def getKdumpInfo(): INFO = {'Installed': False, 'Active': False} if( SUSE.packageInstalled('kdump') and SUSE.packageInstalled('kexec-tools') ): INFO['Installed'] = True SERVICE_NAME = 'kdump.service' SERVICE = SUSE.getServiceDInfo(SERVICE_NAME) if( len(SERVICE) > 0 and SERVICE['ActiveState'].lower() == 'active' ): INFO['Active'] = True return INFO
for line in content: MATCHED = ERROR.search(content[line]) if MATCHED: try: DENIED[MATCHED.group(1)] = True DENIED_COUNT += 1 except: True if( DENIED_COUNT > 0 ): Core.updateStatus(Core.WARN, "Observed " + str(DENIED_COUNT) + " AppArmor denial messages for profiles(s): " + str(DENIED.keys())) else: Core.updateStatus(Core.SUCC, "No AppArmor denial messages found") ############################################################################## # Main Program Execution ############################################################################## APPARMOR = SUSE.getServiceDInfo('apparmor.service') if( len(APPARMOR) > 0 ): if( APPARMOR['ActiveState'].lower() == 'active' and APPARMOR['SubState'].lower() == 'exited' ): checkRejectMessages() else: Core.updateStatus(Core.ERROR, "AppArmor not running, skipping profile check") else: Core.updateStatus(Core.ERROR, "AppArmor disabled, skipping profile check") Core.printPatternResults()
SERVICE_FOUND = '' FAILED_SERVICES = {} CURRENT_FAILED_SERVICES = [] IDX_UNIT_NAME = -4 #find any systemd units that have failed if Core.getRegExSection(FILE_OPEN, SECTION, CONTENT): failedState = re.compile("systemd.*Unit .* entered failed state", re.IGNORECASE) for LINE in CONTENT: if failedState.search(LINE): SERVICE_FOUND = LINE.split()[IDX_UNIT_NAME] FAILED_SERVICES[SERVICE_FOUND] = True FAILED_SERVICES_LIST = FAILED_SERVICES.keys() #check to see if the failed units are currently in a failed state for SERVICE in FAILED_SERVICES_LIST: SERVICE_INFO = SUSE.getServiceDInfo(SERVICE) if "SubState" in SERVICE_INFO: if( SERVICE_INFO['SubState'] == 'failed' ): CURRENT_FAILED_SERVICES.append(SERVICE) if( len(FAILED_SERVICES_LIST) > 0 ): if( len(CURRENT_FAILED_SERVICES) > 0 ): Core.updateStatus(Core.CRIT, "Systemd units that logged a failed state: " + ", ".join(FAILED_SERVICES_LIST) + ". Those units still in a failed state: " + ", ".join(CURRENT_FAILED_SERVICES)) else: Core.updateStatus(Core.WARN, "Systemd units that logged a failed state: " + ", ".join(FAILED_SERVICES_LIST) + ". Those units still in a failed state: None") else: Core.updateStatus(Core.IGNORE, "No failed systemd units found") Core.printPatternResults()
fileOpen = "messages.txt" section = "/var/log/messages" content = {} if Core.getSection(fileOpen, section, content): for line in content: if ERROR.search(content[line]): return True return False ############################################################################## # Main Program Execution ############################################################################## NTPD = SUSE.getServiceDInfo("ntpd.service") if len(NTPD) > 0: if NTPD["ActiveState"].lower() == "active" and NTPD["SubState"].lower() == "running": Core.updateStatus(Core.IGNORE, "NTP Daemon is running, AVOIDED") else: APPARMOR = SUSE.getServiceDInfo("apparmor.service") if len(APPARMOR) > 0: if APPARMOR["ActiveState"].lower() == "active" and APPARMOR["SubState"].lower() == "exited": if appArmorError(): Core.updateStatus(Core.CRIT, "NTP Service Failure, Check AppArmor NTP Profile") else: Core.updateStatus(Core.WARN, "NTP Service Failure Probable, Check AppArmor NTP Profile") else: Core.updateStatus(Core.ERROR, "AppArmor not running, NTP not running but skipping NTP conflict check") else: Core.updateStatus(Core.ERROR, "AppArmor disabled, NTP not running but skipping NTP conflict check")
def apparmorActive(): SERVICE = 'apparmor.service' SERVICE_INFO = SUSE.getServiceDInfo(SERVICE) if( SERVICE_INFO['LoadState'].lower() == 'loaded' ): return True return False