def _GenService(self, name, cfg): # Merge the config values. service = rdf_client.LinuxServiceInformation(name=name) service.config = self._GenConfig(cfg) if service.config.disable == ["no"]: service.starts = True service.start_mode = "XINETD" service.start_after = ["xinetd"] return service
def _ParseInit(self, init_files): init_lexer = LSBInitLexer() for path, file_obj in init_files: init = init_lexer.ParseEntries(file_obj.read()) if init: service = rdf_client.LinuxServiceInformation() service.name = init.get("provides") service.start_mode = "INIT" service.start_on = GetRunlevelsLSB(init.get("default-start")) if service.start_on: service.starts = True service.stop_on = GetRunlevelsLSB(init.get("default-stop")) service.description = init.get("short-description") service.start_after = self._Facilities(init.get("required-start", [])) service.stop_after = self._Facilities(init.get("required-stop", [])) yield service else: logging.debug("No runlevel information found in %s", path)
def ParseFiles( self, knowledge_base: rdf_client.KnowledgeBase, pathspecs: Iterable[rdf_paths.PathSpec], filedescs: Iterable[IO[bytes]], ) -> Iterator[rdf_client.LinuxServiceInformation]: """Identify the init scripts and the start/stop scripts at each runlevel. Evaluate all the stat entries collected from the system. If the path name matches a runlevel spec, and if the filename matches a sysv init symlink process the link as a service. Args: knowledge_base: A client's knowledge base. pathspecs: A list of path description for collected files. filedescs: A list of file descriptors of collected files. Yields: rdf_client.LinuxServiceInformation for each detected service. """ del knowledge_base, filedescs # Unused. services = {} for pathspec in pathspecs: path = pathspec.path runlevel = self.runlevel_re.match(os.path.dirname(path)) runscript = self.runscript_re.match(os.path.basename(path)) if runlevel and runscript: svc = runscript.groupdict() service = services.setdefault( svc["name"], rdf_client.LinuxServiceInformation(name=svc["name"], start_mode="INIT")) runlvl = GetRunlevelsNonLSB(runlevel.group(1)) if svc["action"] == "S" and runlvl: service.start_on.append(runlvl.pop()) service.starts = True elif runlvl: service.stop_on.append(runlvl.pop()) for svc in services.values(): yield svc
def ParseMultiple(self, stats, unused_file_obj, unused_kb): """Identify the init scripts and the start/stop scripts at each runlevel. Evaluate all the stat entries collected from the system. If the path name matches a runlevel spec, and if the filename matches a sysv init symlink process the link as a service. Args: stats: An iterator of StatEntry rdfs. unused_file_obj: An iterator of file contents. Not needed as the parser only evaluates link attributes. unused_kb: Unused KnowledgeBase rdf. Yields: rdf_anomaly.Anomaly if the startup link seems wierd. rdf_client.LinuxServiceInformation for each detected service. """ services = {} for stat_entry in stats: path = stat_entry.pathspec.path runlevel = self.runlevel_re.match(os.path.dirname(path)) runscript = self.runscript_re.match(os.path.basename(path)) if runlevel and runscript: svc = runscript.groupdict() service = services.setdefault( svc["name"], rdf_client.LinuxServiceInformation( name=svc["name"], start_mode="INIT")) runlvl = GetRunlevelsNonLSB(runlevel.group(1)) if svc["action"] == "S" and runlvl: service.start_on.append(runlvl.pop()) service.starts = True elif runlvl: service.stop_on.append(runlvl.pop()) if not stat.S_ISLNK(int(stat_entry.st_mode)): yield rdf_anomaly.Anomaly( type="PARSER_ANOMALY", finding=[path], explanation="Startup script is not a symlink.") for svc in itervalues(services): yield svc