new value
110
if interface == client_interface:
111
self.properties.update(properties)
115
self.properties[property] = value
112
116
113
117
def delete(self):
114
118
self.property_changed_match.remove()
160
164
self.rejected,
161
165
client_interface,
162
166
byte_arrays=True))
163
self.logger('Created client {}'
164
.format(self.properties["Name"]), level=0)
167
#self.logger('Created client {0}'
168
# .format(self.properties["Name"]))
165
169
166
170
def using_timer(self, flag):
167
171
"""Call this method with True or False when timer should be
169
173
"""
170
174
if flag and self._update_timer_callback_tag is None:
171
175
# Will update the shown timer value every second
172
self._update_timer_callback_tag = (GLib.timeout_add
176
self._update_timer_callback_tag = (gobject.timeout_add
173
177
(1000,
174
178
self.update_timer))
175
179
elif not (flag or self._update_timer_callback_tag is None):
176
GLib.source_remove(self._update_timer_callback_tag)
180
gobject.source_remove(self._update_timer_callback_tag)
177
181
self._update_timer_callback_tag = None
178
182
179
183
def checker_completed(self, exitstatus, condition, command):
180
184
if exitstatus == 0:
181
self.logger('Checker for client {} (command "{}")'
182
' succeeded'.format(self.properties["Name"],
183
command), level=0)
184
185
self.update()
185
186
return
186
187
# Checker failed
187
188
if os.WIFEXITED(condition):
188
self.logger('Checker for client {} (command "{}") failed'
189
' with exit code {}'
189
self.logger('Checker for client {0} (command "{1}")'
190
' failed with exit code {2}'
190
191
.format(self.properties["Name"], command,
191
192
os.WEXITSTATUS(condition)))
192
193
elif os.WIFSIGNALED(condition):
193
self.logger('Checker for client {} (command "{}") was'
194
' killed by signal {}'
194
self.logger('Checker for client {0} (command "{1}") was'
195
' killed by signal {2}'
195
196
.format(self.properties["Name"], command,
196
197
os.WTERMSIG(condition)))
198
elif os.WCOREDUMP(condition):
199
self.logger('Checker for client {0} (command "{1}")'
200
' dumped core'
201
.format(self.properties["Name"], command))
202
else:
203
self.logger('Checker for client {0} completed'
204
' mysteriously'
205
.format(self.properties["Name"]))
197
206
self.update()
198
207
199
208
def checker_started(self, command):
200
"""Server signals that a checker started."""
201
self.logger('Client {} started checker "{}"'
202
.format(self.properties["Name"],
203
command), level=0)
209
"""Server signals that a checker started. This could be useful
210
to log in the future. """
211
#self.logger('Client {0} started checker "{1}"'
212
# .format(self.properties["Name"],
213
# unicode(command)))
214
pass
204
215
205
216
def got_secret(self):
206
self.logger('Client {} received its secret'
217
self.logger('Client {0} received its secret'
207
218
.format(self.properties["Name"]))
208
219
209
220
def need_approval(self, timeout, default):
210
221
if not default:
211
message = 'Client {} needs approval within {} seconds'
222
message = 'Client {0} needs approval within {1} seconds'
212
223
else:
213
message = 'Client {} will get its secret in {} seconds'
224
message = 'Client {0} will get its secret in {1} seconds'
214
225
self.logger(message.format(self.properties["Name"],
215
226
timeout/1000))
216
227
217
228
def rejected(self, reason):
218
self.logger('Client {} was rejected; reason: {}'
229
self.logger('Client {0} was rejected; reason: {1}'
219
230
.format(self.properties["Name"], reason))
220
231
221
232
def selectable(self):
265
276
else:
266
277
timer = datetime.timedelta()
267
278
if self.properties["ApprovedByDefault"]:
268
message = "Approval in {}. (d)eny?"
279
message = "Approval in {0}. (d)eny?"
269
280
else:
270
message = "Denial in {}. (a)pprove?"
271
message = message.format(str(timer).rsplit(".", 1)[0])
281
message = "Denial in {0}. (a)pprove?"
282
message = message.format(unicode(timer).rsplit(".", 1)[0])
272
283
self.using_timer(True)
273
284
elif self.properties["LastCheckerStatus"] != 0:
274
285
# When checker has failed, show timer until client expires
281
292
timer = max(expires - datetime.datetime.utcnow(),
282
293
datetime.timedelta())
283
294
message = ('A checker has failed! Time until client'
284
' gets disabled: {}'
285
.format(str(timer).rsplit(".", 1)[0]))
295
' gets disabled: {0}'
296
.format(unicode(timer).rsplit(".", 1)[0]))
286
297
self.using_timer(True)
287
298
else:
288
299
message = "enabled"
289
300
self.using_timer(False)
290
self._text = "{}{}".format(base, message)
301
self._text = "{0}{1}".format(base, message)
291
302
292
303
if not urwid.supports_unicode():
293
304
self._text = self._text.encode("ascii", "replace")
306
317
self.update_hook()
307
318
308
319
def update_timer(self):
309
"""called by GLib. Will indefinitely loop until
310
GLib.source_remove() on tag is called
311
"""
320
"""called by gobject. Will indefinitely loop until
321
gobject.source_remove() on tag is called"""
312
322
self.update()
313
323
return True # Keep calling this
314
324
315
325
def delete(self, **kwargs):
316
326
if self._update_timer_callback_tag is not None:
317
GLib.source_remove(self._update_timer_callback_tag)
327
gobject.source_remove(self._update_timer_callback_tag)
318
328
self._update_timer_callback_tag = None
319
329
for match in self.match_objects:
320
330
match.remove()
333
343
"""Handle keys.
334
344
This overrides the method from urwid.FlowWidget"""
335
345
if key == "+":
336
self.proxy.Set(client_interface, "Enabled",
337
dbus.Boolean(True), ignore_reply = True,
338
dbus_interface = dbus.PROPERTIES_IFACE)
346
self.proxy.Enable(dbus_interface = client_interface,
347
ignore_reply=True)
339
348
elif key == "-":
340
self.proxy.Set(client_interface, "Enabled", False,
341
ignore_reply = True,
342
dbus_interface = dbus.PROPERTIES_IFACE)
349
self.proxy.Disable(dbus_interface = client_interface,
350
ignore_reply=True)
343
351
elif key == "a":
344
352
self.proxy.Approve(dbus.Boolean(True, variant_level=1),
345
353
dbus_interface = client_interface,
353
361
.object_path,
354
362
ignore_reply=True)
355
363
elif key == "s":
356
self.proxy.Set(client_interface, "CheckerRunning",
357
dbus.Boolean(True), ignore_reply = True,
358
dbus_interface = dbus.PROPERTIES_IFACE)
364
self.proxy.StartChecker(dbus_interface = client_interface,
365
ignore_reply=True)
359
366
elif key == "S":
360
self.proxy.Set(client_interface, "CheckerRunning",
361
dbus.Boolean(False), ignore_reply = True,
362
dbus_interface = dbus.PROPERTIES_IFACE)
367
self.proxy.StopChecker(dbus_interface = client_interface,
368
ignore_reply=True)
363
369
elif key == "C":
364
370
self.proxy.CheckedOK(dbus_interface = client_interface,
365
371
ignore_reply=True)
373
379
else:
374
380
return key
375
381
376
def properties_changed(self, interface, properties, invalidated):
377
"""Call self.update() if any properties changed.
382
def property_changed(self, property=None, **kwargs):
383
"""Call self.update() if old value is not new value.
378
384
This overrides the method from MandosClientPropertyCache"""
379
old_values = { key: self.properties.get(key)
380
for key in properties.keys() }
381
super(MandosClientWidget, self).properties_changed(
382
interface, properties, invalidated)
383
if any(old_values[key] != self.properties.get(key)
384
for key in old_values):
385
property_name = unicode(property)
386
old_value = self.properties.get(property_name)
387
super(MandosClientWidget, self).property_changed(
388
property=property, **kwargs)
389
if self.properties.get(property_name) != old_value:
385
390
self.update()
386
391
387
392
401
406
"""This is the entire user interface - the whole screen
402
407
with boxes, lists of client widgets, etc.
403
408
"""
404
def __init__(self, max_log_length=1000, log_level=1):
409
def __init__(self, max_log_length=1000):
405
410
DBusGMainLoop(set_as_default=True)
406
411
407
412
self.screen = urwid.curses_display.Screen()
410
415
("normal",
411
416
"default", "default", None),
412
417
("bold",
413
"bold", "default", "bold"),
418
"default", "default", "bold"),
414
419
("underline-blink",
415
"underline,blink", "default", "underline,blink"),
420
"default", "default", "underline"),
416
421
("standout",
417
"standout", "default", "standout"),
422
"default", "default", "standout"),
418
423
("bold-underline-blink",
419
"bold,underline,blink", "default", "bold,underline,blink"),
424
"default", "default", ("bold", "underline")),
420
425
("bold-standout",
421
"bold,standout", "default", "bold,standout"),
426
"default", "default", ("bold", "standout")),
422
427
("underline-blink-standout",
423
"underline,blink,standout", "default",
424
"underline,blink,standout"),
428
"default", "default", ("underline", "standout")),
425
429
("bold-underline-blink-standout",
426
"bold,underline,blink,standout", "default",
427
"bold,underline,blink,standout"),
430
"default", "default", ("bold", "underline",
431
"standout")),
428
432
))
429
433
430
434
if urwid.supports_unicode():
445
449
self.log = []
446
450
self.max_log_length = max_log_length
447
451
448
self.log_level = log_level
449
450
452
# We keep a reference to the log widget so we can remove it
451
453
# from the ListWalker without it getting destroyed
452
454
self.logbox = ConstrainedListBox(self.log)
463
465
"q: Quit ?: Help"))
464
466
465
467
self.busname = domain + '.Mandos'
466
self.main_loop = GLib.MainLoop()
468
self.main_loop = gobject.MainLoop()
467
469
468
470
def client_not_found(self, fingerprint, address):
469
self.log_message("Client with address {} and fingerprint {}"
470
" could not be found"
471
self.log_message("Client with address {0} and fingerprint"
472
" {1} could not be found"
471
473
.format(address, fingerprint))
472
474
473
475
def rebuild(self):
486
488
self.uilist.append(self.logbox)
487
489
self.topwidget = urwid.Pile(self.uilist)
488
490
489
def log_message(self, message, level=1):
490
"""Log message formatted with timestamp"""
491
if level < self.log_level:
492
return
491
def log_message(self, message):
493
492
timestamp = datetime.datetime.now().isoformat()
494
self.log_message_raw("{}: {}".format(timestamp, message),
495
level=level)
493
self.log_message_raw(timestamp + ": " + message)
496
494
497
def log_message_raw(self, markup, level=1):
495
def log_message_raw(self, markup):
498
496
"""Add a log message to the log buffer."""
499
if level < self.log_level:
500
return
501
497
self.log.append(urwid.Text(markup, wrap=self.log_wrap))
502
498
if (self.max_log_length
503
499
and len(self.log) > self.max_log_length):
510
506
"""Toggle visibility of the log buffer."""
511
507
self.log_visible = not self.log_visible
512
508
self.rebuild()
513
self.log_message("Log visibility changed to: {}"
514
.format(self.log_visible), level=0)
509
#self.log_message("Log visibility changed to: "
510
# + unicode(self.log_visible))
515
511
516
512
def change_log_display(self):
517
513
"""Change type of log display.
522
518
self.log_wrap = "clip"
523
519
for textwidget in self.log:
524
520
textwidget.set_wrap_mode(self.log_wrap)
525
self.log_message("Wrap mode: {}".format(self.log_wrap),
526
level=0)
521
#self.log_message("Wrap mode: " + self.log_wrap)
527
522
528
def find_and_remove_client(self, path, interfaces):
523
def find_and_remove_client(self, path, name):
529
524
"""Find a client by its object path and remove it.
530
525
531
This is connected to the InterfacesRemoved signal from the
526
This is connected to the ClientRemoved signal from the
532
527
Mandos server object."""
533
if client_interface not in interfaces:
534
# Not a Mandos client object; ignore
535
return
536
528
try:
537
529
client = self.clients_dict[path]
538
530
except KeyError:
539
531
# not found?
540
self.log_message("Unknown client {!r} removed"
541
.format(path))
532
self.log_message("Unknown client {0!r} ({1!r}) removed"
533
.format(name, path))
542
534
return
543
535
client.delete()
544
536
545
def add_new_client(self, path, ifs_and_props):
546
"""Find a client by its object path and remove it.
547
548
This is connected to the InterfacesAdded signal from the
549
Mandos server object.
550
"""
551
if client_interface not in ifs_and_props:
552
# Not a Mandos client object; ignore
553
return
537
def add_new_client(self, path):
554
538
client_proxy_object = self.bus.get_object(self.busname, path)
555
539
self.add_client(MandosClientWidget(server_proxy_object
556
540
=self.mandos_serv,
561
545
delete_hook
562
546
=self.remove_client,
563
547
logger
564
=self.log_message,
565
properties
566
= dict(ifs_and_props[
567
client_interface])),
548
=self.log_message),
568
549
path=path)
569
550
570
551
def add_client(self, client, path=None):
572
553
if path is None:
573
554
path = client.proxy.object_path
574
555
self.clients_dict[path] = client
575
self.clients.sort(key=lambda c: c.properties["Name"])
556
self.clients.sort(None, lambda c: c.properties["Name"])
576
557
self.refresh()
577
558
578
559
def remove_client(self, client, path=None):
580
561
if path is None:
581
562
path = client.proxy.object_path
582
563
del self.clients_dict[path]
564
if not self.clients_dict:
565
# Work around bug in Urwid 0.9.8.3 - if a SimpleListWalker
566
# is completely emptied, we need to recreate it.
567
self.clients = urwid.SimpleListWalker([])
568
self.rebuild()
583
569
self.refresh()
584
570
585
571
def refresh(self):
598
584
try:
599
585
mandos_clients = (self.mandos_serv
600
586
.GetAllClientsWithProperties())
601
if not mandos_clients:
602
self.log_message_raw(("bold", "Note: Server has no clients."))
603
587
except dbus.exceptions.DBusException:
604
self.log_message_raw(("bold", "Note: No Mandos server running."))
605
588
mandos_clients = dbus.Dictionary()
606
589
607
590
(self.mandos_serv
608
.connect_to_signal("InterfacesRemoved",
591
.connect_to_signal("ClientRemoved",
609
592
self.find_and_remove_client,
610
dbus_interface
611
= dbus.OBJECT_MANAGER_IFACE,
593
dbus_interface=server_interface,
612
594
byte_arrays=True))
613
595
(self.mandos_serv
614
.connect_to_signal("InterfacesAdded",
596
.connect_to_signal("ClientAdded",
615
597
self.add_new_client,
616
dbus_interface
617
= dbus.OBJECT_MANAGER_IFACE,
598
dbus_interface=server_interface,
618
599
byte_arrays=True))
619
600
(self.mandos_serv
620
601
.connect_to_signal("ClientNotFound",
621
602
self.client_not_found,
622
603
dbus_interface=server_interface,
623
604
byte_arrays=True))
624
for path, client in mandos_clients.items():
605
for path, client in mandos_clients.iteritems():
625
606
client_proxy_object = self.bus.get_object(self.busname,
626
607
path)
627
608
self.add_client(MandosClientWidget(server_proxy_object
638
619
path=path)
639
620
640
621
self.refresh()
641
self._input_callback_tag = (GLib.io_add_watch
622
self._input_callback_tag = (gobject.io_add_watch
642
623
(sys.stdin.fileno(),
643
GLib.IO_IN,
624
gobject.IO_IN,
644
625
self.process_input))
645
626
self.main_loop.run()
646
627
# Main loop has finished, we should close everything now
647
GLib.source_remove(self._input_callback_tag)
628
gobject.source_remove(self._input_callback_tag)
648
629
self.screen.stop()
649
630
650
631
def stop(self):
674
655
elif key == "window resize":
675
656
self.size = self.screen.get_cols_rows()
676
657
self.refresh()
677
elif key == "ctrl l":
678
self.screen.clear()
658
elif key == "\f": # Ctrl-L
679
659
self.refresh()
680
660
elif key == "l" or key == "D":
681
661
self.toggle_log_display()
693
673
"?: Help",
694
674
"l: Log window toggle",
695
675
"TAB: Switch window",
696
"w: Wrap (log lines)",
697
"v: Toggle verbose log",
698
))))
676
"w: Wrap (log)"))))
699
677
self.log_message_raw(("bold",
700
678
" "
701
679
.join(("Clients:",
714
692
else:
715
693
self.topwidget.set_focus(self.logbox)
716
694
self.refresh()
717
elif key == "v":
718
if self.log_level == 0:
719
self.log_level = 1
720
self.log_message("Verbose mode: Off")
721
else:
722
self.log_level = 0
723
self.log_message("Verbose mode: On")
724
695
#elif (key == "end" or key == "meta >" or key == "G"
725
696
# or key == ">"):
726
697
# pass # xxx end-of-buffer
749
720
ui.run()
750
721
except KeyboardInterrupt:
751
722
ui.screen.stop()
752
except Exception as e:
753
ui.log_message(str(e))
723
except Exception, e:
724
ui.log_message(unicode(e))
754
725
ui.screen.stop()
755
726
raise
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0