def remove_atmo_data(mounted_path, dry_run=False):
"""
Remove atmosphere data from an image that has already been mounted
"""
if not check_mounted(mounted_path):
raise Exception("Expected a mounted path at %s" % mounted_path)
remove_files = [ #Atmo
'etc/rc.local.atmo',
'usr/sbin/atmo_boot.py',
'var/log/atmo/post-scripts/*',
'var/log/atmo/*.log',
'/opt/cyverse/tmp',
#Puppet
'var/lib/puppet/run/*.pid',
'etc/puppet/ssl',
#SSH
'root/.ssh',
]
overwrite_files = []
remove_line_files = []
replace_line_files = [
#('replace_pattern','replace_with','in_file'),
(".*vncserver$", "", "etc/rc.local"),
(".*shellinbaox.*", "", "etc/rc.local")
]
multiline_delete_files = [
#TEMPLATE:
#('delete_from', 'delete_to', 'replace_where')
#SUDOERS:
("## Atmosphere System", "## End Atmosphere System", "etc/sudoers"),
("# Begin Nagios", "# End Nagios", "etc/sudoers"),
("# Begin Sensu", "# End Sensu", "etc/sudoers"),
("## Atmosphere System", "", "etc/sudoers"), #Delete to end-of-file..
("#includedir \/etc\/sudoers.d", "",
"etc/sudoers"), #Delete to end-of-file..
#SSHD_CONFIG:
("## Atmosphere System", "## End Atmosphere System",
"etc/ssh/sshd_config"),
("## Atmosphere System", "",
"etc/ssh/sshd_config"), #Delete to end-of-file..
#.BASHRC:
("## Atmosphere System", "## End Atmosphere System", "etc/skel/.bashrc"
),
]
append_line_files = [
#('append_line','in_file'),
("#includedir /etc/sudoers.d", "etc/sudoers"),
]
_perform_cleaning(mounted_path,
rm_files=remove_files,
remove_line_files=remove_line_files,
overwrite_list=overwrite_files,
replace_line_files=replace_line_files,
multiline_delete_files=multiline_delete_files,
append_line_files=append_line_files,
dry_run=dry_run)
def remove_atmo_data(mounted_path, dry_run=False):
"""
Remove atmosphere data from an image that has already been mounted
"""
if not check_mounted(mounted_path):
raise Exception("Expected a mounted path at %s" % mounted_path)
remove_files = [#Atmo
'etc/rc.local.atmo',
'usr/sbin/atmo_boot.py',
'var/log/atmo/post-scripts/stdout',
'var/log/atmo/post-scripts/stderr',
'var/log/atmo/atmo_boot.log',
'var/log/atmo/atmo_init.log',
'var/log/atmo/atmo_init_full.log',
'var/log/atmo/shellinaboxd.log',
'var/log/atmo/*.log',
#Puppet
'var/lib/puppet/run/*.pid',
'etc/puppet/ssl',
'var/log/puppet',
#SSH
'root/.ssh',
]
overwrite_files = []
remove_line_files = []
replace_line_files = [
#('replace_pattern','replace_with','in_file'),
(".*vncserver$", "", "etc/rc.local"),
(".*shellinbaox.*", "", "etc/rc.local")
]
multiline_delete_files = [
#TEMPLATE:
#('delete_from', 'delete_to', 'replace_where')
#SUDOERS:
("## Atmosphere System", "## End Atmosphere System", "etc/sudoers"),
("# Begin Nagios", "# End Nagios", "etc/sudoers"),
("# Begin Sensu", "# End Sensu", "etc/sudoers"),
("## Atmosphere System", "", "etc/sudoers"), #Delete to end-of-file..
#SSHD_CONFIG:
("## Atmosphere System", "## End Atmosphere System",
"etc/ssh/sshd_config"),
("## Atmosphere System", "", "etc/ssh/sshd_config"), #Delete to end-of-file..
#.BASHRC:
("## Atmosphere System", "## End Atmosphere System",
"etc/skel/.bashrc"),
]
_perform_cleaning(mounted_path, rm_files=remove_files,
remove_line_files=remove_line_files,
overwrite_list=overwrite_files,
replace_line_files=replace_line_files,
multiline_delete_files=multiline_delete_files,
dry_run=dry_run)
def remove_vm_specific_data(mounted_path, dry_run=False):
"""
Remove "VM specific data" from an image that has already been mounted
this data should include:
* Logs
* Pids
* dev, proc, ...
"""
if not check_mounted(mounted_path):
raise Exception("Expected a mounted path at %s" % mounted_path)
remove_files = [
'mnt/*', 'mnt/.*', 'tmp/*', 'tmp/.*', 'proc/*', 'proc/.*', 'root/*',
'root/.*', 'dev/*', 'dev/.*'
]
remove_line_files = []
overwrite_files = [
'etc/udev/rules.d/70-persistent-net.rules',
'lib/udev/rules.d/75-persistent-net-generator.rules',
'root/.bash_history',
'var/log/*',
]
replace_line_files = [
#('replace_pattern','replace_with','in_file'),
("HWADDR=*", "", "etc/sysconfig/network-scripts/ifcfg-eth0"),
("MACADDR=*", "", "etc/sysconfig/network-scripts/ifcfg-eth0"),
("SELINUX=.*", "SELINUX=disabled", "etc/syslinux/selinux"),
("SELINUX=.*", "SELINUX=disabled", "etc/selinux/config"),
("users:", "#users:", "etc/cloud/cloud.cfg"),
("[ ]* - default", "# - default", "etc/cloud/cloud.cfg"),
("disable_root: true", "disable_root: false", "etc/cloud/cloud.cfg"),
("disable_root: 1", "disable_root: 0", "etc/cloud/cloud.cfg"),
("ssh_deletekeys:.*1", "ssh_deletekeys: 0", "etc/cloud/cloud.cfg"),
("ssh_deletekeys:.*true", "ssh_deletekeys: false",
"etc/cloud/cloud.cfg"),
]
multiline_delete_files = [
#('delete_from', 'delete_to', 'replace_where')
]
apt_uninstall(mounted_path, [
'avahi-daemon',
])
package_uninstall(mounted_path, [
'fail2ban',
])
package_install(mounted_path, ['cloud-init', 'cloud-utils'])
_perform_cleaning(mounted_path,
rm_files=remove_files,
remove_line_files=remove_line_files,
overwrite_list=overwrite_files,
replace_line_files=replace_line_files,
multiline_delete_files=multiline_delete_files,
dry_run=dry_run)
def remove_user_data(mounted_path, author=None, dry_run=False):
"""
Remove user data from an image that has already been mounted
NOTE: This will also include removing *CLOUD* user data.
"""
if not check_mounted(mounted_path):
raise Exception("Expected a mounted path at %s" % mounted_path)
distro = check_distro(mounted_path)
if 'ubuntu' in distro:
cloud_user = '******'
remove_user_cmd = '/usr/sbin/userdel'
elif 'centos' in distro:
cloud_user = '******'
remove_user_cmd = '/usr/sbin/userdel'
else:
cloud_user = ''
remove_user_cmd = ''
raise Exception(
"Encountered unknown distro %s -- Cannot guarantee removal of the cloud-user"
% distro)
remove_files = [
'home/*',
]
overwrite_files = []
remove_line_files = []
replace_line_files = [
#('replace_pattern','replace_with','in_file'),
("users:x:100:.*", "users:x:100:", "etc/group"),
#TODO: Check this should not be 'AllowGroups users core-services root'
("AllowGroups users root.*", "", "etc/ssh/sshd_config"),
]
execute_lines = []
if remove_user_cmd and cloud_user:
execute_lines.append([remove_user_cmd, '-r', cloud_user])
if remove_user_cmd and author:
execute_lines.append([remove_user_cmd, '-r', author])
multiline_delete_files = [
#('delete_from', 'delete_to', 'replace_where')
]
_perform_cleaning(mounted_path,
rm_files=remove_files,
remove_line_files=remove_line_files,
overwrite_list=overwrite_files,
replace_line_files=replace_line_files,
multiline_delete_files=multiline_delete_files,
execute_lines=execute_lines,
dry_run=dry_run)
def remove_vm_specific_data(mounted_path, dry_run=False):
"""
Remove "VM specific data" from an image that has already been mounted
this data should include:
* Logs
* Pids
* dev, proc, ...
"""
if not check_mounted(mounted_path):
raise Exception("Expected a mounted path at %s" % mounted_path)
remove_files = ['mnt/*', 'tmp/*', 'root/*',
'dev/*', 'proc/*',
]
remove_line_files = []
overwrite_files = [
'etc/udev/rules.d/70-persistent-net.rules',
'lib/udev/rules.d/75-persistent-net-generator.rules',
'root/.bash_history', 'var/log/auth.log',
'var/log/boot.log', 'var/log/daemon.log',
'var/log/denyhosts.log', 'var/log/dmesg',
'var/log/secure', 'var/log/messages',
'var/log/lastlog', 'var/log/cups/access_log',
'var/log/cups/error_log', 'var/log/syslog',
'var/log/user.log', 'var/log/wtmp',
'var/log/apache2/access.log',
'var/log/apache2/error.log',
'var/log/yum.log']
replace_line_files = [
#('replace_pattern','replace_with','in_file'),
("HWADDR=*", "", "etc/sysconfig/network-scripts/ifcfg-eth0"),
("MACADDR=*", "", "etc/sysconfig/network-scripts/ifcfg-eth0"),
("SELINUX=.*", "SELINUX=disabled", "etc/syslinux/selinux"),
]
multiline_delete_files = [
#('delete_from', 'delete_to', 'replace_where')
]
_perform_cleaning(mounted_path, rm_files=remove_files,
remove_line_files=remove_line_files,
overwrite_list=overwrite_files,
replace_line_files=replace_line_files,
multiline_delete_files=multiline_delete_files,
dry_run=dry_run)
def remove_user_data(mounted_path, dry_run=False):
"""
Remove user data from an image that has already been mounted
"""
if not check_mounted(mounted_path):
raise Exception("Expected a mounted path at %s" % mounted_path)
remove_files = ['home/*', ]
overwrite_files = ['', ]
remove_line_files = []
replace_line_files = [
#('replace_pattern','replace_with','in_file'),
("users:x:100:.*", "users:x:100:", "etc/group"),
#TODO: Check this should not be 'AllowGroups users core-services root'
("AllowGroups users root.*", "", "etc/ssh/sshd_config"),
]
multiline_delete_files = [
#('delete_from', 'delete_to', 'replace_where')
]
_perform_cleaning(mounted_path, rm_files=remove_files,
remove_line_files=remove_line_files,
overwrite_list=overwrite_files,
replace_line_files=replace_line_files,
multiline_delete_files=multiline_delete_files,
dry_run=dry_run)
