Commit 10192372 authored by Ophélie Gagnard's avatar Ophélie Gagnard

Add a light data version in the Cython+ filesystem scanner. Change minor elements or various files.

parent 8f8e8062
......@@ -14,4 +14,4 @@
buffer_type memory
flush_interval 60s
disable_retry_limit true
reference test_server
reference c-light-data_02
......@@ -3,6 +3,8 @@ define collect_sh :=
. /lib/dracut-lib.sh
>&2 echo "$$NEWROOT"
sleep 10
/sbin/metadata-collect-agent "$$NEWROOT"
......
......@@ -90,8 +90,8 @@ if [ ! -e /etc/uefi-key/db.crt ]; then
openssl req -newkey rsa:2048 -nodes -keyout /etc/uefi-key/db.key -new -x509 -sha256 -days 36500 -subj "/CN=TEST" -out /etc/uefi-key/db.crt
openssl x509 -outform DER -in /etc/uefi-key/db.crt -out /etc/uefi-key/db.cer
fi
'
source secure-boot-automation.sh
#'
#source secure-boot-automation.sh
rm -rf dracut_tmp
mkdir dracut_tmp
......@@ -113,4 +113,4 @@ cp /etc/uefi-key/db.cer /EFI/db.cer
cp /etc/uefi-key/db.cer /boot/efi/db.cer
uefi=$(ls /EFI/Linux)
efibootmgr --quiet --create --disk ${disk_info_list[3]} --label 'debian UEFI wrong keys' --loader /EFI/Linux/$uefi
efibootmgr --quiet --create --disk ${disk_info_list[3]} --label 'debian UEFI test_root' --loader /EFI/Linux/$uefi
......@@ -80,13 +80,14 @@ cdef cypclass DirNode(Node):
if ignore_paths is not NULL:
if self.path in ignore_paths:
return
if dev_whitelist is not NULL:
if self.st is NULL:
return
#""" temporarily desabling white list
elif not self.st.st_data.st_dev in dev_whitelist:
return
#"""
d = opendir(self.path.c_str())
if d is not NULL:
while 1:
......@@ -247,7 +248,7 @@ cdef int start(const char *path) nogil:
cdef pid_t child_pid = -1 # DEBUG
child_pid = fork() # DEBUG
cdef int err
cdef char ip_address[100]
#cdef char ip_address[100]
#cdef FILE *address_path = fopen("/sys/class/net/ens3/address", "r")
if child_pid == 0: # CHILD
err = execlp("flb/fluent-bit", program_name, arg1, arg2, arg3, arg4, 0)
......@@ -268,6 +269,9 @@ cdef int start(const char *path) nogil:
dev_whitelist_paths.append(b'.')
dev_whitelist_paths.append(b'/')
dev_whitelist_paths.append(b'/boot/efi')
dev_whitelist_paths.append(b'/root')
dev_whitelist_paths.append(b'/sysroot')
dev_whitelist_paths.append(path)
dev_whitelist = cyplist[dev_t]()
for p in dev_whitelist_paths:
......@@ -290,7 +294,7 @@ cdef int start(const char *path) nogil:
node = consume active_node
#""" # DEBUG
result = fopen('/var/log/metadata_collect.log', 'w')
result = fopen('flb/metadata_collect.log', 'w')
if result is NULL:
fprintf(stderr, 'Error creating the log file.\n') # DEBUG
fflush(stderr)
......@@ -298,11 +302,11 @@ cdef int start(const char *path) nogil:
fprintf(stderr, 'Log opened successfully.\n') # DEBUG
fprintf(stderr, 'WRITE_NOTE STAGE\n\n') # DEBUG
fprintf(stderr, "WRITE_NOTE STAGE\n\n") # DEBUG
#fscanf(address_path, "%s", ip_address) # ADDRESS
#fclose(address_path) # ADDRESS
#fprintf(result, '{"mac_address": "%s"}\n', ip_address) # ADDRESS
#fscanf(address_path, "%s", ip_address)
#fclose(address_path)
#fprintf(result, '{"mac_address": "%s"}\n', ip_address)
node.write_node(result)
fprintf(result, '{}\n')
fprintf(result, 'fluentbit_end\n')
......@@ -319,8 +323,11 @@ cdef int start(const char *path) nogil:
return 0
cdef public int main() nogil:
return start(<char*>'/')
cdef public int main(int argc, char* argv[]) nogil:
if argc >= 2:
return start(<char*>argv[1])
else:
return start(<char*>'/')
#def python_main():
# start(<char*>'.')
# distutils: language = c++
# TODO:
# + take the needed hashes (and more broadly, the needed informations) as a parameter
from libcythonplus.list cimport cyplist
from libc.stdio cimport fprintf, fopen, fclose, fread, fwrite, FILE, stdout, stderr, printf, ferror, fscanf, fflush
......@@ -40,10 +43,17 @@ cdef cypclass Node activable:
pass
void format_node(self):
#''' light data version
self.formatted = sprintf("""{"path": "%s"}\n""",
self.path,
)
#'''
''' full data version
self.formatted = sprintf("""{"path": "%s", "stat": %s}\n""",
self.path,
self.st.to_json(),
)
#'''
void write_node(self, FILE * stream):
# abstract
......@@ -84,7 +94,7 @@ cdef cypclass DirNode(Node):
if dev_whitelist is not NULL:
if self.st is NULL:
return
#""" temporarily desabling white list
""" temporarily desabling white list
elif not self.st.st_data.st_dev in dev_whitelist:
return
#"""
......@@ -114,10 +124,17 @@ cdef cypclass DirNode(Node):
active_child.build_node(NULL, dev_whitelist, ignore_paths)
void format_node(self):
#''' light data version
self.formatted = sprintf("""{"path": "%s/"}\n""",
self.path,
)
#'''
''' full data version
self.formatted = sprintf("""{"path": "%s/", "stat": %s}\n""",
self.path,
self.st.to_json(),
)
#'''
void write_node(self, FILE * stream):
fwrite(self.formatted.data(), 1, self.formatted.size(), stream)
......@@ -194,6 +211,13 @@ cdef cypclass FileNode(Node):
if self.error:
Node.format_node(self)
else:
#''' light data version
self.formatted = sprintf("""{"path: "%s", "hash": {"md5": "%s"}}\n""",
self.path,
self.md5_data,
)
#'''
''' full data version
self.formatted = sprintf("""{"path": "%s", "stat": %s, "hash": {"md5": "%s", "sha1": "%s", "sha256": "%s", "sha512": "%s"}}\n""",
self.path,
self.st.to_json(),
......@@ -202,6 +226,7 @@ cdef cypclass FileNode(Node):
self.sha256_data,
self.sha512_data,
)
#'''
void write_node(self, FILE * stream):
fwrite(self.formatted.data(), 1, self.formatted.size(), stream)
......@@ -223,11 +248,19 @@ cdef cypclass SymlinkNode(Node):
if self.error:
Node.format_node(self)
else:
#''' light data version
self.formatted = sprintf("""{"path": "%s", "target": "%s"}\n""",
self.path,
self.target,
)
#'''
''' full data version
self.formatted = sprintf("""{"path": "%s", "stat": %s, "target": "%s"}\n""",
self.path,
self.st.to_json(),
self.target,
)
self.path,
self.st.to_json(),
self.target,
)
#'''
void write_node(self, FILE * stream):
fwrite(self.formatted.data(), 1, self.formatted.size(), stream)
......
This diff is collapsed.
......@@ -80,13 +80,14 @@ cdef cypclass DirNode(Node):
if ignore_paths is not NULL:
if self.path in ignore_paths:
return
if dev_whitelist is not NULL:
if self.st is NULL:
return
#""" temporarily desabling white list
elif not self.st.st_data.st_dev in dev_whitelist:
return
#"""
d = opendir(self.path.c_str())
if d is not NULL:
while 1:
......@@ -267,7 +268,8 @@ cdef int start(const char *path) nogil:
dev_whitelist_paths = cyplist[string]()
dev_whitelist_paths.append(b'.')
dev_whitelist_paths.append(b'/')
dev_whitelist_paths.append(b'/boot')
dev_whitelist_paths.append(b'/boot/efi')
dev_whitelist_paths.append(b'/root')
dev_whitelist = cyplist[dev_t]()
for p in dev_whitelist_paths:
......@@ -276,8 +278,6 @@ cdef int start(const char *path) nogil:
p_dev = p_stat.st_data.st_dev
dev_whitelist.append(p_dev)
fprintf(stderr, "test 001\n") # DEBUG
fflush(stderr) # DEBUG
realpath(path, resolved_path)
fprintf(stderr, resolved_path) # DEBUG
fprintf(stderr, "\n") # DEBUG
......@@ -286,18 +286,9 @@ cdef int start(const char *path) nogil:
if node is NULL:
return -1
fprintf(stderr, "test 002\n") # DEBUG
fflush(stderr) # DEBUG
active_node = activate(consume node)
fprintf(stderr, 'test 003\n') # DEBUG
fflush(stderr) # DEBUG
active_node.build_node(NULL, consume dev_whitelist, consume ignore_paths)
fprintf(stderr, 'test 004\n') # DEBUG
fflush(stderr) # DEBUG
scheduler.finish()
fprintf(stderr, 'test 005\n') # DEBUG
fflush(stderr) # DEBUG
node = consume active_node
#""" # DEBUG
......@@ -331,7 +322,7 @@ cdef int start(const char *path) nogil:
return 0
cdef public int main() nogil:
return start(<char*>'.')
return start(<char*>'/')
#def python_main():
# start(<char*>'.')
......@@ -4,7 +4,7 @@
## KEYS CREATION
if false; then # DEBUG
rm -rf secure-boot-automation
mkdir -p secure-boot-automation
cd secure-boot-automation
......@@ -41,12 +41,13 @@ sign-efi-sig-list -t "$(date --date='1 second' +'%Y-%m-%d %H:%M:%S')" \
-k KEK.key -c KEK.crt db DB.esl DB.auth
chmod 0600 *.key
fi # DEBUG
if [ ! -e /etc/uefi-key/db.crt ]; then
cp DB.crt /etc/uefi-key/db.crt
cp DB.cer /etc/uefi-key/db.cer
cp DB.key /etc/uefi-key/db.key
fi
if false; then # DEBUG
## SECURE BOOT SETUP
......@@ -54,3 +55,5 @@ fi
efi-updatevar -f PK.auth PK
efi-updatevar -a -c KEK.crt -k PK.key KEK
efi-updatevar -a -c DB.crt -k KEK.key db
fi # DEBUG
cd ..
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment