/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-ctl

  • Committer: Teddy Hogeborn
  • Date: 2010-09-25 19:55:17 UTC
  • Revision ID: teddy@fukt.bsnet.se-20100925195517-u0qfi01huxl72f75
* mandos (Client.runtime_expansions): New attribute containing the
                                      allowed runtime expansions.

* mandos-clients.conf.xml (OPTIONS): Reordered alphabetically.

* mandos-ctl: Bug fix: print timeout and interval values pretty again.

* mandos-ctl.xml (EXAMPLE): Added more examples.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-ctl
8
8
import locale
9
9
import datetime
10
10
import re
 
11
import os
11
12
 
12
13
locale.setlocale(locale.LC_ALL, u'')
13
14
 
14
15
tablewords = {
15
 
    'name': u'Name',
16
 
    'enabled': u'Enabled',
17
 
    'timeout': u'Timeout',
18
 
    'last_checked_ok': u'Last Successful Check',
19
 
    'created': u'Created',
20
 
    'interval': u'Interval',
21
 
    'host': u'Host',
22
 
    'fingerprint': u'Fingerprint',
23
 
    'checker_running': u'Check Is Running',
24
 
    'last_enabled': u'Last Enabled',
25
 
    'checker': u'Checker',
 
16
    'Name': u'Name',
 
17
    'Enabled': u'Enabled',
 
18
    'Timeout': u'Timeout',
 
19
    'LastCheckedOK': u'Last Successful Check',
 
20
    'Created': u'Created',
 
21
    'Interval': u'Interval',
 
22
    'Host': u'Host',
 
23
    'Fingerprint': u'Fingerprint',
 
24
    'CheckerRunning': u'Check Is Running',
 
25
    'LastEnabled': u'Last Enabled',
 
26
    'Checker': u'Checker',
26
27
    }
27
 
defaultkeywords = ('name', 'enabled', 'timeout', 'last_checked_ok',
28
 
                   'checker')
 
28
defaultkeywords = ('Name', 'Enabled', 'Timeout', 'LastCheckedOK')
29
29
domain = 'se.bsnet.fukt'
30
30
busname = domain + '.Mandos'
31
31
server_path = '/'
32
32
server_interface = domain + '.Mandos'
33
33
client_interface = domain + '.Mandos.Client'
34
34
version = "1.0.14"
35
 
bus = dbus.SystemBus()
36
 
mandos_dbus_objc = bus.get_object(busname, server_path)
37
 
mandos_serv = dbus.Interface(mandos_dbus_objc,
38
 
                             dbus_interface = server_interface)
39
 
mandos_clients = mandos_serv.GetAllClientsWithProperties()
40
35
 
41
36
def timedelta_to_milliseconds(td):
42
37
    "Convert a datetime.timedelta object to milliseconds"
94
89
        timevalue += delta
95
90
    return timevalue
96
91
 
97
 
def print_clients(clients):
 
92
def print_clients(clients, keywords):
98
93
    def valuetostring(value, keyword):
99
94
        if type(value) is dbus.Boolean:
100
95
            return u"Yes" if value else u"No"
101
 
        if keyword in (u"timeout", u"interval"):
 
96
        if keyword in (u"Timeout", u"Interval"):
102
97
            return milliseconds_to_string(value)
103
98
        return unicode(value)
104
99
    
105
100
    # Create format string to print table rows
106
101
    format_string = u' '.join(u'%%-%ds' %
107
102
                              max(len(tablewords[key]),
108
 
                                  max(len(valuetostring(client[key], key))
 
103
                                  max(len(valuetostring(client[key],
 
104
                                                        key))
109
105
                                      for client in
110
106
                                      clients))
111
107
                              for key in keywords)
115
111
        print format_string % tuple(valuetostring(client[key], key)
116
112
                                    for key in keywords)
117
113
 
118
 
parser = OptionParser(version = "%%prog %s" % version)
119
 
parser.add_option("-a", "--all", action="store_true",
120
 
                  help="Print all fields")
121
 
parser.add_option("-e", "--enable", action="store_true",
122
 
                  help="Enable client")
123
 
parser.add_option("-d", "--disable", action="store_true",
124
 
                  help="disable client")
125
 
parser.add_option("-b", "--bump-timeout", action="store_true",
126
 
                  help="Bump timeout for client")
127
 
parser.add_option("--start-checker", action="store_true",
128
 
                  help="Start checker for client")
129
 
parser.add_option("--stop-checker", action="store_true",
130
 
                  help="Stop checker for client")
131
 
parser.add_option("-V", "--is-valid", action="store_true",
132
 
                  help="Check if client is still valid")
133
 
parser.add_option("-r", "--remove", action="store_true",
134
 
                  help="Remove client")
135
 
parser.add_option("-c", "--checker", type="string",
136
 
                  help="Set checker command for client")
137
 
parser.add_option("-t", "--timeout", type="string",
138
 
                  help="Set timeout for client")
139
 
parser.add_option("-i", "--interval", type="string",
140
 
                  help="Set checker interval for client")
141
 
parser.add_option("-H", "--host", type="string",
142
 
                  help="Set host for client")
143
 
parser.add_option("-s", "--secret", type="string",
144
 
                  help="Set password blob (file) for client")
145
 
options, client_names = parser.parse_args()
146
 
 
147
 
# Compile list of clients to process
148
 
clients=[]
149
 
for name in client_names:
150
 
    for path, client in mandos_clients.iteritems():
151
 
        if client['name'] == name:
152
 
            client_objc = bus.get_object(busname, path)
153
 
            clients.append(client_objc)
154
 
            break
155
 
    else:
156
 
        print >> sys.stderr, "Client not found on server: %r" % name
157
 
        sys.exit(1)
158
 
 
159
 
if not clients and mandos_clients.values():
160
 
    keywords = defaultkeywords
161
 
    if options.all:
162
 
        keywords = ('name', 'enabled', 'timeout', 'last_checked_ok',
163
 
                    'created', 'interval', 'host', 'fingerprint',
164
 
                    'checker_running', 'last_enabled', 'checker')
165
 
    print_clients(mandos_clients.values())
166
 
 
167
 
# Process each client in the list by all selected options
168
 
for client in clients:
169
 
    if options.remove:
170
 
        mandos_serv.RemoveClient(client.__dbus_object_path__)
171
 
    if options.enable:
172
 
        client.Enable(dbus_interface=client_interface)
173
 
    if options.disable:
174
 
        client.Disable(dbus_interface=client_interface)
175
 
    if options.bump_timeout:
176
 
        client.CheckedOK(dbus_interface=client_interface)
177
 
    if options.start_checker:
178
 
        client.StartChecker(dbus_interface=client_interface)
179
 
    if options.stop_checker:
180
 
        client.StopChecker(dbus_interface=client_interface)
181
 
    if options.is_valid:
182
 
        sys.exit(0 if client.Get(client_interface,
183
 
                                 u"enabled",
184
 
                                 dbus_interface=dbus.PROPERTIES_IFACE)
185
 
                 else 1)
186
 
    if options.checker:
187
 
        client.Set(client_interface, u"checker", options.checker,
188
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
189
 
    if options.host:
190
 
        client.Set(client_interface, u"host", options.host,
191
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
192
 
    if options.interval:
193
 
        client.Set(client_interface, u"interval",
194
 
                   timedelta_to_milliseconds
195
 
                   (string_to_delta(options.interval)),
196
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
197
 
    if options.timeout:
198
 
        client.Set(client_interface, u"timeout",
199
 
                   timedelta_to_milliseconds(string_to_delta
200
 
                                             (options.timeout)),
201
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
202
 
    if options.secret:
203
 
        client.Set(client_interface, u"secret",
204
 
                   dbus.ByteArray(open(options.secret, u'rb').read()),
205
 
                   dbus_interface=dbus.PROPERTIES_IFACE)
 
114
def has_actions(options):
 
115
    return any((options.enable,
 
116
                options.disable,
 
117
                options.bump_timeout,
 
118
                options.start_checker,
 
119
                options.stop_checker,
 
120
                options.is_enabled,
 
121
                options.remove,
 
122
                options.checker is not None,
 
123
                options.timeout is not None,
 
124
                options.interval is not None,
 
125
                options.host is not None,
 
126
                options.secret is not None,
 
127
                options.approve,
 
128
                options.deny))
 
129
        
 
130
def main():
 
131
        parser = OptionParser(version = "%%prog %s" % version)
 
132
        parser.add_option("-a", "--all", action="store_true",
 
133
                          help="Select all clients")
 
134
        parser.add_option("-v", "--verbose", action="store_true",
 
135
                          help="Print all fields")
 
136
        parser.add_option("-e", "--enable", action="store_true",
 
137
                          help="Enable client")
 
138
        parser.add_option("-d", "--disable", action="store_true",
 
139
                          help="disable client")
 
140
        parser.add_option("-b", "--bump-timeout", action="store_true",
 
141
                          help="Bump timeout for client")
 
142
        parser.add_option("--start-checker", action="store_true",
 
143
                          help="Start checker for client")
 
144
        parser.add_option("--stop-checker", action="store_true",
 
145
                          help="Stop checker for client")
 
146
        parser.add_option("-V", "--is-enabled", action="store_true",
 
147
                          help="Check if client is enabled")
 
148
        parser.add_option("-r", "--remove", action="store_true",
 
149
                          help="Remove client")
 
150
        parser.add_option("-c", "--checker", type="string",
 
151
                          help="Set checker command for client")
 
152
        parser.add_option("-t", "--timeout", type="string",
 
153
                          help="Set timeout for client")
 
154
        parser.add_option("-i", "--interval", type="string",
 
155
                          help="Set checker interval for client")
 
156
        parser.add_option("-H", "--host", type="string",
 
157
                          help="Set host for client")
 
158
        parser.add_option("-s", "--secret", type="string",
 
159
                          help="Set password blob (file) for client")
 
160
        parser.add_option("-A", "--approve", action="store_true",
 
161
                          help="Approve any current client request")
 
162
        parser.add_option("-D", "--deny", action="store_true",
 
163
                          help="Deny any current client request")
 
164
        options, client_names = parser.parse_args()
 
165
        
 
166
        if has_actions(options) and not client_names and not options.all:
 
167
            parser.error('Options requires clients names or --all.')
 
168
        if options.verbose and has_actions(options):
 
169
            parser.error('Verbose option can only be used alone or with --all.')
 
170
        if options.all and not has_actions(options):
 
171
            parser.error('--all requires an action')
 
172
            
 
173
        try:
 
174
            bus = dbus.SystemBus()
 
175
            mandos_dbus_objc = bus.get_object(busname, server_path)
 
176
        except dbus.exceptions.DBusException:
 
177
            print >> sys.stderr, "Could not connect to Mandos server"
 
178
            sys.exit(1)
 
179
    
 
180
        mandos_serv = dbus.Interface(mandos_dbus_objc,
 
181
                                     dbus_interface = server_interface)
 
182
 
 
183
        #block stderr since dbus library prints to stderr
 
184
        null = os.open(os.path.devnull, os.O_RDWR)
 
185
        stderrcopy = os.dup(sys.stderr.fileno())
 
186
        os.dup2(null, sys.stderr.fileno())
 
187
        os.close(null)
 
188
        try:
 
189
            try:
 
190
                mandos_clients = mandos_serv.GetAllClientsWithProperties()
 
191
            finally:
 
192
                #restore stderr
 
193
                os.dup2(stderrcopy, sys.stderr.fileno())
 
194
                os.close(stderrcopy)
 
195
        except dbus.exceptions.DBusException, e:
 
196
            print >> sys.stderr, "Access denied: Accessing mandos server through dbus."
 
197
            sys.exit(1)
 
198
            
 
199
        # Compile dict of (clients: properties) to process
 
200
        clients={}
 
201
        
 
202
        if options.all or not client_names:
 
203
            clients = dict((bus.get_object(busname, path), properties)
 
204
                           for path, properties in
 
205
                           mandos_clients.iteritems())
 
206
        else:
 
207
            for name in client_names:
 
208
                for path, client in mandos_clients.iteritems():
 
209
                    if client['Name'] == name:
 
210
                        client_objc = bus.get_object(busname, path)
 
211
                        clients[client_objc] = client
 
212
                        break
 
213
                else:
 
214
                    print >> sys.stderr, "Client not found on server: %r" % name
 
215
                    sys.exit(1)
 
216
            
 
217
        if not has_actions(options) and clients:
 
218
            if options.verbose:
 
219
                keywords = ('Name', 'Enabled', 'Timeout', 'LastCheckedOK',
 
220
                            'Created', 'Interval', 'Host', 'Fingerprint',
 
221
                            'CheckerRunning', 'LastEnabled', 'Checker')
 
222
            else:
 
223
                keywords = defaultkeywords
 
224
                
 
225
            print_clients(clients.values(), keywords)
 
226
        else:
 
227
            # Process each client in the list by all selected options
 
228
            for client in clients:
 
229
                if options.remove:
 
230
                    mandos_serv.RemoveClient(client.__dbus_object_path__)
 
231
                if options.enable:
 
232
                    client.Enable(dbus_interface=client_interface)
 
233
                if options.disable:
 
234
                    client.Disable(dbus_interface=client_interface)
 
235
                if options.bump_timeout:
 
236
                    client.CheckedOK(dbus_interface=client_interface)
 
237
                if options.start_checker:
 
238
                    client.StartChecker(dbus_interface=client_interface)
 
239
                if options.stop_checker:
 
240
                    client.StopChecker(dbus_interface=client_interface)
 
241
                if options.is_enabled:
 
242
                    sys.exit(0 if client.Get(client_interface,
 
243
                                             u"Enabled",
 
244
                                             dbus_interface=dbus.PROPERTIES_IFACE)
 
245
                             else 1)
 
246
                if options.checker:
 
247
                    client.Set(client_interface, u"Checker", options.checker,
 
248
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
249
                if options.host:
 
250
                    client.Set(client_interface, u"Host", options.host,
 
251
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
252
                if options.interval:
 
253
                    client.Set(client_interface, u"Interval",
 
254
                               timedelta_to_milliseconds
 
255
                               (string_to_delta(options.interval)),
 
256
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
257
                if options.timeout:
 
258
                    client.Set(client_interface, u"Timeout",
 
259
                               timedelta_to_milliseconds(string_to_delta
 
260
                                                         (options.timeout)),
 
261
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
262
                if options.secret:
 
263
                    client.Set(client_interface, u"Secret",
 
264
                               dbus.ByteArray(open(options.secret, u'rb').read()),
 
265
                               dbus_interface=dbus.PROPERTIES_IFACE)
 
266
                if options.approve:
 
267
                    client.Approve(dbus.Boolean(True), dbus_interface=client_interface)
 
268
                if options.deny:
 
269
                    client.Approve(dbus.Boolean(False), dbus_interface=client_interface)
 
270
 
 
271
if __name__ == '__main__':
 
272
    main()