diff options
author | Eugeni Dodonov <eugeni@mandriva.org> | 2009-01-06 23:53:26 +0000 |
---|---|---|
committer | Eugeni Dodonov <eugeni@mandriva.org> | 2009-01-06 23:53:26 +0000 |
commit | 13f9b65dec5018f4c07bf4b918f65801de1ae90d (patch) | |
tree | c309b00273d3ec3c2f147b00ef3bd1cd6e9d7ddd /src | |
parent | 7faae668f95d211bc8de66e920c94d662d260794 (diff) | |
download | msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.gz msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.bz2 msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.xz msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.zip |
Non-interactive permissions checking.
Diffstat (limited to 'src')
-rwxr-xr-x | src/msec/libmsec.py | 12 | ||||
-rwxr-xr-x | src/msec/msecperms.py | 3 |
2 files changed, 11 insertions, 4 deletions
diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py index 1083904..b3dc283 100755 --- a/src/msec/libmsec.py +++ b/src/msec/libmsec.py @@ -1651,28 +1651,34 @@ class PERMS: force = True if newuser != None: - self.log.info(_("Enforcing user on %s to %s") % (file, self.get_user_name(newuser))) if force and really_commit: + self.log.warn(_("Enforcing user on %s to %s") % (file, self.get_user_name(newuser))) try: os.chown(file, newuser, -1) except: self.log.error(_("Error changing user on %s: %s") % (file, sys.exc_value)) + else: + self.log.warn(_("Bad owner of %s: should be %s") % (file, self.get_user_name(newuser))) if newgroup != None: - self.log.info(_("Enforcing group on %s to %s") % (file, self.get_group_name(newgroup))) if force and really_commit: + self.log.warn(_("Enforcing group on %s to %s") % (file, self.get_group_name(newgroup))) try: os.chown(file, -1, newgroup) except: self.log.error(_("Error changing group on %s: %s") % (file, sys.exc_value)) + else: + self.log.warn(_("Bad group of %s: should be %s") % (file, self.get_group_name(newgroup))) # permissions should be last, as chown resets them # on suid files if newperm != None: - self.log.info(_("Enforcing permissions on %s to %o") % (file, newperm)) if force and really_commit: + self.log.warn(_("Enforcing permissions on %s to %o") % (file, newperm)) try: os.chmod(file, newperm) except: self.log.error(_("Error changing permissions on %s: %s") % (file, sys.exc_value)) + else: + self.log.warn(_("Bad permissions of %s: should be %o") % (file, newperm)) def check_perms(self, perms): diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py index a0f1676..3cba97e 100755 --- a/src/msec/msecperms.py +++ b/src/msec/msecperms.py @@ -119,7 +119,8 @@ if __name__ == "__main__": # logs to file and to terminal log = Log(log_path=config.SECURITYLOG, interactive=True, log_syslog=False, log_level=log_level) else: - log = Log(log_path=config.SECURITYLOG, interactive=False, log_level=log_level) + log_level = logging.WARN + log = Log(log_path=config.SECURITYLOG, interactive=True, log_syslog=False, log_level=log_level) # loading permissions permconf = config.PermConfig(log, config=config.PERMCONF) |