Esempio n. 1
0
bool GenericAgentCheckPolicy(GenericAgentConfig *config, bool force_validation, bool write_validated_file)
{
    if (!MissingInputFile(config->input_file))
    {
        {
            if (config->agent_type == AGENT_TYPE_SERVER ||
                config->agent_type == AGENT_TYPE_MONITOR ||
                config->agent_type == AGENT_TYPE_EXECUTOR)
            {
                time_t validated_at = ReadTimestampFromPolicyValidatedFile(config, NULL);
                config->agent_specific.daemon.last_validated_at = validated_at;
            }
        }

        if (IsPolicyPrecheckNeeded(config, force_validation))
        {
            bool policy_check_ok = GenericAgentArePromisesValid(config);
            if (policy_check_ok && write_validated_file)
            {
                GenericAgentTagReleaseDirectory(config,
                                                NULL, // use GetAutotagDir
                                                write_validated_file, // true
                                                GetAmPolicyHub(GetWorkDir())); // write release ID?
            }

            if (config->agent_specific.agent.bootstrap_policy_server && !policy_check_ok)
            {
                Log(LOG_LEVEL_VERBOSE, "Policy is not valid, but proceeding with bootstrap");
                return true;
            }

            return policy_check_ok;
        }
        else
        {
            Log(LOG_LEVEL_VERBOSE, "Policy is already validated");
            return true;
        }
    }
    return false;
}
Esempio n. 2
0
bool GenericAgentCheckPolicy(GenericAgentConfig *config, bool force_validation)
{
    if (!MissingInputFile(config->input_file))
    {
        if (IsPolicyPrecheckNeeded(config, force_validation))
        {
            bool policy_check_ok = GenericAgentCheckPromises(config);

            if (config->agent_specific.agent.bootstrap_policy_server && !policy_check_ok)
            {
                Log(LOG_LEVEL_VERBOSE, "Policy is not valid, but proceeding with bootstrap");
                return true;
            }

            return policy_check_ok;
        }
        else
        {
            Log(LOG_LEVEL_VERBOSE, "Policy is already validated");
            return true;
        }
    }
    return false;
}
Esempio n. 3
0
void GenericInitialize(int argc,char **argv,char *agents)

{ enum cfagenttype ag = Agent2Type(agents);
  char vbuff[CF_BUFSIZE];
  int ok = false;

#ifdef HAVE_NOVA
CF_DEFAULT_DIGEST = cf_sha256;
CF_DEFAULT_DIGEST_LEN = CF_SHA256_LEN;
#else
CF_DEFAULT_DIGEST = cf_md5;
CF_DEFAULT_DIGEST_LEN = CF_MD5_LEN;
#endif
 
InitializeGA(argc,argv);

SetReferenceTime(true);
SetStartTime(false);
SetSignals();
SanitizeEnvironment();

strcpy(THIS_AGENT,CF_AGENTTYPES[ag]);
NewClass(THIS_AGENT);
THIS_AGENT_TYPE = ag;

// need scope sys to set vars in expiry function
SetNewScope("sys");

if (EnterpriseExpiry())
   {
   CfOut(cf_error,"","Cfengine - autonomous configuration engine. This enterprise license is invalid.\n");
   exit(1);
   }

if (AM_NOVA)
   {
   CfOut(cf_verbose,""," -> This is CFE Nova\n");
   }

if (AM_CONSTELLATION)
   {
   CfOut(cf_verbose,""," -> This is CFE Constellation\n");
   }

NewScope("const");
NewScope("match");
NewScope("mon");
GetNameInfo3();
CfGetInterfaceInfo(ag);

if (ag != cf_know)
   {
   Get3Environment();
   BuiltinClasses();
   OSClasses();
   }

LoadPersistentContext();
LoadSystemConstants();

snprintf(vbuff,CF_BUFSIZE,"control_%s",THIS_AGENT);
SetNewScope(vbuff);
NewScope("this");
NewScope("match");

if (BOOTSTRAP)
   {
   CheckAutoBootstrap();
   }
else
   {
   if (strlen(POLICY_SERVER) > 0)
      {
      CfOut(cf_verbose,""," -> Found a policy server (hub) on %s",POLICY_SERVER);
      }
   else
      {
      CfOut(cf_verbose,""," -> No policy server (hub) watch yet registered");
      }
   }

SetPolicyServer(POLICY_SERVER);

if (ag != cf_keygen)
   {
   if (!MissingInputFile())
      {
      bool check_promises = false;

      if (SHOWREPORTS)
         {
         check_promises = true;
         CfOut(cf_verbose, "", " -> Reports mode is enabled, force-validating policy");
         }
      if (IsFileOutsideDefaultRepository(VINPUTFILE))
         {
         check_promises = true;
         CfOut(cf_verbose, "", " -> Input file is outside default repository, validating it");
         }
      if (NewPromiseProposals())
         {
         check_promises = true;
         CfOut(cf_verbose, "", " -> Input file is changed since last validation, validating it");
         }

      if (check_promises)
         {
         ok = CheckPromises(ag);
         if (BOOTSTRAP && !ok)
            {
            CfOut(cf_verbose, "", " -> Policy is not valid, but proceeding with bootstrap");
            ok = true;
            }
         }
      else
         {
         CfOut(cf_verbose, "", " -> Policy is already validated");
         ok = true;
         }
      }

   if (ok)
      {
      ReadPromises(ag,agents);
      }
   else
      {
      CfOut(cf_error,"","cf-agent was not able to get confirmation of promises from cf-promises, so going to failsafe\n");
      snprintf(VINPUTFILE,CF_BUFSIZE-1,"failsafe.cf");
      ReadPromises(ag,agents);
      }
   
   if (SHOWREPORTS)
      {
      CompilationReport(VINPUTFILE);
      }

   CheckLicenses();
   }

XML = 0;
}