code.grnet.gr Git - snf-image-creator/blob - image_creator/os_type/unix.py

   1 #!/usr/bin/env python
   2
   3 import re
   4
   5 from image_creator.os_type import OSBase
   6
   7 class Unix(OSBase):
   8
   9     sensitive_userdata = ['.bash_history']
  10
  11     def get_metadata(self):
  12         meta = super(Unix, self).get_metadata()
  13         meta["USERS"] = " ".join(self.get_passworded_users())
  14         return meta
  15
  16     def get_passworded_users(self):
  17         users = []
  18         regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
  19
  20         for line in open('/etc/shadow', 'r').readlines():
  21             match = regexp.match(line)
  22             if not match:
  23                 continue
  24
  25             user, passwd = match.groups()
  26             if len(passwd) > 0 and passwd[0] == '!':
  27                 print "Warning: %s is locked" % user
  28             else:
  29                 users.append(user)
  30
  31         return users
  32
  33     def data_cleanup(self):
  34         self.cleanup_userdata()
  35         self.cleanup_tmp()
  36         self.cleanup_log()
  37
  38     def cleanup_tmp(self):
  39         files = []
  40         files.extend(self.ls('/tmp/'))
  41         files.extend(self.ls('/var/tmp/'))
  42
  43         for filename in files:
  44             self.g.rm_rf(filename)
  45
  46     def cleanup_log(self):
  47         files = self.find( '/var/log/')
  48
  49         for filename in filter(self.g.is_file, files):
  50             self.g.truncate(filename)
  51
  52     def cleanup_userdata(self):
  53         homedirs = ['/root'] + self.ls('/home/')
  54
  55         for homedir in homedirs:
  56             for data in self.sensitive_userdata:
  57                 fname = "%s/%s" % (homedir, data)
  58                 print "Filename: %s\n" % fname
  59                 if self.g.is_file(fname):
  60                     self.g.scrub_file(fname)
  61
  62 # vim: set sta sts=4 shiftwidth=4 sw=4 et ai :