Revision 0d5a999d image_creator/os_type/unix.py
b/image_creator/os_type/unix.py | ||
---|---|---|
5 | 5 |
from image_creator.os_type import OSBase |
6 | 6 |
|
7 | 7 |
class Unix(OSBase): |
8 |
|
|
9 |
sensitive_userdata = ['.bash_history'] |
|
10 |
|
|
8 | 11 |
def get_metadata(self): |
9 | 12 |
meta = super(Unix, self).get_metadata() |
10 | 13 |
meta["USERS"] = " ".join(self.get_passworded_users()) |
11 | 14 |
return meta |
12 | 15 |
|
13 | 16 |
def get_passworded_users(self): |
14 |
|
|
15 | 17 |
users = [] |
16 |
|
|
17 | 18 |
regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}') |
18 | 19 |
|
19 | 20 |
for line in open('/etc/shadow', 'r').readlines(): |
... | ... | |
29 | 30 |
|
30 | 31 |
return users |
31 | 32 |
|
32 |
def cleanup_sensitive_data(self): |
|
33 |
cleanup_userdata() |
|
34 |
cleanup_tmp() |
|
35 |
cleanup_log() |
|
33 |
def data_cleanup(self): |
|
34 |
self.cleanup_userdata() |
|
35 |
self.cleanup_tmp() |
|
36 |
self.cleanup_log() |
|
37 |
|
|
38 |
def cleanup_tmp(self): |
|
39 |
files = [] |
|
40 |
files.extend(self.ls('/tmp/')) |
|
41 |
files.extend(self.ls('/var/tmp/')) |
|
42 |
|
|
43 |
for filename in files: |
|
44 |
self.g.rm_rf(filename) |
|
45 |
|
|
46 |
def cleanup_log(self): |
|
47 |
files = self.find( '/var/log/') |
|
48 |
|
|
49 |
for filename in filter(self.g.is_file, files): |
|
50 |
self.g.truncate(filename) |
|
51 |
|
|
52 |
def cleanup_userdata(self): |
|
53 |
homedirs = ['/root'] + self.ls('/home/') |
|
54 |
|
|
55 |
for homedir in homedirs: |
|
56 |
for data in self.sensitive_userdata: |
|
57 |
fname = "%s/%s" % (homedir, data) |
|
58 |
print "Filename: %s\n" % fname |
|
59 |
if self.g.is_file(fname): |
|
60 |
self.g.scrub_file(fname) |
|
36 | 61 |
|
37 | 62 |
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai : |
Also available in: Unified diff