test_dns_records.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Copyright 2017, Florent Thiery
"""
Criticality: Normal
Checks that DNS records are provided by the customer servers are correctly set
"""
import subprocess
import os
import sys
import imp

GREEN = "\033[92m"
RED = "\033[91m"
DEF = "\033[0m"


def get_dns_servers():
    servers = list()
    with open("/etc/resolv.conf", "r") as f:
        d = f.read().strip()
        for l in d.split("\n"):
            if l.startswith("nameserver "):
                servers.append(l.split("nameserver ")[1])
    if servers == ["127.0.1.1"]:
        # NetworkManager
        status, output = subprocess.getstatusoutput(
            "nmcli -f all device show | grep IP4.DNS | awk '{ print $2 }'"
        )
        servers.extend(output.split("\n"))
    return servers


resolvers = get_dns_servers()


def get_result(output):
    for line in output.split("\n"):
        if "has address " in line:
            return line.split("has address ")[1]


def check_dns(hostname, expected_ip):
    all_ok = True
    for resolver in resolvers:
        status, output = subprocess.getstatusoutput(
            'host "%s" "%s"' % (hostname, resolver)
        )
        if status == 0:
            color = GREEN
            address = get_result(output)
            if address == "127.0.0.1" and resolver == "127.0.0.53":
                pass
            elif address != expected_ip:
                print('Expected ip was: "%s", got "%s".' % (expected_ip, address))
                color = RED
                all_ok = False
        else:
            color = RED
            all_ok = False
            address = "FAIL"
        print(
            '%sDNS resolution of "%s" on server "%s" returned "%s".%s'
            % (color, hostname, resolver, address, DEF)
        )
    return all_ok


os.chdir(os.path.dirname(__file__))
if not os.path.isfile("../utils.py"):
    print("conf.sh not found")
    sys.exit(1)

es_utils = imp.load_source("es_utils", "../utils.py")
conf = es_utils.load_conf()

all_ok = True
conf_resolvers_keys = ("NETWORK_DNS1", "NETWORK_DNS2")
for conf_resolver_key in conf_resolvers_keys:
    conf_resolver = conf.get(conf_resolver_key)
    if conf_resolver and conf_resolver != "0" and conf_resolver not in resolvers:
        print("Resolver %s not configured on the system." % conf_resolver)
        all_ok = False

ip = conf.get("NETWORK_IP_NAT")
if not ip or ip == "0":
    ip = conf.get("NETWORK_IP")
if not ip or ip == "0":
    if not all_ok:
        sys.exit(1)
    print("No IP set in configuration file, unable to test DNS.")
    sys.exit(2)

services_info = (
    ("MS_SERVER_NAME", "mediaserver", "python3-mediaserver"),
    ("MONITOR_SERVER_NAME", "monitor", "python3-mediaserver-monitor"),
    ("CM_SERVER_NAME", "mirismanager", "skyreach"),
)

for conf_name, default_domain, package in services_info:
    domain = conf.get(conf_name)
    if domain and domain not in ("localhost", default_domain):
        # check that the service is installed on this system
        status, output = subprocess.getstatusoutput("dpkg -s %s" % package)
        if status == 0:
            print('Checking IP of "%s".' % domain)
            ok = check_dns(domain, ip)
            if not ok:
                all_ok = False
        else:
            print(
                'Package %s is not installed, IP of "%s" will not be checked.'
                % (package, domain)
            )

if not all_ok:
    sys.exit(1)
else:
    sys.exit(0)