def get(self, host, path, batchno, force=False):
'''
via salt get the directory contents for the first N = 1000
entries, unsorted.
if the contents for this host and path have already been
retrieved and not yet tossed/replaced, don't get them
again unless 'force' is True; you may want this in case
you expect the directory contents to have been updated
since the last invocation
'''
if (host is not None and path is not None and host == self.host
and path == self.path
and (not force or (self.entries is not None))):
return
# fixme batchno? batchno should increment too
# for now more than 1000 entries in a dir = we silently toss them
direxamin = RemoteDirExaminer(path,
host,
batchno,
1000,
self.timeout,
prettyprint=False)
contents = direxamin.run(True)
if contents is None:
return
contents = contents.split("\n")
self.host = host
self.path = path
self.entries = []
self.entries_dict = {}
for item in contents:
try:
result = json.loads(item, object_hook=JsonHelper.decode_dict)
self.entries.append(result)
self.entries_dict[result['path']] = result
except:
print "WARNING: problem getting dir contents, retrieved", item
def get(self, host, path, batchno, force=False):
'''
via salt get the directory contents for the first N = 1000
entries, unsorted.
if the contents for this host and path have already been
retrieved and not yet tossed/replaced, don't get them
again unless 'force' is True; you may want this in case
you expect the directory contents to have been updated
since the last invocation
'''
if (host is not None and path is not None and
host == self.host and path == self.path and
(not force or (self.entries is not None))):
return
# fixme batchno? batchno should increment too
# for now more than 1000 entries in a dir = we silently toss them
direxamin = RemoteDirExaminer(path, host, batchno, 1000, self.timeout, prettyprint=False)
contents = direxamin.run(True)
if contents is None:
return
contents = contents.split("\n")
self.host = host
self.path = path
self.entries = []
self.entries_dict = {}
for item in contents:
try:
result = json.loads(item, object_hook=JsonHelper.decode_dict)
self.entries.append(result)
self.entries_dict[result['path']] = result
except:
print "WARNING: problem getting dir contents, retrieved", item
def main():
hosts_expr = None
audit_type = None
confdir = '/srv/audits/retention/configs'
files_to_check = None
prettyprint = False
show_sample_content = False
summary_report = False
verbose = False
ignore_also = None
dir_info = None
getuserconfs = False
batchno = 1
file_info = None
linecount = 1
maxfiles = None
timeout = 60
depth = 0
dirsizes = False
show_system_logs = False
oldest_only = False
interactive = False
store_filepath = "/etc/data_retention/dataretention_rules.sq3"
try:
(options, remainder) = getopt.gnu_getopt(
sys.argv[1:], "a:b:c:d:Df:F:l:i:Ie:m:oprsSt:T:uvh", [
"audit=", "confdir=", "files=", "filecontents=", "linecount=",
"ignore=", "interactive", "depth=", "maxfiles=", "oldest",
"prettyprint", "report", "dirsizes", "examine", "batchno",
"sample", "system", "target=", "timeout=", "userconf",
"verbose", "help"
])
except getopt.GetoptError as err:
usage("Unknown option specified: " + str(err))
for (opt, val) in options:
if opt in ["-t", "--target"]:
hosts_expr = val
elif opt in ["-a", "--audit"]:
audit_type = val
elif opt in ["-c", "--confdir"]:
confdir = val
elif opt in ["-d", "--depth"]:
if not val.isdigit():
usage("depth must be a number")
depth = int(val)
elif opt in ["-f", "--files"]:
files_to_check = val
elif opt in ["-F", "--filecontents"]:
file_info = val
elif opt in ["-l", "--linecount"]:
if not val.isdigit():
usage("linecount must be a number (starting from 1)")
linecount = int(val)
elif opt in ["-i", "--ignore"]:
ignore_also = val
elif opt in ["-I", "--interactive"]:
interactive = True
elif opt in ["-e", "--examine"]:
dir_info = val
elif opt in ["-b", "--batchno"]:
if not val.isdigit():
usage("batcho must be a number (starting from 1)")
batchno = int(val)
elif opt in ["-m", "--maxfiles"]:
if not val.isdigit():
usage("maxfiles must be a number")
maxfiles = int(val)
elif opt in ["-o", "--oldest"]:
oldest_only = True
elif opt in ["-p", "--prettyprint"]:
prettyprint = True
elif opt in ["-r", "--report"]:
summary_report = True
elif opt in ["-D", "--dirsizes"]:
dirsizes = True
elif opt in ["-s", "--sample"]:
show_sample_content = True
elif opt in ["-S", "--system"]:
show_system_logs = True
elif opt in ["-T", "--timeout"]:
if not val.isdigit():
usage("timeout must be a number")
timeout = int(val)
elif opt in ["-u", "--userconf"]:
getuserconfs = True
elif opt in ["-h", "--help"]:
usage()
elif opt in ["-v", "--verbose"]:
verbose = True
else:
usage("Unknown option specified: %s" % opt)
if len(remainder) > 0:
usage("Unknown option specified: <%s>" % remainder[0])
if hosts_expr is None:
usage("Mandatory target argument not specified")
count = len(filter(None, [audit_type, dir_info, file_info, getuserconfs]))
if count == 0:
usage("One of 'audit', 'examine', 'userconf' "
"or 'filecontents' must be specified")
elif count > 1:
usage("Only one of 'audit', 'examine' 'userconf' "
"or 'filecontents' may be specified")
if dir_info is not None:
# for now more than 1000 entries in a dir = we silently toss them
direxam = RemoteDirExaminer(dir_info, hosts_expr, batchno, 1000,
timeout)
direxam.run()
sys.exit(0)
elif file_info is not None:
fileexam = RemoteFileExaminer(file_info, hosts_expr, linecount,
timeout)
fileexam.run()
sys.exit(0)
elif getuserconfs:
getconfs = RemoteUserCfGrabber(hosts_expr, timeout, 'homes', confdir)
getconfs.run()
sys.exit(0)
if audit_type not in ['root', 'logs', 'homes']:
usage("audit type must be one of 'root', 'logs', 'homes'")
if show_system_logs and not audit_type == 'logs':
usage("'system' argument may only be used with logs audit")
if oldest_only and not audit_type == 'logs':
usage("'oldest' argument may only be used with logs audit")
if audit_type == 'logs':
logsaudit = RemoteLogsAuditor(hosts_expr, audit_type, confdir,
prettyprint, oldest_only,
show_sample_content, dirsizes,
show_system_logs, summary_report, depth,
files_to_check, ignore_also, timeout,
maxfiles, store_filepath, verbose)
report = logsaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout, audit_type,
ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'root':
filesaudit = RemoteFilesAuditor(hosts_expr, audit_type, confdir,
prettyprint, show_sample_content,
dirsizes, summary_report, depth,
files_to_check, ignore_also, timeout,
maxfiles, store_filepath, verbose)
report = filesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout, audit_type,
ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'homes':
homesaudit = RemoteHomesAuditor(hosts_expr, audit_type, confdir,
prettyprint, show_sample_content,
dirsizes, summary_report, depth,
files_to_check, ignore_also, timeout,
maxfiles, store_filepath, verbose)
report = homesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout, audit_type,
ignore_also, hosts_expr)
cmdline.run(report)
def main():
hosts_expr = None
audit_type = None
confdir = '/srv/audits/retention/configs'
files_to_check = None
prettyprint = False
show_sample_content = False
summary_report = False
verbose = False
ignore_also = None
dir_info = None
getuserconfs = False
batchno = 1
file_info = None
linecount = 1
maxfiles = None
timeout = 60
depth = 0
dirsizes = False
show_system_logs = False
oldest_only = False
interactive = False
store_filepath = "/etc/data_retention/dataretention_rules.sq3"
try:
(options, remainder) = getopt.gnu_getopt(
sys.argv[1:], "a:b:c:d:Df:F:l:i:Ie:m:oprsSt:T:uvh",
["audit=", "confdir=", "files=",
"filecontents=", "linecount=",
"ignore=",
"interactive",
"depth=", "maxfiles=",
"oldest", "prettyprint", "report",
"dirsizes", "examine", "batchno",
"sample", "system",
"target=", "timeout=",
"userconf", "verbose", "help"])
except getopt.GetoptError as err:
usage("Unknown option specified: " + str(err))
for (opt, val) in options:
if opt in ["-t", "--target"]:
hosts_expr = val
elif opt in ["-a", "--audit"]:
audit_type = val
elif opt in ["-c", "--confdir"]:
confdir = val
elif opt in ["-d", "--depth"]:
if not val.isdigit():
usage("depth must be a number")
depth = int(val)
elif opt in ["-f", "--files"]:
files_to_check = val
elif opt in ["-F", "--filecontents"]:
file_info = val
elif opt in ["-l", "--linecount"]:
if not val.isdigit():
usage("linecount must be a number (starting from 1)")
linecount = int(val)
elif opt in ["-i", "--ignore"]:
ignore_also = val
elif opt in ["-I", "--interactive"]:
interactive = True
elif opt in ["-e", "--examine"]:
dir_info = val
elif opt in ["-b", "--batchno"]:
if not val.isdigit():
usage("batcho must be a number (starting from 1)")
batchno = int(val)
elif opt in ["-m", "--maxfiles"]:
if not val.isdigit():
usage("maxfiles must be a number")
maxfiles = int(val)
elif opt in ["-o", "--oldest"]:
oldest_only = True
elif opt in ["-p", "--prettyprint"]:
prettyprint = True
elif opt in ["-r", "--report"]:
summary_report = True
elif opt in ["-D", "--dirsizes"]:
dirsizes = True
elif opt in ["-s", "--sample"]:
show_sample_content = True
elif opt in ["-S", "--system"]:
show_system_logs = True
elif opt in ["-T", "--timeout"]:
if not val.isdigit():
usage("timeout must be a number")
timeout = int(val)
elif opt in ["-u", "--userconf"]:
getuserconfs = True
elif opt in ["-h", "--help"]:
usage()
elif opt in ["-v", "--verbose"]:
verbose = True
else:
usage("Unknown option specified: %s" % opt)
if len(remainder) > 0:
usage("Unknown option specified: <%s>" % remainder[0])
if hosts_expr is None:
usage("Mandatory target argument not specified")
count = len(filter(None, [audit_type, dir_info, file_info, getuserconfs]))
if count == 0:
usage("One of 'audit', 'examine', 'userconf' "
"or 'filecontents' must be specified")
elif count > 1:
usage("Only one of 'audit', 'examine' 'userconf' "
"or 'filecontents' may be specified")
if dir_info is not None:
# for now more than 1000 entries in a dir = we silently toss them
direxam = RemoteDirExaminer(dir_info, hosts_expr, batchno, 1000, timeout)
direxam.run()
sys.exit(0)
elif file_info is not None:
fileexam = RemoteFileExaminer(file_info, hosts_expr, linecount, timeout)
fileexam.run()
sys.exit(0)
elif getuserconfs:
getconfs = RemoteUserCfGrabber(hosts_expr, timeout, 'homes', confdir)
getconfs.run()
sys.exit(0)
if audit_type not in ['root', 'logs', 'homes']:
usage("audit type must be one of 'root', 'logs', 'homes'")
if show_system_logs and not audit_type == 'logs':
usage("'system' argument may only be used with logs audit")
if oldest_only and not audit_type == 'logs':
usage("'oldest' argument may only be used with logs audit")
if audit_type == 'logs':
logsaudit = RemoteLogsAuditor(hosts_expr, audit_type, confdir,
prettyprint,
oldest_only, show_sample_content, dirsizes,
show_system_logs,
summary_report, depth, files_to_check, ignore_also,
timeout, maxfiles, store_filepath, verbose)
report = logsaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout,
audit_type, ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'root':
filesaudit = RemoteFilesAuditor(hosts_expr, audit_type, confdir,
prettyprint,
show_sample_content, dirsizes,
summary_report,
depth, files_to_check, ignore_also,
timeout, maxfiles, store_filepath, verbose)
report = filesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout,
audit_type, ignore_also, hosts_expr)
cmdline.run(report)
elif audit_type == 'homes':
homesaudit = RemoteHomesAuditor(hosts_expr, audit_type, confdir,
prettyprint,
show_sample_content, dirsizes,
summary_report,
depth, files_to_check, ignore_also,
timeout, maxfiles, store_filepath, verbose)
report = homesaudit.audit_hosts()
if interactive:
cmdline = CommandLine(confdir, store_filepath, timeout,
audit_type, ignore_also, hosts_expr)
cmdline.run(report)