def logon(self, type, username, password): log_debug("logon(%s) type=%s username=%s" % (self, type, username)) if username != get_identity(self.uid): raise ProgramError( ERR_USER_LOOKUP, detail="uid=%s does not match logon username (%s)" % (self.uid, username)) if type == 'sealert': privilege = 'client' else: privilege = None if not self.access.user_allowed(privilege, username): raise ProgramError(ERR_USER_PROHIBITED) self.channel_type = type self.channel_name = username self.username = username self.user = self.database.get_user(username) if self.user is None: self.database.add_user(username) self.connection_state.update(ConnectionState.AUTHENTICATED) return [pkg_version, rpc_version]
def get_alert(self, local_id, sender): """ Return an alert with summary, audit events, fix suggestions ##### arguments * `local_id(s)`: an alert id ##### return values * `local_id(s)`: an alert id * `summary(s)`: a brief description of an alert. E.g. `"SELinux is preventing /usr/bin/bash from ioctl access on the unix_stream_socket unix_stream_socket."` * `report_count(i)`: count of reports of this alert * `audit_event(as)`: an array of audit events (AVC, SYSCALL) connected to the alert * `plugin_analysis(a(ssssbb)`: an array of plugin analysis structure * `if_text(s)`: * `then_text(s)` * `do_text(s)` * `analysis_id(s)`: plugin id. It can be used in `org.fedoraproject.SetroubleshootFixit.run_fix()` * `fixable(b)`: True when an alert is fixable by a plugin * `report_bug(b)`: True when an alert should be reported to bugzilla * `priority(i)`: An analysis priority. Typically the value is between 1 - 100. * `first_seen_date(t)`: when the alert was seen for the first time, number of microseconds since the Epoch * `last_seen_date(t)`: when the alert was seen for the last time, number of microseconds since the Epoch * `level(s)`: "green", "yellow" or "red" """ username = get_identity(self.connection.get_unix_user(sender)) database = get_host_database() alert = self._get_alert(local_id, database) alert.update_derived_template_substitutions() avc = alert.audit_event.records audit_events = [event.to_text() for event in avc] total_priority, alert_plugins = alert.get_plugins() plugins = [] for plugin, args in alert_plugins: plugins.append(( alert.substitute(plugin.get_if_text(avc, args)), alert.substitute(plugin.get_then_text(avc, args)), alert.substitute(plugin.get_do_text(avc, args)), plugin.analysis_id, plugin.fixable, plugin.report_bug, plugin.priority) ) return (alert.local_id, alert.summary(), alert.report_count, audit_events, plugins, int(alert.first_seen_date.format("%s")) * 1000000, int(alert.last_seen_date.format("%s")) * 1000000, alert.level or '' )
def _get_all_alerts_since(self, since, sender, alert_action="display"): username = get_identity(self.connection.get_unix_user(sender)) database = get_host_database() since_alerts = setroubleshoot.util.TimeStamp(float(since / 1000000)) database_alerts = database.query_alerts("*").signature_list alerts = [] for alert in database_alerts: if alert.last_seen_date < since_alerts: continue if alert.evaluate_filter_for_user(username) == alert_action: alerts.append((alert.local_id, alert.summary(), alert.report_count)) return alerts
def set_filter(self, local_id, filter_type, sender): """ Sets a filter on an alert. The alert can be "always" filtered, "never" filtered or "after_first" filtered. ##### arguments * `local_id(s)`: an alert id * `filter_type(s)`: "always", "never", "after_first" ##### return values * `success(b)`: """ try: username = get_identity(self.connection.get_unix_user(sender)) database = get_host_database() alert = self._get_alert(local_id, database) from setroubleshoot.signature import map_filter_name_to_value database.set_filter(alert.sig, username, map_filter_name_to_value[filter_type], None) return True except: return False
def check_for_new(self, last_seen_id, sender): username = get_identity(self.connection.get_unix_user(sender)) database = get_host_database() s = "" signatures = [] for sig in database.query_alerts("*").siginfos(): action = sig.evaluate_filter_for_user(username) if action != "ignore": signatures.append(sig) signatures.sort(compare_sig) count = 0 red = 0 for sig in signatures: count += 1 if sig.level == "red": red += 1 if sig.local_id == last_seen_id: red = 0 count = 0 return count, red
def logon(self, type, username, password): syslog.syslog(syslog.LOG_DEBUG, "logon(%s) type=%s username=%s" % (self, type, username)) if username != get_identity(self.uid): raise ProgramError(ERR_USER_LOOKUP, detail="uid=%s does not match logon username (%s)" % (self.uid, username)) if type == 'sealert': privilege = 'client' else: privilege = None if not self.access.user_allowed(privilege, username): raise ProgramError(ERR_USER_PROHIBITED) self.channel_type = type self.channel_name = username self.username = username self.user = self.database.get_user(username) if self.user is None: self.database.add_user(username) self.connection_state.update(ConnectionState.AUTHENTICATED) return [pkg_version, rpc_version]