Added temporary Initialize button to Tray. has to be clicked after import to start the system.
Rewrite of the init.sh script in progress.
2 # -*- coding: utf-8 -*-
4 # ------------------------------------------------------------
7 # the opensecurityd as RESTful server
9 # Autor: Oliver Maurhart, <oliver.maurhart@ait.ac.at>
10 # Mihai Bartha, <mihai.bartha@ait.ac.at>
12 # Copyright (C) 2013 AIT Austrian Institute of Technology
13 # AIT Austrian Institute of Technology GmbH
14 # Donau-City-Strasse 1 | 1220 Vienna | Austria
15 # http://www.ait.ac.at
17 # This program is free software; you can redistribute it and/or
18 # modify it under the terms of the GNU General Public License
19 # as published by the Free Software Foundation version 2.
21 # This program is distributed in the hope that it will be useful,
22 # but WITHOUT ANY WARRANTY; without even the implied warranty of
23 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 # GNU General Public License for more details.
26 # You should have received a copy of the GNU General Public License
27 # along with this program; if not, write to the Free Software
28 # Foundation, Inc., 51 Franklin Street, Fifth Floor,
29 # Boston, MA 02110-1301, USA.
30 # ------------------------------------------------------------
33 # ------------------------------------------------------------
47 import __init__ as opensecurity
48 from cygwin import Cygwin
49 from environment import Environment
50 from opensecurity_util import logger, showTrayMessage
54 # ------------------------------------------------------------
57 """All the URLs we know mapping to class handler"""
59 '/browsing', 'os_browsing', # http://localhost:8080/browsing GET
60 '/fetch_initial_image', 'os_fetch_image', # http://localhost:8080/fetch_initial_image GET
61 '/init', 'os_init', # http://localhost:8080/init GET
62 '/initial_image', 'os_initial_image', # http://localhost:8080/initial_image GET
63 '/sdvms', 'os_sdvms', # http://localhost:8080/sdvms GET, PUT
64 '/sdvms/(.*)/application/(.*)', 'os_sdvm_application', # http://localhost:8080/sdvms/[VMNAME]/application/[COMMAND] GET
65 '/sdvms/(.*)/ip', 'os_sdvm_ip', # http://localhost:8080/sdvms/[VMNAME]/ip GET
66 '/sdvms/(.*)/start', 'os_sdvm_start', # http://localhost:8080/sdvms/[VMNAME]/start GET
67 '/sdvms/(.*)/stop', 'os_sdvm_stop', # http://localhost:8080/sdvms/[VMNAME]/stop GET
68 '/sdvms/(.*)', 'os_sdvm', # http://localhost:8080/sdvms/[VMNAME] GET, DELETE
69 '/setup', 'os_setup', # http://localhost:8080/setup GET
70 '/vms', 'os_vms', # http://localhost:8080/vms GET
71 '/vms/(.*)', 'os_vm', # http://localhost:8080/vms/[VMNAME] GET
72 '/update_template', 'os_update_template', # http://localhost:8080/update_template GET
73 '/terminate', 'os_terminate', # http://localhost:8080/terminate GET
74 '/initialize', 'os_initialize', # http://localhost:8080/initialize GET
75 '/', 'os_root' # http://localhost:8080/ GET
79 # ------------------------------------------------------------
82 # Global VMManager instance
89 # ------------------------------------------------------------
94 """OpenSecurity '/browsing' handler
96 - GET: Start and prepare a new SecurityVM for Internet Browsing. Return the name of the VM.
101 log_call(web.ctx.environ)
105 if 'ProxyServer' in args:
106 proxy = args['ProxyServer']
107 result = gvm_mgr.handleBrowsingRequest(proxy)
110 raise web.internalerror()
113 class os_fetch_image:
114 """OpenSecurity '/fetch_initial_image' handler
116 - GET: fetch the initial image from the X-Net Servers
117 The initial image is stored in the
118 Virtual Box default machine path.
119 The result to this call is a temprary file
120 which shows the progress (or error state)
126 log_call(web.ctx.environ)
129 trace_file_name = os.path.join(Environment('OpenSecurity').log_path, 'OpenSecurity_fetch_image.log')
130 trace_file = open(trace_file_name, 'w+')
132 machine_folder = Cygwin.cygPath(gvm_mgr.getMachineFolder())
133 download_initial_image_script = Cygwin.cygPath(os.path.abspath(os.path.join(os.path.split(__file__)[0], 'download_initial_image.sh')))
134 Cygwin.bashExecute('\\"' + download_initial_image_script + '\\" \'' + machine_folder + '\'', wait_return = False, stdout = trace_file, stderr = trace_file)
136 res = '{ "fetch_log": "' + trace_file_name.replace('\\', '\\\\') + '" }'
141 """OpenSecurity '/init' handler
143 - GET: Do initial import of OsecVM.ova
147 log_call(web.ctx.environ)
153 if gvm_mgr.vmRootName in gvm_mgr.listVM():
154 gvm_mgr.poweroffVM(gvm_mgr.vmRootName)
155 tmplateUUID = gvm_mgr.getTemplateUUID()
156 if tmplateUUID != None:
157 logger.debug('found parent uuid ' + tmplateUUID)
158 gvm_mgr.detachStorage(gvm_mgr.vmRootName)
159 gvm_mgr.removeSnapshots(tmplateUUID)
160 gvm_mgr.removeImage(tmplateUUID)
162 logger.debug('parent uuid not found')
163 gvm_mgr.removeVM(gvm_mgr.vmRootName)
164 gvm_mgr.removeVMFolder(gvm_mgr.vmRootName)
166 trace_file_name = os.path.join(Environment('OpenSecurity').log_path, 'OpenSecurity_initial_import.log')
167 trace_file = open(trace_file_name, 'w+')
169 vm_image = Cygwin.cygPath(gvm_mgr.getMachineFolder()) + '/OsecVM.ova'
171 initial_import_script = Cygwin.cygPath(os.path.abspath(os.path.join(os.path.split(__file__)[0], 'initial_vm.sh')))
172 Cygwin.bashExecute('\\"' + initial_import_script + '\\" \'' + vm_image + '\'', wait_return = False, stdout = trace_file, stderr = trace_file)
173 res = '{ "init_log": "' + trace_file_name.replace('\\', '\\\\') + '" }'
178 class os_initial_image:
179 """OpenSecurity '/initial_image' handler
181 - GET: Return what we have as initial image.
185 log_call(web.ctx.environ)
187 t = os.path.join(gvm_mgr.systemProperties['Default machine folder'], 'OsecVM.ova')
189 if os.path.isfile(t):
190 res = '{"initial_template": { '
191 res += '"name": "OsecVM.ova", '
192 res += '"path": "' + t.replace('\\', '\\\\') + '", '
193 res += '"size": ' + str(os.path.getsize(t)) + ', '
194 res += '"date": ' + str(os.path.getmtime(t)) + ''
200 """OpenSecurity '/' handler
202 - GET: give information about current installation.
206 log_call(web.ctx.environ)
209 # create a json string and pretty print it
210 res = '{"os_server": { '
211 res += '"version": "' + opensecurity.__version__ + '" '
212 res += ', "virtual box systemproperties": ' + str(gvm_mgr.systemProperties).replace("'", '"')
213 res += ', "current temporary folder": "' + tempfile.gettempdir().replace('\\', '\\\\') + '"'
214 res += ', "current log folder": "' + Environment('OpenSecurity').log_path.replace('\\', '\\\\') + '"'
217 res += ', "whoami": "' + Cygwin.bashExecute('whoami')[1].strip() + '"'
219 res += ', "whoami": "FAILED"'
222 res += ', "mount": ' + str(Cygwin.bashExecute('mount')[1].split('\n')[:-1]).replace("'", '"')
224 res += ', "mount": "FAILED"'
227 res += ', "cygpath --windows ~": "' + Cygwin.bashExecute('cygpath --windows ~')[1].strip().replace('\\', '\\\\') + '"'
229 res += ', "cygpath --windows ~": "FAILED"'
232 res += ', "status message": "' + gvm_mgr.status_message.replace('"', "'") + '"'
236 # loading it into json and print it again ensures
237 # we really do have a valid RFC conform json string
238 # created (as long as the python json module is RFC conform)
239 return json.dumps(json.loads(res), indent = 4)
244 """OpenSecurity '/sdvms/[VM]' handler
246 - GET: Information about a specific SecurityVM
247 - DELETE: Remove a specific
251 log_call(web.ctx.environ)
253 return json.dumps(gvm_mgr.getVMInfo(name), indent = 4)
255 def DELETE(self, name):
256 log_call(web.ctx.environ)
258 return gvm_mgr.removeVM(name)
261 class os_sdvm_application:
262 """OpenSecurity '/sdvms/[VM]/application/[CMD]' handler
264 - GET: start application with given command in the VM.
267 def GET(self, name, command):
268 log_call(web.ctx.environ)
270 command = '/' + command
271 showTrayMessage('Launching application in isolated VM...', 7000)
272 result = Cygwin.sshExecuteX11(command, gvm_mgr.getHostOnlyIP(name), 'osecuser', Cygwin.cygPath(gvm_mgr.getMachineFolder()) + '/' + name + '/dvm_key' )
273 return 'Command ' + str(command) + ' started on VM "' + name + '" with IP ' + gvm_mgr.getHostOnlyIP(name)
277 """OpenSecurity '/sdvms/[VM]/ip' handler
279 - GET: give IP of SecurityVM.
283 log_call(web.ctx.environ)
285 return gvm_mgr.getHostOnlyIP(name)
289 """OpenSecurity '/sdvms/[VM]/start' handler
291 - GET: Start specific SecuirtyVM.
295 log_call(web.ctx.environ)
297 return gvm_mgr.startVM(name)
301 """OpenSecurity '/sdvms/[VM]/stop' handler
303 - GET: stop specific Secuirty VM.
307 log_call(web.ctx.environ)
309 return gvm_mgr.stopVM(name)
313 """OpenSecurity '/sdvms' handler
315 - GET: list all available secuirty VMs.
316 - POST: create new security vm.
320 """get the list of SDVMs"""
321 log_call(web.ctx.environ)
325 for sdvm in gvm_mgr.listSDVM():
326 d[sdvm] = gvm_mgr.getHostOnlyIP(sdvm)
328 return json.dumps(d, indent = 4)
331 """create a new SDVM"""
332 log_call(web.ctx.environ)
336 name = gvm_mgr.generateSDVMName()
338 gvm_mgr.createVM(name)
340 raise web.internalerror()
346 """OpenSecurity '/setup' handler
348 - GET: Give user some info how to setup the OpenSecurity environment
353 log_call(web.ctx.environ)
358 <h1>Setup OpenSecurity</h1>
359 In order to setup OpenSecurity an inital VM image has to be downloaded and imported:<br/>
361 <li>Download initial VM image: <a href="/fetch_initial_image">fetch_initial_image</a>
362 <li>Import initial VM: <a href="/init">init</a>
371 """OpenSecurity '/terminate' handler
373 - GET: terminate the opensecurityd.
375 TODO: need to find a better way doing this, and not via the
376 REST api. Maybe hack web.py server code?
380 log_call(web.ctx.environ)
389 """OpenSecurity '/initialize' handler
391 - GET: initialize / starts the vmmanager.
396 log_call(web.ctx.environ)
404 class os_update_template:
405 """OpenSecurity '/update_template' handler
407 - GET: update template vm
411 #return gvm_mgr.guestExecute('SecurityDVM', 'sudo apt-get -y update')
413 log_call(web.ctx.environ)
414 return gvm_mgr.updateTemplate()
418 """OpenSecurity '/vms/[VM]' handler
420 - GET: list information of arbitrary VM.
424 log_call(web.ctx.environ)
426 return gvm_mgr.getVMInfo(name)
430 """OpenSecurity '/vms' handler
432 - GET: list all (also non Security) VMs.
436 log_call(web.ctx.environ)
438 return str(gvm_mgr.listVM()).replace("'",'"')
441 def log_call(web_environ):
442 """log the incoming call to the REST api"""
444 call = 'REST ' + web_environ['REQUEST_METHOD'] + ' ' + web_environ['REQUEST_URI'] + ' from ' + web_environ['REMOTE_ADDR'] + ':' + web_environ['REMOTE_PORT']
451 """main startup for the opensecuirityd"""
456 logger.debug('Starting OpenSecurity REST server')
458 # ensure a VMManger is yet loaded
459 gvm_mgr = vmmanager.VMManager.getInstance()
461 # tweak sys.argv to control wep.py server start behavior
462 sys.argv = [__file__, "8080"]
463 server = web.application(opensecurity_urls, globals(), autoreload = False)
466 logger.debug('Stopped OpenSecurity REST server')
470 """stop the opensecuirityd"""
472 # calling sys.exit() raises a SystemExit exception
473 # of the WSGI Server to let it wind down
478 if __name__ == "__main__":