Revision 0d5a999d image_creator/os_type/unix.py
| b/image_creator/os_type/unix.py | ||
|---|---|---|
| 5 | 5 |
from image_creator.os_type import OSBase |
| 6 | 6 |
|
| 7 | 7 |
class Unix(OSBase): |
| 8 |
|
|
| 9 |
sensitive_userdata = ['.bash_history'] |
|
| 10 |
|
|
| 8 | 11 |
def get_metadata(self): |
| 9 | 12 |
meta = super(Unix, self).get_metadata() |
| 10 | 13 |
meta["USERS"] = " ".join(self.get_passworded_users()) |
| 11 | 14 |
return meta |
| 12 | 15 |
|
| 13 | 16 |
def get_passworded_users(self): |
| 14 |
|
|
| 15 | 17 |
users = [] |
| 16 |
|
|
| 17 | 18 |
regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
|
| 18 | 19 |
|
| 19 | 20 |
for line in open('/etc/shadow', 'r').readlines():
|
| ... | ... | |
| 29 | 30 |
|
| 30 | 31 |
return users |
| 31 | 32 |
|
| 32 |
def cleanup_sensitive_data(self): |
|
| 33 |
cleanup_userdata() |
|
| 34 |
cleanup_tmp() |
|
| 35 |
cleanup_log() |
|
| 33 |
def data_cleanup(self): |
|
| 34 |
self.cleanup_userdata() |
|
| 35 |
self.cleanup_tmp() |
|
| 36 |
self.cleanup_log() |
|
| 37 |
|
|
| 38 |
def cleanup_tmp(self): |
|
| 39 |
files = [] |
|
| 40 |
files.extend(self.ls('/tmp/'))
|
|
| 41 |
files.extend(self.ls('/var/tmp/'))
|
|
| 42 |
|
|
| 43 |
for filename in files: |
|
| 44 |
self.g.rm_rf(filename) |
|
| 45 |
|
|
| 46 |
def cleanup_log(self): |
|
| 47 |
files = self.find( '/var/log/') |
|
| 48 |
|
|
| 49 |
for filename in filter(self.g.is_file, files): |
|
| 50 |
self.g.truncate(filename) |
|
| 51 |
|
|
| 52 |
def cleanup_userdata(self): |
|
| 53 |
homedirs = ['/root'] + self.ls('/home/')
|
|
| 54 |
|
|
| 55 |
for homedir in homedirs: |
|
| 56 |
for data in self.sensitive_userdata: |
|
| 57 |
fname = "%s/%s" % (homedir, data) |
|
| 58 |
print "Filename: %s\n" % fname |
|
| 59 |
if self.g.is_file(fname): |
|
| 60 |
self.g.scrub_file(fname) |
|
| 36 | 61 |
|
| 37 | 62 |
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai : |
Also available in: Unified diff