def run(self, report):
'''
call with full report output (not summary) across
hosts, this will permit the user to examine
directories and files of specified hosts and
add/update rules for those dirs and files
'''
self.cenv.set_hosts(report.keys())
while True:
host_todo = self.cmpl.prompt_for_host()
if host_todo is None:
print "exiting at user request"
break
else:
usercfgrab = RemoteUserCfGrabber(host_todo, self.timeout,
self.audit_type, self.confdir)
to_convert = usercfgrab.run(True)
self.local_ignored = clouseau.retention.utils.ignores.process_local_ignores(
to_convert)
results = clouseau.retention.utils.ignores.get_ignored_from_rulestore(
self.cdb, [host_todo])
if host_todo in results:
self.ignored_from_rulestore[host_todo] = results[host_todo]
self.do_one_host(host_todo, report)
def run(self, report):
'''
call with full report output (not summary) across
hosts, this will permit the user to examine
directories and files of specified hosts and
add/update rules for those dirs and files
'''
self.cenv.set_hosts(report.keys())
while True:
host_todo = self.cmpl.prompt_for_host()
if host_todo is None:
print "exiting at user request"
break
else:
usercfgrab = RemoteUserCfGrabber(host_todo, self.timeout,
self.audit_type, self.confdir)
to_convert = usercfgrab.run(True)
self.local_ignored = clouseau.retention.utils.ignores.process_local_ignores(
to_convert)
results = clouseau.retention.utils.ignores.get_ignored_from_rulestore(
self.cdb, [host_todo])
if host_todo in results:
self.ignored_from_rulestore[host_todo] = results[host_todo]
self.do_one_host(host_todo, report)
def main():
hosts_expr = None
audit_type = None
confdir = '/srv/audits/retention/configs'
files_to_check = None
prettyprint = False
show_sample_content = False
summary_report = False
verbose = False
ignore_also = None
dir_info = None
getuserconfs = False
batchno = 1
file_info = None
linecount = 1
maxfiles = None
timeout = 60
depth = 0
dirsizes = False
show_system_logs = False
oldest_only = False
interactive = False
store_filepath = "/etc/data_retention/dataretention_rules.sq3"
try:
(options, remainder) = getopt.gnu_getopt(
sys.argv[1:], "a:b:c:d:Df:F:l:i:Ie:m:oprsSt:T:uvh", [
"audit=", "confdir=", "files=", "filecontents=", "linecount=",
"ignore=", "interactive", "depth=", "maxfiles=", "oldest",
"prettyprint", "report", "dirsizes", "examine", "batchno",
"sample", "system", "target=", "timeout=", "userconf",
"verbose", "help"
])
except getopt.GetoptError as err:
usage("Unknown option specified: " + str(err))
for (opt, val) in options:
if opt in ["-t", "--target"]:
hosts_expr = val
elif opt in ["-a", "--audit"]:
audit_type = val
elif opt in ["-c", "--confdir"]:
confdir = val
elif opt in ["-d", "--depth"]:
if not val.isdigit():
usage("depth must be a number")
depth = int(val)
elif opt in ["-f", "--files"]:
files_to_check = val
elif opt in ["-F", "--filecontents"]:
file_info = val
elif opt in ["-l", "--linecount"]:
if not val.isdigit():
usage("linecount must be a number (starting from 1)")
linecount = int(val)
elif opt in ["-i", "--ignore"]:
ignore_also = val
elif opt in ["-I", "--interactive"]:
interactive = True
elif opt in ["-e", "--examine"]:
dir_info = val
elif opt in ["-b", "--batchno"]:
if not val.isdigit():
usage("batcho must be a number (starting from 1)")
batchno = int(val)
elif opt in ["-m", "--maxfiles"]:
if not val.isdigit():
usage("maxfiles must be a number")
maxfiles = int(val)
elif opt in ["-o", "--oldest"]:
oldest_only = True
elif opt in ["-p", "--prettyprint"]:
prettyprint = True
elif opt in ["-r", "--report"]:
summary_report = True
elif opt in ["-D", "--dirsizes"]:
dirsizes = True
elif opt in ["-s", "--sample"]:
show_sample_content = True
elif opt in ["-S", "--system"]:
show_system_logs = True
elif opt in ["-T", "--timeout"]:
if not val.isdigit():
usage("timeout must be a number")
timeout = int(val)
elif opt in ["-u", "--userconf"]:
getuserconfs = True
elif opt in ["-h", "--help"]:
usage()
elif opt in ["-v", "--verbose"]:
verbose = True
else:
usage("Unknown option specified: %s" % opt)
if len(remainder) > 0:
usage("Unknown option specified: <%s>" % remainder[0])
if hosts_expr is None:
usage("Mandatory target argument not specified")
count = len(filter(None, [audit_type, dir_info, file_info, getuserconfs]))
if count == 0:
usage("One of 'audit', 'examine', 'userconf' "
"or 'filecontents' must be specified")
elif count > 1:
usage("Only one of 'audit', 'examine' 'userconf' "
"or 'filecontents' may be specified")
if dir_info is not None:
# for now more than 1000 entries in a dir = we silently toss them
direxam = RemoteDirExaminer(dir_info, hosts_expr, batchno, 1000,
timeout)
direxam.run()
sys.exit(0)
elif file_info is not None:
fileexam = RemoteFileExaminer(file_info, hosts_expr, linecount,
timeout)
fileexam.run()
sys.exit(0)
elif getuserconfs:
getconfs = RemoteUserCfGrabber(hosts_expr, timeout, 'homes', confdir)
getconfs.run()
sys.exit(0)
if audit_type not in ['root', 'logs', 'homes']:
usage("audit type must be one of 'root', 'logs', 'homes'")
if show_system_logs and not audit_type == 'logs':
usage("'system' argument may only be used with logs audit")
if oldest_only and not audit_type == 'logs':
usage("'oldest' argument may only be used with logs audit")
if audit_type == 'logs':
logsaudit = RemoteLogsAuditor(hosts_expr, audit_type, confdir,
prettyprint, oldest_only,
show_sample_content, dirsizes,
show_system_logs, summary_report, depth,
files_to_check, ignore_also, timeout,
maxfiles, store_filepath, verbose)
report = logsaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout, audit_type,
ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'root':
filesaudit = RemoteFilesAuditor(hosts_expr, audit_type, confdir,
prettyprint, show_sample_content,
dirsizes, summary_report, depth,
files_to_check, ignore_also, timeout,
maxfiles, store_filepath, verbose)
report = filesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout, audit_type,
ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'homes':
homesaudit = RemoteHomesAuditor(hosts_expr, audit_type, confdir,
prettyprint, show_sample_content,
dirsizes, summary_report, depth,
files_to_check, ignore_also, timeout,
maxfiles, store_filepath, verbose)
report = homesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout, audit_type,
ignore_also, hosts_expr)
cmdline.run(report)
def main():
hosts_expr = None
audit_type = None
confdir = '/srv/audits/retention/configs'
files_to_check = None
prettyprint = False
show_sample_content = False
summary_report = False
verbose = False
ignore_also = None
dir_info = None
getuserconfs = False
batchno = 1
file_info = None
linecount = 1
maxfiles = None
timeout = 60
depth = 0
dirsizes = False
show_system_logs = False
oldest_only = False
interactive = False
store_filepath = "/etc/data_retention/dataretention_rules.sq3"
try:
(options, remainder) = getopt.gnu_getopt(
sys.argv[1:], "a:b:c:d:Df:F:l:i:Ie:m:oprsSt:T:uvh",
["audit=", "confdir=", "files=",
"filecontents=", "linecount=",
"ignore=",
"interactive",
"depth=", "maxfiles=",
"oldest", "prettyprint", "report",
"dirsizes", "examine", "batchno",
"sample", "system",
"target=", "timeout=",
"userconf", "verbose", "help"])
except getopt.GetoptError as err:
usage("Unknown option specified: " + str(err))
for (opt, val) in options:
if opt in ["-t", "--target"]:
hosts_expr = val
elif opt in ["-a", "--audit"]:
audit_type = val
elif opt in ["-c", "--confdir"]:
confdir = val
elif opt in ["-d", "--depth"]:
if not val.isdigit():
usage("depth must be a number")
depth = int(val)
elif opt in ["-f", "--files"]:
files_to_check = val
elif opt in ["-F", "--filecontents"]:
file_info = val
elif opt in ["-l", "--linecount"]:
if not val.isdigit():
usage("linecount must be a number (starting from 1)")
linecount = int(val)
elif opt in ["-i", "--ignore"]:
ignore_also = val
elif opt in ["-I", "--interactive"]:
interactive = True
elif opt in ["-e", "--examine"]:
dir_info = val
elif opt in ["-b", "--batchno"]:
if not val.isdigit():
usage("batcho must be a number (starting from 1)")
batchno = int(val)
elif opt in ["-m", "--maxfiles"]:
if not val.isdigit():
usage("maxfiles must be a number")
maxfiles = int(val)
elif opt in ["-o", "--oldest"]:
oldest_only = True
elif opt in ["-p", "--prettyprint"]:
prettyprint = True
elif opt in ["-r", "--report"]:
summary_report = True
elif opt in ["-D", "--dirsizes"]:
dirsizes = True
elif opt in ["-s", "--sample"]:
show_sample_content = True
elif opt in ["-S", "--system"]:
show_system_logs = True
elif opt in ["-T", "--timeout"]:
if not val.isdigit():
usage("timeout must be a number")
timeout = int(val)
elif opt in ["-u", "--userconf"]:
getuserconfs = True
elif opt in ["-h", "--help"]:
usage()
elif opt in ["-v", "--verbose"]:
verbose = True
else:
usage("Unknown option specified: %s" % opt)
if len(remainder) > 0:
usage("Unknown option specified: <%s>" % remainder[0])
if hosts_expr is None:
usage("Mandatory target argument not specified")
count = len(filter(None, [audit_type, dir_info, file_info, getuserconfs]))
if count == 0:
usage("One of 'audit', 'examine', 'userconf' "
"or 'filecontents' must be specified")
elif count > 1:
usage("Only one of 'audit', 'examine' 'userconf' "
"or 'filecontents' may be specified")
if dir_info is not None:
# for now more than 1000 entries in a dir = we silently toss them
direxam = RemoteDirExaminer(dir_info, hosts_expr, batchno, 1000, timeout)
direxam.run()
sys.exit(0)
elif file_info is not None:
fileexam = RemoteFileExaminer(file_info, hosts_expr, linecount, timeout)
fileexam.run()
sys.exit(0)
elif getuserconfs:
getconfs = RemoteUserCfGrabber(hosts_expr, timeout, 'homes', confdir)
getconfs.run()
sys.exit(0)
if audit_type not in ['root', 'logs', 'homes']:
usage("audit type must be one of 'root', 'logs', 'homes'")
if show_system_logs and not audit_type == 'logs':
usage("'system' argument may only be used with logs audit")
if oldest_only and not audit_type == 'logs':
usage("'oldest' argument may only be used with logs audit")
if audit_type == 'logs':
logsaudit = RemoteLogsAuditor(hosts_expr, audit_type, confdir,
prettyprint,
oldest_only, show_sample_content, dirsizes,
show_system_logs,
summary_report, depth, files_to_check, ignore_also,
timeout, maxfiles, store_filepath, verbose)
report = logsaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout,
audit_type, ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'root':
filesaudit = RemoteFilesAuditor(hosts_expr, audit_type, confdir,
prettyprint,
show_sample_content, dirsizes,
summary_report,
depth, files_to_check, ignore_also,
timeout, maxfiles, store_filepath, verbose)
report = filesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout,
audit_type, ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'homes':
homesaudit = RemoteHomesAuditor(hosts_expr, audit_type, confdir,
prettyprint,
show_sample_content, dirsizes,
summary_report,
depth, files_to_check, ignore_also,
timeout, maxfiles, store_filepath, verbose)
report = homesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout,
audit_type, ignore_also, hosts_expr)
cmdline.run(report)