[Oval-commits] r274 - in trunk/oval-server: . debian oval/dsaSync
Javier Fernandez-Sanguino Pen~a
jfs at alioth.debian.org
Mon Sep 10 23:12:04 UTC 2007
Author: jfs
Date: 2007-09-10 23:12:04 +0000 (Mon, 10 Sep 2007)
New Revision: 274
Modified:
trunk/oval-server/Dsa2Oval.TODO
trunk/oval-server/debian/oval-server.init
trunk/oval-server/dsa2oval.py
trunk/oval-server/oval-monitor.py
trunk/oval-server/oval-server.py
trunk/oval-server/oval/dsaSync/directory.py
Log:
Third patchset from Pavel
Modified: trunk/oval-server/Dsa2Oval.TODO
===================================================================
--- trunk/oval-server/Dsa2Oval.TODO 2007-09-10 23:09:18 UTC (rev 273)
+++ trunk/oval-server/Dsa2Oval.TODO 2007-09-10 23:12:04 UTC (rev 274)
@@ -1,11 +1,8 @@
-Summer:
+Later:
Update uname architecture mappings
Refactoring and optimization of source code
-
-Later:
- Rewrite structure for represent DSA information. (dict to class)
- Full refactoring of project source code
+ Rewrite structure for represent DSA information. (dict to class and hashtable)
Extract brief description from wml file.
oval/parser/wml.py
- Save html tags instead of omit them
\ No newline at end of file
+ Save html tags instead of omit them
Modified: trunk/oval-server/debian/oval-server.init
===================================================================
--- trunk/oval-server/debian/oval-server.init 2007-09-10 23:09:18 UTC (rev 273)
+++ trunk/oval-server/debian/oval-server.init 2007-09-10 23:12:04 UTC (rev 274)
@@ -28,8 +28,15 @@
test -x $DAEMON || exit 0
-. /lib/lsb/init-functions
+if ! [ -x "/lib/lsb/init-functions" ]; then
+ . /lib/lsb/init-functions
+else
+ echo "E: /lib/lsb/init-functions not found, lsb-base (>= 3.0-6) needed"
+ exit 1
+fi
+. /etc/default/rcS
+
if [ -s $DEFAULTSFILE ]; then
. $DEFAULTSFILE
case "x$OVALSERVER_ENABLE" in
Modified: trunk/oval-server/dsa2oval.py
===================================================================
--- trunk/oval-server/dsa2oval.py 2007-09-10 23:09:18 UTC (rev 273)
+++ trunk/oval-server/dsa2oval.py 2007-09-10 23:12:04 UTC (rev 274)
@@ -1,12 +1,13 @@
#!/usr/bin/python2.4
# -*- coding: utf-8 -*-
-# Extracts the data DSA files and creates OVAL queries to
-# be used with the OVAL query interpreter (see http://oval.mitre.org)
-#
+#
# (c) 2007 Pavel Vinogradov
-# (c) 2004 Javier Fernandez-Sanguino
-# Licensed under the GNU General Public License version 2.
-
+# (c) 2004 Javier Fernandez-Sanguino
+# Licensed under the GNU General Public License version 2.
+
+# Extract data from DSA files and create OVAL queries witch can
+# be used with the OVAL query interpreter (see http://oval.mitre.org)
+
import os
import sys
import getopt
@@ -18,8 +19,12 @@
dsaref = {}
-def usage (prog = "parse-wml-oval.py"):
- """Print information about script flags and options"""
+def usage (prog = "dsa2oval"):
+ """Print information about script flags and options
+
+ @type prog: C(string)
+ @param prog: name of executable
+ """
print """
usage: %s [vh] [-d <directory> | -f <path to file>]
@@ -30,15 +35,33 @@
""" % prog
def printdsas (dsaref):
- """ Generate and print OVAL Definitions for collected DSA information """
+ """ Generate and print OVAL Definitions for collected DSA information
+ Use generator from dsa2oval package for convert all DSA stored in dict
+ to proper formated XML file.
+
+ @type dsaref: C(dict)
+ @param dsaref: Dict with information about DSA
+ """
+
ovalDefinitions = generator.createOVALDefinitions (dsaref)
generator.printOVALDefinitions (ovalDefinitions)
def parsedirs (directory, postfix, depth):
""" Recursive search directory for DSA files contain postfix in their names.
+
+ Starting from specified directory recursive parse all files which contain
+ postfix or wml in their name.
+ For this files called dsa.parseFile() or wml.parseFile() (from parser package)
+ for extracting DSA information.
+ Results stored in global dict dsaref
- For this files called oval.parser.dsa.parseFile() for extracting DSA information.
+ @type directory: C(string)
+ @param directory: top of parsed filesystem hierarhy
+ @type postfix: C(string)
+ @param postfix: filename postfix of files which contains data of DSA
+ @type depth: C(integer)
+ @param depth: maximum recursion depth
"""
if depth == 0:
@@ -55,7 +78,7 @@
logging.log(logging.DEBUG, "Entering directory " + path)
parsedirs (path, postfix, depth-1)
- #Parse DSA data files
+ #Parse DSA data files
if os.access(path, os.R_OK) and file.endswith(postfix) and file[0] != '.' and file[0] != '#':
result = dsa.parseFile (path)
if result:
@@ -65,7 +88,7 @@
else:
dsaref[result[0]] = result[1]
- #Parse DSA wml descriptions
+ #Parse DSA wml descriptions
if os.access(path, os.R_OK) and file.endswith(".wml") and file[0] != '.' and file[0] != '#':
result = wml.parseFile(path)
if result:
@@ -78,7 +101,17 @@
return 0
def parsefile (filename):
+ """ Parse specifi DSA data and wml file.
+ Parse specified DSA data file and according wml file.
+ Create OVAl definition for this DSA and return it.
+
+ @type filename: C(string)
+ @param filename: path to DSA datafile
+ @rtype: C(string)
+ @return: Generated OVAL definition XML
+ """
+
datafile = filename
(path, ext) = os.path.splitext(datafile)
wmlfile = '.'.join((path, 'wml'))
Modified: trunk/oval-server/oval/dsaSync/directory.py
===================================================================
--- trunk/oval-server/oval/dsaSync/directory.py 2007-09-10 23:09:18 UTC (rev 273)
+++ trunk/oval-server/oval/dsaSync/directory.py 2007-09-10 23:12:04 UTC (rev 274)
@@ -52,15 +52,22 @@
self.logger.info('Syncing %s with %s' % (self.dsaStorage, self.dsaSource))
status = 0
- self.cmpdir (self.dsaSource)
- if self.result:
- self.syncdirs ()
- status = 1
+ #Check exist of DSA source dir
+ if os.access(self.dsaSource, os.R_OK):
+ if os.path.isdir (self.dsaSource):
+ self.cmpdir (self.dsaSource)
+ if self.result:
+ self.syncdirs ()
+ status = 1
+ else:
+ self.logger.info('directorySync: no files to sync')
+ else:
+ self.logger.error('Source path must point to directory, not file.')
else:
- self.logger.info('directorySync: no files to sync')
+ self.logger.error('Source path must exist.')
return status
if __name__ == '__main__':
upd = dirSync('/home/blaze/tmp/oval/server/dsa', '/tmp/dsa')
- upd.sync()
\ No newline at end of file
+ upd.sync()
Modified: trunk/oval-server/oval-monitor.py
===================================================================
--- trunk/oval-server/oval-monitor.py 2007-09-10 23:09:18 UTC (rev 273)
+++ trunk/oval-server/oval-monitor.py 2007-09-10 23:12:04 UTC (rev 274)
@@ -40,6 +40,16 @@
raise e
def getAgentAffectedVuln (self, agentID):
+ """ Return list of affected DSA for certain agent
+
+ Return list of DSA numbers which affected host for certain agent.
+
+ @type agentID: C(integer)
+ @param agentID: Identificator of inspected agent
+ @rtype: C(list)
+ @return: list of DSA numbers
+ """
+
cursor = self.db.getCursor()
cursor.execute ('SELECT vulnDSA from affected WHERE agentID = %d and status = 1' % agentID)
@@ -47,6 +57,16 @@
return result
def getAgentNottestedVuln (self, agentID):
+ """ Return list of not tested DSA for certain agent
+
+ Return list of DSA numbers which not tested again host for certain agent.
+
+ @type agentID: C(integer)
+ @param agentID: Identificator of inspected agent
+ @rtype: C(list)
+ @return: list of DSA numbers
+ """
+
cursor = self.db.getCursor()
cursor.execute ("""SELECT vulnDSA FROM vulnerabilities
@@ -57,6 +77,15 @@
return result
def reportAgent (self, agentID):
+ """Generate report for certain agent.
+
+ Generate report, which include list of affected and not tested DSA.
+ Also contain number of not affected DSA.
+
+ @type agentID: C(integer)
+ @param agentID: Identificator of inspected agent
+ """
+
cursor = self.db.getCursor()
cursor.execute ('SELECT vulnDSA, status from affected WHERE agentID = %d' % agentID)
@@ -77,6 +106,15 @@
print '\tNot tested again DSA ID %s' %dsa[0]
def reportDSA (self, dsaID):
+ """Generate report for certain DSA.
+
+ Generate report, which include list of affected and not tested agents
+ again certain DSA.
+
+ @type agentID: C(integer)
+ @param agentID: Identificator of inspected DSA
+ """
+
cursor = self.db.getCursor()
cursor.execute ('SELECT affected.agentID, agents.agentName from affected JOIN agents on affected.agentID = agents.agentID WHERE vulnDSA = %d and status = 1' % dsaID)
agents = cursor.fetchall ()
@@ -92,11 +130,14 @@
agents = cursor.fetchall ()
print 'Agents not tested to DSA %d:' % dsaID
for agent in agents:
- print '\t%d \t %s' % (agent[0], agent[1])
+ print '\t%d \t %s' % (agent[0], agent[1])
-
+ def reportFull (self):
+ """Generate full report about status of all agents.
- def reportFull (self):
+ Generate report, which include list of all registered agents with:
+ ID, IP, number of affected and not tested DSA.
+ """
cursor = self.db.getCursor()
cursor.execute ("SELECT * FROM agents;")
@@ -112,7 +153,7 @@
if __name__ == "__main__":
#Parse command line options.
- #By default we search for config file in current directory
+ #By default we search for config file in global etc directory
opts = {'-c' : '/etc/oval/server.conf'}
try:
Modified: trunk/oval-server/oval-server.py
===================================================================
--- trunk/oval-server/oval-server.py 2007-09-10 23:09:18 UTC (rev 273)
+++ trunk/oval-server/oval-server.py 2007-09-10 23:12:04 UTC (rev 274)
@@ -1,7 +1,7 @@
#!/usr/bin/python2.4
# -*- coding: utf-8 -*-
-#
-# Written by Pavel Vinogradov
+#
+# Written by Pavel Vinogradov <Pavel.Vinogradov at nixdev.net>
# Licensed under the GNU General Public License version 2.
from ConfigParser import SafeConfigParser
@@ -90,25 +90,33 @@
conv = convertor.Dsa2Oval (self.workdir)
while self.__status:
- self.logger.debug('syncThread: Run local sync')
- syncStatus = self.syncer.sync()
-
- if syncStatus:
- self.logger.debug('syncThread: Run agent sync')
- for agent in self.db.getAgentsList():
- self.logger.debug('syncThread: Sync definitions for agent %s' % agent[1])
- files = self.db.makeDefList(int(agent[0]))
- data = conv.createDefList(files)
- conv.saveOvalDef('%s/%s.xml' % (self.workdir, agent[1]))
+ try:
+ self.logger.debug('syncThread: Run local sync')
+ syncStatus = self.syncer.sync()
- self.logger.debug('syncThread: sleep')
- time.sleep(60 * self.update_interval)
+ if syncStatus:
+ self.logger.debug('syncThread: Run agent sync')
+ for agent in self.db.getAgentsList():
+ self.logger.debug('syncThread: Sync definitions for agent %s' % agent[1])
+ files = self.db.makeDefList(int(agent[0]))
+ data = conv.createDefList(files)
+ conv.saveOvalDef('%s/%s.xml' % (self.workdir, agent[1]))
+
+ self.logger.debug('syncThread: sleep')
+ time.sleep(60 * self.update_interval)
+ except Exception, e:
+ self.logger.critical ('Unhandled error in Syncer thread: %s : %s.\n' % (e.__class__, str(e)))
def stop(self):
self.__status = None
class mainThread:
+ """ Main program thread.
+ Initialize all resource, read config file, create instances of all
+ other threads and run it.
+ """
+
config = SafeConfigParser()
logger = logging.getLogger()
@@ -117,11 +125,11 @@
# Read global server config
if not self.config.read(cfgfile):
raise configNotFoundError, 'Config file %s not found.\n' % cfgfile
-
+
self.dsa_storage = self.config.get('general', 'dsa_storage')
self.db = self.config.get('general', 'db')
#Init static fields in dba and Dsa2Oval classes
- dba.dbPath = self.db
+ dba.dbPath = self.db
convertor.Dsa2Oval.inputDir = self.dsa_storage
logdirname = self.config.get('general', 'log_dir')
@@ -188,7 +196,7 @@
if __name__ == "__main__":
#Parse command line options.
- #By default we search for config file in current directory
+ #By default we search for config file in global etc directory
opts = {'-c' : '/etc/oval/server.conf'}
try:
More information about the Oval-commits
mailing list