forked from Narcissus/pylibmeshctrl
Compare commits
7 Commits
fix/runcom
...
developmen
| Author | SHA1 | Date | |
|---|---|---|---|
|
cac746906f | ||
|
|
6290bc7298 | ||
|
|
5975e145a7 | ||
|
|
cd6707a279 | ||
|
|
7b9d82b8e6 | ||
|
|
7cefd24a9d | ||
|
|
cbc1f9223f |
@@ -2,6 +2,21 @@
|
||||
Changelog
|
||||
=========
|
||||
|
||||
version 1.3.3
|
||||
=============
|
||||
|
||||
Improvements:
|
||||
* Dependency bumps
|
||||
|
||||
Bugs:
|
||||
* Fix run_commands having an issue with ignore_output
|
||||
|
||||
version 1.3.2
|
||||
=============
|
||||
|
||||
Improvements:
|
||||
* Fix race condition that could occur when running `run_command` or `run_console_command`
|
||||
|
||||
version 1.3.1
|
||||
=============
|
||||
|
||||
|
||||
@@ -6,7 +6,7 @@ sphinx-jinja2-compat>=0.1.1
|
||||
sphinx-toolbox>=2.16.0
|
||||
# sphinx_rtd_theme
|
||||
cffi~=1.17.1
|
||||
cryptography~=44.0.1
|
||||
pycparser~=2.22
|
||||
websockets~=15.0.0
|
||||
enum_tools
|
||||
cryptography~=46.0.5
|
||||
websockets~=16.0.0
|
||||
BIN
requirements.txt
BIN
requirements.txt
Binary file not shown.
@@ -44,9 +44,9 @@ python_requires = >=3.8
|
||||
# For more information, check out https://semver.org/.
|
||||
install_requires =
|
||||
importlib-metadata
|
||||
cryptography~=44.0.1
|
||||
websockets~=15.0.0
|
||||
python-socks[asyncio]~=2.5.3
|
||||
cryptography~=46.0.5
|
||||
websockets~=16.0.0
|
||||
python-socks[asyncio]~=2.8.1
|
||||
|
||||
|
||||
[options.packages.find]
|
||||
|
||||
@@ -1501,7 +1501,7 @@ class Session(object):
|
||||
if (f"node//{nid}" == id):
|
||||
return nid
|
||||
|
||||
result = None
|
||||
result = {n: {"complete": False, "result": [], "command": command} for n in nodeids}
|
||||
console_result = {n: {"complete": False, "result": [], "command": command} for n in nodeids}
|
||||
reply_result = {n: {"complete": False, "result": [], "command": command} for n in nodeids}
|
||||
async def _console():
|
||||
@@ -1536,49 +1536,52 @@ class Session(object):
|
||||
async def __(command, tg, tasks):
|
||||
nonlocal result
|
||||
responseid = self._generate_response_id("run_command")
|
||||
|
||||
if not ignore_output:
|
||||
reply_task = tg.create_task(asyncio.wait_for(_reply(responseid), timeout=timeout))
|
||||
console_task = tg.create_task(asyncio.wait_for(_console(), timeout=timeout))
|
||||
# We still need to parse the console results because it sends them without namespace, this will likely break older versions of meshcentral
|
||||
console_task = tg.create_task(asyncio.wait_for(_console(), timeout=timeout))
|
||||
data = await self._send_command(command, "run_command", timeout=timeout, responseid=responseid)
|
||||
|
||||
if data.get("type", None) != "runcommands" and data.get("result", "ok").lower() != "ok":
|
||||
raise exceptions.ServerError(data["result"])
|
||||
elif data.get("type", None) != "runcommands" and data.get("result", "ok").lower() == "ok":
|
||||
reply_task.cancel()
|
||||
result = console_result
|
||||
expect_response = False
|
||||
if not ignore_output:
|
||||
userid = (await self.user_info())["_id"]
|
||||
for n in nodeids:
|
||||
device_info = await self.device_info(n, timeout=timeout)
|
||||
try:
|
||||
permissions = device_info.mesh.links.get(userid, {}).get("rights",constants.DeviceRights.norights)\
|
||||
# This should work for device rights, but it only seems to work for mesh rights. Not sure why, but I can't get the events to show up when the user only has individual device rights
|
||||
# |device_info.get("links", {}).get(userid, {}).get("rights", constants.DeviceRights.norights)
|
||||
# If we don't have agentconsole rights, we won't be able te read the output, so fill in blanks on this node
|
||||
if not permissions&constants.DeviceRights.agentconsole:
|
||||
result[n]["complete"] = True
|
||||
else:
|
||||
expect_response = True
|
||||
except AttributeError:
|
||||
reply_task.cancel()
|
||||
result = console_result
|
||||
userid = (await self.user_info())["_id"]
|
||||
for n in nodeids:
|
||||
device_info = await self.device_info(n, timeout=timeout)
|
||||
try:
|
||||
permissions = device_info.mesh.links.get(userid, {}).get("rights",constants.DeviceRights.norights)
|
||||
# This should work for device rights, but it only seems to work for mesh rights. Not sure why, but I can't get the events to show up when the user only has individual device rights
|
||||
# |device_info.get("links", {}).get(userid, {}).get("rights", constants.DeviceRights.norights)
|
||||
# If we don't have agentconsole rights, we won't be able te read the output, so fill in blanks on this node
|
||||
if not permissions&constants.DeviceRights.agentconsole:
|
||||
result[n]["complete"] = True
|
||||
else:
|
||||
expect_response = True
|
||||
except AttributeError:
|
||||
result[n]["complete"] = True
|
||||
if expect_response:
|
||||
tasks.append(console_task)
|
||||
else:
|
||||
console_task.cancel()
|
||||
elif data.get("type", None) == "runcommands" and not ignore_output:
|
||||
result = reply_result
|
||||
elif data.get("type", None) == "runcommands":
|
||||
console_task.cancel()
|
||||
tasks.append(reply_task)
|
||||
else:
|
||||
if not ignore_output:
|
||||
console_task.cancel()
|
||||
reply_task.cancel()
|
||||
result = reply_result
|
||||
tasks.append(reply_task)
|
||||
else:
|
||||
# if not ignore_output:
|
||||
console_task.cancel()
|
||||
reply_task.cancel()
|
||||
raise exceptions.ServerError(f"Unrecognized response: {data}")
|
||||
|
||||
tasks = []
|
||||
async with asyncio.TaskGroup() as tg:
|
||||
tasks.append(tg.create_task(__({ "action": 'runcommands', "nodeids": nodeids, "type": (2 if powershell else 0), "cmds": command, "runAsUser": runAsUser, "reply": not ignore_output}, tg, tasks)))
|
||||
tasks.append(tg.create_task(__({ "action": 'runcommands', "nodeids": nodeids, "type": (2 if powershell else 0), "cmds": command, "runAsUser": runAsUser, "reply": True}, tg, tasks)))
|
||||
|
||||
return {n: v | {"result": "".join(v["result"])} for n,v in result.items()}
|
||||
|
||||
|
||||
@@ -4,7 +4,10 @@ import subprocess
|
||||
import time
|
||||
import json
|
||||
import atexit
|
||||
import pytest
|
||||
try:
|
||||
import pytest
|
||||
except:
|
||||
pass
|
||||
import requests
|
||||
thisdir = os.path.abspath(os.path.dirname(__file__))
|
||||
|
||||
@@ -68,6 +71,9 @@ class TestEnvironment(object):
|
||||
if not self._wait_for_meshcentral():
|
||||
self.__exit__(None, None, None)
|
||||
raise Exception("Failed to create docker instance")
|
||||
if not self._wait_for_client_server():
|
||||
self.__exit__(None, None, None)
|
||||
raise Exception("Failed to create client server")
|
||||
return self
|
||||
|
||||
def _wait_for_meshcentral(self, timeout=30):
|
||||
@@ -90,6 +96,26 @@ class TestEnvironment(object):
|
||||
return False
|
||||
return True
|
||||
|
||||
def _wait_for_client_server(self, timeout=30):
|
||||
start = time.time()
|
||||
while time.time() - start < timeout:
|
||||
try:
|
||||
data = subprocess.check_output(["docker", "inspect", "meshctrl-client", "--format='{{json .State.Health}}'"], cwd=thisdir, stderr=subprocess.DEVNULL)
|
||||
# docker outputs for humans, not computers. This is the easiest way to chop off the ends
|
||||
data = json.loads(data.strip()[1:-1])
|
||||
except Exception as e:
|
||||
time.sleep(1)
|
||||
continue
|
||||
try:
|
||||
if data["Status"] == "healthy":
|
||||
break
|
||||
except:
|
||||
pass
|
||||
time.sleep(1)
|
||||
else:
|
||||
return False
|
||||
return True
|
||||
|
||||
def __exit__(self, exc_t, exc_v, exc_tb):
|
||||
pass
|
||||
|
||||
@@ -112,10 +138,13 @@ def _kill_docker_process():
|
||||
|
||||
atexit.register(_kill_docker_process)
|
||||
|
||||
@pytest.fixture(scope="session")
|
||||
def env():
|
||||
with TestEnvironment() as e:
|
||||
yield e
|
||||
try:
|
||||
@pytest.fixture(scope="session")
|
||||
def env():
|
||||
with TestEnvironment() as e:
|
||||
yield e
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
||||
@@ -9,6 +9,8 @@ services:
|
||||
image: client
|
||||
build:
|
||||
dockerfile: client.dockerfile
|
||||
sysctls:
|
||||
net.ipv6.conf.all.disable_ipv6: 1
|
||||
ports:
|
||||
- 5000:5000
|
||||
depends_on:
|
||||
@@ -20,6 +22,10 @@ services:
|
||||
# - ./meshcentral/mongodb_data:/data/db
|
||||
networks:
|
||||
- meshctrl
|
||||
healthcheck:
|
||||
test: curl --fail http://localhost:5000/ || exit 1
|
||||
interval: 5s
|
||||
timeout: 120s
|
||||
extra_hosts:
|
||||
- "host.docker.internal:host-gateway"
|
||||
|
||||
@@ -28,6 +34,8 @@ services:
|
||||
container_name: meshctrl-meshcentral
|
||||
# use the official meshcentral container
|
||||
image: meshcentral
|
||||
sysctls:
|
||||
net.ipv6.conf.all.disable_ipv6: 1
|
||||
build:
|
||||
dockerfile: meshcentral.dockerfile
|
||||
ports:
|
||||
@@ -55,6 +63,8 @@ services:
|
||||
image: ubuntu/squid:latest
|
||||
restart: unless-stopped
|
||||
container_name: meshctrl-squid
|
||||
sysctls:
|
||||
net.ipv6.conf.all.disable_ipv6: 1
|
||||
ports:
|
||||
- 3128:3128
|
||||
|
||||
|
||||
@@ -1,9 +1,19 @@
|
||||
# Logs are managed by logrotate on Debian
|
||||
logfile_rotate 0
|
||||
|
||||
acl all src all
|
||||
acl to_ipv6 dst ipv6
|
||||
acl from_ipv6 src ipv6
|
||||
|
||||
acl to_ipv4 dst ipv4
|
||||
acl from_ipv4 src ipv4
|
||||
|
||||
#acl all src all
|
||||
acl Safe_ports port 8086
|
||||
acl SSS_ports port 8086
|
||||
http_access allow to_ipv4
|
||||
http_access allow from_ipv4
|
||||
http_access deny to_ipv6
|
||||
http_access deny from_ipv6
|
||||
http_access allow all
|
||||
debug_options ALL,0 85,2 88,2
|
||||
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
FROM ghcr.io/ylianst/meshcentral:1.1.50
|
||||
FROM ghcr.io/ylianst/meshcentral:1.1.56
|
||||
RUN apk add curl
|
||||
RUN apk add python3
|
||||
WORKDIR /opt/meshcentral/
|
||||
|
||||
@@ -62,7 +62,7 @@ def remove_agent(agentid):
|
||||
|
||||
@api.route('/', methods=['GET'])
|
||||
def slash():
|
||||
return [_["id"] for _ in agents]
|
||||
return [value["id"] for key, value in agents.items()]
|
||||
|
||||
if __name__ == '__main__':
|
||||
api.run()
|
||||
@@ -1,6 +1,6 @@
|
||||
requests
|
||||
pytest-asyncio
|
||||
cffi==1.17.1
|
||||
cryptography~=44.0.1
|
||||
pycparser==2.22
|
||||
websockets~=15.0.0
|
||||
cryptography~=46.0.5
|
||||
websockets~=16.0.0
|
||||
@@ -251,6 +251,12 @@ async def test_mesh_device(env):
|
||||
assert "Run commands completed." not in r[agent2.nodeid]["result"], "Didn't parse run command ending correctly"
|
||||
assert "meshagent" in (await privileged_session.run_command(agent.nodeid, "ls", timeout=10))[agent.nodeid]["result"], "ls gave incorrect data"
|
||||
|
||||
# Test run_commands ignore output
|
||||
r = await admin_session.run_command([agent.nodeid, agent2.nodeid], "ls", ignore_output=True, timeout=10)
|
||||
print("\ninfo run_command ignore_output: {}\n".format(r))
|
||||
assert r[agent.nodeid]["result"] == '', "Ignore output returned an output"
|
||||
assert r[agent2.nodeid]["result"] == '', "Ignore output returned an output"
|
||||
|
||||
# Test run_commands missing device
|
||||
try:
|
||||
await admin_session.run_command([agent.nodeid, "notanid"], "ls", timeout=10)
|
||||
@@ -259,11 +265,18 @@ async def test_mesh_device(env):
|
||||
else:
|
||||
raise Exception("Run command on a device that doesn't exist did not raise an exception")
|
||||
|
||||
# Test run_console_command
|
||||
r = await admin_session.run_console_command([agent.nodeid, agent2.nodeid], "info", timeout=10)
|
||||
print("\ninfo run_console_command: {}\n".format(r))
|
||||
assert agent.nodeid in r[agent.nodeid]["result"], "Run console command gave bad response"
|
||||
assert agent2.nodeid in r[agent2.nodeid]["result"], "Run console command gave bad response"
|
||||
|
||||
# Test run_console_command ignore output
|
||||
r = await admin_session.run_console_command([agent.nodeid, agent2.nodeid], "info", timeout=10, ignore_output=True)
|
||||
print("\ninfo run_console_command ignore_output: {}\n".format(r))
|
||||
assert r[agent.nodeid]["result"] == '', "Ignore output returned an output"
|
||||
assert r[agent2.nodeid]["result"] == '', "Ignore output returned an output"
|
||||
|
||||
# Test run_commands missing device
|
||||
try:
|
||||
await admin_session.run_console_command([agent.nodeid, "notanid"], "info", timeout=10)
|
||||
|
||||
Reference in New Issue
Block a user