scout_agent 3.0.5 → 3.0.6

data/CHANGELOG

@@ -1,3 +1,21 @@
+== 3.0.6
+
+* The new `sudo scout_agent update` command can be used to update your
+  configuration file
+* Made it possible to disable XMPP for a smaller memory footprint
+* Restricted XMPP commands to a white list for added security
+* Added an optional "force" argument for `scout_agent snapshot` that clears
+  command run times before running to ensure a full snapshot
+* Modified XMPP snapshots to use the new force option for snapshots to ensure
+  requests from users via the Web interface are always honored
+* Added a periodic_snapshots configuration option that defaults to true and will
+  cause the agent to attempt a snapshot before each check-in (though command 
+  intervals will usually only allow them to be run every few check-ins)
+* Fixed a bug that could cause snapshots to temporarily orphan a process and/or
+  to unnecessarily delay API requests
+* Fixed a bug that could cause the agent to crash if it had trouble killing off
+  a spawned process
+
 == 3.0.5
 
 * Added support for XMPP message SHA, instead of just an ID

data/lib/scout_agent/agent/communication_agent.rb

@@ -2,7 +2,6 @@
 # encoding: UTF-8
 
 # load agent extensions
-require "scout_agent/api"
 require "scout_agent/order"
 
 module ScoutAgent
@@ -20,6 +19,10 @@ module ScoutAgent
         @jabber          = nil
         @roster          = nil
         @shutdown_thread = nil
+        @trusted         = Array(Plan.xmpp_trusted).map { |trusted|
+          trusted_with_server = trusted.sub(/@\*\z/, "@#{jabber_server}")
+          /\A#{Regexp.escape(trusted_with_server)}\b/
+        }
       end
       
       def run
@@ -104,8 +107,13 @@ module ScoutAgent
       
       def install_subscriptions_callback
         @roster.add_subscription_request_callback do |_, presence|
-          log.info("Accepting subscription:  #{presence.from}")
-          @roster.accept_subscription(presence.from)
+          log.info("Subscription request:  #{presence.from}")
+          if trusted? presence.from
+            log.info("Request accepted.")
+            @roster.accept_subscription(presence.from)
+          else
+            log.warn("Untrusted source, ignoring.")
+          end
         end
       end
       
@@ -113,16 +121,20 @@ module ScoutAgent
         @jabber.add_message_callback do |message|
           log.info("Received message from #{message.from}:  #{message.body}")
           status("Parsing command")
-          modified_body = nil
-          if message.body =~ /\A\s*\[\s*(\S+)\s*\]\s*(.*)/
-            modified_body = $2
-            send_chat_message(message.from, "received #{$1}")
-          end
-          if order = Order.can_handle?(message, modified_body)
-            status("Processing command")
-            order.execute
+          if trusted? message.from
+            modified_body = nil
+            if message.body =~ /\A\s*\[\s*(\S+)\s*\]\s*(.*)/
+              modified_body = $2
+              send_chat_message(message.from, "received #{$1}")
+            end
+            if order = Order.can_handle?(message, modified_body)
+              status("Processing command")
+              order.execute
+            else
+              log.warn("Unrecognized message format, ignoring.")
+            end
           else
-            log.warn("Unrecognized message format, ingoring.")
+            log.warn("Untrusted source, ignoring.")
           end
           status("Listening for commands")
         end
@@ -168,6 +180,11 @@ module ScoutAgent
         @jabber_server ||= Plan.test_mode? ? "jabber.org" :
                                              URI.parse(Plan.server_url).host
       end
+      
+      def trusted?(user)
+        id = user.to_s
+        @trusted.any? { |trusted| id =~ trusted }
+      end
     end
   end
 end

data/lib/scout_agent/agent/master_agent.rb

@@ -28,10 +28,11 @@ module ScoutAgent
         @main_loop = Thread.new do
           Thread.current.abort_on_exception = true
           loop do
-            %w[ fetch_plan 
-                execute_missions 
+            %w[ fetch_plan
+                execute_missions
+                prepare_snapshot
                 checkin
-                perform_maintenance 
+                perform_maintenance
                 wait_for_orders ].each do |stage|
               send(stage)
               check_running_status
@@ -123,12 +124,12 @@ module ScoutAgent
           rescue Timeout::Error  # mission exceeded allowed execution
             status = Process.term_or_kill(pid)
             log.error( "#{mission[:name]} took too long to run:  " +
-                       "#{status.exitstatus}." )
+                       "#{status && status.exitstatus}." )
             @db.write_report(
               mission[:id],
               :error,
               :subject => "#{mission[:name]} took too long to run",
-              :body    => "Exit status:  #{status.exitstatus}"
+              :body    => "Exit status:  #{status && status.exitstatus}"
             )
           end
           # prevent an infinite loop if we can't complete the mission
@@ -140,6 +141,15 @@ module ScoutAgent
         log.warn("No missions to run.") unless ran_a_mission
       end
       
+      def prepare_snapshot
+        if Plan.periodic_snapshots?
+          status("Preparing a system snapshot")
+          log.info( "Requesting a system snapshot, if command intervals have " +
+                    "been exceeded." )
+          API.take_snapshot
+        end
+      end
+      
       def checkin
         reports   = @db.current_reports
         queued    = @queue.queued_reports

data/lib/scout_agent/api.rb

@@ -242,6 +242,10 @@ module ScoutAgent
       QueueCommand.new(:error, fields, options)
     end
     
+    # 
+    # :call-seq:
+    #   take_snapshot(options = { })
+    #   take_snapshot(force = false, options = { })
     # 
     # This method requests that the agent take a snapshot of the current
     # environment, by running any commands the server has sent down.  A
@@ -249,8 +253,16 @@ module ScoutAgent
     # during the next checkin.  The returned object and background processing
     # rules are the same as those described in queue_for_mission().
     # 
-    def take_snapshot(options = { })
-      Command.new(:snapshot, nil, nil, options)
+    # Passing a `true` value in `force` clears the command times before running,
+    # forcing a full snapshot to be taken.
+    # 
+    def take_snapshot(*args)
+      started = Time.now
+      force   = args.shift ? %w[force] : nil unless args.first.is_a? Hash
+      options = args.shift || { }
+      Command.new(:snapshot, force, nil, options)
+    ensure
+      p Time.now - started
     end
   end
 end

data/lib/scout_agent/assignment/snapshot.rb

@@ -22,6 +22,11 @@ module ScoutAgent
           at_my_exit do
             clear_status(:snapshot)
           end
+          
+          if Array(other_args).shift == "force"
+            log.info("Clearing command run times to force a full snapshot.")
+            db.reset_all_commands
+          end
 
           commands = db.current_commands
         
@@ -38,16 +43,30 @@ module ScoutAgent
           commands.each do |command|
             log.info("Running `#{command[:code]}`.")
             command_started = Time.now
+            reader, writer  = IO.pipe
+            run             = fork do
+              reader.close
+              STDOUT.reopen(writer)
+              STDERR.reopen(writer)
+              begin
+                exec(command[:code])
+              rescue Exception  # failed to execute
+                warn "#{$!.message} (#{$!.class})"
+              end
+            end
+            exit_status     = nil
             output          = nil
+            writer.close
             begin
               Timeout.timeout(command[:timeout]) do
-                output      = `sh -c #{shell_escape command[:code]} 2>&1`
+                output      = reader.read
+                exit_status = Process.wait2(run).last
               end
             rescue Timeout::Error
               log.error("`#{command[:code]}` took too long to run.")
+              exit_status   = Process.term_or_kill(run)
               output        = "Error:  This command took too long to run"
             end
-            exit_status     = $?.exitstatus
             run_time        = Time.now - command_started
             db.complete_run( command,
                              output,
@@ -67,13 +86,6 @@ module ScoutAgent
       
       private
 
-      # Escape +str+ to make it useable in a shell as one "word".
-      def shell_escape(str)
-        str.to_s.gsub( /(?=[^a-zA-Z0-9_.\/\-\x7F-\xFF\n])/n, '\\'   ).
-                 gsub( /\n/,                                 "'\n'" ).
-                 sub(  /^$/,                                 "''"   )
-      end
-      
       def abort_with_missing_db
         warn "Snapshots database could not be loaded."
         exit 1

data/lib/scout_agent/assignment/start.rb

@@ -44,9 +44,10 @@ module ScoutAgent
         log = ScoutAgent.prepare_wire_tap(:lifeline)
         log.info("Loading monitors.")
         
-        lifelines = %w[master communication].map { |agent|
-          Lifeline.new(agent, log)
-        }
+        agents = %w[master]
+        agents << "communication" if Plan.enable_xmpp?
+        
+        lifelines = agents.map { |agent| Lifeline.new(agent, log) }
         %w[TERM INT].each do |signal|
           trap(signal) do
             Thread.new do

data/lib/scout_agent/assignment/update.rb

@@ -0,0 +1,37 @@
+#!/usr/bin/env ruby -wKU
+# encoding: UTF-8
+
+module ScoutAgent
+  class Assignment
+    class Update < Assignment
+      def execute
+        begin
+          Plan.config_file.unlink
+          puts "Identification file '#{Plan.config_file}' removed."
+        rescue Errno::EACCES
+          abort_with_sudo_required
+        end
+        if Plan.write_default_config_file
+          puts "Identification file '#{Plan.config_file}' replaced."
+        else
+          if Plan.config_file.exist?
+            puts "Identification file '#{Plan.config_file}' exists.  Skipped."
+          else
+            abort_with_sudo_required
+          end
+        end
+      end
+      
+      def abort_with_sudo_required
+        abort <<-END_SUDO_REQUIRED.trim
+        I don't have enough privileges to update your identity and
+        configuration.  Try running this program again with super
+        user privileges:
+        
+            sudo #{$PROGRAM_NAME} identify
+        
+        END_SUDO_REQUIRED
+      end
+    end
+  end
+end

data/lib/scout_agent/database/snapshots.rb

@@ -51,6 +51,10 @@ module ScoutAgent
         end
       end
       
+      ################
+      ### Commands ###
+      ################
+      
       #
       # Updates the list of snapshot +commands+ in the database.  Existing
       # commands are updated, new commands are added, and commands no longer in
@@ -131,6 +135,26 @@ module ScoutAgent
         nil  # commands not found
       end
       
+      # 
+      # All commands are reset so they will be run again at the first available
+      # opportunity.
+      # 
+      def reset_all_commands
+        write_to_sqlite do |sqlite|
+          sqlite.execute(<<-END_RESET_COMMANDS.trim)
+          UPDATE commands
+          SET    next_run_at = strftime('%Y-%m-%d %H:%M', 'now', 'localtime')
+          END_RESET_COMMANDS
+        end
+      rescue Amalgalite::SQLite3::Error => error  # failed to reset commands
+        # do nothing:  commands will be run at their scheduled time
+        log.error("Database command reset error:  #{error.message}.")
+      end
+      
+      ############
+      ### Runs ###
+      ############
+      
       # 
       # Marks +command+ as just having run in the database and updates its
       # +next_run_at+ Time.  A run is also created for the +command+ documenting

data/lib/scout_agent/dispatcher.rb

@@ -44,6 +44,10 @@ module ScoutAgent
                  "The minimum level of log message to record." ) do |level|
           switches[:logging_level] = level
         end
+        opts.on( "-x", "--[no-]xmpp",
+                 "Allow the server to send XMPP commands." ) do |boolean|
+          switches[:enable_xmpp] = boolean
+        end
         opts.on( "-t", "--[no-]test-mode",
                  "Used in agent development." ) do |boolean|
           if switches[:test_mode]    = boolean
@@ -53,6 +57,14 @@ module ScoutAgent
         end
 
         opts.separator "Expert Options:"
+        opts.on( "--[no-]periodic-snapshots",
+                 "Take regular system snapshots." ) do |boolean|
+          switches[:periodic_snapshots] = boolean
+        end
+        opts.on( "--trusted NAME1,NAME2,...", Array,
+                 "A list of trusted XMPP users." ) do |users|
+          switches[:xmpp_trusted] = users
+        end
         opts.on( "--users NAME1,NAME2,...", Array,
                  "A list of users to try switching to." ) do |users|
           switches[:user_choices] = users
@@ -145,9 +157,9 @@ module ScoutAgent
     end
     
     def abort_with_ambiguous_assignment(assignment, matches)
-      choices         = matches.map { |m| "'#{m.basename('.rb')}'" }
+      choices         = matches.map { |m| "'#{File.basename(m, '.rb')}'" }
       choices[-2..-1] = choices[-2..-1].join(", or ")
-      abort <<-END_AMBIGUOUS
+      abort <<-END_AMBIGUOUS.trim
       Ambiguous command '#{assignment}'.  Did you mean #{choices.join(', ')}?
       END_AMBIGUOUS
     end

data/lib/scout_agent/order/snapshot_order.rb

@@ -8,7 +8,7 @@ module ScoutAgent
       
       def execute
         log.info("Requesting that a snapshot be taken.")
-        API.take_snapshot
+        API.take_snapshot(:force)
         notify_master
       end
     end

data/lib/scout_agent/plan.rb

@@ -17,23 +17,26 @@ module ScoutAgent
     
     # The default configuration for this agent.
     def defaults
-      [ [:server_url,     "http://beta.scoutapp.com:3000"],
-        [:proxy_url,      nil],
-        [:run_as_daemon,  true],
-        [:logging_level,  "INFO"],
-        [:test_mode,      false],
+      [ [:server_url,         "http://beta.scoutapp.com:3000"],
+        [:proxy_url,          nil],
+        [:run_as_daemon,      true],
+        [:logging_level,      "INFO"],
+        [:enable_xmpp,        true],
+        [:test_mode,          false],
 
-        [:user_choices,   %w[daemon nobody]],
-        [:group_choices,  %w[daemon nogroup]],
-        [:prefix_path,    "/"],
-        [:os_config_path, "etc"],
-        [:os_db_path,     "var/db"],
-        [:os_pid_path,    "var/run"],
-        [:os_log_path,    "var/log"],
-        [:config_file,    nil],
-        [:db_dir,         nil],
-        [:pid_dir,        nil],
-        [:log_dir,        nil] ]
+        [:periodic_snapshots, true],
+        [:xmpp_trusted,       %w[scout@*]],
+        [:user_choices,       %w[daemon nobody]],
+        [:group_choices,      %w[daemon nogroup]],
+        [:prefix_path,        "/"],
+        [:os_config_path,     "etc"],
+        [:os_db_path,         "var/db"],
+        [:os_pid_path,        "var/run"],
+        [:os_log_path,        "var/log"],
+        [:config_file,        nil],
+        [:db_dir,             nil],
+        [:pid_dir,            nil],
+        [:log_dir,            nil] ]
     end
     
     # This method is used to set or reset the default configuration.
@@ -45,15 +48,25 @@ module ScoutAgent
     alias_method :reset_defaults, :set_defaults
     
     # Provide a more natural interface for a boolean flag.
-    def run_as_daemon?  # can't use alias_method() because it's not defined yet
+    def run_as_daemon?  # can't use alias_method() because it's not defined
       run_as_daemon
     end
     
     # Provide a more natural interface for a boolean flag.
-    def test_mode?  # can't use alias_method() because it's not defined yet
+    def test_mode?  # can't use alias_method() because it's not defined
       test_mode
     end
     
+    # Provide a more natural interface for a boolean flag.
+    def enable_xmpp?  # can't use alias_method() because it's not defined
+      enable_xmpp
+    end
+    
+    # Provide a more natural interface for a boolean flag.
+    def periodic_snapshots?  # can't use alias_method() because it's not defined
+      periodic_snapshots
+    end
+    
     ###########################
     ### Configuration Files ###
     ###########################
@@ -74,10 +87,12 @@ module ScoutAgent
     # 
     def write_default_config_file
       config_file.dirname.mkpath
-      config_file.open(File::CREAT|File::EXCL|File::WRONLY) do |pid|
+      config_file.open(File::CREAT | File::EXCL | File::WRONLY) do |pid|
         pid.puts <<-END_DEFAULT_CONFIG.trim
         #!/usr/bin/env ruby -wKU
         # encoding: UTF-8
+        
+        # #{ScoutAgent.proper_agent_name} v#{ScoutAgent::VERSION}
 
         # 
         # This file configures #{ScoutAgent.proper_agent_name}.  The settings in
@@ -133,10 +148,60 @@ module ScoutAgent
         # 
         config.logging_level = #{logging_level.inspect}
         
+        # 
+        # The XMPP features of the agent are used to allow the server to remain
+        # in contact.  The server can use this to send some simple commands to
+        # the agent as you interact with the Web interface.  The server may also
+        # use this to monitor when the agent is online.
+        # 
+        # This feature takes some extra memory due to maintaining the XMPP
+        # connection.  Set the following to false if you don't need this
+        # interactivity and you would prefer to see the agent run with a smaller
+        # footprint.
+        # 
+        config.enable_xmpp = #{enable_xmpp.inspect}
+        
         #####################
         ### Expert Config ###
         #####################
         
+        # 
+        # The following setting causes the agent to attempt taking regular
+        # snapshots of the system.  An attempt is made before each check-in, but
+        # command intervals will usually only allow them to be run after a few
+        # check-ins.
+        #
+        # Change this setting to false if you would prefer to manage when
+        # snapshots are taken manually using the shell command or the API.
+        # 
+        config.periodic_snapshots = #{periodic_snapshots.inspect}
+        
+        # 
+        # The following list of Jabber users are trusted to send the agent
+        # commands.  Only commands from from a user matching one of the names
+        # in this list will be executed.
+        # 
+        # The names in this list must match at the beginning of the user's name
+        # and stop at a word boundary.  Thus, all of the following would match
+        # the user "scout@scoutapp.com":
+        # 
+        #   scout
+        #   scout@scoutapp
+        #   scout@scoutapp.com
+        # 
+        # Note that the first name would match a "scout" user from any domain
+        # and the second would match a ".com", ".net", ".org", or whatever, but
+        # the third requires a full match.  However, "scout@scout" will not
+        # match "scout@scoutapp.com" since it doesn't end at a boundary.
+        # 
+        # There's also a special case where any name ending in "@*" is modified
+        # to have the "*" replaced with the host name from config.server_url.
+        #
+        # Feel free to add Jabber (XMPP) users to the list so they too can
+        # monitor and command the agent from their IM client.
+        # 
+        config.xmpp_trusted = %w[#{xmpp_trusted.join(" ")}]
+        
         # 
         # The agent will try to use standard Unix locations to store its
         # data, but you are free to adjust these paths as needed.

data/lib/scout_agent.rb

@@ -24,6 +24,7 @@ require "scout_agent/id_card"
 require "scout_agent/assignment"
 require "scout_agent/lifeline"
 require "scout_agent/dispatcher"
+require "scout_agent/api"
 
 # require gems
 require_lib_or_gem "json",          "=1.1.4"
@@ -65,7 +66,7 @@ module ScoutAgent
   end
 
   # The version of this agent.
-  VERSION = "3.0.5".freeze
+  VERSION = "3.0.6".freeze
   # A Pathname reference to the agent code directory, used in dynamic loading.
   LIB_DIR = Pathname.new(File.dirname(__FILE__)) + agent_name
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification 
 name: scout_agent
 version: !ruby/object:Gem::Version 
-  version: 3.0.5
+  version: 3.0.6
 platform: ruby
 authors: 
 - James Edward Gray II
@@ -12,7 +12,7 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2009-04-14 00:00:00 -05:00
+date: 2009-04-17 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -102,6 +102,7 @@ files:
 - lib/scout_agent/assignment/start.rb
 - lib/scout_agent/assignment/status.rb
 - lib/scout_agent/assignment/stop.rb
+- lib/scout_agent/assignment/update.rb
 - lib/scout_agent/assignment/upload_log.rb
 - lib/scout_agent/assignment.rb
 - lib/scout_agent/core_extensions.rb