initial commit after bringing over cleaned up code and testing some examples

daemon/core/services/security.py

@@ -1,83 +1,75 @@
-#
-# CORE - define security services : vpnclient, vpnserver, ipsec and firewall
-#
-# Copyright (c)2011-2012 the Boeing Company.
-# See the LICENSE file included in this distribution.
-#
-''' 
-security.py: defines security services (vpnclient, vpnserver, ipsec and 
+"""
+security.py: defines security services (vpnclient, vpnserver, ipsec and
 firewall)
-'''
+"""
 
-import os
+from core import constants
+from core.misc import log
+from core.service import CoreService
+from core.service import ServiceManager
+
+logger = log.get_logger(__name__)
 
-from core.service import CoreService, addservice
-from core.constants import *
 
 class VPNClient(CoreService):
-    ''' 
-    '''
     _name = "VPNClient"
     _group = "Security"
-    _configs = ('vpnclient.sh', )
+    _configs = ('vpnclient.sh',)
     _startindex = 60
     _startup = ('sh vpnclient.sh',)
     _shutdown = ("killall openvpn",)
-    _validate = ("pidof openvpn", )
+    _validate = ("pidof openvpn",)
     _custom_needed = True
 
     @classmethod
     def generateconfig(cls, node, filename, services):
-        ''' Return the client.conf and vpnclient.sh file contents to
-        '''
+        """
+        Return the client.conf and vpnclient.sh file contents to
+        """
         cfg = "#!/bin/sh\n"
         cfg += "# custom VPN Client configuration for service (security.py)\n"
-        fname = "%s/examples/services/sampleVPNClient" % CORE_DATA_DIR
+        fname = "%s/examples/services/sampleVPNClient" % constants.CORE_DATA_DIR
+
         try:
             cfg += open(fname, "rb").read()
-        except e:
-            print "Error opening VPN client configuration template (%s): %s" % \
-                    (fname, e)
+        except IOError:
+            logger.exception("Error opening VPN client configuration template (%s)", fname)
+
         return cfg
 
-# this line is required to add the above class to the list of available services
-addservice(VPNClient)
 
 class VPNServer(CoreService):
-    ''' 
-    '''
     _name = "VPNServer"
     _group = "Security"
-    _configs = ('vpnserver.sh', )
+    _configs = ('vpnserver.sh',)
     _startindex = 50
     _startup = ('sh vpnserver.sh',)
     _shutdown = ("killall openvpn",)
-    _validate = ("pidof openvpn", )
+    _validate = ("pidof openvpn",)
     _custom_needed = True
 
     @classmethod
     def generateconfig(cls, node, filename, services):
-        ''' Return the sample server.conf and vpnserver.sh file contents to
-            GUI for user customization.
-        '''
+        """
+        Return the sample server.conf and vpnserver.sh file contents to
+        GUI for user customization.
+        """
         cfg = "#!/bin/sh\n"
         cfg += "# custom VPN Server Configuration for service (security.py)\n"
-        fname = "%s/examples/services/sampleVPNServer" % CORE_DATA_DIR
+        fname = "%s/examples/services/sampleVPNServer" % constants.CORE_DATA_DIR
+
         try:
             cfg += open(fname, "rb").read()
-        except e:
-            print "Error opening VPN server configuration template (%s): %s" % \
-                    (fname, e)
+        except IOError:
+            logger.exception("Error opening VPN server configuration template (%s)", fname)
+
         return cfg
 
-addservice(VPNServer)
 
 class IPsec(CoreService):
-    '''
-    '''
     _name = "IPsec"
     _group = "Security"
-    _configs = ('ipsec.sh', )
+    _configs = ('ipsec.sh',)
     _startindex = 60
     _startup = ('sh ipsec.sh',)
     _shutdown = ("killall racoon",)
@@ -85,45 +77,51 @@ class IPsec(CoreService):
 
     @classmethod
     def generateconfig(cls, node, filename, services):
-        ''' Return the ipsec.conf and racoon.conf file contents to
-            GUI for user customization.
-        '''
+        """
+        Return the ipsec.conf and racoon.conf file contents to
+        GUI for user customization.
+        """
         cfg = "#!/bin/sh\n"
         cfg += "# set up static tunnel mode security assocation for service "
         cfg += "(security.py)\n"
-        fname = "%s/examples/services/sampleIPsec" % CORE_DATA_DIR
+        fname = "%s/examples/services/sampleIPsec" % constants.CORE_DATA_DIR
+
         try:
             cfg += open(fname, "rb").read()
-        except e:
-            print "Error opening IPsec configuration template (%s): %s" % \
-                    (fname, e)
+        except IOError:
+            logger.exception("Error opening IPsec configuration template (%s)", fname)
+
         return cfg
 
-addservice(IPsec)
 
 class Firewall(CoreService):
-    ''' 
-    '''
     _name = "Firewall"
     _group = "Security"
-    _configs = ('firewall.sh', )
+    _configs = ('firewall.sh',)
     _startindex = 20
     _startup = ('sh firewall.sh',)
     _custom_needed = True
 
     @classmethod
     def generateconfig(cls, node, filename, services):
-        ''' Return the firewall rule examples to GUI for user customization.
-        '''
+        """
+        Return the firewall rule examples to GUI for user customization.
+        """
         cfg = "#!/bin/sh\n"
         cfg += "# custom node firewall rules for service (security.py)\n"
-        fname = "%s/examples/services/sampleFirewall" % CORE_DATA_DIR
+        fname = "%s/examples/services/sampleFirewall" % constants.CORE_DATA_DIR
+
         try:
             cfg += open(fname, "rb").read()
-        except e:
-            print "Error opening Firewall configuration template (%s): %s" % \
-                    (fname, e)
+        except IOError:
+            logger.exception("Error opening Firewall configuration template (%s)", fname)
+
         return cfg
 
-addservice(Firewall)
 
+def load_services():
+    # this line is required to add the above class to the list of available services
+    ServiceManager.add(VPNClient)
+    ServiceManager.add(VPNServer)
+    ServiceManager.add(IPsec)
+    ServiceManager.add(Firewall)