root / image_creator / os_type / unix.py @ 0d5a999d
History | View | Annotate | Download (1.6 kB)
1 |
#!/usr/bin/env python
|
---|---|
2 |
|
3 |
import re |
4 |
|
5 |
from image_creator.os_type import OSBase |
6 |
|
7 |
class Unix(OSBase): |
8 |
|
9 |
sensitive_userdata = ['.bash_history']
|
10 |
|
11 |
def get_metadata(self): |
12 |
meta = super(Unix, self).get_metadata() |
13 |
meta["USERS"] = " ".join(self.get_passworded_users()) |
14 |
return meta
|
15 |
|
16 |
def get_passworded_users(self): |
17 |
users = [] |
18 |
regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
|
19 |
|
20 |
for line in open('/etc/shadow', 'r').readlines(): |
21 |
match = regexp.match(line) |
22 |
if not match: |
23 |
continue
|
24 |
|
25 |
user, passwd = match.groups() |
26 |
if len(passwd) > 0 and passwd[0] == '!': |
27 |
print "Warning: %s is locked" % user |
28 |
else:
|
29 |
users.append(user) |
30 |
|
31 |
return users
|
32 |
|
33 |
def data_cleanup(self): |
34 |
self.cleanup_userdata()
|
35 |
self.cleanup_tmp()
|
36 |
self.cleanup_log()
|
37 |
|
38 |
def cleanup_tmp(self): |
39 |
files = [] |
40 |
files.extend(self.ls('/tmp/')) |
41 |
files.extend(self.ls('/var/tmp/')) |
42 |
|
43 |
for filename in files: |
44 |
self.g.rm_rf(filename)
|
45 |
|
46 |
def cleanup_log(self): |
47 |
files = self.find( '/var/log/') |
48 |
|
49 |
for filename in filter(self.g.is_file, files): |
50 |
self.g.truncate(filename)
|
51 |
|
52 |
def cleanup_userdata(self): |
53 |
homedirs = ['/root'] + self.ls('/home/') |
54 |
|
55 |
for homedir in homedirs: |
56 |
for data in self.sensitive_userdata: |
57 |
fname = "%s/%s" % (homedir, data)
|
58 |
print "Filename: %s\n" % fname |
59 |
if self.g.is_file(fname): |
60 |
self.g.scrub_file(fname)
|
61 |
|
62 |
# vim: set sta sts=4 shiftwidth=4 sw=4 et ai :
|