Fix an issue where the ESXiPlugin shows a confusing warning when constructing the local fs (#1332)

The following warning was logged every time that the local_tgz tar file
was successfully decrypted

> "local.tgz is encrypted but static decryption failed and no dynamic
decryption available!"

Now this warning is moved so it only shows when it isn't run on a local
target.

Author: Miauwkeru

dissect/target/plugins/os/unix/esxi/_os.py

@@ -287,20 +287,22 @@ def _create_local_fs(target: Target, local_tgz_ve: TargetPath, encryption_info:
     else:
         target.log.debug("Skipping static decryption because of missing crypto module")
 
-    if not local_tgz and target.name == "local":
+    if local_tgz is None:
+        if target.name != "local":
+            target.log.warning(
+                "local.tgz is encrypted but static decryption failed and no dynamic decryption available!"
+            )
+            return None
+
         target.log.info(
             "local.tgz is encrypted but static decryption failed, attempting dynamic decryption using crypto-util"
         )
         local_tgz = _decrypt_crypto_util(local_tgz_ve)
 
         if local_tgz is None:
             target.log.warning("Dynamic decryption of %s failed", local_tgz_ve)
-    else:
-        target.log.warning("local.tgz is encrypted but static decryption failed and no dynamic decryption available!")
 
-    if local_tgz:
-        return tar.TarFilesystem(local_tgz)
-    return None
+    return tar.TarFilesystem(local_tgz) if local_tgz else None
 
 
 def _mount_filesystems(target: Target, sysvol: Filesystem, cfg: dict[str, str]) -> None:

tests/plugins/os/unix/esxi/test__os.py

@@ -1,5 +1,6 @@
 from __future__ import annotations
 
+import logging
 from io import BytesIO
 from typing import TYPE_CHECKING
 from unittest.mock import patch
@@ -10,35 +11,54 @@
 from tests._utils import absolute_path
 
 if TYPE_CHECKING:
+    import pytest
+
     from dissect.target.target import Target
 
 
-def test__create_tar_fs_no_envelope(target_linux: Target, fs_unix: VirtualFilesystem) -> None:
+def test__create_local_fs_local_no_envelope(
+    target_linux: Target, fs_unix: VirtualFilesystem, caplog: pytest.LogCaptureFixture
+) -> None:
     with (
         patch("dissect.target.plugins.os.unix.esxi._os.HAS_ENVELOPE", False),
         patch("dissect.target.plugins.os.unix.esxi._os.tar") as mocked_tar,
         patch("dissect.target.plugins.os.unix.esxi._os._decrypt_crypto_util") as decrypt_func,
+        caplog.at_level(logging.DEBUG),
     ):
         target_linux._name = "local"
         _create_local_fs(target_linux, fs_unix.path("local.tgz.ve"), fs_unix.path("encryption.info"))
 
+        assert len(caplog.messages) == 2
+        assert "Skipping static decryption because of missing crypto module" in caplog.messages[0]
+        assert (
+            "local.tgz is encrypted but static decryption failed, attempting dynamic decryption using crypto-util"
+            in caplog.messages[1]
+        )
+
         decrypt_func.assert_called()
         mocked_tar.TarFilesystem.assert_called()
 
 
-def test__create_tar_fs_envelope(target_linux: Target, fs_unix: VirtualFilesystem) -> None:
+def test__create_local_fs_envelope(
+    target_linux: Target, fs_unix: VirtualFilesystem, caplog: pytest.LogCaptureFixture
+) -> None:
     with (
         patch("dissect.target.plugins.os.unix.esxi._os.HAS_ENVELOPE", True),
         patch("dissect.target.plugins.os.unix.esxi._os.tar") as mocked_tar,
         patch("dissect.target.plugins.os.unix.esxi._os._decrypt_envelope") as decrypt_func,
+        caplog.at_level(logging.WARNING, target_linux.log.name),
     ):
         _create_local_fs(target_linux, fs_unix.path("local.tgz.ve"), fs_unix.path("encryption.info"))
 
+        assert (
+            "local.tgz is encrypted but static decryption failed and no dynamic decryption available!"
+            not in caplog.text
+        )
         decrypt_func.assert_called()
         mocked_tar.TarFilesystem.assert_called()
 
 
-def test__create_tar_fs_failed_envelope(target_linux: Target, fs_unix: VirtualFilesystem) -> None:
+def test__create_local_fs_failed_envelope(target_linux: Target, fs_unix: VirtualFilesystem) -> None:
     with (
         patch("dissect.target.plugins.os.unix.esxi._os.HAS_ENVELOPE", True),
         patch("dissect.target.plugins.os.unix.esxi._os.tar") as mocked_tar,
@@ -52,13 +72,19 @@ def test__create_tar_fs_failed_envelope(target_linux: Target, fs_unix: VirtualFi
         mocked_tar.TarFilesystem.assert_called()
 
 
-def test__decrypt_crypto_not_local(target_linux: Target, fs_unix: VirtualFilesystem) -> None:
+def test__create_local_fs_non_local_target(
+    target_linux: Target, fs_unix: VirtualFilesystem, caplog: pytest.LogCaptureFixture
+) -> None:
     target_linux._name = "not_local"
-    with patch("dissect.target.plugins.os.unix.esxi._os.HAS_ENVELOPE", False):
+    with (
+        patch("dissect.target.plugins.os.unix.esxi._os.HAS_ENVELOPE", False),
+        caplog.at_level(logging.WARNING, target_linux.log.name),
+    ):
         assert _create_local_fs(target_linux, fs_unix.path(""), fs_unix.path("")) is None
+        assert "local.tgz is encrypted but static decryption failed and no dynamic decryption available!" in caplog.text
 
 
-def test__decrypt_crypto_local(fs_unix: VirtualFilesystem) -> None:
+def test__decrypt_crypto_util(fs_unix: VirtualFilesystem) -> None:
     with patch("dissect.target.plugins.os.unix.esxi._os.subprocess.run") as mocked_run:
         mocked_run.return_value.stdout = b"data"
 

tests/plugins/os/unix/test_ips.py

@@ -10,6 +10,7 @@
 from dissect.target.plugins.os.unix.linux._os import LinuxPlugin
 from dissect.target.plugins.os.unix.linux.network_managers import NetworkManager
 from dissect.target.tools.query import main as target_query
+from dissect.target.tools.utils.logging import configure_logging
 from tests._utils import absolute_path
 
 if TYPE_CHECKING:
@@ -94,8 +95,12 @@ def test_ips_dhcp_arg(
     if flag:
         argv.append(flag)
 
+    def noop(*args, **kwargs) -> None:
+        pass
+
     with patch("dissect.target.Target.open_all", return_value=[target_unix]), monkeypatch.context() as m:
         m.setattr("sys.argv", argv)
+        m.setattr(configure_logging, "__code__", noop.__code__)
         target_query()
         out, _ = capsys.readouterr()
         assert expected_out in out