forked from p15670423/monkey
Merge branch 'environment-config-section' into develop
This commit is contained in:
commit
3205d8344c
|
@ -28,6 +28,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- Zerologon exploiter writes runtime artifacts to a secure temporary directory
|
||||
instead of $HOME. #1143
|
||||
- Authentication mechanism to use bcrypt on server side. #1139
|
||||
- `server_config.json` puts environment config options in a separate section
|
||||
named "environment". #1161
|
||||
|
||||
### Removed
|
||||
- Relevant dead code as reported by Vulture. #1149
|
||||
|
|
|
@ -166,7 +166,6 @@ copy_monkey_island_to_appdir() {
|
|||
cp -r "$1"/common "$INSTALL_DIR/"
|
||||
cp -r "$1"/monkey_island "$INSTALL_DIR/"
|
||||
cp ./run_appimage.sh "$INSTALL_DIR"/monkey_island/linux/
|
||||
cp ./island_logger_config.json "$INSTALL_DIR"/
|
||||
cp ./server_config.json.standard "$INSTALL_DIR"/monkey_island/cc/
|
||||
|
||||
# TODO: This is a workaround that may be able to be removed after PR #848 is
|
||||
|
|
|
@ -3,12 +3,6 @@
|
|||
PYTHON_CMD="$APPDIR"/opt/python3.7/bin/python3.7
|
||||
DOT_MONKEY="$HOME"/.monkey_island/
|
||||
|
||||
configure_default_logging() {
|
||||
if [ ! -f "$DOT_MONKEY"/island_logger_config.json ]; then
|
||||
cp "$APPDIR"/usr/src/island_logger_config.json "$DOT_MONKEY"
|
||||
fi
|
||||
}
|
||||
|
||||
configure_default_server() {
|
||||
if [ ! -f "$DOT_MONKEY"/server_config.json ]; then
|
||||
cp "$APPDIR"/usr/src/monkey_island/cc/server_config.json.standard "$DOT_MONKEY"/server_config.json
|
||||
|
@ -21,9 +15,8 @@ mkdir --mode=0700 --parents "$DOT_MONKEY"
|
|||
DB_DIR="$DOT_MONKEY"/db
|
||||
mkdir --parents "$DB_DIR"
|
||||
|
||||
configure_default_logging
|
||||
configure_default_server
|
||||
|
||||
cd "$APPDIR"/usr/src || exit 1
|
||||
./monkey_island/bin/mongodb/bin/mongod --dbpath "$DB_DIR" &
|
||||
${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json --logger-config "$DOT_MONKEY"/island_logger_config.json
|
||||
${PYTHON_CMD} ./monkey_island.py --server-config "$DOT_MONKEY"/server_config.json
|
||||
|
|
|
@ -1,5 +1,8 @@
|
|||
{
|
||||
"server_config": "password",
|
||||
"deployment": "standard",
|
||||
"data_dir": "~/.monkey_island"
|
||||
"data_dir": "~/.monkey_island",
|
||||
"log_level": "DEBUG",
|
||||
"environment": {
|
||||
"server_config": "password",
|
||||
"deployment": "standard"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -32,4 +32,4 @@ if "__main__" == __name__:
|
|||
|
||||
from monkey_island.cc.main import main # noqa: E402
|
||||
|
||||
main(island_args.setup_only, island_args.server_config)
|
||||
main(config["data_dir"], island_args.setup_only, island_args.server_config)
|
||||
|
|
|
@ -9,7 +9,6 @@ import monkey_island.cc.environment.server_config_generator as server_config_gen
|
|||
from monkey_island.cc.environment.user_creds import UserCreds
|
||||
from monkey_island.cc.resources.auth.auth_user import User
|
||||
from monkey_island.cc.resources.auth.user_store import UserStore
|
||||
from monkey_island.cc.server_utils.consts import DEFAULT_DATA_DIR
|
||||
|
||||
|
||||
class EnvironmentConfig:
|
||||
|
@ -19,7 +18,6 @@ class EnvironmentConfig:
|
|||
self.deployment = None
|
||||
self.user_creds = None
|
||||
self.aws = None
|
||||
self.data_dir = None
|
||||
|
||||
self._load_from_file(self._server_config_path)
|
||||
|
||||
|
@ -35,31 +33,29 @@ class EnvironmentConfig:
|
|||
|
||||
def _load_from_json(self, config_json: str) -> EnvironmentConfig:
|
||||
data = json.loads(config_json)
|
||||
self._load_from_dict(data)
|
||||
self._load_from_dict(data["environment"])
|
||||
|
||||
def _load_from_dict(self, dict_data: Dict):
|
||||
aws = dict_data["aws"] if "aws" in dict_data else None
|
||||
data_dir = dict_data["data_dir"] if "data_dir" in dict_data else DEFAULT_DATA_DIR
|
||||
|
||||
self.server_config = dict_data["server_config"]
|
||||
self.deployment = dict_data["deployment"]
|
||||
self.user_creds = _get_user_credentials_from_config(dict_data)
|
||||
self.aws = aws
|
||||
self.data_dir = data_dir
|
||||
|
||||
@property
|
||||
def data_dir_abs_path(self):
|
||||
return os.path.abspath(os.path.expanduser(os.path.expandvars(self.data_dir)))
|
||||
|
||||
def save_to_file(self):
|
||||
with open(self._server_config_path, "r") as f:
|
||||
config = json.load(f)
|
||||
|
||||
config["environment"] = self.to_dict()
|
||||
|
||||
with open(self._server_config_path, "w") as f:
|
||||
f.write(json.dumps(self.to_dict(), indent=2))
|
||||
f.write(json.dumps(config, indent=2))
|
||||
|
||||
def to_dict(self) -> Dict:
|
||||
config_dict = {
|
||||
"server_config": self.server_config,
|
||||
"deployment": self.deployment,
|
||||
"data_dir": self.data_dir,
|
||||
}
|
||||
if self.aws:
|
||||
config_dict.update({"aws": self.aws})
|
||||
|
|
|
@ -34,10 +34,13 @@ from monkey_island.cc.setup import setup # noqa: E402
|
|||
MINIMUM_MONGO_DB_VERSION_REQUIRED = "4.2.0"
|
||||
|
||||
|
||||
def main(should_setup_only=False, server_config_filename=DEFAULT_SERVER_CONFIG_PATH):
|
||||
def main(
|
||||
data_dir,
|
||||
should_setup_only=False,
|
||||
server_config_filename=DEFAULT_SERVER_CONFIG_PATH,
|
||||
):
|
||||
logger.info("Starting bootloader server")
|
||||
|
||||
data_dir = env_singleton.env.get_config().data_dir_abs_path
|
||||
env_singleton.initialize_from_file(server_config_filename)
|
||||
initialize_encryptor(data_dir)
|
||||
initialize_services(data_dir)
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
{
|
||||
"server_config": "password",
|
||||
"deployment": "develop",
|
||||
"log_level": "DEBUG"
|
||||
"log_level": "DEBUG",
|
||||
"environment": {
|
||||
"server_config": "password",
|
||||
"deployment": "develop"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -38,16 +38,6 @@ def standard_with_credentials(environment_resources_dir):
|
|||
return os.path.join(environment_resources_dir, "server_config_standard_with_credentials.json")
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def with_data_dir(environment_resources_dir):
|
||||
return os.path.join(environment_resources_dir, "server_config_with_data_dir.json")
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def with_data_dir_home(environment_resources_dir):
|
||||
return os.path.join(environment_resources_dir, "server_config_with_data_dir_home.json")
|
||||
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def server_config_resources_dir(resources_dir):
|
||||
return os.path.join(resources_dir, "server_configs")
|
||||
|
|
|
@ -6,7 +6,6 @@ import pytest
|
|||
|
||||
from monkey_island.cc.environment.environment_config import EnvironmentConfig
|
||||
from monkey_island.cc.environment.user_creds import UserCreds
|
||||
from monkey_island.cc.server_utils.consts import DEFAULT_DATA_DIR
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
|
@ -17,31 +16,28 @@ def config_file(tmpdir):
|
|||
def test_get_with_credentials(with_credentials):
|
||||
config_dict = EnvironmentConfig(with_credentials).to_dict()
|
||||
|
||||
assert len(config_dict.keys()) == 5
|
||||
assert len(config_dict.keys()) == 4
|
||||
assert config_dict["server_config"] == "password"
|
||||
assert config_dict["deployment"] == "develop"
|
||||
assert config_dict["user"] == "test"
|
||||
assert config_dict["password_hash"] == "abcdef"
|
||||
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
|
||||
|
||||
|
||||
def test_get_with_no_credentials(no_credentials):
|
||||
config_dict = EnvironmentConfig(no_credentials).to_dict()
|
||||
|
||||
assert len(config_dict.keys()) == 3
|
||||
assert len(config_dict.keys()) == 2
|
||||
assert config_dict["server_config"] == "password"
|
||||
assert config_dict["deployment"] == "develop"
|
||||
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
|
||||
|
||||
|
||||
def test_get_with_partial_credentials(partial_credentials):
|
||||
config_dict = EnvironmentConfig(partial_credentials).to_dict()
|
||||
|
||||
assert len(config_dict.keys()) == 4
|
||||
assert len(config_dict.keys()) == 3
|
||||
assert config_dict["server_config"] == "password"
|
||||
assert config_dict["deployment"] == "develop"
|
||||
assert config_dict["user"] == "test"
|
||||
assert config_dict["data_dir"] == DEFAULT_DATA_DIR
|
||||
|
||||
|
||||
def test_save_to_file(config_file, standard_with_credentials):
|
||||
|
@ -54,13 +50,28 @@ def test_save_to_file(config_file, standard_with_credentials):
|
|||
with open(config_file, "r") as f:
|
||||
from_file = json.load(f)
|
||||
|
||||
assert len(from_file.keys()) == 6
|
||||
assert from_file["server_config"] == "standard"
|
||||
assert from_file["deployment"] == "develop"
|
||||
assert from_file["user"] == "test"
|
||||
assert from_file["password_hash"] == "abcdef"
|
||||
assert from_file["aws"] == "test_aws"
|
||||
assert from_file["data_dir"] == DEFAULT_DATA_DIR
|
||||
assert len(from_file.keys()) == 2
|
||||
assert len(from_file["environment"].keys()) == 5
|
||||
assert from_file["environment"]["server_config"] == "standard"
|
||||
assert from_file["environment"]["deployment"] == "develop"
|
||||
assert from_file["environment"]["user"] == "test"
|
||||
assert from_file["environment"]["password_hash"] == "abcdef"
|
||||
assert from_file["environment"]["aws"] == "test_aws"
|
||||
|
||||
|
||||
def test_save_to_file_preserve_log_level(config_file, standard_with_credentials):
|
||||
shutil.copyfile(standard_with_credentials, config_file)
|
||||
|
||||
environment_config = EnvironmentConfig(config_file)
|
||||
environment_config.aws = "test_aws"
|
||||
environment_config.save_to_file()
|
||||
|
||||
with open(config_file, "r") as f:
|
||||
from_file = json.load(f)
|
||||
|
||||
assert len(from_file.keys()) == 2
|
||||
assert "log_level" in from_file
|
||||
assert from_file["log_level"] == "NOTICE"
|
||||
|
||||
|
||||
def test_add_user(config_file, standard_with_credentials):
|
||||
|
@ -76,9 +87,9 @@ def test_add_user(config_file, standard_with_credentials):
|
|||
with open(config_file, "r") as f:
|
||||
from_file = json.load(f)
|
||||
|
||||
assert len(from_file.keys()) == 5
|
||||
assert from_file["user"] == new_user
|
||||
assert from_file["password_hash"] == new_password_hash
|
||||
assert len(from_file["environment"].keys()) == 4
|
||||
assert from_file["environment"]["user"] == new_user
|
||||
assert from_file["environment"]["password_hash"] == new_password_hash
|
||||
|
||||
|
||||
def test_get_users(standard_with_credentials):
|
||||
|
@ -101,20 +112,3 @@ def test_generate_default_file(config_file):
|
|||
assert environment_config.user_creds.username == ""
|
||||
assert environment_config.user_creds.password_hash == ""
|
||||
assert environment_config.aws is None
|
||||
assert environment_config.data_dir == DEFAULT_DATA_DIR
|
||||
|
||||
|
||||
def test_data_dir(with_data_dir):
|
||||
environment_config = EnvironmentConfig(with_data_dir)
|
||||
assert environment_config.data_dir == "/test/data/dir"
|
||||
|
||||
|
||||
def set_home_env(monkeypatch, tmpdir):
|
||||
monkeypatch.setenv("HOME", str(tmpdir))
|
||||
|
||||
|
||||
def test_data_dir_abs_path_from_file(monkeypatch, tmpdir, with_data_dir_home):
|
||||
set_home_env(monkeypatch, tmpdir)
|
||||
|
||||
config = EnvironmentConfig(with_data_dir_home)
|
||||
assert config.data_dir_abs_path == os.path.join(tmpdir, "data_dir")
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
{
|
||||
"server_config": "password",
|
||||
"deployment": "develop"
|
||||
"environment" : {
|
||||
"server_config": "password",
|
||||
"deployment": "develop"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
{
|
||||
"server_config": "password",
|
||||
"deployment": "develop",
|
||||
"user": "test"
|
||||
"environment" : {
|
||||
"server_config": "password",
|
||||
"deployment": "develop",
|
||||
"user": "test"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
{
|
||||
"server_config": "standard",
|
||||
"deployment": "develop"
|
||||
"environment" : {
|
||||
"server_config": "standard",
|
||||
"deployment": "develop"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
{
|
||||
"log_level": "NOTICE",
|
||||
"environment" : {
|
||||
"server_config": "standard",
|
||||
"deployment": "develop",
|
||||
"user": "test",
|
||||
"password_hash": "abcdef"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{
|
||||
"environment" : {
|
||||
"server_config": "password",
|
||||
"deployment": "develop",
|
||||
"user": "test",
|
||||
"password_hash": "abcdef"
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,7 +0,0 @@
|
|||
{
|
||||
"server_config": "password",
|
||||
"deployment": "develop",
|
||||
"user": "test",
|
||||
"password_hash": "abcdef",
|
||||
"data_dir": "/test/data/dir"
|
||||
}
|
|
@ -1,7 +0,0 @@
|
|||
{
|
||||
"server_config": "password",
|
||||
"deployment": "develop",
|
||||
"user": "test",
|
||||
"password_hash": "abcdef",
|
||||
"data_dir": "~/data_dir"
|
||||
}
|
Loading…
Reference in New Issue