root / image_creator / os_type / unix.py @ f8119e65
History | View | Annotate | Download (2.2 kB)
1 | aa2062ba | Nikos Skalkotos | #!/usr/bin/env python
|
---|---|---|---|
2 | aa2062ba | Nikos Skalkotos | |
3 | aa2062ba | Nikos Skalkotos | import re |
4 | 8c574358 | Nikos Skalkotos | import sys |
5 | aa2062ba | Nikos Skalkotos | |
6 | aa2062ba | Nikos Skalkotos | from image_creator.os_type import OSBase |
7 | aa2062ba | Nikos Skalkotos | |
8 | 8c574358 | Nikos Skalkotos | |
9 | aa2062ba | Nikos Skalkotos | class Unix(OSBase): |
10 | 0d5a999d | Nikos Skalkotos | |
11 | f8119e65 | Nikos Skalkotos | sensitive_userdata = [ |
12 | f8119e65 | Nikos Skalkotos | '.bash_history',
|
13 | f8119e65 | Nikos Skalkotos | '.gnupg',
|
14 | f8119e65 | Nikos Skalkotos | '.ssh',
|
15 | f8119e65 | Nikos Skalkotos | '.mozilla',
|
16 | f8119e65 | Nikos Skalkotos | '.thunderbird'
|
17 | f8119e65 | Nikos Skalkotos | ] |
18 | 0d5a999d | Nikos Skalkotos | |
19 | aa2062ba | Nikos Skalkotos | def get_metadata(self): |
20 | aa2062ba | Nikos Skalkotos | meta = super(Unix, self).get_metadata() |
21 | aa2062ba | Nikos Skalkotos | meta["USERS"] = " ".join(self.get_passworded_users()) |
22 | aa2062ba | Nikos Skalkotos | return meta
|
23 | aa2062ba | Nikos Skalkotos | |
24 | aa2062ba | Nikos Skalkotos | def get_passworded_users(self): |
25 | aa2062ba | Nikos Skalkotos | users = [] |
26 | aa2062ba | Nikos Skalkotos | regexp = re.compile('(\S+):((?:!\S+)|(?:[^!*]\S+)|):(?:\S*:){6}')
|
27 | aa2062ba | Nikos Skalkotos | |
28 | 36e348b6 | Nikos Skalkotos | for line in self.g.cat('/etc/shadow').splitlines(): |
29 | aa2062ba | Nikos Skalkotos | match = regexp.match(line) |
30 | aa2062ba | Nikos Skalkotos | if not match: |
31 | aa2062ba | Nikos Skalkotos | continue
|
32 | aa2062ba | Nikos Skalkotos | |
33 | aa2062ba | Nikos Skalkotos | user, passwd = match.groups() |
34 | aa2062ba | Nikos Skalkotos | if len(passwd) > 0 and passwd[0] == '!': |
35 | 36e348b6 | Nikos Skalkotos | print "Warning: Ignoring locked %s account." % user |
36 | aa2062ba | Nikos Skalkotos | else:
|
37 | aa2062ba | Nikos Skalkotos | users.append(user) |
38 | aa2062ba | Nikos Skalkotos | |
39 | aa2062ba | Nikos Skalkotos | return users
|
40 | aa2062ba | Nikos Skalkotos | |
41 | 0d5a999d | Nikos Skalkotos | def data_cleanup(self): |
42 | f8119e65 | Nikos Skalkotos | self.data_cleanup_userdata()
|
43 | f8119e65 | Nikos Skalkotos | self.data_cleanup_tmp()
|
44 | f8119e65 | Nikos Skalkotos | self.data_cleanup_log()
|
45 | f8119e65 | Nikos Skalkotos | self.data_cleanup_mail()
|
46 | f8119e65 | Nikos Skalkotos | self.data_cleanup_cache()
|
47 | f8119e65 | Nikos Skalkotos | |
48 | f8119e65 | Nikos Skalkotos | def data_cleanup_cache(self): |
49 | f8119e65 | Nikos Skalkotos | """Remove all regular files under /var/cache"""
|
50 | c16922f7 | Nikos Skalkotos | self.foreach_file('/var/cache', self.g.rm, ftype='r') |
51 | 0d5a999d | Nikos Skalkotos | |
52 | f8119e65 | Nikos Skalkotos | def data_cleanup_tmp(self): |
53 | f8119e65 | Nikos Skalkotos | """Remove all files under /tmp and /var/tmp"""
|
54 | 8c574358 | Nikos Skalkotos | self.foreach_file('/tmp', self.g.rm_rf, maxdepth=1) |
55 | 9297c398 | Nikos Skalkotos | self.foreach_file('/var/tmp', self.g.rm_rf, maxdepth=1) |
56 | 0d5a999d | Nikos Skalkotos | |
57 | f8119e65 | Nikos Skalkotos | def data_cleanup_log(self): |
58 | f8119e65 | Nikos Skalkotos | """Empty all files under /var/log"""
|
59 | 8c574358 | Nikos Skalkotos | self.foreach_file('/var/log', self.g.truncate, ftype='r') |
60 | 0d5a999d | Nikos Skalkotos | |
61 | f8119e65 | Nikos Skalkotos | def data_cleanup_mail(self): |
62 | f8119e65 | Nikos Skalkotos | """Remove all files under /var/mail and /var/spool/mail"""
|
63 | f8119e65 | Nikos Skalkotos | self.foreach_file('/var/spool/mail', self.g.rm_rf, maxdepth=1) |
64 | f8119e65 | Nikos Skalkotos | self.foreach_file('/var/mail', self.g.rm_rf, maxdepth=1) |
65 | 9297c398 | Nikos Skalkotos | |
66 | f8119e65 | Nikos Skalkotos | def data_cleanup_userdata(self): |
67 | f8119e65 | Nikos Skalkotos | """Delete sensitive userdata"""
|
68 | 0d5a999d | Nikos Skalkotos | homedirs = ['/root'] + self.ls('/home/') |
69 | 0d5a999d | Nikos Skalkotos | |
70 | 0d5a999d | Nikos Skalkotos | for homedir in homedirs: |
71 | 0d5a999d | Nikos Skalkotos | for data in self.sensitive_userdata: |
72 | 0d5a999d | Nikos Skalkotos | fname = "%s/%s" % (homedir, data)
|
73 | 0d5a999d | Nikos Skalkotos | if self.g.is_file(fname): |
74 | 0d5a999d | Nikos Skalkotos | self.g.scrub_file(fname)
|
75 | aa2062ba | Nikos Skalkotos | |
76 | aa2062ba | Nikos Skalkotos | # vim: set sta sts=4 shiftwidth=4 sw=4 et ai : |