To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/release
« back to all changes in this revision
Viewing changes to mandos-monitor
- browse files at revision 237.7.445
- compare with another revision
- download diff
- download tarball
- view history from revision 237.7.445
- Committer: Teddy Hogeborn
- Date: 2017-02-21 22:15:43 UTC
- mto: (237.7.594 trunk)
- mto: This revision was merged to the branch mainline in revision 358.
- Revision ID: teddy@recompile.se-20170221221543-kkh15uag0luiyz4y
Remove useless code (and use "read -r") in initramfs-tools-hook
* initramfs-tools-hook: When reading module names from network hooks
given the "modules" argument, use "read -r" and ignore ${target}
variable (left over from code above it).
* initramfs-tools-hook: When reading module names from network hooks
given the "modules" argument, use "read -r" and ignore ${target}
variable (left over from code above it).
- files added:
- initramfs-tools-hook-conf
- files removed:
- debian/mandos-client.templates
- debian/tests
- dracut-module
- files modified:
- .bzrignore
added
removed
mandos-monitor
1
#!/usr/bin/python3 -bbI
1
#!/usr/bin/python
2
2
# -*- mode: python; coding: utf-8 -*-
3
3
#
4
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
#
6
# Copyright © 2009-2019 Teddy Hogeborn
7
# Copyright © 2009-2019 Björn Påhlsson
8
#
9
# This file is part of Mandos.
10
#
11
# Mandos is free software: you can redistribute it and/or modify it
12
# under the terms of the GNU General Public License as published by
6
# Copyright © 2009-2016 Teddy Hogeborn
7
# Copyright © 2009-2016 Björn Påhlsson
8
#
9
# This program is free software: you can redistribute it and/or modify
10
# it under the terms of the GNU General Public License as published by
13
11
# the Free Software Foundation, either version 3 of the License, or
14
12
# (at your option) any later version.
15
13
#
16
# Mandos is distributed in the hope that it will be useful, but
17
# WITHOUT ANY WARRANTY; without even the implied warranty of
14
# This program is distributed in the hope that it will be useful,
15
# but WITHOUT ANY WARRANTY; without even the implied warranty of
18
16
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19
17
# GNU General Public License for more details.
20
18
#
21
19
# You should have received a copy of the GNU General Public License
22
# along with Mandos. If not, see <http://www.gnu.org/licenses/>.
20
# along with this program. If not, see
21
# <http://www.gnu.org/licenses/>.
23
22
#
24
23
# Contact the authors at <mandos@recompile.se>.
25
24
#
25
26
26
from __future__ import (division, absolute_import, print_function,
27
27
unicode_literals)
28
29
28
try:
30
29
from future_builtins import *
31
30
except ImportError:
32
31
pass
33
32
34
33
import sys
35
import logging
36
34
import os
37
import warnings
35
38
36
import datetime
39
import locale
40
37
41
38
import urwid.curses_display
42
39
import urwid
46
43
47
44
import dbus
48
45
46
import locale
47
48
import logging
49
49
50
if sys.version_info.major == 2:
50
__metaclass__ = type
51
51
str = unicode
52
input = raw_input
53
54
# Show warnings by default
55
if not sys.warnoptions:
56
warnings.simplefilter("default")
57
58
log = logging.getLogger(os.path.basename(sys.argv[0]))
59
logging.basicConfig(level="NOTSET", # Show all messages
60
format="%(message)s") # Show basic log messages
61
62
logging.captureWarnings(True) # Show warnings via the logging system
63
64
locale.setlocale(locale.LC_ALL, "")
65
66
logging.getLogger("dbus.proxies").setLevel(logging.CRITICAL)
67
logging.getLogger("urwid").setLevel(logging.INFO)
52
53
locale.setlocale(locale.LC_ALL, '')
54
55
logging.getLogger('dbus.proxies').setLevel(logging.CRITICAL)
68
56
69
57
# Some useful constants
70
domain = "se.recompile"
71
server_interface = domain + ".Mandos"
72
client_interface = domain + ".Mandos.Client"
73
version = "1.8.17"
58
domain = 'se.recompile'
59
server_interface = domain + '.Mandos'
60
client_interface = domain + '.Mandos.Client'
61
version = "1.7.14"
74
62
75
63
try:
76
64
dbus.OBJECT_MANAGER_IFACE
95
83
int(fraction*1000000)) # Microseconds
96
84
97
85
98
class MandosClientPropertyCache:
86
class MandosClientPropertyCache(object):
99
87
"""This wraps a Mandos Client D-Bus proxy object, caches the
100
88
properties and calls a hook function when any of them are
101
89
changed.
133
121
"""
134
122
135
123
def __init__(self, server_proxy_object=None, update_hook=None,
136
delete_hook=None, **kwargs):
124
delete_hook=None, logger=None, **kwargs):
137
125
# Called on update
138
126
self.update_hook = update_hook
139
127
# Called on delete
140
128
self.delete_hook = delete_hook
141
129
# Mandos Server proxy object
142
130
self.server_proxy_object = server_proxy_object
131
# Logger
132
self.logger = logger
143
133
144
134
self._update_timer_callback_tag = None
145
135
172
162
self.rejected,
173
163
client_interface,
174
164
byte_arrays=True))
175
log.debug("Created client %s", self.properties["Name"])
165
self.logger('Created client {}'
166
.format(self.properties["Name"]), level=0)
176
167
177
168
def using_timer(self, flag):
178
169
"""Call this method with True or False when timer should be
180
171
"""
181
172
if flag and self._update_timer_callback_tag is None:
182
173
# Will update the shown timer value every second
183
self._update_timer_callback_tag = (
184
GLib.timeout_add(1000,
185
glib_safely(self.update_timer)))
174
self._update_timer_callback_tag = (GLib.timeout_add
175
(1000,
176
self.update_timer))
186
177
elif not (flag or self._update_timer_callback_tag is None):
187
178
GLib.source_remove(self._update_timer_callback_tag)
188
179
self._update_timer_callback_tag = None
189
180
190
181
def checker_completed(self, exitstatus, condition, command):
191
182
if exitstatus == 0:
192
log.debug('Checker for client %s (command "%s")'
193
" succeeded", self.properties["Name"], command)
183
self.logger('Checker for client {} (command "{}")'
184
' succeeded'.format(self.properties["Name"],
185
command), level=0)
194
186
self.update()
195
187
return
196
188
# Checker failed
197
189
if os.WIFEXITED(condition):
198
log.info('Checker for client %s (command "%s") failed'
199
" with exit code %d", self.properties["Name"],
200
command, os.WEXITSTATUS(condition))
190
self.logger('Checker for client {} (command "{}") failed'
191
' with exit code {}'
192
.format(self.properties["Name"], command,
193
os.WEXITSTATUS(condition)))
201
194
elif os.WIFSIGNALED(condition):
202
log.info('Checker for client %s (command "%s") was'
203
" killed by signal %d", self.properties["Name"],
204
command, os.WTERMSIG(condition))
195
self.logger('Checker for client {} (command "{}") was'
196
' killed by signal {}'
197
.format(self.properties["Name"], command,
198
os.WTERMSIG(condition)))
205
199
self.update()
206
200
207
201
def checker_started(self, command):
208
202
"""Server signals that a checker started."""
209
log.debug('Client %s started checker "%s"',
210
self.properties["Name"], command)
203
self.logger('Client {} started checker "{}"'
204
.format(self.properties["Name"],
205
command), level=0)
211
206
212
207
def got_secret(self):
213
log.info("Client %s received its secret",
214
self.properties["Name"])
208
self.logger('Client {} received its secret'
209
.format(self.properties["Name"]))
215
210
216
211
def need_approval(self, timeout, default):
217
212
if not default:
218
message = "Client %s needs approval within %f seconds"
213
message = 'Client {} needs approval within {} seconds'
219
214
else:
220
message = "Client %s will get its secret in %f seconds"
221
log.info(message, self.properties["Name"], timeout/1000)
215
message = 'Client {} will get its secret in {} seconds'
216
self.logger(message.format(self.properties["Name"],
217
timeout/1000))
222
218
223
219
def rejected(self, reason):
224
log.info("Client %s was rejected; reason: %s",
225
self.properties["Name"], reason)
220
self.logger('Client {} was rejected; reason: {}'
221
.format(self.properties["Name"], reason))
226
222
227
223
def selectable(self):
228
224
"""Make this a "selectable" widget.
254
250
# Rebuild focus and non-focus widgets using current properties
255
251
256
252
# Base part of a client. Name!
257
base = "{name}: ".format(name=self.properties["Name"])
253
base = '{name}: '.format(name=self.properties["Name"])
258
254
if not self.properties["Enabled"]:
259
255
message = "DISABLED"
260
256
self.using_timer(False)
282
278
timer = datetime.timedelta(0)
283
279
else:
284
280
expires = (datetime.datetime.strptime
285
(expires, "%Y-%m-%dT%H:%M:%S.%f"))
281
(expires, '%Y-%m-%dT%H:%M:%S.%f'))
286
282
timer = max(expires - datetime.datetime.utcnow(),
287
283
datetime.timedelta())
288
message = ("A checker has failed! Time until client"
289
" gets disabled: {}"
284
message = ('A checker has failed! Time until client'
285
' gets disabled: {}'
290
286
.format(str(timer).rsplit(".", 1)[0]))
291
287
self.using_timer(True)
292
288
else:
390
386
self.update()
391
387
392
388
393
def glib_safely(func, retval=True):
394
def safe_func(*args, **kwargs):
395
try:
396
return func(*args, **kwargs)
397
except Exception:
398
log.exception("")
399
return retval
400
return safe_func
401
402
403
389
class ConstrainedListBox(urwid.ListBox):
404
390
"""Like a normal urwid.ListBox, but will consume all "up" or
405
391
"down" key presses, thus not allowing any containing widgets to
413
399
return ret
414
400
415
401
416
class UserInterface:
402
class UserInterface(object):
417
403
"""This is the entire user interface - the whole screen
418
404
with boxes, lists of client widgets, etc.
419
405
"""
420
def __init__(self, max_log_length=1000):
406
def __init__(self, max_log_length=1000, log_level=1):
421
407
DBusGMainLoop(set_as_default=True)
422
408
423
409
self.screen = urwid.curses_display.Screen()
457
443
self.clients_dict = {}
458
444
459
445
# We will add Text widgets to this list
460
self.log = urwid.SimpleListWalker([])
446
self.log = []
461
447
self.max_log_length = max_log_length
462
448
449
self.log_level = log_level
450
463
451
# We keep a reference to the log widget so we can remove it
464
452
# from the ListWalker without it getting destroyed
465
453
self.logbox = ConstrainedListBox(self.log)
469
457
self.log_visible = True
470
458
self.log_wrap = "any"
471
459
472
self.loghandler = UILogHandler(self)
473
474
460
self.rebuild()
475
self.add_log_line(("bold",
476
"Mandos Monitor version " + version))
477
self.add_log_line(("bold", "q: Quit ?: Help"))
461
self.log_message_raw(("bold",
462
"Mandos Monitor version " + version))
463
self.log_message_raw(("bold",
464
"q: Quit ?: Help"))
478
465
479
self.busname = domain + ".Mandos"
466
self.busname = domain + '.Mandos'
480
467
self.main_loop = GLib.MainLoop()
481
468
482
def client_not_found(self, key_id, address):
483
log.info("Client with address %s and key ID %s could"
484
" not be found", address, key_id)
469
def client_not_found(self, fingerprint, address):
470
self.log_message("Client with address {} and fingerprint {}"
471
" could not be found"
472
.format(address, fingerprint))
485
473
486
474
def rebuild(self):
487
475
"""This rebuilds the User Interface.
498
486
self.uilist.append(self.logbox)
499
487
self.topwidget = urwid.Pile(self.uilist)
500
488
501
def add_log_line(self, markup):
489
def log_message(self, message, level=1):
490
"""Log message formatted with timestamp"""
491
if level < self.log_level:
492
return
493
timestamp = datetime.datetime.now().isoformat()
494
self.log_message_raw("{}: {}".format(timestamp, message),
495
level=level)
496
497
def log_message_raw(self, markup, level=1):
498
"""Add a log message to the log buffer."""
499
if level < self.log_level:
500
return
502
501
self.log.append(urwid.Text(markup, wrap=self.log_wrap))
503
502
if self.max_log_length:
504
503
if len(self.log) > self.max_log_length:
505
del self.log[0:(len(self.log) - self.max_log_length)]
506
self.logbox.set_focus(len(self.logbox.body.contents)-1,
504
del self.log[0:len(self.log)-self.max_log_length-1]
505
self.logbox.set_focus(len(self.logbox.body.contents),
507
506
coming_from="above")
508
507
self.refresh()
509
508
511
510
"""Toggle visibility of the log buffer."""
512
511
self.log_visible = not self.log_visible
513
512
self.rebuild()
514
log.debug("Log visibility changed to: %s", self.log_visible)
513
self.log_message("Log visibility changed to: {}"
514
.format(self.log_visible), level=0)
515
515
516
516
def change_log_display(self):
517
517
"""Change type of log display.
522
522
self.log_wrap = "clip"
523
523
for textwidget in self.log:
524
524
textwidget.set_wrap_mode(self.log_wrap)
525
log.debug("Wrap mode: %s", self.log_wrap)
525
self.log_message("Wrap mode: {}".format(self.log_wrap),
526
level=0)
526
527
527
528
def find_and_remove_client(self, path, interfaces):
528
529
"""Find a client by its object path and remove it.
536
537
client = self.clients_dict[path]
537
538
except KeyError:
538
539
# not found?
539
log.warning("Unknown client %s removed", path)
540
self.log_message("Unknown client {!r} removed"
541
.format(path))
540
542
return
541
543
client.delete()
542
544
555
557
proxy_object=client_proxy_object,
556
558
update_hook=self.refresh,
557
559
delete_hook=self.remove_client,
560
logger=self.log_message,
558
561
properties=dict(ifs_and_props[client_interface])),
559
562
path=path)
560
563
580
583
581
584
def run(self):
582
585
"""Start the main loop and exit when it's done."""
583
log.addHandler(self.loghandler)
584
self.orig_log_propagate = log.propagate
585
log.propagate = False
586
self.orig_log_level = log.level
587
log.setLevel("INFO")
588
586
self.bus = dbus.SystemBus()
589
587
mandos_dbus_objc = self.bus.get_object(
590
588
self.busname, "/", follow_name_owner_changes=True)
594
592
mandos_clients = (self.mandos_serv
595
593
.GetAllClientsWithProperties())
596
594
if not mandos_clients:
597
log.warning("Note: Server has no clients.")
595
self.log_message_raw(("bold",
596
"Note: Server has no clients."))
598
597
except dbus.exceptions.DBusException:
599
log.warning("Note: No Mandos server running.")
598
self.log_message_raw(("bold",
599
"Note: No Mandos server running."))
600
600
mandos_clients = dbus.Dictionary()
601
601
602
602
(self.mandos_serv
622
622
proxy_object=client_proxy_object,
623
623
properties=client,
624
624
update_hook=self.refresh,
625
delete_hook=self.remove_client),
625
delete_hook=self.remove_client,
626
logger=self.log_message),
626
627
path=path)
627
628
628
629
self.refresh()
629
self._input_callback_tag = (
630
GLib.io_add_watch(
631
GLib.IOChannel.unix_new(sys.stdin.fileno()),
632
GLib.PRIORITY_DEFAULT, GLib.IO_IN,
633
glib_safely(self.process_input)))
630
self._input_callback_tag = (GLib.io_add_watch
631
(sys.stdin.fileno(),
632
GLib.IO_IN,
633
self.process_input))
634
634
self.main_loop.run()
635
635
# Main loop has finished, we should close everything now
636
636
GLib.source_remove(self._input_callback_tag)
637
with warnings.catch_warnings():
638
warnings.simplefilter("ignore", BytesWarning)
639
self.screen.stop()
637
self.screen.stop()
640
638
641
639
def stop(self):
642
640
self.main_loop.quit()
643
log.removeHandler(self.loghandler)
644
log.propagate = self.orig_log_propagate
645
641
646
642
def process_input(self, source, condition):
647
643
keys = self.screen.get_input()
680
676
if not self.log_visible:
681
677
self.log_visible = True
682
678
self.rebuild()
683
self.add_log_line(("bold",
684
" ".join(("q: Quit",
685
"?: Help",
686
"l: Log window toggle",
687
"TAB: Switch window",
688
"w: Wrap (log lines)",
689
"v: Toggle verbose log",
690
))))
691
self.add_log_line(("bold",
692
" ".join(("Clients:",
693
"+: Enable",
694
"-: Disable",
695
"R: Remove",
696
"s: Start new checker",
697
"S: Stop checker",
698
"C: Checker OK",
699
"a: Approve",
700
"d: Deny",
701
))))
679
self.log_message_raw(("bold",
680
" ".
681
join(("q: Quit",
682
"?: Help",
683
"l: Log window toggle",
684
"TAB: Switch window",
685
"w: Wrap (log lines)",
686
"v: Toggle verbose log",
687
))))
688
self.log_message_raw(("bold",
689
" "
690
.join(("Clients:",
691
"+: Enable",
692
"-: Disable",
693
"R: Remove",
694
"s: Start new checker",
695
"S: Stop checker",
696
"C: Checker OK",
697
"a: Approve",
698
"d: Deny"))))
702
699
self.refresh()
703
700
elif key == "tab":
704
701
if self.topwidget.get_focus() is self.logbox:
707
704
self.topwidget.set_focus(self.logbox)
708
705
self.refresh()
709
706
elif key == "v":
710
if log.level < logging.INFO:
711
log.setLevel(logging.INFO)
712
log.info("Verbose mode: Off")
707
if self.log_level == 0:
708
self.log_level = 1
709
self.log_message("Verbose mode: Off")
713
710
else:
714
log.setLevel(logging.NOTSET)
715
log.info("Verbose mode: On")
711
self.log_level = 0
712
self.log_message("Verbose mode: On")
716
713
# elif (key == "end" or key == "meta >" or key == "G"
717
714
# or key == ">"):
718
715
# pass # xxx end-of-buffer
737
734
return True
738
735
739
736
740
class UILogHandler(logging.Handler):
741
def __init__(self, ui, *args, **kwargs):
742
self.ui = ui
743
super(UILogHandler, self).__init__(*args, **kwargs)
744
self.setFormatter(
745
logging.Formatter("%(asctime)s: %(message)s"))
746
def emit(self, record):
747
msg = self.format(record)
748
if record.levelno > logging.INFO:
749
msg = ("bold", msg)
750
self.ui.add_log_line(msg)
751
752
753
737
ui = UserInterface()
754
738
try:
755
739
ui.run()
756
740
except KeyboardInterrupt:
757
with warnings.catch_warnings():
758
warnings.filterwarnings("ignore", "", BytesWarning)
759
ui.screen.stop()
760
except Exception:
761
with warnings.catch_warnings():
762
warnings.filterwarnings("ignore", "", BytesWarning)
763
ui.screen.stop()
741
ui.screen.stop()
742
except Exception as e:
743
ui.log_message(str(e))
744
ui.screen.stop()
764
745
raise
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0