def fix(self):
'''choose which fix method to run, based on OS archetype'''
self.detailedresults = ""
if self.DisableCloudServices.getcurrvalue():
if self.environ.getosfamily() == 'darwin':
RuleKVEditor.fix(self, False)
elif re.search('Ubuntu', self.environ.getostype()):
self.fixUbuntu()
def fix(self):
'''disable Apple File Sharing service
:returns: success
:rtype: bool
@author: Breen Malmberg
'''
success = True
try:
# if version = 10.10.*, then use KVEditor and ignore the other code
if re.search("10\.10.*", self.environ.getosver(), re.IGNORECASE):
RuleKVEditor.fix(self)
else:
clientfixpath1 = "/System/Library/LaunchDaemons/com.apple.AppleFileServer"
clientfixtool = "launchctl"
clientfixcmd1 = clientfixtool + " unload " + clientfixpath1
# the below 'path' is actually an alias
# which is understood by launchctl.
# in mac terminology, this is called a 'target'
clientfixpath2 = "system/com.apple.AppleFileServer"
clientfixcmd2 = clientfixtool + " disable " + clientfixpath2
self.cmdhelper.executeCommand(clientfixcmd1)
retcode = self.cmdhelper.getReturnCode()
if retcode != 0:
errstr = self.cmdhelper.getErrorString()
self.logger.log(LogPriority.DEBUG, errstr)
success = False
self.cmdhelper.executeCommand(clientfixcmd2)
retcode = self.cmdhelper.getReturnCode()
if retcode != 0:
errstr = self.cmdhelper.getErrorString()
self.logger.log(LogPriority.DEBUG, errstr)
success = False
if success:
self.detailedresults += "\nApple File Server has successfully been disabled."
self.formatDetailedResults('fix', success, self.detailedresults)
return success
except (KeyboardInterrupt, SystemExit):
raise
except Exception:
self.detailedresults = traceback.format_exc()
self.logger.log(LogPriority.ERROR, self.detailedresults)
def fix(self):
'''run fixed actions for ShowBluetoothIcon
return True if all succeed
:returns: fixed
:rtype: bool
@author: bgonz12
'''
self.detailedresults = ""
fixed = True
try:
if not RuleKVEditor.fix(self, True):
fixed = False
self.logdispatch.log(LogPriority.DEBUG,
"Kveditor fixed failed.")
except (KeyboardInterrupt, SystemExit):
# User initiated exit
raise
except Exception as err:
self.rulesuccess = False
fixed = False
messagestring = str(err) + " - " + str(traceback.format_exc())
self.resultAppend(messagestring)
self.logdispatch.log(LogPriority.ERROR, self.detailedresults)
self.formatDetailedResults("fix", fixed, self.detailedresults)
self.logdispatch.log(LogPriority.INFO, self.detailedresults)
return fixed
def fix(self):
'''Disables Auto Login
@author: Roy Nielsen
'''
try:
self.detailedresults = ""
fixed = False
self.kvfix = False
self.fhfix = False
self.kvfix = RuleKVEditor.fix(self)
if self.kvfix:
self.fhfix = self.fh.fixFiles()
if self.fhfix:
self.detailedresults = self.detailedresults + "\n" + \
self.fh.getFileMessage()
if not self.kvfix or not self.fhfix:
fixed = False
except (KeyboardInterrupt, SystemExit):
# User initiated exit
raise
except Exception as err:
self.rulesuccess = False
self.detailedresults = self.detailedresults + "\n" + str(err) + \
" - " + str(traceback.format_exc())
self.logdispatch.log(LogPriority.ERROR, self.detailedresults)
self.formatDetailedResults("fix", fixed, self.detailedresults)
self.logdispatch.log(LogPriority.INFO, self.detailedresults)
return fixed
def fixmac(self):
'''run fix functionality for macintosh, or darwin-based systems
:returns: success
:rtype: boolean
@author: Breen Malmberg
'''
success = True
try:
if not RuleKVEditor.fix(self, True):
success = False
if not self.setFileContents(self.ftpwelcomefile, self.bannertext):
success = False
self.detailedresults += '\nUnable to set warning banner text in ' + str(
self.ftpwelcomefile)
if not self.setFileContents(self.policybanner, self.bannertext):
success = False
self.detailedresults += '\nUnable to set warning banner text in ' + str(
self.policybanner)
except Exception:
raise
return success
def fixMac(self):
"""Mac osx specific fix submethod
@author: dwalker
:param self: essential if you override this definition
:returns: bool - True if system is successfully fix, False if it isn't
"""
success = RuleKVEditor.fix(self, True)
return success
def fix(self):
'''Make secure configuration changes to smb.conf
:returns: self.rulesuccess
:rtype: bool
@author: Breen Malmberg
'''
# defaults
self.detailedresults = ""
self.rulesuccess = True
try:
if self.SecureWinFileSharing.getcurrvalue():
if os.path.exists(self.smbconflocation):
myid = '0142001'
self.kvosmb.setEventID(myid)
if not self.kvosmb.fix():
self.rulesuccess = False
self.detailedresults += "KVEditor.fix() failed"
if not self.kvosmb.commit():
self.rulesuccess = False
self.detailedresults += "KVEditor.commit() failed"
if self.environ.getostype() == "Mac OS X":
if not RuleKVEditor.fix(self, True):
self.rulesuccess = False
self.detailedresults += "RuleKVEditor.fix() failed"
else:
self.logger.log(
LogPriority.DEBUG,
"The SecureWinFileSharing CI was disabled when fix() ran, so nothing was done."
)
self.detailedresults += "\nThe CI for this rule was already set to disabled when the rule ran, so nothing was fixed."
except (KeyboardInterrupt, SystemExit):
raise
except Exception:
self.rulesuccess = False
self.detailedresults = traceback.format_exc()
self.logger.log(LogPriority.ERROR, self.detailedresults)
self.formatDetailedResults("fix", self.rulesuccess,
self.detailedresults)
self.logdispatch.log(LogPriority.INFO, self.detailedresults)
return self.rulesuccess
def fix(self):
"""Calls the inherited RuleKVEditor fix method.
Additionally fixes the ConfigureCatalogURL kveditor item though
command helper(instead of using RuleKVEditor).
:return: self.rulesuccess - True if fix was successful, False otherwise
:rtype: bool
"""
try:
success = True
detailedresults = ""
self.iditerator = 0
eventlist = self.statechglogger.findrulechanges(self.rulenumber)
for event in eventlist:
self.statechglogger.deleteentry(event)
if not RuleKVEditor.fix(self, True):
success = False
if self.environ.geteuid() == 0:
if self.ccurlci != None:
if self.ccurlci.getcurrvalue():
cmd1 = "/usr/sbin/softwareupdate --clear-catalog"
if not self.ch.executeCommand(cmd1):
self.detailedresults += "Unable to set the " + \
"catalogURL to back to Apple's\n"
success = False
self.rulesuccess = success
self.resultAppend(detailedresults)
except (KeyboardInterrupt, SystemExit):
raise
except Exception:
self.rulesuccess = False
self.detailedresults += "\n" + traceback.format_exc()
self.logdispatch.log(LogPriority.ERROR, self.detailedresults)
self.formatDetailedResults("fix", self.rulesuccess,
self.detailedresults)
self.logdispatch.log(LogPriority.INFO, self.detailedresults)
return self.rulesuccess
def fix(self):
'''run fix actions for ConfigureNetworks
return True if all succeed
:returns: fixed
:rtype: bool
@author: ekkehard j. koch
@change: Breen Malmberg - 12/20/2016 - added doc string; detailedresults
and fixed var's moved to before try;
@change: Breen Malmberg - 1/12/2017 - added debug logging; default init kvfixed to True
'''
# CHANGES REQUIRED IN INIT OF THIS RULE IF THE CONSTANTS, THAT NETWORKSETUP.PY USE, ARE CHANGED
if self.nsobject == None:
fixed = False
self.formatDetailedResults("fix", fixed, self.detailedresults)
return fixed
self.logdispatch.log(LogPriority.DEBUG,
"Entering ConfigureNetworks.fix()...")
self.detailedresults = ""
fixed = True
kvfixed = True
try:
self.logdispatch.log(LogPriority.DEBUG,
"Running nsobject.getLocation()...")
if not self.nsobject.getLocation():
fixed = False
if not fixed:
self.logdispatch.log(
LogPriority.DEBUG,
"nsobject.getLocation() returned False! Will not run updateCurrentNetworkConfigurationDictionary() or nsobject.fix()!"
)
if fixed:
if not self.nsobject.updateCurrentNetworkConfigurationDictionary(
):
fixed = False
if not fixed:
self.logdispatch.log(
LogPriority.DEBUG,
"updateCurrentNetworkConfigurationDictionary() returned False! Will not run nsobject.fix()!"
)
if fixed:
self.logdispatch.log(LogPriority.DEBUG,
"Running nsobject.fix()...")
if not self.nsobject.fix():
fixed = False
self.logdispatch.log(
LogPriority.DEBUG,
"nsobject.fix() failed. fixed set to False.")
self.resultAppend(self.nsobject.getDetailedresults())
if not RuleKVEditor.fix(self, True):
kvfixed = False
self.logdispatch.log(
LogPriority.DEBUG,
"Kveditor fix failed. kvfixed set to False.")
fixed = fixed and kvfixed
self.logdispatch.log(
LogPriority.DEBUG,
"Exiting ConfigureNetworks.fix() and returning fixed=" +
str(fixed) + "...")
except (KeyboardInterrupt, SystemExit):
# User initiated exit
raise
except Exception as err:
self.rulesuccess = False
fixed = False
messagestring = str(err) + " - " + str(traceback.format_exc())
self.resultAppend(messagestring)
self.logdispatch.log(LogPriority.ERROR, self.detailedresults)
self.formatDetailedResults("fix", fixed, self.detailedresults)
self.logdispatch.log(LogPriority.INFO, self.detailedresults)
return fixed
def fix(self):
'''@summary: Fixes the system is report returns False
@author: dwalker
:returns: bool - True or False
'''
try:
success = True
self.detailedresults = ""
if not self.ci.getcurrvalue():
return
eventlist = self.statechglogger.findrulechanges(self.rulenumber)
for event in eventlist:
self.statechglogger.deleteentry(event)
if not RuleKVEditor.fix(self, True):
success = False
self.templist = self.applist[:]
debug = "Inside fix\n"
self.logdispatch.log(LogPriority.DEBUG, debug)
if self.allowedapps:
debug = "there are allowedapps in fix: " + str(
self.allowedapps) + "\n"
self.logdispatch.log(LogPriority.DEBUG, debug)
for app in self.allowedapps:
'''The current application should be allowed but isn't
so on the next line we're going to try and allow it'''
if app not in self.applist:
app = '"' + app + '"'
if not self.ch.executeCommand(self.add + app):
'''Trying to add the application to the allowed apps
wasn't successful'''
success = False
self.detailedresults += "Unable to add " + \
app + " to firewall allowed list\n"
else:
'''Adding the application to the allowed apps was
successful so record an even to remove it on undo'''
self.iditerator += 1
myid = iterate(self.iditerator, self.rulenumber)
undocmd = self.rmv + app
event = {"eventtype": "comm", "command": undocmd}
self.statechglogger.recordchgevent(myid, event)
else:
self.templist.remove(app)
if self.templist:
for app in self.templist:
debug = app + " isn't in " + str(
self.allowedapps
) + " so we're going to remove it\n"
app = '"' + app + '"'
if not self.ch.executeCommand(self.rmv + app):
success = False
self.detailedresults += "Unable to remove " + \
app + " from firewall allowed list\n"
else:
self.iditerator += 1
myid = iterate(self.iditerator, self.rulenumber)
undocmd = self.add + app
event = {"eventtype": "comm", "command": undocmd}
self.statechglogger.recordchgevent(myid, event)
elif self.applist:
debug = "there weren't alloweapps in fix\n"
self.logdispatch.log(LogPriority.DEBUG, debug)
tmp = []
for app in self.applist:
app = '"' + app + '"'
if not self.ch.executeCommand(self.rmv + app):
success = False
self.detailedresults += "Unable to remove " + \
app + " from firewall allowed list\n"
else:
self.iditerator += 1
myid = iterate(self.iditerator, self.rulenumber)
undocmd = self.add + app
event = {"eventtype": "comm", "command": undocmd}
self.statechglogger.recordchgevent(myid, event)
tmp.append(app)
for app in tmp:
self.applist.remove(app)
self.rulesuccess = success
except (KeyboardInterrupt, SystemExit):
# User initiated exit
raise
except Exception:
self.rulesuccess = False
self.detailedresults += "\n" + traceback.format_exc()
self.logdispatch.log(LogPriority.ERROR, self.detailedresults)
self.formatDetailedResults("fix", self.rulesuccess,
self.detailedresults)
self.logdispatch.log(LogPriority.INFO, self.detailedresults)
return self.rulesuccess