Exemple #1
0
def _gethostnames(report, precheck):
    summ = '\nHostname and banner info:\n'
    detail = detailheader("Hostnames information")

    if precheck.shouldread('/etc/hostname'):
        report.hostname = open('/etc/hostname').read()
        summ += ' |__hostname: ' + report.hostname
        detail += detailfile('/etc/hostname')
        detail += '{}\n'.format(report.hostname)
    elif precheck.checkcommand("hostname"):
        report.hostname = check_output(["hostname"]).decode("utf-8")
        summ += ' |__hostname: ' + report.hostname
        detail += detailfile('hostname')
        detail += '{}\n'.format(report.hostname)
    else:
        report.hostname = gethostname()
        summ += ' |__hostname: ' + report.hostname
        detail += detailfile('hostname')
        detail += '{}\n'.format(report.hostname)

    if precheck.checkcommand("dnsdomainname"):
        try:
            report.domainname = check_output(["dnsdomainname"], stderr=DEVNULL).decode("utf-8")
            if report.domainname:
                summ += ' |__dnsdomainname: ' + report.domainname
                detail += detailfile('domainname')
                detail += '{}\n'.format(report.hostname)
        except:
            pass

    if precheck.checkcommand("hostid"):
        report.hostid = check_output(["hostid"]).decode("utf-8")
        summ += ' |__hostid: ' + report.hostid
        detail += detailfile('hostid')
        detail += '{}\n'.format(report.hostid)

    # Check banner files
    if precheck.shouldread('/etc/issue'):
        report.issue = open('/etc/issue').read()
        summ += ' |__You have an issue banner\n'
        detail += detailfile('/etc/issue')
        detail += '{}\n'.format(report.issue)

    if precheck.shouldread('/etc/issue.net'):
        report.issuenet = open('/etc/issue.net').read()
        summ += ' |__You have an issue.net banner\n'
        detail += detailfile('/etc/issue.net')
        detail += '{}\n'.format(report.issuenet)

    if precheck.shouldread('/etc/motd'):
        report.motd = open('/etc/motd').read()
        summ += ' |__You have an motd banner\n'
        detail += detailfile('/etc/motd')
        detail += '{}\n'.format(report.motd)

    return summ, detail
Exemple #2
0
    def view_summarized(self,
                        execution=True,
                        general=True,
                        specific=True,
                        volatile=True,
                        other=True,
                        infrastructure=True):
        text = reporttitle("SUMMARIZED INFORMATION")

        if execution:
            text += detailfile("Execution environment")
            for item in self.summarized_data[0]:
                text += item

        if general:
            text += detailfile("General information")
            for item in self.summarized_data[1]:
                text += item

        if specific:
            text += detailfile("Specific information")
            for item in self.summarized_data[2]:
                text += item

        if volatile:
            text += detailfile("Volatile information")
            for item in self.summarized_data[3]:
                text += item

        if other:
            text += detailfile("Other information")
            for item in self.summarized_data[4]:
                text += item

        if infrastructure:
            text += detailfile("Infrastructure information")
            for item in self.summarized_data[5]:
                text += item

        return text
Exemple #3
0
def _getprocess():
    summ = "\nProcess information:\n"
    detail = detailheader("Process information")
    detail += detailfile("Process Summary")

    keylist = list(process.keys())
    keylist.sort()

    total = len(keylist)
    running = 0
    runningdata = []
    sleeping = 0
    sleepingdata = []
    idle = 0
    zombie = 0
    zombiedata = []
    topcpu = []
    topmem = []

    for item in keylist:
        try:
            if process[item][6]:
                topcpu.append([process[item][6], item])
            if process[item][4]:
                topmem.append([process[item][4], item])

            if 'R' in process[item][1]:
                running += 1
                runningdata.append([item, process[item]])
            if 'S' in process[item][1]:
                sleeping += 1
                sleepingdata.append([item, process[item]])
            if 'I' in process[item][1]:
                idle += 1
            if 'Z' in process[item][1]:
                zombie += 1
                zombiedata.append([item, process[item]])
        except:
            pass  # Process deleted

    topcpu.sort(reverse=True)
    topmem.sort(reverse=True)

    summ += " |__{} total process, {} running, {} sleeping, " \
            "{} idle and {} zombie\n".format(total, running, sleeping, idle, zombie)
    detail += "Total processes\n"
    detail += " |__{} total process, {} running, {} sleeping, " \
              "{} idle and {} zombie\n".format(total, running, sleeping, idle, zombie)

    summ += " |__Top 5 CPU process:\n"
    detail += " |__Top 10 CPU process:\n"
    for counter in range(10):
        if len(process[topcpu[counter][1]][7]) > 59:
            if counter < 5:
                summ += " |       |__{:_>5}% {}...\n".format(
                    topcpu[counter][0], process[topcpu[counter][1]][7][:56])
            detail += " |       |__{:_>5}% {}...\n".format(
                topcpu[counter][0], process[topcpu[counter][1]][7][:56])
        else:
            if counter < 5:
                summ += " |       |__{:_>5}% {}\n".format(
                    topcpu[counter][0], process[topcpu[counter][1]][7])
            detail += " |       |__{:_>5}% {}\n".format(
                topcpu[counter][0], process[topcpu[counter][1]][7])

    summ += " |__Top 5 RAM process:\n"
    detail += " |__Top 10 RAM process:\n"
    for counter in range(10):
        if len(process[topmem[counter][1]][7]) > 59:
            if counter < 5:
                summ += "         |__{:_>7} kB {}...\n".format(
                    topmem[counter][0], process[topmem[counter][1]][7][:56])
            detail += "         |__{:_>7} kB {}...\n".format(
                topmem[counter][0], process[topmem[counter][1]][7][:56])
        else:
            if counter < 5:
                summ += "         |__{:_>7} kB {}\n".format(
                    topmem[counter][0], process[topmem[counter][1]][7])
            detail += "         |__{:_>7} kB {}\n".format(
                topmem[counter][0], process[topmem[counter][1]][7])

    detail += detailfile("Process detail")
    detail += "{:^80}\n".format(
        "(PID, user, niceness, memory in kB, %cpu and name)")

    if running > 0:
        detail += "Running processes\n"
        for item in runningdata:
            detail += " |__{:5} {:12} {:3} {:7} {:5}% {}\n".format(
                item[0], item[1][3][:12], item[1][5], item[1][4], item[1][6],
                item[1][7][:35])
    if zombie > 0:
        detail += "\nZombie processes\n"
        for item in zombiedata:
            detail += " |__{:5} {:12} {:3} {:7} {:5}% {}\n".format(
                item[0], item[1][3][:12], item[1][5], item[1][4], item[1][6],
                item[1][0][:35])

    if sleeping > 0:
        detail += "\nSleeping processes\n"
        for item in sleepingdata:
            detail += " |__{:5} {:12} {:3} {:7} {:5}% {}\n".format(
                item[0], item[1][3][:12], item[1][5], item[1][4], item[1][6],
                item[1][7][:35])

    return summ, detail
Exemple #4
0
def _getusers(report, precheck):
    summ = '\nUsers and groups info:\n'
    detail = detailheader("Users and groups")

    # Check users
    if precheck.shouldread('/etc/passwd'):
        output = open('/etc/passwd').readlines()
        for item in output:
            parts = item.strip().split(":")
            report.users[parts[0]] = ["?", parts[2], parts[3], parts[4], parts[5], parts[6], []]
            report.pidusers[int(parts[2])] = parts[0]

    # Check groups
    if precheck.shouldread('/etc/group'):
        output = open('/etc/group').readlines()
        for item in output:
            parts = item.strip().split(":")
            report.groups[parts[0]] = ["?", parts[2], parts[3].split(",")]

    # Check passwords format
    if precheck.shouldread('/etc/shadow'):
        output = open('/etc/shadow').readlines()
        for item in output:
            parts = item.split(":")
            data = report.users.get(parts[0], None)
            if data:
                if parts[1].startswith('$1$'):
                    passwd = "MD5"
                elif parts[1].startswith('$2a$'):
                    passwd = "Blowfish"
                elif parts[1].startswith('$2y$'):
                    passwd = "Blowfish"
                elif parts[1].startswith('$5$'):
                    passwd = "SHA-256"
                elif parts[1].startswith('$6$'):
                    passwd = "SHA-512"
                else:
                    passwd = "No password"
                modify = report.users[parts[0]]
                modify[0] = passwd
                report.users[parts[0]] = modify

    for item in report.groups:
        for user in report.groups[item][2]:
            if user:
                report.users[user][6].append(item)

    summ += " |__Users:"
    line = "\n |    |__"
    upass = 0
    umd5 = 0
    detail += detailfile("Users with any kind of shell or password")
    for item in sorted(report.users):
        if report.users[item][0] == "No password" or report.users[item][0] == "?":
            if len(line) > 72:
                summ += line
                line = "\n |    |__"
            else:
                line += "{} ".format(item)
            if "false" not in report.users[item][5] and "nologin" not in report.users[item][5]:
                detail += "\nUser: {}, Home: {}, Shell: {}\n |__Groups: {}\n".\
                    format(item, report.users[item][4], report.users[item][5],
                           report.users[item][6])
        else:
            if len(line) > 72:
                summ += line
                line = "\n |    |__"
            else:
                line += "[{}] ".format(item)
            detail += "\nUser: {}, Password: {}, Home: {}, Shell: {}\n |__Groups: {}\n".\
                format(item, report.users[item][0], report.users[item][4], report.users[item][5],
                       report.users[item][6])
            upass += 1
    summ += line
    summ += "\n |__Groups:"
    line = "\n |    |__"
    detail += detailfile("Summary of users and groups")
    for item in sorted(report.groups):
        if len(line) > 72:
            summ += line
            line = "\n |    |__"
        else:
            line += "{} ".format(item)
    summ += line
    if precheck.root:
        summ += "\n |__There are {} users, {} with password ({} MD5 hashed), " \
                "and {} groups.\n".format(len(report.users), upass, umd5, len(report.groups))
        detail += summ
    else:
        summ += "\n |__There are {} users and {} groups.\n".format(len(report.users),
                                                                   len(report.groups))
        detail += summ

    return summ, detail
Exemple #5
0
def _getrunningservices(precheck, report):
    detail = detailheader("Services information")
    summ = ""

    if precheck.checkcommand("runlevel"):
        try:
            message = None
            output = check_output(["runlevel"], stderr=DEVNULL).decode("utf-8").split(" ")
            report.runlevel = int(output[1])
            if report.runlevel == 1:
                message = "Runlevel 1: Single-user mode"
            elif report.runlevel == 2:
                message = "Runlevel 2: Multi-user mode"
            elif report.runlevel == 3:
                message = "Runlevel 3: Multi-user mode with networking"
            elif report.runlevel == 4:
                message = "Runlevel 4: Not used/user-definable"
            elif report.runlevel == 5:
                message = "Runlevel 5: Start the system normally with appropriate display manager"
            if message:
                detail += "{:^80}\n".format(message)
                summ += "\n{}\n |__{}\n".format(message.split(":")[0], message.split(":")[1])
        except Exception as e:
            report.log("INFO", "Unknown runlevel")
            report.log("DEBUG", str(e))

    if precheck.checkcommand("systemctl"):
        output = check_output(["systemctl", "list-units"], stderr=DEVNULL).decode("utf-8").splitlines()
        detail += detailfile("systemd services:")
        summ += "\nSystemd services:\n"
        for item in output:
            if "   loaded" in item:
                item = " ".join(item.split()).split(" ")
                if len(item[0]) > 1:
                    unit = item[0]
                    sub = item[3]
                    description = " ".join(item[4:])
                else:
                    unit = item[1]
                    sub = item[4]
                    description = " ".join(item[5:])
                if sub == "running":
                    report.runningservices.append([unit, description])
                elif sub == "failed":
                    report.failedservices.append([unit, description])
                # Ignore mount and plugged
                elif sub == "waiting" or sub == "exited" or sub == "active" \
                        or sub == "listening" or sub == "elapsed":
                    report.otherservices.append([sub, unit, description])

    elif precheck.checkcommand("chkconfig"):
        output = check_output(["chkconfig", "--list"], stderr=DEVNULL).decode("utf-8").splitlines()
        detail += detailfile("SysV init services:")
        summ += "\nSysV init enabled services:\n"
        if 0 < report.runlevel < 6:
            checkon = "{}:on".format(report.runlevel)
            checkoff = "{}:off".format(report.runlevel)
            for item in output:
                item = " ".join(item.split())
                if checkon in item:
                    report.runningservices.append([item.split(" ")[0], ""])
                elif checkoff in item:
                    report.otherservices.append(["stopped", item.split(" ")[0], ""])

    report.runningservices.sort()
    report.failedservices.sort()
    report.otherservices.sort()

    if report.failedservices:
        detail += "\nFailed services:\n"
        summ += " |__Failed services:\n"
        for item in report.failedservices:
            if len(item[1]) > 0:
                detail += " |__{} ({})\n".format(item[0], item[1])
                summ += " |    |__{} ({})\n".format(item[0], item[1])
            else:
                detail += " |__{}\n".format(item[0])
                summ += " |    |__{}\n".format(item[0])

    if report.runningservices:
        detail += "\nRunning services:\n"
        summ += " |__Running services: {}\n".format(len(report.runningservices))
        for item in report.runningservices:
            if len(item[1]) > 0:
                detail += " |__{} ({})\n".format(item[0], item[1])
            else:
                detail += " |__{}\n".format(item[0])

    if report.otherservices:
        detail += "\nOther state:\n"
        summ += " |__Other state services: {}\n".format(len(report.otherservices))
        state = ""
        for item in report.otherservices:
            if len(item[2]) > 0:
                if item[0] == state:
                    detail += " |     |__{} ({})\n".format(item[1], item[2])
                else:
                    state = item[0]
                    detail += " |__{}\n |     |__{} ({})\n".format(item[0], item[1], item[2])
            else:
                if item[0] == state:
                    detail += " |     |__{}\n".format(item[1])
                else:
                    state = item[0]
                    detail += " |__{}\n |     |__{}\n".format(item[0], item[1])

    return summ, detail
Exemple #6
0
def _getnetinfo(report, precheck):
    detail = detailheader("Network information")

    # Check hosts ipv4 in /etc/hosts
    if precheck.shouldread('/etc/hosts'):
        detail += detailfile("/etc/hosts")
        readhost = open('/etc/hosts').readlines()
        for item in readhost:
            item = " ".join(item.split())
            if len(item) > 0:
                if not item.startswith('#') and ":" not in item:
                    ip = ip_address(item.split(" ")[0])
                    detail += "{:>15} - {}\n".format(str(ip), item.split(" ")[1])
                    report.infrastructure(ip, "HOSTNAME {}".format(item.split(" ")[1]))

    interfaces = {}
    if precheck.checkcommand("ip"):
        # Get interfaces
        output = check_output(["ip", "-o", "link"], stderr=DEVNULL).decode("utf-8").splitlines()
        for line in output:
            iface = line.split(":")[1].strip()
            mac = line.split("link")[1].split(" ")[1]
            interfaces[iface] = [mac]

        # Get interfaces address
        output = check_output(["ip", "-o", "address"], stderr=DEVNULL).decode("utf-8").splitlines()
        for line in output:
            line = " ".join(line.split()).split(" ")
            if line[2] == "inet":
                interfaces[line[1]] = [interfaces[line[1]][0], line[3]]

    report.ifaces = interfaces

    # Prepare the report for ifaces
    detail += detailfile("Interfaces")
    detail += "          IFACE     MAC ADDRESS     IP ADDRESS/MASK\n"
    summ = '\nNetwork Information:\n'
    for item in interfaces:
        if len(interfaces[item]) > 1:
            detail += "{:>15s}  {:17s}  {}\n".format(item, interfaces[item][0],
                                                     interfaces[item][1])
            summ += " |__Iface {} ({}) with ip address {}.\n".format(item, interfaces[item][0],
                                                                     interfaces[item][1])
            report.infrastructure(ip_address(interfaces[item][1].split("/")[0]), "Local machine")
        else:
            detail += "{:>15s}  {:17s}\n".format(item, interfaces[item][0])
            summ += " |__Iface {} ({}) without ip address.\n".format(item, interfaces[item][0])

    # Get routes
    if precheck.shouldread("/proc/net/route"):
        detail += detailfile("Routes information")
        summ += ' |__Network routes:\n'

        with open("/proc/net/route") as f:
            info = f.readlines()

        for item in info[1:]:
            item = " ".join(item.split()).split(" ")
            iface = item[0]
            destination = converthex2ip(item[1])
            gateway = converthex2ip(item[2])
            mask = str(bin(int(item[7], 16)))[2:].count("1")
            summ += " |    |__Destination: {:>15}/{:0<2} - " \
                    "Gateway: {:15} vía {}\n".format(destination,
                                                     mask,
                                                     gateway,
                                                     iface)
            detail += "Destination: {:>15}/{:0<2} - Gateway: {:15} vía {}\n".format(destination,
                                                                                    mask,
                                                                                    gateway,
                                                                                    iface)
            report.routes.append([destination, mask, gateway, iface])

        detail += detailfile("Other information")

        # Get DNS
        if precheck.shouldread("/etc/resolv.conf"):
            detail += "DNS:\n"

            with open("/etc/resolv.conf") as f:
                info = f.readlines()

            for item in info:
                item = " ".join(item.split()).split(" ")
                if item[0].lower() == "nameserver":
                    detail += " |__{}\n".format(item[1])
                    if len(report.dns) > 0:
                        summ += " |   |__{}\n".format(item[1])
                    else:
                        summ += " |__DNS:\n |   |__{}\n".format(item[1])
                    report.dns.append(item[1])
                    report.infrastructure(precheck.nslookup(item[1]), "DNS Server")
                    if item[1] == "127.0.1.1":
                        report.infrastructure(ip_address(item[1]), "Local machine")
            summ += " o\n"

        # Get NTP
        if precheck.shouldread("/etc/ntp.conf") or precheck.shouldread("/etc/xntp.conf"):
            detail += "NTP:\n"

            if precheck.shouldread("/etc/ntp.conf"):
                with open("/etc/ntp.conf") as f:
                    info = f.readlines()
            else:
                with open("/etc/xntp.conf") as f:
                    info = f.readlines()

            for item in info:
                item = " ".join(item.split()).split(" ")
                if item[0].lower() == "server":
                    detail += " |__SERVER {}\n".format(item[1])
                    if len(report.dns) > 0:
                        summ += " |   |__{}\n".format(item[1])
                    else:
                        summ += " |__NTP:\n |   |__{}\n".format(item[1])
                    report.ntp.append(item[1])
                    report.infrastructure(precheck.nslookup(item[1]), "NTP Server")
                if item[0].lower() == "restrict":
                    detail += " |__CLIENT {}\n".format(item[1])
                    report.infrastructure(precheck.nslookup(item[1]), "NTP Client")
            summ += " o\n"

    return summ, detail
Exemple #7
0
def getgeneralinfo(report, precheck):

    # Get hardware reports
    try:
        report.log("DEBUG", "CPU and RAM information gathering started")
        summ, detail, cpuinfo, meminfo = _gethardware(precheck)
        report.summarized(1, summ)
        report.detailed(1, detail)
        report.cpuinfo = cpuinfo
        report.meminfo = meminfo
        report.log("DEBUG", "CPU and RAM information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain CPU and RAM information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    try:
        report.log("DEBUG", "USB information gathering started")
        summ, detail, total = _getusb()
        report.summarized(1, summ)
        report.detailed(1, detail)
        report.total = total
        report.log("DEBUG", "USB information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain usb information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    # Get OS reports
    try:
        report.log("DEBUG", "Kernel information gathering started")
        summ, detail, data = _getos()
        report.summarized(1, summ)
        report.detailed(1, detail)
        report.oskernel = data
        report.log("DEBUG", "Kernel information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain OS uname information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    try:
        report.log("DEBUG", "Distribution release information gathering started")
        summ, detail, data = _getdistrorelease(precheck)
        report.summarized(1, summ)
        report.detailed(1, detail)
        report.osdistro = data
        report.log("DEBUG", "Distribution release information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain distribution release information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    try:
        report.log("DEBUG", "libc information gathering started")
        summ, detail = _getlibc()
        report.summarized(1, summ)
        report.detailed(1, detail)
        report.log("DEBUG", "libc information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain libc information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    # Get software reports
    try:
        report.log("DEBUG", "Software packages gathering started")

        summ = "\nPackages manager not found\n"
        if precheck.checkcommand("yum"):
            precheck.packages = _getyum()
            summ = "\nTotal RPM packages (yum):\n |__{}\n".format(len(precheck.packages))
        elif precheck.checkcommand("dpkg-query"):
            precheck.packages = _getdpkg()
            summ = "\nTotal DEB packages (dpkg):\n |__{}\n".format(len(precheck.packages))
        elif precheck.checkcommand("zypper"):
            precheck.packages = _getzypper()
            summ = "\nTotal RPM packages (zypper):\n |__{}\n".format(len(precheck.packages))
        elif precheck.checkcommand("apt"):
            precheck.packages = _getapt()
            summ = "\nTotal DEB packages (apt):\n |__{}\n".format(len(precheck.packages))
        elif precheck.checkcommand("pacman"):
            precheck.packages = _getpacman()
            summ = "\nTotal pkg.tar.xz packages (pacman):\n |__{}\n".format(len(precheck.packages))

        report.summarized(1, summ)
        report.detailed(1, detailheader("Packages information"))
        for item in precheck.packages:
            report.detailed(1, "{:32s} - {}\n".format(item[0], item[1]))

        report.log("DEBUG", "Software packages information completed")

    except Exception as e:
        report.log("ERROR", "Can't obtain software packages information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    # Get filesystem reports
    try:
        report.log("DEBUG", "disk information gathering started")
        report.disks, report.unmounted, report.mounted = _getdisks(precheck)
        summ = "\nPartitions mounted:\n"
        for item in report.mounted:
            if "swap" in item[2].lower():
                summ += " |__{:_<32}__SWAP filesystem with {}\n".format(item[2], item[1])
            else:
                summ += " |__{:_<32}__{} filesystem with {}, used {}\n".format(item[2],
                                                                               item[3],
                                                                               item[1],
                                                                               item[5])
        report.summarized(1, summ)

        detail = detailheader("Disk/Partitions information")
        detail += detailfile("Disks info:")
        for item in report.disks:
            detail += "{:32s} - Size: {}\n".format(item[0], item[1])
        detail += detailfile("Unmounted partitions:")
        for item in report.unmounted:
            detail += "{:32s} - Size: {}\n".format(item[0], item[1])
        detail += detailfile("Mounted partitions:")
        for item in report.mounted:
            detail += "\n{:32s}\n |__{}\n".format(item[0], item[2])
            if "swap" in item[2].lower():
                detail += " |__Size: {}\n".format(item[1])
            else:
                detail += " |__Filesystem: {}\n |__Size: {}, used {}\n".format(item[3],
                                                                               item[1],
                                                                               item[5])
                detail += " |__Options: {}\n".format(item[4])

        report.detailed(1, detail)
        report.log("DEBUG", "disk information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain disk information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())

    try:
        report.log("DEBUG", "File and directory permission information gathering started")
        print("\naridy.py could search the filesystem in order to locate directories with no "
              "StickyBit and all users write permission, or files with SUID or GUID, but "
              "it could be very slow. Do you want to proceed? (y/N) ", end="")
        ans = str(input()).lower().lstrip()
        if len(ans) == 0 or 'y' not in ans[0]:
            return
        stickydirs, alluserwrite, readerrors, suidperm, guidperm = _checkpermissions(precheck,
                                                                                     report)
        report.stickydirs = stickydirs
        report.alluserwrite = alluserwrite
        report.readerrors = readerrors
        report.suidperm = suidperm
        report.guidperm = guidperm
        report.detailed(1, detailheader("File/Dir information"))
        report.summarized(1, "\nFile and directories information:\n")
        report.detailed(1, "File and directories information:\n")
        report.summarized(1, " |__StickyBit: Found {} dirs with all users write "
                             "permission and no stickybit\n".format(len(stickydirs)))
        report.detailed(1, " |__StickyBit: Found {} dirs with all users write permission and "
                           "no stickybit.\n |   You should put the sticky bit in order to avoid "
                           "any user can modify files\n |   of other "
                           "users\n".format(len(stickydirs)))
        report.summarized(1, " |__All users can write: Found {} files with all "
                             "users write permission\n".format(len(alluserwrite)))
        report.detailed(1, " |__All users can write: Found {} files with all users write "
                           "permission.\n |   Is it necessary?\n".format(len(alluserwrite)))
        report.summarized(1, " |__Read errors: Found {} files or directories with "
                             "errors\n".format(len(readerrors)))
        report.detailed(1, " |__Read errors: Found {} files or directories with errors. There "
                           "are\n |   possible bad links, maybe you want to delete "
                           "them\n".format(len(readerrors)))
        report.summarized(1, " |__SUID: Found {} files with SUID "
                             "permission\n".format(len(suidperm)))
        report.detailed(1, " |__SUID: Found {} files with SUID permission. Are they "
                           "necessary?\n".format(len(suidperm)))
        report.summarized(1, " |__GUID: Found {} files with GUID "
                             "permission\n".format(len(guidperm)))
        report.detailed(1, " |__GUID: Found {} files with GUID permission. Are they "
                           "necessary?\n".format(len(guidperm)))

        try:
            f = open("aridi.badfiles", "w")
            for item in stickydirs:
                f.write("'{}' dir has write permission for all user and "
                        "no sticky bit\n".format(item))
            for item in alluserwrite:
                f.write("'{}' file has write permission for all user\n".format(item))
            for item in readerrors:
                f.write("{}\n".format(item))
            for item in suidperm:
                if item[1]:
                    f.write("'{}' file has SUID and it's owned by the root user\n".format(item[0]))
                else:
                    f.write("'{}' file has SUID. Is it necessary?\n".format(item[0]))
            for item in guidperm:
                if item[1]:
                    f.write("'{}' file has GUID and it's owned by the root group\n".format(item[0]))
                else:
                    f.write("'{}' file has GUID. Is it necessary?\n".format(item[0]))
        except Exception as e:
            report.log("ERROR", "Can't write aridy.badfiles")
            report.log("DEBUG", str(e))
            report.log("DEBUG", format_exc())
        finally:
            f.close()
        report.log("DEBUG", "File and directory permission information completed")
    except Exception as e:
        report.log("ERROR", "Can't obtain file and directory permission information")
        report.log("DEBUG", str(e))
        report.log("DEBUG", format_exc())
Exemple #8
0
def _getdistrorelease(precheck):
    name = ''
    version = ''
    filename = ''
    data = ''
    summ = '\nOS Release information:\n'
    detail = detailheader("OS Release information")

    # this is the current systemd version info
    if precheck.shouldread('/etc/os-release'):
        lines = open('/etc/os-release').read().split('\n')
        detail += detailfile('/etc/os-release')
        for line in lines:
            detail += line + "\n"
            if line.startswith('NAME='):
                name = line.split('=')[1]
                if name[0] == '"' and name[-1] == '"':
                    name = name[1:-1]
            if line.startswith('VERSION='):
                version = line.split('=')[1]
                if version[0] == '"' and version[-1] == '"':
                    version = version[1:-1]
        data = name + " " + version
        summ += " |__{}\n".format(data)
    # and now, the other release info files
    elif precheck.shouldread('/etc/centos-release'):
        filename = '/etc/centos-release'
    elif precheck.shouldread('/etc/lsb-release'):
        lines = open('/etc/lsb-release').read().split('\n')
        detail += detailfile('/etc/lsb-release')
        for line in lines:
            detail += line + "\n"
            if line.startswith('DISTRIB_ID='):
                name = line.split('=')[1]
                if name[0] == '"' and name[-1] == '"':
                    name = name[1:-1]
            if line.startswith('DISTRIB_RELEASE='):
                version = line.split('=')[1]
                if version[0] == '"' and version[-1] == '"':
                    version = version[1:-1]
        data = name + " " + version
        summ += " |__{}\n".format(data)
    elif precheck.shouldread('/suse/etc/SuSE-release'):
        filename = '/suse/etc/SuSE-release'
    elif precheck.shouldread('/etc/redhat-release'):
        filename = '/etc/redhat-release'
    elif precheck.shouldread('/etc/fedora-release'):
        filename = '/etc/fedora-release'

    if filename:
        name = open(filename).read()
        data = name.split('\n')[0]
        summ += " |__{}\n".format(data)
        detail += filename + '-'*len(filename) + name + "\n"

    # check old distribution version info
    if precheck.shouldread('/etc/debian-version'):
        other_version = open('/etc/debian-version').read()
        summ += " |__Debian version: " + other_version.split('\n')[0] + "\n"
        detail += detailfile('/etc/debian-version')
        detail += other_version + "\n"
    elif precheck.shouldread('/etc/slackware-version'):
        other_version = open('/etc/slackware-version').read()
        summ += " |__Slackware version: " + other_version.split('\n')[0] + "\n"
        detail += detailfile('/etc/slackware-version')
        detail += other_version + "\n"

    return summ, detail, data