def verfiy(self,i):
f=open("C:\Users\L\Desktop\py\\target_file\login.defs","r")
data= f.read()
f.close()
r= 0
for n in i:
if n != 'update':
str = n
# print n
patt = r'(%s)(.*?)(\d+)' % str
#print patt
m = re.search(patt,data) # 匹配文件中的所要修改的内容
# print m.group(3) #
# print i[str]
if m: # 如果匹配成功
if int(m.group(3)) > int(i[str]): #判断安全的标准 每个文件的都不一样
r=1
else:
pass #给r一个新值
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r # 返回 r
def verfiy(self,term):#判断怎样修复,返回修复等级
r=0
with open(self.target_filename,"r") as f:
data= f.read() #读取目标文件内容
#print data
for n in term:
if n != 'update':
str = n
patt = r'(%s)\s+=\s+(\w{1,3})' % str #正则
#print patt
m = re.search(patt,data) # 匹配文件中的所要修改的内容
#print m.group() #得到目标文件的值
#print term[str] #正确值
if m: # 如果匹配成功
if m.group(2) == term['update']:
pass
else:
r= 1
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def repair(self,i,r):
if r==0:
log.print_check_log(self.msg+' Don\'t need repair .Because it' ,0)
elif r==1:
self.addConfig(i)
else:
log.print_check_log('Error',2)
def verfiy(self, term): #判断怎样修复,返回修复等级
r = 0
with open(self.target_filename, "r") as f:
data = f.read() #读取目标文件内容
#print data
for n in term: # i 传过来的数组内容 遍历 n(i 的key)
if n != 'update': # 如果 n 不为 update
str = n
patt = r'(%s)(.*?)(\w{2,4})' % str #正则
# print patt
m = re.search(patt, data) # 匹配文件中的所要修改的内容
#print m.group(1),m.group(3) #得到目标文件的值
#print term[str] #正确值
if m: # 如果匹配成功
if m.group(3) == term['update']: #判断安全的标准 每个文件的都不一样
#print 'secevery'
pass
else:
#print "no secevery"
r = 1
else:
#print "no config"
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self, term): #判断怎样修复,返回修复等级
target_filename = term.keys()[0]
with open(target_filename, "r") as f:
data = f.read() #读取目标文件内容
#print data
#print target_filename
for n in term:
if n != 'update':
str = n
patt = "\numask.*?(\d{3})" #正则
# print patt
m = re.search(patt, data) # 匹配文件中的所要修改的内容
#print m.group(1),m.group(3) #得到目标文件的值
#print term[str] #正确值
if m: # 如果匹配成功
if m.group(1) == '027': #判断安全的标准 每个文件的都不一样
r = 0
else:
r = 1
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self,term):#判断怎样修复,返回修复等级
r = 0
with open(self.target_filename,"r") as f:
data= f.read() #读取目标文件内容
#print data
for n in term: # i 传过来的数组内容 遍历 n(i 的key)
if n != 'update': # 如果 n 不为 update
str = n
patt = r"alias %s=('.*?')" % str #正则
# print patt
m = re.search(patt,data) # 匹配文件中的所要修改的内容
# print m.group(1) #得到目标文件的值
# print term[str] #正确值
if m: # 如果匹配成功
if m.group(1) == term['update']: #判断安全的标准 每个文件的都不一样
pass
else:
#print "no secevery"
r = 1
else:
#print "no config"
r = 2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self,term):#判断怎样修复,返回修复等级
r=0
with open(self.target_filename,"r") as f:
data= f.read() #读取目标文件内容
#print data
for n in term:
if n != 'update':
str = n
patt = r'(%s)\s+=\s+(\w{1,3})' % str #正则
#print patt
m = re.search(patt,data) # 匹配文件中的所要修改的内容
#print m.group() #得到目标文件的值
#print term[str] #正确值
if m: # 如果匹配成功
if m.group(2) == term['update']:
pass
else:
r= 1
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self,term):#判断怎样修复,返回修复等级
with open(self.target_filename,"r") as f:
data= f.read() #读取目标文件内容
#print data
for n in term: # i 传过来的数组内容 遍历 n(i 的key)
if n != 'update': # 如果 n 不为 update
str = n
patt = r'(%s)=(\d{1,4})' % str #正则
# print patt
m = re.search(patt,data) # 匹配文件中的所要修改的内容
# print m.group(2) #得到目标文件的值
# print term[str] #正确值
if m: # 如果匹配成功
if int(m.group(2)) == int(term[str]): #判断安全的标准 每个文件的都不一样
r=0
else:
r=1
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self, i):
f = open(self.target_filename, "r")
data = f.read()
f.close()
r = 0
for n in i:
if n != 'update':
str = n
# print n
patt = r'(%s)(.*?)(\d+)' % str
#print patt
m = re.search(patt, data) # 匹配文件中的所要修改的内容
# print m.group(3) #
# print i[str]
if m: # 如果匹配成功
if int(m.group(3)) > int(i[str]): #判断安全的标准 每个文件的都不一样
r = 1
else:
pass #给r一个新值
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r # 返回 r
def verfiy(self,term):#判断怎样修复,返回修复等级
target_filename = term.keys()[0]
with open(target_filename,"r") as f:
data= f.read() #读取目标文件内容
#print data
#print target_filename
for n in term:
if n != 'update':
str =n
patt = "\numask.*?(\d{3})" #正则
# print patt
m = re.search(patt,data) # 匹配文件中的所要修改的内容
#print m.group(1),m.group(3) #得到目标文件的值
#print term[str] #正确值
if m: # 如果匹配成功
if m.group(1) == '027': #判断安全的标准 每个文件的都不一样
r=0
else:
r=1
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def repair(self, i, r):
if r == 0:
log.print_check_log(self.msg + ' Don\'t need repair .Because it',
0)
elif r == 1:
self.addConfig(i)
else:
log.print_check_log('Error', 2)
def repair(self,term,level):
if level==1: # r==1 存在不安全 需要编辑配置文件
self.edit_config(term)
elif level==2: # r==2 没有配置选项 需要增加一个
self.add_config(term)
elif level==0: # r==0 安全 无须 修复
log.print_check_log(self.msg+' Don\'t need repair .Because it' ,0)
else: # 其他值 则报错
log.print_check_log('Error',2)
def repair(self,i,r): #传过来 i r 根据r的值 来确定安全情况 以及如何修复
if r==1: # r==0 存在不安全 需要编辑配置文件
self.editConfig(i)
elif r==2: # r==2 没有配置选项 需要增加一个
self.addConfig(i)
elif r==0: # r==1 安全 无须 修复
log.print_check_log(self.msg+' Don\'t need repair .Because it' ,0)
else: # 其他值 则报错
log.print_check_log('Error',2)
def repair(self, i, r): #传过来 i r 根据r的值 来确定安全情况 以及如何修复
if r == 1: # r==0 存在不安全 需要编辑配置文件
self.editConfig(i)
elif r == 2: # r==2 没有配置选项 需要增加一个
self.addConfig(i)
elif r == 0: # r==1 安全 无须 修复
log.print_check_log(self.msg + ' Don\'t need repair .Because it',
0)
else: # 其他值 则报错
log.print_check_log('Error', 2)
def repair(self, i, r):
if r == 1: # r==0 存在不安全 需要编辑配置文件
self.editConfig(i)
print "grub repair success"
elif r == 2: # r==2 没有配置选项 需要增加一个
self.addConfig(i)
print "repair success"
elif r == 0: # r==1 安全 无须 修复
log.print_check_log(self.msg + ' Don\'t need repair .Because it',
0)
else: # 其他值 则报错
log.print_check_log('Error', 2)
def verfiy(self, i):
f = open(self.target_filename, "r")
data = f.read()
f.close()
r = 0
for n in i:
if n != 'update':
str = n
patt = r'%s' % i[str]
m = re.search(patt, data)
# print m.group(0)
if m:
pass
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self,i):
f=open('C:\Users\L\Desktop\py\\target_file\pam.d_login',"r")
data= f.read()
f.close()
r= 0
for n in i:
if n !='update':
str =n
patt = r'%s' % i[str]
m = re.search(patt,data)
# print m.group(0)
if m:
pass
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self, i):
f = open('C:\Users\L\Desktop\py\\target_file\\fstab', "r")
data = f.read()
f.close()
r = 0
for n in i:
if n != 'update':
str = n
patt = r'%s' % i[str]
m = re.search(patt, data)
# print i[str]
if m:
pass
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self, i):
f = open(self.target_filename, "r")
data = f.read()
f.close()
r = 0
for n in i: # i 传过来的数组内容 遍历 n(i 的key)
if n != 'update': # 如果 n 不为 update
str = n
patt = r'\n%s.*?(\w+);' % (str)
m = re.search(patt, data)
#print m.group(1)
if m:
if m.group(1) != 'nobody':
r = 1
else:
pass
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r # 返回 r
def verfiy(self,i):
f=open('C:\Users\L\Desktop\py\\target_file\pam.d_su',"r")
data= f.read()
f.close()
r= 0
for n in i:
if n != 'update':
str= n
patt = r'auth\s+sufficient\s+/lib/security/pam_rootok.so\nauth\s+required\s+/lib/security/pam_wheel.so\s+group=wheel\n'
m = re.search(patt,data)
# print i[str]
# print m.group(0)
if m:
pass
else:
r=2
print "no config"
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self, i):
f = open(self.target_filename, "r")
data = f.read()
f.close()
r = 0
for n in i:
if n != 'update':
str = n
patt = r'auth\s+sufficient\s+/lib/security/pam_rootok.so\nauth\s+required\s+/lib/security/pam_wheel.so\s+group=wheel\n'
m = re.search(patt, data)
# print i[str]
# print m.group(0)
if m:
pass
else:
r = 2
print "no config"
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self,i):
f=open("C:\Users\L\Desktop\py\\target_file\login.defs","r")
data= f.read()
f.close()
r= 0
for n in i: # i 传过来的数组内容 遍历 n(i 的key)
if n != 'update': # 如果 n 不为 update
str = n
patt = r'\n%s.*?(\w+);' % (str)
m = re.search(patt,data)
#print m.group(1)
if m:
if m.group(1) != 'nobody':
r=1
else:
pass
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r # 返回 r
def verfiy(self, term): #判断怎样修复,返回修复等级
r = 0
with open(self.target_filename, "r") as f:
data = f.read() #读取目标文件内容
#print data
for n in term: # i 传过来的数组内容 遍历 n(i 的key)
if n != 'update': # 如果 n 不为 update
str = n
patt = r"pam_cracklib\.so\s+minlen=\d+\s+ucredit=-\d+\s+lcredit=-\d+\s+dcredit=-\d+\s+ocredit=-\d+" #正则
# print patt
m = re.search(patt, data) # 匹配文件中的所要修改的内容
# print m.group(1) #得到目标文件的值
# print term[str] #正确值
# print m
if m: # 如果匹配成功
pass
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self, i):
f = open(self.target_filename, "r")
data = f.read()
f.close()
r = 0
for n in i:
if n != 'update':
str = n
# print str
patt = r'(%s)( *)(.*)' % str
m = re.search(patt, data)
# print i[str]
# print m.group()
if m:
if m.group(3) != i[str]:
r = 1
elif m.group(3) == i[str]:
pass
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
def verfiy(self,term):#判断怎样修复,返回修复等级 r = 0 with open(self.target_filename,"r") as f: data= f.read() #读取目标文件内容 #print data for n in term: # i 传过来的数组内容 遍历 n(i 的key) if n != 'update': # 如果 n 不为 update str = n patt = r"pam_cracklib\.so\s+minlen=\d+\s+ucredit=-\d+\s+lcredit=-\d+\s+dcredit=-\d+\s+ocredit=-\d+" #正则 # print patt m = re.search(patt,data) # 匹配文件中的所要修改的内容 # print m.group(1) #得到目标文件的值 # print term[str] #正确值 # print m if m: # 如果匹配成功 pass else: r = 2 self.msg = self.target_filename+'=> project: '+str log.print_check_log(self.msg,r) return r
def verfiy(self,i):
f=open("C:\Users\L\Desktop\py\\target_file\grub.conf","r")
data= f.read()
f.close()
r= 0
for n in i :
if n != 'update':
str =n
patt = r'password(.*)'
m = re.search(patt,data)
# print m.group(0)
if m:
if '=' in m.group(1) :
r=1
elif re.search(r'password --md5 (.){31}',data):
pass
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self,i):
f=open("C:\Users\L\Desktop\py\\target_file\ssh_config","r")
data= f.read()
f.close()
r= 0
for n in i:
if n != 'update':
str=n
# print str
patt = r'(%s)( *)(.*)' % str
m = re.search(patt,data)
# print i[str]
# print m.group()
if m:
if m.group(3) != i[str] :
r=1
elif m.group(3) == i[str]:
pass
else:
r=2
self.msg = self.target_filename+'=> project: '+str
log.print_check_log(self.msg,r)
return r
def verfiy(self, i):
f = open(self.target_filename, "r")
data = f.read()
f.close()
r = 0
for n in i:
if n != 'update':
str = n
patt = r'password(.*)'
m = re.search(patt, data)
# print m.group(0)
if m:
if '=' in m.group(1):
r = 1
elif re.search(r'password --md5 (.){31}', data):
pass
else:
r = 2
self.msg = self.target_filename + '=> project: ' + str
log.print_check_log(self.msg, r)
return r
