当前位置: 首页>>代码示例>>Python>>正文


Python utils.get_settings方法代码示例

本文整理汇总了Python中charmhelpers.contrib.hardening.utils.get_settings方法的典型用法代码示例。如果您正苦于以下问题:Python utils.get_settings方法的具体用法?Python utils.get_settings怎么用?Python utils.get_settings使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在charmhelpers.contrib.hardening.utils的用法示例。


在下文中一共展示了utils.get_settings方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: get_audits

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def get_audits():
    """Get OS hardening sysctl audits.

    :returns:  dictionary of audits
    """
    audits = []
    settings = utils.get_settings('os')

    # Apply the sysctl settings which are configured to be applied.
    audits.append(SysctlConf())
    # Make sure that only root has access to the sysctl.conf file, and
    # that it is read-only.
    audits.append(FilePermissionAudit('/etc/sysctl.conf',
                                      user='root',
                                      group='root', mode=0o0440))
    # If module loading is not enabled, then ensure that the modules
    # file has the appropriate permissions and rebuild the initramfs
    if not settings['security']['kernel_enable_module_loading']:
        audits.append(ModulesTemplate())

    return audits 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:23,代码来源:sysctl.py

示例2: __call__

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def __call__(self):
        settings = utils.get_settings('os')
        with open('/proc/cpuinfo', 'r') as fd:
            cpuinfo = fd.readlines()

        for line in cpuinfo:
            match = re.search(r"^vendor_id\s+:\s+(.+)", line)
            if match:
                vendor = match.group(1)

        if vendor == "GenuineIntel":
            vendor = "intel"
        elif vendor == "AuthenticAMD":
            vendor = "amd"

        ctxt = {'arch': platform.processor(),
                'cpuVendor': vendor,
                'desktop_enable': settings['general']['desktop_enable']}

        return ctxt 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:22,代码来源:sysctl.py

示例3: get_audits

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def get_audits():
    """Get OS hardening security limits audits.

    :returns:  dictionary of audits
    """
    audits = []
    settings = utils.get_settings('os')

    # Ensure that the /etc/security/limits.d directory is only writable
    # by the root user, but others can execute and read.
    audits.append(DirectoryPermissionAudit('/etc/security/limits.d',
                                           user='root', group='root',
                                           mode=0o755))

    # If core dumps are not enabled, then don't allow core dumps to be
    # created as they may contain sensitive information.
    if not settings['security']['kernel_enable_core_dump']:
        audits.append(TemplatedFile('/etc/security/limits.d/10.hardcore.conf',
                                    SecurityLimitsContext(),
                                    template_dir=TEMPLATES_DIR,
                                    user='root', group='root', mode=0o0440))
    return audits 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:24,代码来源:limits.py

示例4: get_audits

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def get_audits():
    """Get OS hardening PAM authentication audits.

    :returns:  dictionary of audits
    """
    audits = []

    settings = utils.get_settings('os')

    if settings['auth']['pam_passwdqc_enable']:
        audits.append(PasswdqcPAM('/etc/passwdqc.conf'))

    if settings['auth']['retries']:
        audits.append(Tally2PAM('/usr/share/pam-configs/tally2'))
    else:
        audits.append(DeletedFile('/usr/share/pam-configs/tally2'))

    return audits 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:20,代码来源:pam.py

示例5: get_audits

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def get_audits():
    """Get OS hardening apt audits.

    :returns:  dictionary of audits
    """
    audits = [AptConfig([{'key': 'APT::Get::AllowUnauthenticated',
                          'expected': 'false'}])]

    settings = get_settings('os')
    clean_packages = settings['security']['packages_clean']
    if clean_packages:
        security_packages = settings['security']['packages_list']
        if security_packages:
            audits.append(RestrictedPackages(security_packages))

    return audits 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:18,代码来源:apt.py

示例6: __call__

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def __call__(self):
        settings = utils.get_settings('ssh')
        if settings['common']['network_ipv6_enable']:
            addr_family = 'any'
        else:
            addr_family = 'inet'

        ctxt = {
            'addr_family': addr_family,
            'remote_hosts': settings['common']['remote_hosts'],
            'password_auth_allowed':
            settings['client']['password_authentication'],
            'ports': settings['common']['ports'],
            'ciphers': self.get_ciphers(settings['client']['cbc_required']),
            'macs': self.get_macs(settings['client']['weak_hmac']),
            'kexs': self.get_kexs(settings['client']['weak_kex']),
            'roaming': settings['client']['roaming'],
        }
        return ctxt 
开发者ID:openstack,项目名称:charm-swift-proxy,代码行数:21,代码来源:config.py

示例7: get_audits

# 需要导入模块: from charmhelpers.contrib.hardening import utils [as 别名]
# 或者: from charmhelpers.contrib.hardening.utils import get_settings [as 别名]
def get_audits():
    """Get OS hardening profile audits.

    :returns:  dictionary of audits
    """
    audits = []

    settings = utils.get_settings('os')
    # If core dumps are not enabled, then don't allow core dumps to be
    # created as they may contain sensitive information.
    if not settings['security']['kernel_enable_core_dump']:
        audits.append(TemplatedFile('/etc/profile.d/pinerolo_profile.sh',
                                    ProfileContext(),
                                    template_dir=TEMPLATES_DIR,
                                    mode=0o0755, user='root', group='root'))
    if settings['security']['ssh_tmout']:
        audits.append(TemplatedFile('/etc/profile.d/99-hardening.sh',
                                    ProfileContext(),
                                    template_dir=TEMPLATES_DIR,
                                    mode=0o0644, user='root', group='root'))
    return audits 
开发者ID:openstack,项目名称:charm-keystone,代码行数:23,代码来源:profile.py


注:本文中的charmhelpers.contrib.hardening.utils.get_settings方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。