Python print_crit_check Examples

Example #1

File: test_ldap.py Project: FelixRech/sysadmin-scripts

def checking_encrypted_communication():
    # Check whether we can log in using TLS
    print_log("Checking login/whoami using TLS", fill=log_length)
    print_crit_check(check_login())
    # Check whether we can log in w/o TLS
    print_log("Checking login/whoami w/o TLS not allowed", fill=log_length)
    print_check(not check_login(tls=False))

Example #2

File: test_fileserver.py Project: FelixRech/sysadmin-scripts

def check_fileserver_size_mount():
    # Get output of df -h and extract fileserver-pool line
    df = get_process_output("df -h").splitlines()
    lines = [l for l in df if l.startswith("fileserver-pool        12G")]
    # Check whether df -h contains fileserver-pool line
    print_log("Checking df -h combined size")
    print_check(len(lines) > 0)
    # Check whether fileserver-pool line mentions a mount at /mnt/fileserver-pool
    print_log("Checking pool mounted")
    print_crit_check(
        len(lines) > 0 and lines[0].endswith('/mnt/fileserver-pool'))

Example #3

File: test_webserver-configuration.py Project: FelixRech/sysadmin-scripts

    logs = filter_list_by_regex(files, log_pattern, group=1)
    logs = [(path + file) for file in logs]
    lines = []
    for log in logs:
        with open(log, 'r') as log_file:
            lines += log_file.readlines()
    if filter_ips:
        ip_pattern = r'((\d?\d?\d\.){3}\d?\d?\d)'
        lines = filter_list_by_regex(lines, ip_pattern, group=1)
    return logs, lines


# First, check whether nginx is even active
print_log("Checking nginx active")
cmd = "systemctl is-active --quiet nginx.service"
print_crit_check(get_process_returncode(cmd) == 0)

# Checking logfiles
print_log("Checking IPs in access log")
_, access_logs = get_logs(access_log_path, access_log_name, filter_ips=True)
print_check(len(access_logs) == 0)
print_log("Checking IPs in error log")
# Generating error to make sure error log isn't empty
get_page(main_hostname + '/idontexist.filetype')
_, error_logs = get_logs(error_log_path, error_log_name, filter_ips=True)
print_check(len(error_logs) > 0)

# Check logrotate
access_files, access_logs = get_logs(access_log_path, access_log_name)
error_files, error_logs = get_logs(error_log_path, error_log_name)
print_log("Checking whether logrotate is active")

Example #4

cgi_key = "Hello world from user rech!"
cname_key = 'PSA-T10-2'
alt_ip_key = 'PSA-T10-3'

# Logging
access_log_path = '/var/log/nginx/'
access_log_name = 'access.log'
error_log_path = '/var/log/nginx/'
error_log_name = 'error.log'

# Check whether DNS resolves to specified IPs
log_msg = "Checking DNS for {0}"
cmd = "host {0}"
print_log(log_msg.format("the main hostname"))
out = get_process_output(cmd.format(main_hostname))
print_crit_check(main_ip in out)
print_log(log_msg.format("the cname hostname"))
out = get_process_output(cmd.format(cname_hostname))
print_check(main_ip in out)
print_log(log_msg.format("the alt. hostname"))
out = get_process_output(cmd.format(alt_ip_hostname))
print_check(alt_ip in out)
print_log("Checking resolving to different IPs")
cond = (get_process_output(cmd.format(main_hostname)) != get_process_output(
    cmd.format(alt_ip_hostname)))
print_check(cond)

# Check whether different hostnames return the correct keys
log_msg = "Checking hostname honored ({0})"
print_log(log_msg.format("main"))
main_page = get_page(main_hostname)

Example #5

File: test_fileserver-samba.py Project: FelixRech/sysadmin-scripts

from smb.SMBConnection import SMBConnection
sys.path.append(sys.path[0] + '/../99_helpers/')
from test_helpers import read_config  # noqa # pylint: disable=import-error
from test_helpers import print_log, print_check, print_crit_check  # noqa # pylint: disable=import-error
from test_helpers import print_test_summary  # noqa # pylint: disable=import-error

# Read password from configuration file
password = read_config('samba-rech-password')

print_log("Checking samba server reachable")
con = SMBConnection("rech", password, "local_name", "local_machine")
try:
    con.connect("192.168.10.6", 445)
except Exception:
    con = None
print_crit_check(con is not None)

print_log("Checking home shared over samba")
shares = list(map(lambda x: x.name, con.listShares()))
print_crit_check('rech' in shares)

print_log("Checking files listed in samba")
files = map(lambda x: x.filename, con.listPath('rech', '/'))
print_check('.fileserver_test' in files)

print_log("Checking file read over samba")
f = tempfile.NamedTemporaryFile()
con.retrieveFile('rech', '/.fileserver_test', f)
f.seek(0)  # pysmb starts at end of file
print_check('my_secret' in f.read().decode('utf-8'))

Example #6

#!/usr/bin/env python3.7

import sys
sys.path.append(sys.path[0] + '/../99_helpers/')
from test_helpers import print_log, print_check, print_crit_check  # noqa # pylint: disable=import-error
from test_helpers import print_test_summary  # noqa # pylint: disable=import-error
from test_helpers import get_process_output  # noqa # pylint: disable=import-error

print_log("Checking netplan dhcp")
with open('/etc/netplan/psa.yaml', 'r') as f:
    netplan = f.read()
print_crit_check('dhcp4: true' in netplan)

print_log("Checking IP address assigned")
ip = get_process_output("ip -o -f inet addr show dev enp0s8 dynamic")
print_crit_check("inet 192.168.10." in ip)

print_log("Checking subnet mask specified")
print_check("/24 brd" in ip)

print_log("Checking routes specified")
routes = get_process_output("ip route list proto dhcp dev enp0s8")
print_check("192.168.0.0/16 via 192.168.10.2" in routes)

print_test_summary()

Example #7

def email_received(imap, msg, limit_from_addr_to=None):
    imap.close()
    imap.select()
    if limit_from_addr_to is None:
        _, data = imap.search(None, 'ALL')
    else:
        _, data = imap.search(None, 'FROM', limit_from_addr_to)
    msgs = [imap.fetch(n, '(UID BODY[TEXT])') for n in data[0].split()[-10:]]
    msgs = [msg[1][0][1].decode('utf-8') for msg in msgs]
    return any(rmsg for rmsg in msgs if msg in rmsg)


print_log("[Firewall] Port  25 (SMTP) open")
print_crit_check(is_port_open(server, 25))

print_log("[Firewall] Port 143 (IMAP) open")
print_crit_check(is_port_open(server, 143))
print()


print_log("[IMAP] Connection possible")
try:
    imap = IMAP4(host=server)
    print_check('OK' in imap.noop())
except IMAP4.error:
    print_crit_check(False)

print_log("[IMAP] STARTTLS successful")
print_crit_check('OK' in imap.starttls(ssl_context=context))

Example #8

File: test_replicate.py Project: FelixRech/sysadmin-scripts

set_log_length(70)
readonly_user = '******'
readonly_pwd = read_config('database-readonly-pw')
test_db = 'test_db1'
test_table = 'test_table'


def sql_query(c, sql, args=()):
    c.execute(sql, args)
    return [tup[0] for tup in c.fetchall()]


# Get the test_token
if len(sys.argv) == 1 and len(sys.argv[1]) != 48:
    print_log("Test token specified")
    print_crit_check(False)
test_token = sys.argv[1]


# First, check whether mariadb is even active
print_log("Checking replication server active")
cmd = "systemctl is-active --quiet mariadb.service"
print_check(get_process_returncode(cmd) == 0)

# Try logging in with readonly user
print_log("Checking readonly user can log in to replication")
readonly_con = pymysql.connect(
    host='localhost',
    user=readonly_user,
    password=readonly_pwd,
    database=test_db)