当前位置: 首页>>代码示例>>Python>>正文


Python file.NoSUIDSGIDAudit方法代码示例

本文整理汇总了Python中charmhelpers.contrib.hardening.audits.file.NoSUIDSGIDAudit方法的典型用法代码示例。如果您正苦于以下问题:Python file.NoSUIDSGIDAudit方法的具体用法?Python file.NoSUIDSGIDAudit怎么用?Python file.NoSUIDSGIDAudit使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在charmhelpers.contrib.hardening.audits.file的用法示例。


在下文中一共展示了file.NoSUIDSGIDAudit方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: get_audits

# 需要导入模块: from charmhelpers.contrib.hardening.audits import file [as 别名]
# 或者: from charmhelpers.contrib.hardening.audits.file import NoSUIDSGIDAudit [as 别名]
def get_audits():
    """Get OS hardening suid/sgid audits.

    :returns:  dictionary of audits
    """
    checks = []
    settings = utils.get_settings('os')
    if not settings['security']['suid_sgid_enforce']:
        log("Skipping suid/sgid hardening", level=INFO)
        return checks

    # Build the blacklist and whitelist of files for suid/sgid checks.
    # There are a total of 4 lists:
    #   1. the system blacklist
    #   2. the system whitelist
    #   3. the user blacklist
    #   4. the user whitelist
    #
    # The blacklist is the set of paths which should NOT have the suid/sgid bit
    # set and the whitelist is the set of paths which MAY have the suid/sgid
    # bit setl. The user whitelist/blacklist effectively override the system
    # whitelist/blacklist.
    u_b = settings['security']['suid_sgid_blacklist']
    u_w = settings['security']['suid_sgid_whitelist']

    blacklist = set(BLACKLIST) - set(u_w + u_b)
    whitelist = set(WHITELIST) - set(u_b + u_w)

    checks.append(NoSUIDSGIDAudit(blacklist))

    dry_run = settings['security']['suid_sgid_dry_run_on_unknown']

    if settings['security']['suid_sgid_remove_from_unknown'] or dry_run:
        # If the policy is a dry_run (e.g. complain only) or remove unknown
        # suid/sgid bits then find all of the paths which have the suid/sgid
        # bit set and then remove the whitelisted paths.
        root_path = settings['environment']['root_path']
        unknown_paths = find_paths_with_suid_sgid(root_path) - set(whitelist)
        checks.append(NoSUIDSGIDAudit(unknown_paths, unless=dry_run))

    return checks 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:43,代码来源:suid_sgid.py

示例2: test_is_compliant

# 需要导入模块: from charmhelpers.contrib.hardening.audits import file [as 别名]
# 或者: from charmhelpers.contrib.hardening.audits.file import NoSUIDSGIDAudit [as 别名]
def test_is_compliant(self, mock_get_stat):
        mock_get_stat.return_value = EasyMock({'st_mode': 0o0644,
                                               'st_uid': 0,
                                               'st_gid': 0})
        audit = file.NoSUIDSGIDAudit('/foo/bar')
        compliant = audit.is_compliant('/foo/bar')
        self.assertTrue(compliant) 
开发者ID:juju,项目名称:charm-helpers,代码行数:9,代码来源:test_file_audits.py

示例3: test_is_noncompliant

# 需要导入模块: from charmhelpers.contrib.hardening.audits import file [as 别名]
# 或者: from charmhelpers.contrib.hardening.audits.file import NoSUIDSGIDAudit [as 别名]
def test_is_noncompliant(self, mock_get_stat):
        mock_get_stat.return_value = EasyMock({'st_mode': 0o6644,
                                               'st_uid': 0,
                                               'st_gid': 0})
        audit = file.NoSUIDSGIDAudit('/foo/bar')
        compliant = audit.is_compliant('/foo/bar')
        self.assertFalse(compliant) 
开发者ID:juju,项目名称:charm-helpers,代码行数:9,代码来源:test_file_audits.py

示例4: test_comply

# 需要导入模块: from charmhelpers.contrib.hardening.audits import file [as 别名]
# 或者: from charmhelpers.contrib.hardening.audits.file import NoSUIDSGIDAudit [as 别名]
def test_comply(self, mock_check_output, mock_log):
        audit = file.NoSUIDSGIDAudit('/foo/bar')
        audit.comply('/foo/bar')
        mock_check_output.assert_has_calls([call(['chmod', '-s', '/foo/bar'])])
        self.assertTrue(mock_log.called) 
开发者ID:juju,项目名称:charm-helpers,代码行数:7,代码来源:test_file_audits.py


注:本文中的charmhelpers.contrib.hardening.audits.file.NoSUIDSGIDAudit方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。