1.1 --- a/OpenSecurity.iss Mon Mar 03 11:52:29 2014 +0100
1.2 +++ b/OpenSecurity.iss Mon Mar 03 15:05:17 2014 +0100
1.3 @@ -21,29 +21,35 @@
1.4
1.5 [Files]
1.6 ; Files to copy
1.7 -Source: "OpenSecurity\bin\*"; Excludes: "*.pyc"; DestDir: "{app}\bin"; Flags: recursesubdirs createallsubdirs;
1.8 +Source: "OpenSecurity\bin\*"; Excludes: "*.pyc,*.swp"; DestDir: "{app}\bin"; Flags: recursesubdirs createallsubdirs;
1.9 Source: "OpenSecurity\cygwin64\*"; DestDir: "{app}\cygwin64"; Flags: recursesubdirs createallsubdirs;
1.10 Source: "OpenSecurity\gfx\*"; DestDir: "{app}\gfx"; Flags: recursesubdirs createallsubdirs;
1.11 Source: "OpenSecurity\install\*"; DestDir: "{app}\install"; Flags: recursesubdirs createallsubdirs;
1.12 Source: "OpenSecurity\python27\*"; DestDir: "{app}\python27"; Flags: recursesubdirs createallsubdirs;
1.13
1.14 +[Dirs]
1.15 +Name: "{app}\log";
1.16 +Name: "{app}\vm";
1.17 +
1.18 [Registry]
1.19 ; Registry entries to set
1.20 -Root: HKCU; Subkey: "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"; ValueName: "OpenSecurity Daemon"; ValueType: string; ValueData: "{app}\python27\pythonw.exe ""{app}\bin\opensecurityd.pyw"""; Flags: uninsdeletevalue
1.21 +;Root: HKCU; Subkey: "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"; ValueName: "OpenSecurity Daemon"; ValueType: string; ValueData: "{app}\python27\pythonw.exe ""{app}\bin\opensecurityd.pyw"""; Flags: uninsdeletevalue
1.22 Root: HKCU; Subkey: "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"; ValueName: "OpenSecurity Tray Icon"; ValueType: string; ValueData: "{app}\python27\pythonw.exe ""{app}\bin\opensecurity_tray.pyw"""; Flags: uninsdeletevalue
1.23
1.24 [Icons]
1.25 ; Program Icons in start menu
1.26 +Name: "{group}\OpenSecurity Initial VM"; Filename: "{app}\python27\pythonw.exe"; Parameters: """{app}\bin\download-image.pyw"""; WorkingDir: "{app}"; Comment: "Download and install the initial OpenSecurity VM image"; IconFilename: "{app}\gfx\OpenSecurity.ico"
1.27 Name: "{group}\OpenSecurity Tray Icon"; Filename: "{app}\python27\pythonw.exe"; Parameters: """{app}\bin\opensecurity_tray.pyw"""; WorkingDir: "{userappdata}"; Comment: "The OpenSecurity Tray Icon"; IconFilename: "{app}\gfx\OpenSecurity.ico"
1.28 -Name: "{group}\OpenSecurity Server"; Filename: "{app}\python27\pythonw.exe"; Parameters: """{app}\bin\opensecurityd.pyw"""; WorkingDir: "{userappdata}"; Comment: "The OpenSecurity VM System Orchestrating Server"; IconFilename: "{app}\gfx\OpenSecurity.ico"
1.29 -Name: "{group}\Initial VM import"; Filename: "{app}\install\initial_vm.bat"; WorkingDir: "{userappdata}"; Comment: "The OpenSecurity VM System Orchestrating Server"; IconFilename: "{app}\gfx\OpenSecurity.ico"
1.30 +;Name: "{group}\OpenSecurity Server"; Filename: "{app}\python27\pythonw.exe"; Parameters: """{app}\bin\opensecurityd.pyw"""; WorkingDir: "{userappdata}"; Comment: "The OpenSecurity VM System Orchestrating Server"; IconFilename: "{app}\gfx\OpenSecurity.ico"
1.31 +;Name: "{group}\Initial VM import"; Filename: "{app}\install\initial_vm.bat"; WorkingDir: "{userappdata}"; Comment: "The OpenSecurity VM System Orchestrating Server"; IconFilename: "{app}\gfx\OpenSecurity.ico"
1.32 Name: "{group}\Uninstall OpenSecurity"; Filename: "{uninstallexe}"
1.33
1.34 [Run]
1.35 ; Run after installment
1.36 Filename: "{app}\cygwin64\bin\dash.exe"; Parameters: "/bin/rebaseall"; Description: "Rebasing background system"; WorkingDir: "{app}"; StatusMsg: "Rebasing background system..."; Flags: runascurrentuser
1.37 Filename: "{app}\install\fix_cygwin_paths.bat"; Description: "Fixing Cygwin paths"; WorkingDir: "{app}\install"; StatusMsg: "Fixing Cygwin Paths..";
1.38 -Filename: "{app}\install\initial_vm.bat"; Description: "Loading initial VM"; WorkingDir: "{app}\install"; StatusMsg: "Setting up initial VM..."; Flags: runasoriginaluser
1.39 +;Filename: "{app}\install\initial_vm.bat"; Description: "Loading initial VM"; WorkingDir: "{app}\install"; StatusMsg: "Setting up initial VM..."; Flags: runasoriginaluser
1.40 +Filename: "{app}\python27\pythonw.exe"; Parameters: "{app}\bin\opensecurity_service.pyw install"; Description: "Installing the OpenSecurity Service"; WorkingDir: "{app}"; StatusMsg: "Installing the OpenSecurity Service";
1.41
1.42 [UninstallDelete]
1.43 Type: filesandordirs; Name: "{app}"
2.1 --- a/OpenSecurity/bin/download-image.pyw Mon Mar 03 11:52:29 2014 +0100
2.2 +++ b/OpenSecurity/bin/download-image.pyw Mon Mar 03 15:05:17 2014 +0100
2.3 @@ -32,6 +32,7 @@
2.4 # ------------------------------------------------------------
2.5 # imports
2.6
2.7 +import errno
2.8 import os
2.9 import sys
2.10 import urllib2
2.11 @@ -44,6 +45,13 @@
2.12
2.13
2.14 # ------------------------------------------------------------
2.15 +# global vars
2.16 +
2.17 +
2.18 +vm_path = os.path.normpath(os.path.join(sys.path[0], '..', 'vm'))
2.19 +
2.20 +
2.21 +# ------------------------------------------------------------
2.22 # code
2.23
2.24
2.25 @@ -141,9 +149,8 @@
2.26 self.stop = False
2.27
2.28 # place to store the OsecVM image
2.29 - self.vm_path = os.path.join(sys.path[0], '..', 'vm')
2.30 - if not os.path.exists(self.vm_path):
2.31 - os.mkdir(self.vm_path)
2.32 + if not os.path.exists(vm_path):
2.33 + os.mkdir(vm_path)
2.34
2.35
2.36 def work(self):
2.37 @@ -152,8 +159,8 @@
2.38
2.39 url = "http://service.x-net.at/opensecurity/OsecVM_latest.ova"
2.40
2.41 - filename_download = os.path.join(self.vm_path, 'OsecVM_latest.ova')
2.42 - filename_target = os.path.join(self.vm_path, 'OsecVM.ova')
2.43 + filename_download = os.path.join(vm_path, 'OsecVM_latest.ova')
2.44 + filename_target = os.path.join(vm_path, 'OsecVM.ova')
2.45
2.46 # open URL
2.47 try:
2.48 @@ -208,6 +215,22 @@
2.49 # we should have now our application icon
2.50 app.setWindowIcon(QtGui.QIcon(QtGui.QPixmapCache.find('opensecurity_icon_64')))
2.51
2.52 + # check essential permissions
2.53 + try:
2.54 + f = open(os.path.join(vm_path, '.x'), 'w')
2.55 + f.write('test')
2.56 + f.flush()
2.57 + f.close()
2.58 + os.remove(os.path.join(vm_path, '.x'))
2.59 + except IOError as e:
2.60 + if e.errno == errno.EACCES:
2.61 + QtGui.QMessageBox.critical(None, 'OpenSecurity Download VM image error', 'No write access to "' + str(vm_path) + '"\nIs this run as Administrator?')
2.62 + sys.exit(1)
2.63 + else:
2.64 + QtGui.QMessageBox.critical(None, 'OpenSecurity Download VM image error', 'Error occured.\nErrno: ' + str(e.errno))
2.65 + sys.exit(1)
2.66 +
2.67 + # open download dialog
2.68 w = DownloadDialog()
2.69 w.show()
2.70
3.1 --- a/OpenSecurity/bin/environment.py Mon Mar 03 11:52:29 2014 +0100
3.2 +++ b/OpenSecurity/bin/environment.py Mon Mar 03 15:05:17 2014 +0100
3.3 @@ -114,12 +114,19 @@
3.4
3.5 elif sys.platform == 'win32' or sys.platform == 'cygwin':
3.6
3.7 - if not os.path.exists(user_log_path):
3.8 - os.mkdir(user_log_path)
3.9 - elif not os.path.isdir(user_log_path):
3.10 - raise IOError(user_log_path + ': not a folder')
3.11 + # in OpenSecurity we expect the log path tp be
3.12 + # somewhere like C:\Program Files\OpenSecurity\log
3.13 + # having this script residing in
3.14 + # C:\Progam Files\OpenSecurity\bin
3.15 + ideal_log_path = os.path.normpath(os.path.join(self.prefix_path, '..', 'log'))
3.16
3.17 - return user_log_path
3.18 + # check ideal path first
3.19 + if not os.path.exists(ideal_log_path):
3.20 + os.mkdir(ideal_log_path)
3.21 + elif not os.path.isdir(ideal_log_path):
3.22 + raise IOError(ideal_log_path + ': not a folder')
3.23 +
3.24 + return ideal_log_path
3.25
3.26 else:
3.27 raise OSError()
4.1 --- a/OpenSecurity/bin/opensecurityd.pyw Mon Mar 03 11:52:29 2014 +0100
4.2 +++ b/OpenSecurity/bin/opensecurityd.pyw Mon Mar 03 15:05:17 2014 +0100
4.3 @@ -73,7 +73,8 @@
4.4 # vars
4.5
4.6 # Global VMManager instance
4.7 -gvm_mgr = VMManager.getInstance()
4.8 +gvm_mgr = None
4.9 +
4.10
4.11 # ------------------------------------------------------------
4.12 # code
4.13 @@ -100,7 +101,7 @@
4.14 def GET(self):
4.15 log_call(web.ctx.environ)
4.16 try:
4.17 - browsingVM = gvm_mgr.handleBrowsingRequest()
4.18 + browsingVM = vmmanager().handleBrowsingRequest()
4.19 return browsingVM
4.20 except:
4.21 raise web.internalerror()
4.22 @@ -123,11 +124,11 @@
4.23
4.24 def GET(self, name):
4.25 log_call(web.ctx.environ)
4.26 - return gvm_mgr.getVMInfo(name)
4.27 + return vmmanager().getVMInfo(name)
4.28
4.29 def DELETE(self, name):
4.30 log_call(web.ctx.environ)
4.31 - return gvm_mgr.removeVM(name)
4.32 + return vmmanager().removeVM(name)
4.33
4.34
4.35 class os_sdvm_application:
4.36 @@ -139,9 +140,9 @@
4.37 def GET(self, name, command):
4.38 log_call(web.ctx.environ)
4.39 command = '/' + command
4.40 - result = Cygwin.sshExecuteX11(command, gvm_mgr.getHostOnlyIP(name), 'osecuser', Cygwin.cygPath(gvm_mgr.getMachineFolder()) + '/' + name + '/dvm_key' )
4.41 + result = Cygwin.sshExecuteX11(command, vmmanager().getHostOnlyIP(name), 'osecuser', Cygwin.cygPath(gvm_mgr.getMachineFolder()) + '/' + name + '/dvm_key' )
4.42 self.poweroffVM(name)
4.43 - return gvm_mgr.removeVM(name)
4.44 + return vmmanager().removeVM(name)
4.45
4.46
4.47 class os_sdvm_ip:
4.48 @@ -152,7 +153,7 @@
4.49
4.50 def GET(self, name):
4.51 log_call(web.ctx.environ)
4.52 - return gvm_mgr.getHostOnlyIP(name)
4.53 + return vmmanager().getHostOnlyIP(name)
4.54
4.55
4.56 class os_sdvm_start:
4.57 @@ -163,7 +164,7 @@
4.58
4.59 def GET(self, name):
4.60 log_call(web.ctx.environ)
4.61 - return gvm_mgr.startVM(name)
4.62 + return vmmanager().startVM(name)
4.63
4.64
4.65 class os_sdvm_stop:
4.66 @@ -174,7 +175,7 @@
4.67
4.68 def GET(self, name):
4.69 log_call(web.ctx.environ)
4.70 - return gvm_mgr.stopVM(name)
4.71 + return vmmanager().stopVM(name)
4.72
4.73
4.74 class os_sdvms:
4.75 @@ -187,16 +188,16 @@
4.76 def GET(self):
4.77 """get the list of SDVMs"""
4.78 log_call(web.ctx.environ)
4.79 - return gvm_mgr.listSDVM()
4.80 + return vmmanager().listSDVM()
4.81
4.82 def POST(self):
4.83 """create a new SDVM"""
4.84 log_call(web.ctx.environ)
4.85
4.86 # get a new vm-name
4.87 - name = gvm_mgr.generateSDVMName()
4.88 + name = vmmanager().generateSDVMName()
4.89 try:
4.90 - gvm_mgr.createVM(name)
4.91 + vmmanager().createVM(name)
4.92 except:
4.93 raise web.internalerror()
4.94
4.95 @@ -210,7 +211,7 @@
4.96
4.97 def GET(self, name):
4.98 log_call(web.ctx.environ)
4.99 - return gvm_mgr.getVMInfo(name)
4.100 + return vmmanager().getVMInfo(name)
4.101
4.102
4.103 class os_vms:
4.104 @@ -221,7 +222,7 @@
4.105
4.106 def GET(self):
4.107 log_call(web.ctx.environ)
4.108 - return gvm_mgr.listVM()
4.109 + return vmmanager().listVM()
4.110
4.111
4.112 class os_root:
4.113 @@ -234,7 +235,7 @@
4.114 log_call(web.ctx.environ)
4.115 res = "'os_server': { "
4.116 res += "'version': '" + __version__ + "', "
4.117 - res += "'machine_folder': '" + gvm_mgr.getDefaultMachineFolder() + "' "
4.118 + res += "'machine_folder': '" + vmmanager().getDefaultMachineFolder() + "' "
4.119 res += "}"
4.120 return res
4.121
4.122 @@ -247,7 +248,7 @@
4.123 def GET(self):
4.124 #return gvm_mgr.guestExecute('SecurityDVM', 'sudo apt-get -y update')
4.125 log_call(web.ctx.environ)
4.126 - return gvm_mgr.updateTemplate()
4.127 + return vmmanager().updateTemplate()
4.128
4.129
4.130 def log_call(web_environ):
4.131 @@ -258,8 +259,22 @@
4.132 except:
4.133 pass
4.134
4.135 -# start
4.136 -if __name__ == "__main__":
4.137 +
4.138 +def main():
4.139 + """main startup for the opensecuirityd"""
4.140 server = web.application(opensecurity_urls, globals())
4.141 server.run()
4.142
4.143 +
4.144 +def vmmanager():
4.145 +
4.146 + """helper method to make lazy init of VMManager"""
4.147 + if gvm_mgr is None:
4.148 + gvm_mgr = VMManager.getInstance()
4.149 + return gvm_mgr
4.150 +
4.151 +
4.152 +# start
4.153 +if __name__ == "__main__":
4.154 + main()
4.155 +
5.1 --- a/OpenSecurity/install/fix_cygwin_paths.bat Mon Mar 03 11:52:29 2014 +0100
5.2 +++ b/OpenSecurity/install/fix_cygwin_paths.bat Mon Mar 03 15:05:17 2014 +0100
5.3 @@ -1,5 +1,5 @@
5.4 -@echo off
5.5 -cd %0%\..\..
5.6 -echo %windir%\Temp /tmp ntfs binary,auto 1 1 >> cygwin64/etc/fstab
5.7 -echo %HOMEDRIVE%/Users /home ntfs binary,auto 1 1 >> cygwin64/etc/fstab
5.8 -copy install\initial_vm.sh cygwin64\usr\local\bin
5.9 +@echo off
5.10 +cd %0%\..\..
5.11 +echo %windir%\Temp /tmp ntfs binary,auto 1 1 >> cygwin64/etc/fstab
5.12 +echo %HOMEDRIVE%/Users /home ntfs binary,auto 1 1 >> cygwin64/etc/fstab
5.13 +rem copy install\initial_vm.sh cygwin64\usr\local\bin
6.1 --- a/OpenSecurity/install/initial_vm.sh Mon Mar 03 11:52:29 2014 +0100
6.2 +++ b/OpenSecurity/install/initial_vm.sh Mon Mar 03 15:05:17 2014 +0100
6.3 @@ -1,7 +1,7 @@
6.4 -#!/bin/bash
6.5 +#!/bin/sh
6.6
6.7 # ------------------------------------------------------------
6.8 -# download and install the initial VM for
6.9 +# install the initial VM for
6.10 #
6.11 # OpenSecurity V0.1
6.12 #
6.13 @@ -12,10 +12,6 @@
6.14 # software to the world relying on CMD.exe is an act
6.15 # against humanity and should be punished by jail.
6.16 #
6.17 -# To be called with the OpenSecurity installation folder
6.18 -# like C:\Program Files\OpenSecurity as first argument
6.19 -#
6.20 -#
6.21 # (C)opyright 2014, AIT Austrian Instiitute of Technology
6.22 # ------------------------------------------------------------
6.23
6.24 @@ -23,9 +19,22 @@
6.25 # ------------------------------------------------------------
6.26 # vars
6.27
6.28 -OPENSECURITY_DIR="${1}"
6.29 OPENSECURITY_PORT=8080
6.30 -OVA_TEMPLATE_URL="http://service.x-net.at/opensecurity/OsecVM_latest.ova"
6.31 +
6.32 +
6.33 +# change to prefix folder
6.34 +# this script is supposed to be run
6.35 +# in
6.36 +# /usr/bin
6.37 +# /usr/local/bin
6.38 +# C:\Program Files\OpenSecurity\bin
6.39 +# or
6.40 +# C:\Program Files\OpenSecurity\install
6.41 +#
6.42 +# So, ensure we are relativ inside the
6.43 +# prefix installment path
6.44 +#
6.45 +cd $(dirname $(readlink -f ${0})) && cd ..
6.46
6.47
6.48 # ------------------------------------------------------------
6.49 @@ -80,7 +89,7 @@
6.50 # check opensecurity folder
6.51 #
6.52 OPENSECURITY_DIR=$(sanitize_path "${OPENSECURITY_DIR}")
6.53 -OSECVM_IMAGE="${OPENSECURITY_DIR}/install/OsecVM.ova"
6.54 +OSECVM_IMAGE="${OPENSECURITY_DIR}/vm/OsecVM.ova"
6.55 if [ ! -d "${OPENSECURITY_DIR}" ]; then
6.56 echo "warning: no valid installation folder specified"
6.57 fi