/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: Teddy Hogeborn
  • Date: 2010-09-12 03:00:40 UTC
  • Revision ID: teddy@fukt.bsnet.se-20100912030040-b0uopyennste9fdh
Documentation changes:

* DBUS-API: New file documenting the server D-Bus interface.

* clients.conf: Add examples of new approval settings.

* debian/mandos.docs: Added "DBUS-API".

* mandos-clients.conf.xml (OPTIONS): Added "approved_by_default",
                                     "approval_delay", and
                                     "approval_duration".
* mandos.xml (D-BUS INTERFACE): Refer to the "DBUS-API" file.
  (BUGS): Remove mention of lack of a remote query interface.

Show diffs side-by-side

added added

removed removed

Lines of Context:
8
8
import locale
9
9
import datetime
10
10
import re
11
 
import os
12
11
 
13
12
locale.setlocale(locale.LC_ALL, u'')
14
13
 
32
31
server_interface = domain + '.Mandos'
33
32
client_interface = domain + '.Mandos.Client'
34
33
version = "1.0.14"
 
34
try:
 
35
    bus = dbus.SystemBus()
 
36
    mandos_dbus_objc = bus.get_object(busname, server_path)
 
37
except dbus.exceptions.DBusException:
 
38
    sys.exit(1)
 
39
    
 
40
mandos_serv = dbus.Interface(mandos_dbus_objc,
 
41
                             dbus_interface = server_interface)
 
42
mandos_clients = mandos_serv.GetAllClientsWithProperties()
35
43
 
36
44
def timedelta_to_milliseconds(td):
37
45
    "Convert a datetime.timedelta object to milliseconds"
89
97
        timevalue += delta
90
98
    return timevalue
91
99
 
92
 
def print_clients(clients, keywords):
 
100
def print_clients(clients):
93
101
    def valuetostring(value, keyword):
94
102
        if type(value) is dbus.Boolean:
95
103
            return u"Yes" if value else u"No"
96
 
        if keyword in (u"Timeout", u"Interval"):
 
104
        if keyword in (u"timeout", u"interval"):
97
105
            return milliseconds_to_string(value)
98
106
        return unicode(value)
99
107
    
111
119
        print format_string % tuple(valuetostring(client[key], key)
112
120
                                    for key in keywords)
113
121
 
114
 
def has_actions(options):
115
 
    return any((options.enable,
116
 
                options.disable,
117
 
                options.bump_timeout,
118
 
                options.start_checker,
119
 
                options.stop_checker,
120
 
                options.is_enabled,
121
 
                options.remove,
122
 
                options.checker is not None,
123
 
                options.timeout is not None,
124
 
                options.interval is not None,
125
 
                options.host is not None,
126
 
                options.secret is not None,
127
 
                options.approve,
128
 
                options.deny))
129
 
        
130
 
def main():
131
 
        parser = OptionParser(version = "%%prog %s" % version)
132
 
        parser.add_option("-a", "--all", action="store_true",
133
 
                          help="Select all clients")
134
 
        parser.add_option("-v", "--verbose", action="store_true",
135
 
                          help="Print all fields")
136
 
        parser.add_option("-e", "--enable", action="store_true",
137
 
                          help="Enable client")
138
 
        parser.add_option("-d", "--disable", action="store_true",
139
 
                          help="disable client")
140
 
        parser.add_option("-b", "--bump-timeout", action="store_true",
141
 
                          help="Bump timeout for client")
142
 
        parser.add_option("--start-checker", action="store_true",
143
 
                          help="Start checker for client")
144
 
        parser.add_option("--stop-checker", action="store_true",
145
 
                          help="Stop checker for client")
146
 
        parser.add_option("-V", "--is-enabled", action="store_true",
147
 
                          help="Check if client is enabled")
148
 
        parser.add_option("-r", "--remove", action="store_true",
149
 
                          help="Remove client")
150
 
        parser.add_option("-c", "--checker", type="string",
151
 
                          help="Set checker command for client")
152
 
        parser.add_option("-t", "--timeout", type="string",
153
 
                          help="Set timeout for client")
154
 
        parser.add_option("-i", "--interval", type="string",
155
 
                          help="Set checker interval for client")
156
 
        parser.add_option("-H", "--host", type="string",
157
 
                          help="Set host for client")
158
 
        parser.add_option("-s", "--secret", type="string",
159
 
                          help="Set password blob (file) for client")
160
 
        parser.add_option("-A", "--approve", action="store_true",
161
 
                          help="Approve any current client request")
162
 
        parser.add_option("-D", "--deny", action="store_true",
163
 
                          help="Deny any current client request")
164
 
        options, client_names = parser.parse_args()
165
 
        
166
 
        if has_actions(options) and not client_names and not options.all:
167
 
            parser.error('Options requires clients names or --all.')
168
 
        if options.verbose and has_actions(options):
169
 
            parser.error('Verbose option can only be used alone or with --all.')
170
 
        if options.all and not has_actions(options):
171
 
            parser.error('--all requires an action')
172
 
            
173
 
        try:
174
 
            bus = dbus.SystemBus()
175
 
            mandos_dbus_objc = bus.get_object(busname, server_path)
176
 
        except dbus.exceptions.DBusException:
177
 
            print >> sys.stderr, "Could not connect to Mandos server"
178
 
            sys.exit(1)
179
 
    
180
 
        mandos_serv = dbus.Interface(mandos_dbus_objc,
181
 
                                     dbus_interface = server_interface)
182
 
 
183
 
        #block stderr since dbus library prints to stderr
184
 
        null = os.open(os.path.devnull, os.O_RDWR)
185
 
        stderrcopy = os.dup(sys.stderr.fileno())
186
 
        os.dup2(null, sys.stderr.fileno())
187
 
        os.close(null)
188
 
        try:
189
 
            try:
190
 
                mandos_clients = mandos_serv.GetAllClientsWithProperties()
191
 
            finally:
192
 
                #restore stderr
193
 
                os.dup2(stderrcopy, sys.stderr.fileno())
194
 
                os.close(stderrcopy)
195
 
        except dbus.exceptions.DBusException, e:
196
 
            print >> sys.stderr, "Access denied: Accessing mandos server through dbus."
197
 
            sys.exit(1)
198
 
            
199
 
        # Compile dict of (clients: properties) to process
200
 
        clients={}
201
 
        
202
 
        if options.all or not client_names:
203
 
            clients = dict((bus.get_object(busname, path), properties)
204
 
                           for path, properties in
205
 
                           mandos_clients.iteritems())
206
 
        else:
207
 
            for name in client_names:
208
 
                for path, client in mandos_clients.iteritems():
209
 
                    if client['Name'] == name:
210
 
                        client_objc = bus.get_object(busname, path)
211
 
                        clients[client_objc] = client
212
 
                        break
213
 
                else:
214
 
                    print >> sys.stderr, "Client not found on server: %r" % name
215
 
                    sys.exit(1)
216
 
            
217
 
        if not has_actions(options) and clients:
218
 
            if options.verbose:
219
 
                keywords = ('Name', 'Enabled', 'Timeout', 'LastCheckedOK',
220
 
                            'Created', 'Interval', 'Host', 'Fingerprint',
221
 
                            'CheckerRunning', 'LastEnabled', 'Checker')
222
 
            else:
223
 
                keywords = defaultkeywords
224
 
                
225
 
            print_clients(clients.values(), keywords)
226
 
        else:
227
 
            # Process each client in the list by all selected options
228
 
            for client in clients:
229
 
                if options.remove:
230
 
                    mandos_serv.RemoveClient(client.__dbus_object_path__)
231
 
                if options.enable:
232
 
                    client.Enable(dbus_interface=client_interface)
233
 
                if options.disable:
234
 
                    client.Disable(dbus_interface=client_interface)
235
 
                if options.bump_timeout:
236
 
                    client.CheckedOK(dbus_interface=client_interface)
237
 
                if options.start_checker:
238
 
                    client.StartChecker(dbus_interface=client_interface)
239
 
                if options.stop_checker:
240
 
                    client.StopChecker(dbus_interface=client_interface)
241
 
                if options.is_enabled:
242
 
                    sys.exit(0 if client.Get(client_interface,
243
 
                                             u"Enabled",
244
 
                                             dbus_interface=dbus.PROPERTIES_IFACE)
245
 
                             else 1)
246
 
                if options.checker:
247
 
                    client.Set(client_interface, u"Checker", options.checker,
248
 
                               dbus_interface=dbus.PROPERTIES_IFACE)
249
 
                if options.host:
250
 
                    client.Set(client_interface, u"Host", options.host,
251
 
                               dbus_interface=dbus.PROPERTIES_IFACE)
252
 
                if options.interval:
253
 
                    client.Set(client_interface, u"Interval",
254
 
                               timedelta_to_milliseconds
255
 
                               (string_to_delta(options.interval)),
256
 
                               dbus_interface=dbus.PROPERTIES_IFACE)
257
 
                if options.timeout:
258
 
                    client.Set(client_interface, u"Timeout",
259
 
                               timedelta_to_milliseconds(string_to_delta
260
 
                                                         (options.timeout)),
261
 
                               dbus_interface=dbus.PROPERTIES_IFACE)
262
 
                if options.secret:
263
 
                    client.Set(client_interface, u"Secret",
264
 
                               dbus.ByteArray(open(options.secret, u'rb').read()),
265
 
                               dbus_interface=dbus.PROPERTIES_IFACE)
266
 
                if options.approve:
267
 
                    client.Approve(dbus.Boolean(True), dbus_interface=client_interface)
268
 
                if options.deny:
269
 
                    client.Approve(dbus.Boolean(False), dbus_interface=client_interface)
270
 
 
271
 
if __name__ == '__main__':
272
 
    main()
 
122
parser = OptionParser(version = "%%prog %s" % version)
 
123
parser.add_option("-a", "--all", action="store_true",
 
124
                  help="Print all fields")
 
125
parser.add_option("-e", "--enable", action="store_true",
 
126
                  help="Enable client")
 
127
parser.add_option("-d", "--disable", action="store_true",
 
128
                  help="disable client")
 
129
parser.add_option("-b", "--bump-timeout", action="store_true",
 
130
                  help="Bump timeout for client")
 
131
parser.add_option("--start-checker", action="store_true",
 
132
                  help="Start checker for client")
 
133
parser.add_option("--stop-checker", action="store_true",
 
134
                  help="Stop checker for client")
 
135
parser.add_option("-V", "--is-enabled", action="store_true",
 
136
                  help="Check if client is enabled")
 
137
parser.add_option("-r", "--remove", action="store_true",
 
138
                  help="Remove client")
 
139
parser.add_option("-c", "--checker", type="string",
 
140
                  help="Set checker command for client")
 
141
parser.add_option("-t", "--timeout", type="string",
 
142
                  help="Set timeout for client")
 
143
parser.add_option("-i", "--interval", type="string",
 
144
                  help="Set checker interval for client")
 
145
parser.add_option("-H", "--host", type="string",
 
146
                  help="Set host for client")
 
147
parser.add_option("-s", "--secret", type="string",
 
148
                  help="Set password blob (file) for client")
 
149
parser.add_option("-A", "--approve", action="store_true",
 
150
                  help="Approve any current client request")
 
151
parser.add_option("-D", "--deny", action="store_true",
 
152
                  help="Deny any current client request")
 
153
options, client_names = parser.parse_args()
 
154
 
 
155
# Compile list of clients to process
 
156
clients=[]
 
157
for name in client_names:
 
158
    for path, client in mandos_clients.iteritems():
 
159
        if client['name'] == name:
 
160
            client_objc = bus.get_object(busname, path)
 
161
            clients.append(client_objc)
 
162
            break
 
163
    else:
 
164
        print >> sys.stderr, "Client not found on server: %r" % name
 
165
        sys.exit(1)
 
166
 
 
167
if not clients and mandos_clients.values():
 
168
    keywords = defaultkeywords
 
169
    if options.all:
 
170
        keywords = ('Name', 'Enabled', 'Timeout', 'LastCheckedOK',
 
171
                    'Created', 'Interval', 'Host', 'Fingerprint',
 
172
                    'CheckerRunning', 'LastEnabled', 'Checker')
 
173
    print_clients(mandos_clients.values())
 
174
 
 
175
# Process each client in the list by all selected options
 
176
for client in clients:
 
177
    if options.remove:
 
178
        mandos_serv.RemoveClient(client.__dbus_object_path__)
 
179
    if options.enable:
 
180
        client.Enable(dbus_interface=client_interface)
 
181
    if options.disable:
 
182
        client.Disable(dbus_interface=client_interface)
 
183
    if options.bump_timeout:
 
184
        client.CheckedOK(dbus_interface=client_interface)
 
185
    if options.start_checker:
 
186
        client.StartChecker(dbus_interface=client_interface)
 
187
    if options.stop_checker:
 
188
        client.StopChecker(dbus_interface=client_interface)
 
189
    if options.is_enabled:
 
190
        sys.exit(0 if client.Get(client_interface,
 
191
                                 u"Enabled",
 
192
                                 dbus_interface=dbus.PROPERTIES_IFACE)
 
193
                 else 1)
 
194
    if options.checker:
 
195
        client.Set(client_interface, u"Checker", options.checker,
 
196
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
197
    if options.host:
 
198
        client.Set(client_interface, u"Host", options.host,
 
199
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
200
    if options.interval:
 
201
        client.Set(client_interface, u"Interval",
 
202
                   timedelta_to_milliseconds
 
203
                   (string_to_delta(options.interval)),
 
204
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
205
    if options.timeout:
 
206
        client.Set(client_interface, u"Timeout",
 
207
                   timedelta_to_milliseconds(string_to_delta
 
208
                                             (options.timeout)),
 
209
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
210
    if options.secret:
 
211
        client.Set(client_interface, u"Secret",
 
212
                   dbus.ByteArray(open(options.secret, u'rb').read()),
 
213
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
214
    if options.approve:
 
215
        client.Approve(dbus.Boolean(True),
 
216
                       dbus_interface=client_interface)
 
217
    if options.deny:
 
218
        client.Approve(dbus.Boolean(False),
 
219
                       dbus_interface=client_interface)