Non-interactive permissions checking.

author: Eugeni Dodonov <eugeni@mandriva.org> 2009-01-06 23:53:26 +0000
committer: Eugeni Dodonov <eugeni@mandriva.org> 2009-01-06 23:53:26 +0000
commit: 13f9b65dec5018f4c07bf4b918f65801de1ae90d (patch)
tree: c309b00273d3ec3c2f147b00ef3bd1cd6e9d7ddd /src
parent: 7faae668f95d211bc8de66e920c94d662d260794 (diff)
download: msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.gz
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.bz2
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.xz
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.zip
2 files changed, 11 insertions, 4 deletions
diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py
index 1083904..b3dc283 100755
--- a/src/msec/libmsec.py
+++ b/src/msec/libmsec.py
@@ -1651,28 +1651,34 @@ class PERMS:
                 force = True
 
             if newuser != None:
-                self.log.info(_("Enforcing user on %s to %s") % (file, self.get_user_name(newuser)))
                 if force and really_commit:
+                    self.log.warn(_("Enforcing user on %s to %s") % (file, self.get_user_name(newuser)))
                     try:
                         os.chown(file, newuser, -1)
                     except:
                         self.log.error(_("Error changing user on %s: %s") % (file, sys.exc_value))
+                else:
+                    self.log.warn(_("Bad owner of %s: should be %s") % (file, self.get_user_name(newuser)))
             if newgroup != None:
-                self.log.info(_("Enforcing group on %s to %s") % (file, self.get_group_name(newgroup)))
                 if force and really_commit:
+                    self.log.warn(_("Enforcing group on %s to %s") % (file, self.get_group_name(newgroup)))
                     try:
                         os.chown(file, -1, newgroup)
                     except:
                         self.log.error(_("Error changing group on %s: %s") % (file, sys.exc_value))
+                else:
+                    self.log.warn(_("Bad group of %s: should be %s") % (file, self.get_group_name(newgroup)))
             # permissions should be last, as chown resets them
             # on suid files
             if newperm != None:
-                self.log.info(_("Enforcing permissions on %s to %o") % (file, newperm))
                 if force and really_commit:
+                    self.log.warn(_("Enforcing permissions on %s to %o") % (file, newperm))
                     try:
                         os.chmod(file, newperm)
                     except:
                         self.log.error(_("Error changing permissions on %s: %s") % (file, sys.exc_value))
+                else:
+                    self.log.warn(_("Bad permissions of %s: should be %o") % (file, newperm))
 
 
     def check_perms(self, perms):
diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py
index a0f1676..3cba97e 100755
--- a/src/msec/msecperms.py
+++ b/src/msec/msecperms.py
@@ -119,7 +119,8 @@ if __name__ == "__main__":
         # logs to file and to terminal
         log = Log(log_path=config.SECURITYLOG, interactive=True, log_syslog=False, log_level=log_level)
     else:
-        log = Log(log_path=config.SECURITYLOG, interactive=False, log_level=log_level)
+        log_level = logging.WARN
+        log = Log(log_path=config.SECURITYLOG, interactive=True, log_syslog=False, log_level=log_level)
 
     # loading permissions
     permconf = config.PermConfig(log, config=config.PERMCONF)
author	Eugeni Dodonov <eugeni@mandriva.org>	2009-01-06 23:53:26 +0000
committer	Eugeni Dodonov <eugeni@mandriva.org>	2009-01-06 23:53:26 +0000
commit	13f9b65dec5018f4c07bf4b918f65801de1ae90d (patch)
tree	c309b00273d3ec3c2f147b00ef3bd1cd6e9d7ddd /src
parent	7faae668f95d211bc8de66e920c94d662d260794 (diff)
download	msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.gz msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.bz2 msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.xz msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.zip