aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorEugeni Dodonov <eugeni@mandriva.org>2009-01-06 23:53:26 +0000
committerEugeni Dodonov <eugeni@mandriva.org>2009-01-06 23:53:26 +0000
commit13f9b65dec5018f4c07bf4b918f65801de1ae90d (patch)
treec309b00273d3ec3c2f147b00ef3bd1cd6e9d7ddd /src
parent7faae668f95d211bc8de66e920c94d662d260794 (diff)
downloadmsec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.gz
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.bz2
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.tar.xz
msec-13f9b65dec5018f4c07bf4b918f65801de1ae90d.zip
Non-interactive permissions checking.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/msec/libmsec.py12
-rwxr-xr-xsrc/msec/msecperms.py3
2 files changed, 11 insertions, 4 deletions
diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py
index 1083904..b3dc283 100755
--- a/src/msec/libmsec.py
+++ b/src/msec/libmsec.py
@@ -1651,28 +1651,34 @@ class PERMS:
force = True
if newuser != None:
- self.log.info(_("Enforcing user on %s to %s") % (file, self.get_user_name(newuser)))
if force and really_commit:
+ self.log.warn(_("Enforcing user on %s to %s") % (file, self.get_user_name(newuser)))
try:
os.chown(file, newuser, -1)
except:
self.log.error(_("Error changing user on %s: %s") % (file, sys.exc_value))
+ else:
+ self.log.warn(_("Bad owner of %s: should be %s") % (file, self.get_user_name(newuser)))
if newgroup != None:
- self.log.info(_("Enforcing group on %s to %s") % (file, self.get_group_name(newgroup)))
if force and really_commit:
+ self.log.warn(_("Enforcing group on %s to %s") % (file, self.get_group_name(newgroup)))
try:
os.chown(file, -1, newgroup)
except:
self.log.error(_("Error changing group on %s: %s") % (file, sys.exc_value))
+ else:
+ self.log.warn(_("Bad group of %s: should be %s") % (file, self.get_group_name(newgroup)))
# permissions should be last, as chown resets them
# on suid files
if newperm != None:
- self.log.info(_("Enforcing permissions on %s to %o") % (file, newperm))
if force and really_commit:
+ self.log.warn(_("Enforcing permissions on %s to %o") % (file, newperm))
try:
os.chmod(file, newperm)
except:
self.log.error(_("Error changing permissions on %s: %s") % (file, sys.exc_value))
+ else:
+ self.log.warn(_("Bad permissions of %s: should be %o") % (file, newperm))
def check_perms(self, perms):
diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py
index a0f1676..3cba97e 100755
--- a/src/msec/msecperms.py
+++ b/src/msec/msecperms.py
@@ -119,7 +119,8 @@ if __name__ == "__main__":
# logs to file and to terminal
log = Log(log_path=config.SECURITYLOG, interactive=True, log_syslog=False, log_level=log_level)
else:
- log = Log(log_path=config.SECURITYLOG, interactive=False, log_level=log_level)
+ log_level = logging.WARN
+ log = Log(log_path=config.SECURITYLOG, interactive=True, log_syslog=False, log_level=log_level)
# loading permissions
permconf = config.PermConfig(log, config=config.PERMCONF)