mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2026-06-14 22:28:43 +02:00
fix sominion_setup reactor
This commit is contained in:
Josh Patterson
@@ -6,39 +6,74 @@
|
|||||||
# Elastic License 2.0.
|
# Elastic License 2.0.
|
||||||
|
|
||||||
import logging
|
import logging
|
||||||
from subprocess import call
|
import os
|
||||||
import yaml
|
import re
|
||||||
|
import shlex
|
||||||
|
import subprocess
|
||||||
|
|
||||||
log = logging.getLogger(__name__)
|
log = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
SO_MINION = '/usr/sbin/so-minion'
|
||||||
|
|
||||||
|
_NODETYPE_RE = re.compile(r'^[A-Z][A-Z0-9_]{0,31}$')
|
||||||
|
_MINIONID_RE = re.compile(r'^[A-Za-z0-9._-]{1,253}$')
|
||||||
|
_HOSTPART_RE = re.compile(r'^[A-Za-z0-9._-]{1,253}$')
|
||||||
|
_IPV4_RE = re.compile(
|
||||||
|
r'^(?:(?:25[0-5]|2[0-4]\d|[01]?\d?\d)\.){3}'
|
||||||
|
r'(?:25[0-5]|2[0-4]\d|[01]?\d?\d)$'
|
||||||
|
)
|
||||||
|
_HEAP_RE = re.compile(r'^\d{1,6}[kKmMgG]?$')
|
||||||
|
|
||||||
|
|
||||||
|
def _check(name, value, pattern):
|
||||||
|
s = str(value)
|
||||||
|
if not pattern.match(s):
|
||||||
|
raise ValueError("sominion_setup_reactor: refusing unsafe %s=%r" % (name, value))
|
||||||
|
return s
|
||||||
|
|
||||||
|
|
||||||
def run():
|
def run():
|
||||||
log.info('sominion_setup_reactor: Running')
|
log.info('sominion_setup_reactor: Running')
|
||||||
minionid = data['id']
|
minionid = data['id']
|
||||||
DATA = data['data']
|
DATA = data['data']
|
||||||
hv_name = DATA['HYPERVISOR_HOST']
|
|
||||||
log.info('sominion_setup_reactor: DATA: %s' % DATA)
|
log.info('sominion_setup_reactor: DATA: %s' % DATA)
|
||||||
|
|
||||||
# Build the base command
|
nodetype = _check('NODETYPE', DATA['NODETYPE'], _NODETYPE_RE)
|
||||||
cmd = "NODETYPE=" + DATA['NODETYPE'] + " /usr/sbin/so-minion -o=addVM -m=" + minionid + " -n=" + DATA['MNIC'] + " -i=" + DATA['MAINIP'] + " -c=" + str(DATA['CPUCORES']) + " -d='" + DATA['NODE_DESCRIPTION'] + "'"
|
|
||||||
|
argv = [
|
||||||
# Add optional arguments only if they exist in DATA
|
SO_MINION,
|
||||||
|
'-o=addVM',
|
||||||
|
'-m=' + _check('minionid', minionid, _MINIONID_RE),
|
||||||
|
'-n=' + _check('MNIC', DATA['MNIC'], _HOSTPART_RE),
|
||||||
|
'-i=' + _check('MAINIP', DATA['MAINIP'], _IPV4_RE),
|
||||||
|
'-c=' + str(int(DATA['CPUCORES'])),
|
||||||
|
'-d=' + str(DATA['NODE_DESCRIPTION']),
|
||||||
|
]
|
||||||
|
|
||||||
if 'CORECOUNT' in DATA:
|
if 'CORECOUNT' in DATA:
|
||||||
cmd += " -C=" + str(DATA['CORECOUNT'])
|
argv.append('-C=' + str(int(DATA['CORECOUNT'])))
|
||||||
|
|
||||||
if 'INTERFACE' in DATA:
|
if 'INTERFACE' in DATA:
|
||||||
cmd += " -a=" + DATA['INTERFACE']
|
argv.append('-a=' + _check('INTERFACE', DATA['INTERFACE'], _HOSTPART_RE))
|
||||||
|
|
||||||
if 'ES_HEAP_SIZE' in DATA:
|
if 'ES_HEAP_SIZE' in DATA:
|
||||||
cmd += " -e=" + DATA['ES_HEAP_SIZE']
|
argv.append('-e=' + _check('ES_HEAP_SIZE', DATA['ES_HEAP_SIZE'], _HEAP_RE))
|
||||||
|
|
||||||
if 'LS_HEAP_SIZE' in DATA:
|
if 'LS_HEAP_SIZE' in DATA:
|
||||||
cmd += " -l=" + DATA['LS_HEAP_SIZE']
|
argv.append('-l=' + _check('LS_HEAP_SIZE', DATA['LS_HEAP_SIZE'], _HEAP_RE))
|
||||||
|
|
||||||
if 'LSHOSTNAME' in DATA:
|
if 'LSHOSTNAME' in DATA:
|
||||||
cmd += " -L=" + DATA['LSHOSTNAME']
|
argv.append('-L=' + _check('LSHOSTNAME', DATA['LSHOSTNAME'], _HOSTPART_RE))
|
||||||
|
|
||||||
log.info('sominion_setup_reactor: Command: %s' % cmd)
|
env = os.environ.copy()
|
||||||
rc = call(cmd, shell=True)
|
env['NODETYPE'] = nodetype
|
||||||
|
|
||||||
|
log.info(
|
||||||
|
'sominion_setup_reactor: argv: %s (NODETYPE=%s)',
|
||||||
|
' '.join(shlex.quote(a) for a in argv),
|
||||||
|
shlex.quote(nodetype),
|
||||||
|
)
|
||||||
|
rc = subprocess.call(argv, shell=False, env=env)
|
||||||
|
|
||||||
log.info('sominion_setup_reactor: rc: %s' % rc)
|
log.info('sominion_setup_reactor: rc: %s' % rc)
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user