To get this branch, use:
bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
« back to all changes in this revision
Viewing changes to mandos-monitor
- browse files at revision 1257
- compare with another revision
- download diff
- download tarball
- view history from revision 1257
- Committer: Teddy Hogeborn
- Date: 2022-04-24 16:02:58 UTC
- Revision ID: teddy@recompile.se-20220424160258-gotwyiwtvzi053hc
Fix testing code to handle abnormal exits
* mandos (Local variables/run-tests-in-test-buffer): Handle abnormal
exit (i.e. exit caused by a signal) of process running tests.
* mandos-ctl (Local variables/run-tests-in-test-buffer): - '' -
* mandos (Local variables/run-tests-in-test-buffer): Handle abnormal
exit (i.e. exit caused by a signal) of process running tests.
* mandos-ctl (Local variables/run-tests-in-test-buffer): - '' -
- files added:
- debian/mandos-client.templates
- debian/tests
- dracut-module
- files removed:
- initramfs-tools-hook-conf
- files modified:
- .bzrignore
added
removed
mandos-monitor
1
#!/usr/bin/python
1
#!/usr/bin/python3 -bbI
2
2
# -*- mode: python; coding: utf-8 -*-
3
3
#
4
4
# Mandos Monitor - Control and monitor the Mandos server
5
5
#
6
# Copyright © 2009-2016 Teddy Hogeborn
7
# Copyright © 2009-2016 Björn Påhlsson
8
#
9
# This program is free software: you can redistribute it and/or modify
10
# it under the terms of the GNU General Public License as published by
6
# Copyright © 2009-2019 Teddy Hogeborn
7
# Copyright © 2009-2019 Björn Påhlsson
8
#
9
# This file is part of Mandos.
10
#
11
# Mandos is free software: you can redistribute it and/or modify it
12
# under the terms of the GNU General Public License as published by
11
13
# the Free Software Foundation, either version 3 of the License, or
12
14
# (at your option) any later version.
13
15
#
14
# This program is distributed in the hope that it will be useful,
15
# but WITHOUT ANY WARRANTY; without even the implied warranty of
16
# Mandos is distributed in the hope that it will be useful, but
17
# WITHOUT ANY WARRANTY; without even the implied warranty of
16
18
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17
19
# GNU General Public License for more details.
18
20
#
19
21
# You should have received a copy of the GNU General Public License
20
# along with this program. If not, see
21
# <http://www.gnu.org/licenses/>.
22
# along with Mandos. If not, see <http://www.gnu.org/licenses/>.
22
23
#
23
24
# Contact the authors at <mandos@recompile.se>.
24
25
#
25
26
26
from __future__ import (division, absolute_import, print_function,
27
27
unicode_literals)
28
28
29
try:
29
30
from future_builtins import *
30
31
except ImportError:
31
32
pass
32
33
33
34
import sys
35
import logging
34
36
import os
35
37
import warnings
36
38
import datetime
39
import locale
37
40
38
41
import urwid.curses_display
39
42
import urwid
43
46
44
47
import dbus
45
48
46
import locale
47
48
import logging
49
50
49
if sys.version_info.major == 2:
50
__metaclass__ = type
51
51
str = unicode
52
53
locale.setlocale(locale.LC_ALL, '')
54
55
logging.getLogger('dbus.proxies').setLevel(logging.CRITICAL)
52
input = raw_input
53
54
# Show warnings by default
55
if not sys.warnoptions:
56
warnings.simplefilter("default")
57
58
log = logging.getLogger(os.path.basename(sys.argv[0]))
59
logging.basicConfig(level="NOTSET", # Show all messages
60
format="%(message)s") # Show basic log messages
61
62
logging.captureWarnings(True) # Show warnings via the logging system
63
64
locale.setlocale(locale.LC_ALL, "")
65
66
logging.getLogger("dbus.proxies").setLevel(logging.CRITICAL)
56
67
57
68
# Some useful constants
58
domain = 'se.recompile'
59
server_interface = domain + '.Mandos'
60
client_interface = domain + '.Mandos.Client'
61
version = "1.7.14"
69
domain = "se.recompile"
70
server_interface = domain + ".Mandos"
71
client_interface = domain + ".Mandos.Client"
72
version = "1.8.14"
62
73
63
74
try:
64
75
dbus.OBJECT_MANAGER_IFACE
83
94
int(fraction*1000000)) # Microseconds
84
95
85
96
86
class MandosClientPropertyCache(object):
97
class MandosClientPropertyCache:
87
98
"""This wraps a Mandos Client D-Bus proxy object, caches the
88
99
properties and calls a hook function when any of them are
89
100
changed.
121
132
"""
122
133
123
134
def __init__(self, server_proxy_object=None, update_hook=None,
124
delete_hook=None, logger=None, **kwargs):
135
delete_hook=None, **kwargs):
125
136
# Called on update
126
137
self.update_hook = update_hook
127
138
# Called on delete
128
139
self.delete_hook = delete_hook
129
140
# Mandos Server proxy object
130
141
self.server_proxy_object = server_proxy_object
131
# Logger
132
self.logger = logger
133
142
134
143
self._update_timer_callback_tag = None
135
144
162
171
self.rejected,
163
172
client_interface,
164
173
byte_arrays=True))
165
self.logger('Created client {}'
166
.format(self.properties["Name"]), level=0)
174
log.debug("Created client %s", self.properties["Name"])
167
175
168
176
def using_timer(self, flag):
169
177
"""Call this method with True or False when timer should be
171
179
"""
172
180
if flag and self._update_timer_callback_tag is None:
173
181
# Will update the shown timer value every second
174
self._update_timer_callback_tag = (GLib.timeout_add
175
(1000,
176
self.update_timer))
182
self._update_timer_callback_tag = (
183
GLib.timeout_add(1000,
184
glib_safely(self.update_timer)))
177
185
elif not (flag or self._update_timer_callback_tag is None):
178
186
GLib.source_remove(self._update_timer_callback_tag)
179
187
self._update_timer_callback_tag = None
180
188
181
189
def checker_completed(self, exitstatus, condition, command):
182
190
if exitstatus == 0:
183
self.logger('Checker for client {} (command "{}")'
184
' succeeded'.format(self.properties["Name"],
185
command), level=0)
191
log.debug('Checker for client %s (command "%s")'
192
" succeeded", self.properties["Name"], command)
186
193
self.update()
187
194
return
188
195
# Checker failed
189
196
if os.WIFEXITED(condition):
190
self.logger('Checker for client {} (command "{}") failed'
191
' with exit code {}'
192
.format(self.properties["Name"], command,
193
os.WEXITSTATUS(condition)))
197
log.info('Checker for client %s (command "%s") failed'
198
" with exit code %d", self.properties["Name"],
199
command, os.WEXITSTATUS(condition))
194
200
elif os.WIFSIGNALED(condition):
195
self.logger('Checker for client {} (command "{}") was'
196
' killed by signal {}'
197
.format(self.properties["Name"], command,
198
os.WTERMSIG(condition)))
201
log.info('Checker for client %s (command "%s") was'
202
" killed by signal %d", self.properties["Name"],
203
command, os.WTERMSIG(condition))
199
204
self.update()
200
205
201
206
def checker_started(self, command):
202
207
"""Server signals that a checker started."""
203
self.logger('Client {} started checker "{}"'
204
.format(self.properties["Name"],
205
command), level=0)
208
log.debug('Client %s started checker "%s"',
209
self.properties["Name"], command)
206
210
207
211
def got_secret(self):
208
self.logger('Client {} received its secret'
209
.format(self.properties["Name"]))
212
log.info("Client %s received its secret",
213
self.properties["Name"])
210
214
211
215
def need_approval(self, timeout, default):
212
216
if not default:
213
message = 'Client {} needs approval within {} seconds'
217
message = "Client %s needs approval within %f seconds"
214
218
else:
215
message = 'Client {} will get its secret in {} seconds'
216
self.logger(message.format(self.properties["Name"],
217
timeout/1000))
219
message = "Client %s will get its secret in %f seconds"
220
log.info(message, self.properties["Name"], timeout/1000)
218
221
219
222
def rejected(self, reason):
220
self.logger('Client {} was rejected; reason: {}'
221
.format(self.properties["Name"], reason))
223
log.info("Client %s was rejected; reason: %s",
224
self.properties["Name"], reason)
222
225
223
226
def selectable(self):
224
227
"""Make this a "selectable" widget.
250
253
# Rebuild focus and non-focus widgets using current properties
251
254
252
255
# Base part of a client. Name!
253
base = '{name}: '.format(name=self.properties["Name"])
256
base = "{name}: ".format(name=self.properties["Name"])
254
257
if not self.properties["Enabled"]:
255
258
message = "DISABLED"
256
259
self.using_timer(False)
278
281
timer = datetime.timedelta(0)
279
282
else:
280
283
expires = (datetime.datetime.strptime
281
(expires, '%Y-%m-%dT%H:%M:%S.%f'))
284
(expires, "%Y-%m-%dT%H:%M:%S.%f"))
282
285
timer = max(expires - datetime.datetime.utcnow(),
283
286
datetime.timedelta())
284
message = ('A checker has failed! Time until client'
285
' gets disabled: {}'
287
message = ("A checker has failed! Time until client"
288
" gets disabled: {}"
286
289
.format(str(timer).rsplit(".", 1)[0]))
287
290
self.using_timer(True)
288
291
else:
386
389
self.update()
387
390
388
391
392
def glib_safely(func, retval=True):
393
def safe_func(*args, **kwargs):
394
try:
395
return func(*args, **kwargs)
396
except Exception:
397
log.exception("")
398
return retval
399
return safe_func
400
401
389
402
class ConstrainedListBox(urwid.ListBox):
390
403
"""Like a normal urwid.ListBox, but will consume all "up" or
391
404
"down" key presses, thus not allowing any containing widgets to
399
412
return ret
400
413
401
414
402
class UserInterface(object):
415
class UserInterface:
403
416
"""This is the entire user interface - the whole screen
404
417
with boxes, lists of client widgets, etc.
405
418
"""
406
def __init__(self, max_log_length=1000, log_level=1):
419
def __init__(self, max_log_length=1000):
407
420
DBusGMainLoop(set_as_default=True)
408
421
409
422
self.screen = urwid.curses_display.Screen()
443
456
self.clients_dict = {}
444
457
445
458
# We will add Text widgets to this list
446
self.log = []
459
self.log = urwid.SimpleListWalker([])
447
460
self.max_log_length = max_log_length
448
461
449
self.log_level = log_level
450
451
462
# We keep a reference to the log widget so we can remove it
452
463
# from the ListWalker without it getting destroyed
453
464
self.logbox = ConstrainedListBox(self.log)
457
468
self.log_visible = True
458
469
self.log_wrap = "any"
459
470
471
self.loghandler = UILogHandler(self)
472
460
473
self.rebuild()
461
self.log_message_raw(("bold",
462
"Mandos Monitor version " + version))
463
self.log_message_raw(("bold",
464
"q: Quit ?: Help"))
474
self.add_log_line(("bold",
475
"Mandos Monitor version " + version))
476
self.add_log_line(("bold", "q: Quit ?: Help"))
465
477
466
self.busname = domain + '.Mandos'
478
self.busname = domain + ".Mandos"
467
479
self.main_loop = GLib.MainLoop()
468
480
469
def client_not_found(self, fingerprint, address):
470
self.log_message("Client with address {} and fingerprint {}"
471
" could not be found"
472
.format(address, fingerprint))
481
def client_not_found(self, key_id, address):
482
log.info("Client with address %s and key ID %s could"
483
" not be found", address, key_id)
473
484
474
485
def rebuild(self):
475
486
"""This rebuilds the User Interface.
486
497
self.uilist.append(self.logbox)
487
498
self.topwidget = urwid.Pile(self.uilist)
488
499
489
def log_message(self, message, level=1):
490
"""Log message formatted with timestamp"""
491
if level < self.log_level:
492
return
493
timestamp = datetime.datetime.now().isoformat()
494
self.log_message_raw("{}: {}".format(timestamp, message),
495
level=level)
496
497
def log_message_raw(self, markup, level=1):
498
"""Add a log message to the log buffer."""
499
if level < self.log_level:
500
return
500
def add_log_line(self, markup):
501
501
self.log.append(urwid.Text(markup, wrap=self.log_wrap))
502
502
if self.max_log_length:
503
503
if len(self.log) > self.max_log_length:
504
del self.log[0:len(self.log)-self.max_log_length-1]
505
self.logbox.set_focus(len(self.logbox.body.contents),
504
del self.log[0:(len(self.log) - self.max_log_length)]
505
self.logbox.set_focus(len(self.logbox.body.contents)-1,
506
506
coming_from="above")
507
507
self.refresh()
508
508
510
510
"""Toggle visibility of the log buffer."""
511
511
self.log_visible = not self.log_visible
512
512
self.rebuild()
513
self.log_message("Log visibility changed to: {}"
514
.format(self.log_visible), level=0)
513
log.debug("Log visibility changed to: %s", self.log_visible)
515
514
516
515
def change_log_display(self):
517
516
"""Change type of log display.
522
521
self.log_wrap = "clip"
523
522
for textwidget in self.log:
524
523
textwidget.set_wrap_mode(self.log_wrap)
525
self.log_message("Wrap mode: {}".format(self.log_wrap),
526
level=0)
524
log.debug("Wrap mode: %s", self.log_wrap)
527
525
528
526
def find_and_remove_client(self, path, interfaces):
529
527
"""Find a client by its object path and remove it.
537
535
client = self.clients_dict[path]
538
536
except KeyError:
539
537
# not found?
540
self.log_message("Unknown client {!r} removed"
541
.format(path))
538
log.warning("Unknown client %s removed", path)
542
539
return
543
540
client.delete()
544
541
557
554
proxy_object=client_proxy_object,
558
555
update_hook=self.refresh,
559
556
delete_hook=self.remove_client,
560
logger=self.log_message,
561
557
properties=dict(ifs_and_props[client_interface])),
562
558
path=path)
563
559
583
579
584
580
def run(self):
585
581
"""Start the main loop and exit when it's done."""
582
log.addHandler(self.loghandler)
583
self.orig_log_propagate = log.propagate
584
log.propagate = False
585
self.orig_log_level = log.level
586
log.setLevel("INFO")
586
587
self.bus = dbus.SystemBus()
587
588
mandos_dbus_objc = self.bus.get_object(
588
589
self.busname, "/", follow_name_owner_changes=True)
592
593
mandos_clients = (self.mandos_serv
593
594
.GetAllClientsWithProperties())
594
595
if not mandos_clients:
595
self.log_message_raw(("bold",
596
"Note: Server has no clients."))
596
log.warning("Note: Server has no clients.")
597
597
except dbus.exceptions.DBusException:
598
self.log_message_raw(("bold",
599
"Note: No Mandos server running."))
598
log.warning("Note: No Mandos server running.")
600
599
mandos_clients = dbus.Dictionary()
601
600
602
601
(self.mandos_serv
622
621
proxy_object=client_proxy_object,
623
622
properties=client,
624
623
update_hook=self.refresh,
625
delete_hook=self.remove_client,
626
logger=self.log_message),
624
delete_hook=self.remove_client),
627
625
path=path)
628
626
629
627
self.refresh()
630
self._input_callback_tag = (GLib.io_add_watch
631
(sys.stdin.fileno(),
632
GLib.IO_IN,
633
self.process_input))
628
self._input_callback_tag = (
629
GLib.io_add_watch(
630
GLib.IOChannel.unix_new(sys.stdin.fileno()),
631
GLib.PRIORITY_DEFAULT, GLib.IO_IN,
632
glib_safely(self.process_input)))
634
633
self.main_loop.run()
635
634
# Main loop has finished, we should close everything now
636
635
GLib.source_remove(self._input_callback_tag)
637
self.screen.stop()
636
with warnings.catch_warnings():
637
warnings.simplefilter("ignore", BytesWarning)
638
self.screen.stop()
638
639
639
640
def stop(self):
640
641
self.main_loop.quit()
642
log.removeHandler(self.loghandler)
643
log.propagate = self.orig_log_propagate
641
644
642
645
def process_input(self, source, condition):
643
646
keys = self.screen.get_input()
676
679
if not self.log_visible:
677
680
self.log_visible = True
678
681
self.rebuild()
679
self.log_message_raw(("bold",
680
" ".
681
join(("q: Quit",
682
"?: Help",
683
"l: Log window toggle",
684
"TAB: Switch window",
685
"w: Wrap (log lines)",
686
"v: Toggle verbose log",
687
))))
688
self.log_message_raw(("bold",
689
" "
690
.join(("Clients:",
691
"+: Enable",
692
"-: Disable",
693
"R: Remove",
694
"s: Start new checker",
695
"S: Stop checker",
696
"C: Checker OK",
697
"a: Approve",
698
"d: Deny"))))
682
self.add_log_line(("bold",
683
" ".join(("q: Quit",
684
"?: Help",
685
"l: Log window toggle",
686
"TAB: Switch window",
687
"w: Wrap (log lines)",
688
"v: Toggle verbose log",
689
))))
690
self.add_log_line(("bold",
691
" ".join(("Clients:",
692
"+: Enable",
693
"-: Disable",
694
"R: Remove",
695
"s: Start new checker",
696
"S: Stop checker",
697
"C: Checker OK",
698
"a: Approve",
699
"d: Deny",
700
))))
699
701
self.refresh()
700
702
elif key == "tab":
701
703
if self.topwidget.get_focus() is self.logbox:
704
706
self.topwidget.set_focus(self.logbox)
705
707
self.refresh()
706
708
elif key == "v":
707
if self.log_level == 0:
708
self.log_level = 1
709
self.log_message("Verbose mode: Off")
709
if log.level < logging.INFO:
710
log.setLevel(logging.INFO)
711
log.info("Verbose mode: Off")
710
712
else:
711
self.log_level = 0
712
self.log_message("Verbose mode: On")
713
log.setLevel(logging.NOTSET)
714
log.info("Verbose mode: On")
713
715
# elif (key == "end" or key == "meta >" or key == "G"
714
716
# or key == ">"):
715
717
# pass # xxx end-of-buffer
734
736
return True
735
737
736
738
739
class UILogHandler(logging.Handler):
740
def __init__(self, ui, *args, **kwargs):
741
self.ui = ui
742
super(UILogHandler, self).__init__(*args, **kwargs)
743
self.setFormatter(
744
logging.Formatter("%(asctime)s: %(message)s"))
745
def emit(self, record):
746
msg = self.format(record)
747
if record.levelno > logging.INFO:
748
msg = ("bold", msg)
749
self.ui.add_log_line(msg)
750
751
737
752
ui = UserInterface()
738
753
try:
739
754
ui.run()
740
755
except KeyboardInterrupt:
741
ui.screen.stop()
742
except Exception as e:
743
ui.log_message(str(e))
744
ui.screen.stop()
756
with warnings.catch_warnings():
757
warnings.filterwarnings("ignore", "", BytesWarning)
758
ui.screen.stop()
759
except Exception:
760
with warnings.catch_warnings():
761
warnings.filterwarnings("ignore", "", BytesWarning)
762
ui.screen.stop()
745
763
raise
Loggerhead is a web-based interface for Breezy
Version: 2.0.2.dev0