Add epylog role to log01.

2014-07-18 17:50:29 +00:00 · 2014-07-18 17:50:29 +00:00 · 7efe08a558
commit 7efe08a558
parent 8adb643de6
34 changed files with 3102 additions and 0 deletions
--- a/roles/epylog/files/modules/selinux_mod.py
+++ b/roles/epylog/files/modules/selinux_mod.py
@ -0,0 +1,116 @@
+#!/usr/bin/python -tt
+"""
+Reports on selinux messages
+
+Jeremy Kindy (kindyjd at wfu.edu), Wake Forest University
+"""
+
+import sys
+import re
+
+##
+# This is for testing purposes, so you can invoke this from the
+# modules directory. See also the testing notes at the end of the
+# file.
+#
+sys.path.insert(0, '../py/')
+from epylog import Result, InternalModule
+
+class selinux_mod(InternalModule):
+    def __init__(self, opts, logger):
+        InternalModule.__init__(self)
+        self.logger = logger
+        self.logger.put(3, 'initializing selinux')
+        rc = re.compile
+
+        self.ignore = 0
+        self.preventing = 1
+
+        selinux_map = {
+            rc('.*setroubleshoot\: SELinux is preventing'): self.selinux
+            }
+
+        do_selinux = int(opts.get('enable_selinux', '1'))
+
+        self.regex_map = {}
+        if do_selinux: self.regex_map.update(selinux_map)
+        
+        self.selinux_message_re = rc('setroubleshoot: (.*). For complete SELinux')
+
+        self.selinux_title = '<font color="blue">SELinux Report</font>'
+        self.selinux_preventing_title = '<font color="blue">SELinux Prevention Report</font>'
+
+        self.report_wrap = '<table border="0" width="100%%" rules="cols" cellpadding="2">%s</table>'
+        self.subreport_wrap = '<tr><th colspan="2" align="left"><h3>%s</h3></th></tr>\n%s'
+        
+        self.line_rep = '<tr%s><td valign="top" width="25%%">%s</td><td valign="top" width="75%%">%s</td></tr>\n'
+
+        self.flip = ' bgcolor="#dddddd"'
+
+
+    ##
+    # Line-matching routines
+    #
+    def selinux(self, linemap):
+        action = self.preventing
+        self.logger.put(3, 'selinux invoked')
+        sys, msg, mult = self.get_smm(linemap)
+
+        self.logger.put(3, 'test selinux %d' % mult)
+        message = self._get_selinux_message(msg)
+        self.logger.put(3, 'selinux message: %s' % message)
+
+        restuple = self._mk_restuple(sys, action, message)
+        self.logger.put(3, 'selinux finished')
+        return {restuple: mult}
+
+
+    ##
+    # Helpers
+    #
+    def _mk_restuple(self, sys, action, message):
+        return (action, message, sys)
+
+    def _get_selinux_message(self, str):
+        message = 'unknown'
+        mo = self.selinux_message_re.search(str)
+        if mo: message = mo.group(1)
+        return message
+
+
+    ####
+    # Finalize the report
+    def finalize(self, rs):
+        logger = self.logger
+        ##
+        # Prepare report
+        #
+        report = ''
+        rep = {}
+
+        # (action, message)
+        for action in [self.preventing]:
+            rep[action] = ''
+            flipper = ''
+            for message in rs.get_distinct((action,)):
+                if flipper: flipper = ''
+                else: flipper = self.flip
+                service_rep = []
+
+                for system in rs.get_distinct((action, message,)):
+                    service_rep.append(system)
+
+                system_list = ', '.join(service_rep)
+                rep[action] += self.line_rep % (flipper, message, system_list)
+
+        if rep[self.preventing]:
+            report += self.subreport_wrap % (self.selinux_preventing_title, rep[self.preventing])
+            logger.put(3, 'selinux report: self.preventing added')
+
+        report = self.report_wrap % report
+        return report
+
+
+if __name__ == '__main__':
+    from epylog.helpers import ModuleTest
+    ModuleTest(selinux_mod, sys.argv)