/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: teddy at bsnet
  • Date: 2010-09-14 18:22:03 UTC
  • Revision ID: teddy@fukt.bsnet.se-20100914182203-w26c64tdthto4jg2
* mandos-monitor.xml: New.
* Makefile (PROGS): Add "mandos-monitor".
  (DOCS): Add "mandos-monitor.xml".
  (mandos-monitor.8, mandos-monitor.8.xhtml, mandos-monitor): New.
  (install-server): Install "mandos-ctl" and "mandos-monitor" too.
  (uninstall-server): Remove "mandos-ctl" and "mandos-monitor" too.
* mandos-monitor: Don't log uninteresting messages.

Show diffs side-by-side

added added

removed removed

Lines of Context:
8
8
import locale
9
9
import datetime
10
10
import re
 
11
import os
11
12
 
12
13
locale.setlocale(locale.LC_ALL, u'')
13
14
 
14
15
tablewords = {
15
 
    'name': u'Name',
16
 
    'enabled': u'Enabled',
17
 
    'timeout': u'Timeout',
18
 
    'last_checked_ok': u'Last Successful Check',
19
 
    'created': u'Created',
20
 
    'interval': u'Interval',
21
 
    'host': u'Host',
22
 
    'fingerprint': u'Fingerprint',
23
 
    'checker_running': u'Check Is Running',
24
 
    'last_enabled': u'Last Enabled',
25
 
    'checker': u'Checker',
 
16
    'Name': u'Name',
 
17
    'Enabled': u'Enabled',
 
18
    'Timeout': u'Timeout',
 
19
    'LastCheckedOK': u'Last Successful Check',
 
20
    'Created': u'Created',
 
21
    'Interval': u'Interval',
 
22
    'Host': u'Host',
 
23
    'Fingerprint': u'Fingerprint',
 
24
    'CheckerRunning': u'Check Is Running',
 
25
    'LastEnabled': u'Last Enabled',
 
26
    'Checker': u'Checker',
26
27
    }
27
 
defaultkeywords = ('name', 'enabled', 'timeout', 'last_checked_ok')
 
28
defaultkeywords = ('Name', 'Enabled', 'Timeout', 'LastCheckedOK')
28
29
domain = 'se.bsnet.fukt'
29
30
busname = domain + '.Mandos'
30
31
server_path = '/'
31
32
server_interface = domain + '.Mandos'
32
33
client_interface = domain + '.Mandos.Client'
33
34
version = "1.0.14"
34
 
try:
35
 
    bus = dbus.SystemBus()
36
 
    mandos_dbus_objc = bus.get_object(busname, server_path)
37
 
except dbus.exceptions.DBusException:
38
 
    sys.exit(1)
39
 
    
40
 
mandos_serv = dbus.Interface(mandos_dbus_objc,
41
 
                             dbus_interface = server_interface)
42
 
mandos_clients = mandos_serv.GetAllClientsWithProperties()
43
35
 
44
36
def timedelta_to_milliseconds(td):
45
37
    "Convert a datetime.timedelta object to milliseconds"
97
89
        timevalue += delta
98
90
    return timevalue
99
91
 
100
 
def print_clients(clients):
 
92
def print_clients(clients, keywords):
101
93
    def valuetostring(value, keyword):
102
94
        if type(value) is dbus.Boolean:
103
95
            return u"Yes" if value else u"No"
108
100
    # Create format string to print table rows
109
101
    format_string = u' '.join(u'%%-%ds' %
110
102
                              max(len(tablewords[key]),
111
 
                                  max(len(valuetostring(client[key], key))
 
103
                                  max(len(valuetostring(client[key],
 
104
                                                        key))
112
105
                                      for client in
113
106
                                      clients))
114
107
                              for key in keywords)
117
110
    for client in clients:
118
111
        print format_string % tuple(valuetostring(client[key], key)
119
112
                                    for key in keywords)
120
 
 
121
 
parser = OptionParser(version = "%%prog %s" % version)
122
 
parser.add_option("-a", "--all", action="store_true",
123
 
                  help="Print all fields")
124
 
parser.add_option("-e", "--enable", action="store_true",
125
 
                  help="Enable client")
126
 
parser.add_option("-d", "--disable", action="store_true",
127
 
                  help="disable client")
128
 
parser.add_option("-b", "--bump-timeout", action="store_true",
129
 
                  help="Bump timeout for client")
130
 
parser.add_option("--start-checker", action="store_true",
131
 
                  help="Start checker for client")
132
 
parser.add_option("--stop-checker", action="store_true",
133
 
                  help="Stop checker for client")
134
 
parser.add_option("-V", "--is-enabled", action="store_true",
135
 
                  help="Check if client is enabled")
136
 
parser.add_option("-r", "--remove", action="store_true",
137
 
                  help="Remove client")
138
 
parser.add_option("-c", "--checker", type="string",
139
 
                  help="Set checker command for client")
140
 
parser.add_option("-t", "--timeout", type="string",
141
 
                  help="Set timeout for client")
142
 
parser.add_option("-i", "--interval", type="string",
143
 
                  help="Set checker interval for client")
144
 
parser.add_option("-H", "--host", type="string",
145
 
                  help="Set host for client")
146
 
parser.add_option("-s", "--secret", type="string",
147
 
                  help="Set password blob (file) for client")
148
 
parser.add_option("-A", "--approve", action="store_true",
149
 
                  help="Approve any current client request")
150
 
parser.add_option("-D", "--deny", action="store_true",
151
 
                  help="Deny any current client request")
152
 
options, client_names = parser.parse_args()
153
 
 
154
 
# Compile list of clients to process
155
 
clients=[]
156
 
for name in client_names:
157
 
    for path, client in mandos_clients.iteritems():
158
 
        if client['name'] == name:
159
 
            client_objc = bus.get_object(busname, path)
160
 
            clients.append(client_objc)
161
 
            break
162
 
    else:
163
 
        print >> sys.stderr, "Client not found on server: %r" % name
164
 
        sys.exit(1)
165
 
 
166
 
if not clients and mandos_clients.values():
167
 
    keywords = defaultkeywords
168
 
    if options.all:
169
 
        keywords = ('name', 'enabled', 'timeout', 'last_checked_ok',
170
 
                    'created', 'interval', 'host', 'fingerprint',
171
 
                    'checker_running', 'last_enabled', 'checker')
172
 
    print_clients(mandos_clients.values())
173
 
 
174
 
# Process each client in the list by all selected options
175
 
for client in clients:
176
 
    if options.remove:
177
 
        mandos_serv.RemoveClient(client.__dbus_object_path__)
178
 
    if options.enable:
179
 
        client.Enable(dbus_interface=client_interface)
180
 
    if options.disable:
181
 
        client.Disable(dbus_interface=client_interface)
182
 
    if options.bump_timeout:
183
 
        client.CheckedOK(dbus_interface=client_interface)
184
 
    if options.start_checker:
185
 
        client.StartChecker(dbus_interface=client_interface)
186
 
    if options.stop_checker:
187
 
        client.StopChecker(dbus_interface=client_interface)
188
 
    if options.is_enabled:
189
 
        sys.exit(0 if client.Get(client_interface,
190
 
                                 u"enabled",
191
 
                                 dbus_interface=dbus.PROPERTIES_IFACE)
192
 
                 else 1)
193
 
    if options.checker:
194
 
        client.Set(client_interface, u"checker", options.checker,
195
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
196
 
    if options.host:
197
 
        client.Set(client_interface, u"host", options.host,
198
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
199
 
    if options.interval:
200
 
        client.Set(client_interface, u"interval",
201
 
                   timedelta_to_milliseconds
202
 
                   (string_to_delta(options.interval)),
203
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
204
 
    if options.timeout:
205
 
        client.Set(client_interface, u"timeout",
206
 
                   timedelta_to_milliseconds(string_to_delta
207
 
                                             (options.timeout)),
208
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
209
 
    if options.secret:
210
 
        client.Set(client_interface, u"secret",
211
 
                   dbus.ByteArray(open(options.secret, u'rb').read()),
212
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
213
 
    if options.approve:
214
 
        client.Approve(dbus.Boolean(True), dbus_interface=client_interface)
215
 
    if options.deny:
216
 
        client.Approve(dbus.Boolean(False), dbus_interface=client_interface)
 
113
def has_actions(options):
 
114
    return any((options.enable,
 
115
                options.disable,
 
116
                options.bump_timeout,
 
117
                options.start_checker,
 
118
                options.stop_checker,
 
119
                options.is_enabled,
 
120
                options.remove,
 
121
                options.checker is not None,
 
122
                options.timeout is not None,
 
123
                options.interval is not None,
 
124
                options.host is not None,
 
125
                options.secret is not None,
 
126
                options.approve,
 
127
                options.deny))
 
128
        
 
129
def main():
 
130
        parser = OptionParser(version = "%%prog %s" % version)
 
131
        parser.add_option("-a", "--all", action="store_true",
 
132
                          help="Select all clients")
 
133
        parser.add_option("-v", "--verbose", action="store_true",
 
134
                          help="Print all fields")
 
135
        parser.add_option("-e", "--enable", action="store_true",
 
136
                          help="Enable client")
 
137
        parser.add_option("-d", "--disable", action="store_true",
 
138
                          help="disable client")
 
139
        parser.add_option("-b", "--bump-timeout", action="store_true",
 
140
                          help="Bump timeout for client")
 
141
        parser.add_option("--start-checker", action="store_true",
 
142
                          help="Start checker for client")
 
143
        parser.add_option("--stop-checker", action="store_true",
 
144
                          help="Stop checker for client")
 
145
        parser.add_option("-V", "--is-enabled", action="store_true",
 
146
                          help="Check if client is enabled")
 
147
        parser.add_option("-r", "--remove", action="store_true",
 
148
                          help="Remove client")
 
149
        parser.add_option("-c", "--checker", type="string",
 
150
                          help="Set checker command for client")
 
151
        parser.add_option("-t", "--timeout", type="string",
 
152
                          help="Set timeout for client")
 
153
        parser.add_option("-i", "--interval", type="string",
 
154
                          help="Set checker interval for client")
 
155
        parser.add_option("-H", "--host", type="string",
 
156
                          help="Set host for client")
 
157
        parser.add_option("-s", "--secret", type="string",
 
158
                          help="Set password blob (file) for client")
 
159
        parser.add_option("-A", "--approve", action="store_true",
 
160
                          help="Approve any current client request")
 
161
        parser.add_option("-D", "--deny", action="store_true",
 
162
                          help="Deny any current client request")
 
163
        options, client_names = parser.parse_args()
 
164
 
 
165
        if has_actions(options) and not client_names and not options.all:
 
166
            parser.error('Options requires clients names or --all.')
 
167
        if options.verbose and has_actions(options):
 
168
            parser.error('Verbose option can only be used alone or with --all.')
 
169
        if options.all and not has_actions(options):
 
170
            parser.error('--all requires an action')
 
171
            
 
172
        try:
 
173
            bus = dbus.SystemBus()
 
174
            mandos_dbus_objc = bus.get_object(busname, server_path)
 
175
        except dbus.exceptions.DBusException:
 
176
            print >> sys.stderr, "Could not connect to Mandos server"
 
177
            sys.exit(1)
 
178
    
 
179
        mandos_serv = dbus.Interface(mandos_dbus_objc,
 
180
                                     dbus_interface = server_interface)
 
181
 
 
182
        #block stderr since dbus library prints to stderr
 
183
        null = os.open(os.path.devnull, os.O_RDWR)
 
184
        stderrcopy = os.dup(sys.stderr.fileno())
 
185
        os.dup2(null, sys.stderr.fileno())
 
186
        os.close(null)
 
187
        try:
 
188
            try:
 
189
                mandos_clients = mandos_serv.GetAllClientsWithProperties()
 
190
            finally:
 
191
                #restore stderr
 
192
                os.dup2(stderrcopy, sys.stderr.fileno())
 
193
                os.close(stderrcopy)
 
194
        except dbus.exceptions.DBusException, e:
 
195
            print >> sys.stderr, "Access denied: Accessing mandos server through dbus."
 
196
            sys.exit(1)
 
197
            
 
198
        # Compile list of clients to process
 
199
        clients=[]
 
200
 
 
201
        if options.all or not client_names:
 
202
            clients = (bus.get_object(busname, path) for path in mandos_clients.iterkeys())
 
203
        else:
 
204
            for name in client_names:
 
205
                for path, client in mandos_clients.iteritems():
 
206
                    if client['Name'] == name:
 
207
                        client_objc = bus.get_object(busname, path)
 
208
                        clients.append(client_objc)
 
209
                        break
 
210
                else:
 
211
                    print >> sys.stderr, "Client not found on server: %r" % name
 
212
                    sys.exit(1)
 
213
            
 
214
        if not has_actions(options) and clients:
 
215
            if options.verbose:
 
216
                keywords = ('Name', 'Enabled', 'Timeout', 'LastCheckedOK',
 
217
                            'Created', 'Interval', 'Host', 'Fingerprint',
 
218
                            'CheckerRunning', 'LastEnabled', 'Checker')
 
219
            else:
 
220
                keywords = defaultkeywords
 
221
                
 
222
            print_clients(mandos_clients.values(), keywords)
 
223
        else:
 
224
            # Process each client in the list by all selected options
 
225
            for client in clients:
 
226
                if options.remove:
 
227
                    mandos_serv.RemoveClient(client.__dbus_object_path__)
 
228
                if options.enable:
 
229
                    client.Enable(dbus_interface=client_interface)
 
230
                if options.disable:
 
231
                    client.Disable(dbus_interface=client_interface)
 
232
                if options.bump_timeout:
 
233
                    client.CheckedOK(dbus_interface=client_interface)
 
234
                if options.start_checker:
 
235
                    client.StartChecker(dbus_interface=client_interface)
 
236
                if options.stop_checker:
 
237
                    client.StopChecker(dbus_interface=client_interface)
 
238
                if options.is_enabled:
 
239
                    sys.exit(0 if client.Get(client_interface,
 
240
                                             u"Enabled",
 
241
                                             dbus_interface=dbus.PROPERTIES_IFACE)
 
242
                             else 1)
 
243
                if options.checker:
 
244
                    client.Set(client_interface, u"Checker", options.checker,
 
245
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
246
                if options.host:
 
247
                    client.Set(client_interface, u"Host", options.host,
 
248
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
249
                if options.interval:
 
250
                    client.Set(client_interface, u"Interval",
 
251
                               timedelta_to_milliseconds
 
252
                               (string_to_delta(options.interval)),
 
253
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
254
                if options.timeout:
 
255
                    client.Set(client_interface, u"Timeout",
 
256
                               timedelta_to_milliseconds(string_to_delta
 
257
                                                         (options.timeout)),
 
258
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
259
                if options.secret:
 
260
                    client.Set(client_interface, u"Secret",
 
261
                               dbus.ByteArray(open(options.secret, u'rb').read()),
 
262
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
263
                if options.approve:
 
264
                    client.Approve(dbus.Boolean(True), dbus_interface=client_interface)
 
265
                if options.deny:
 
266
                    client.Approve(dbus.Boolean(False), dbus_interface=client_interface)
 
267
 
 
268
if __name__ == '__main__':
 
269
    main()