aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorEugeni Dodonov <eugeni@mandriva.org>2009-01-26 12:36:07 +0000
committerEugeni Dodonov <eugeni@mandriva.org>2009-01-26 12:36:07 +0000
commit10bfc98f9b441d6f468325277d2be4fb285a9c48 (patch)
tree98b09f5cc91d19601ebe2c6054fedec7c13df517 /src
parent06c8b64b8085f708fdb54f4880e9df27ccd8f338 (diff)
downloadmsec-10bfc98f9b441d6f468325277d2be4fb285a9c48.tar
msec-10bfc98f9b441d6f468325277d2be4fb285a9c48.tar.gz
msec-10bfc98f9b441d6f468325277d2be4fb285a9c48.tar.bz2
msec-10bfc98f9b441d6f468325277d2be4fb285a9c48.tar.xz
msec-10bfc98f9b441d6f468325277d2be4fb285a9c48.zip
Implemented support for custom paths checks in msecperms.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/msec/libmsec.py16
-rwxr-xr-xsrc/msec/msecperms.py15
2 files changed, 26 insertions, 5 deletions
diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py
index ea5ed25..e85bc9e 100755
--- a/src/msec/libmsec.py
+++ b/src/msec/libmsec.py
@@ -1895,8 +1895,9 @@ class PERMS:
self.log.warn(_("Wrong permissions of %s: should be %o") % (file, newperm))
- def check_perms(self, perms):
- '''Checks permissions for all entries in perms (PermConfig).'''
+ def check_perms(self, perms, files_to_check=[]):
+ '''Checks permissions for all entries in perms (PermConfig).
+ If files_to_check is specified, only the specified files are checked.'''
for file in perms.list_options():
user_s, group_s, perm_s, force = perms.get(file)
@@ -1973,6 +1974,17 @@ class PERMS:
if f in self.files:
self.log.debug("Removing previously selected %s (matched by '%s')" % (f, file))
del self.files[f]
+ # do we have to check for any specific paths?
+ if files_to_check:
+ self.log.info(_("Checking paths: %s") % ", ".join(files_to_check))
+ paths_to_check = []
+ for f in files_to_check:
+ paths_to_check.extend(glob.glob(f))
+ paths_to_check = set(paths_to_check)
+ # remove unneeded entries from self.files
+ for f in self.files.keys():
+ if f not in paths_to_check:
+ del self.files[f]
return self.files
# }}}
diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py
index b86ef26..9ce1c70 100755
--- a/src/msec/msecperms.py
+++ b/src/msec/msecperms.py
@@ -43,7 +43,16 @@ def usage():
This applications verifies and (when required) enforces permissions
of certain files and directories.
-The list of permissions is stored in %s.
+Usage: msecperms [parameters] [list of paths to check]
+
+If no paths to check are specified, all permissions stored in
+%s are checked.
+Otherwise, only the enties in the list of paths are expanded and checked.
+
+For example:
+ drakperms '/tmp/*' '/etc/*'
+will cover only files which are covered by '/tmp/*' and '/etc/*' rules of
+%s.
Available parameters:
-h, --help displays this helpful message.
@@ -55,7 +64,7 @@ Available parameters:
-p, --pretend only pretend to change the level, perform no real
actions. Use this to see what operations msec
will perform.
-""" % (version, config.PERMCONF)
+""" % (version, config.PERMCONF, config.PERMCONF)
# }}}
if __name__ == "__main__":
@@ -142,7 +151,7 @@ if __name__ == "__main__":
perm = PERMS(log)
# check permissions
- changed_files = perm.check_perms(permconf)
+ changed_files = perm.check_perms(permconf, files_to_check=args)
# writing back changes
perm.commit(really_commit=commit, enforce=enforce)