diff options
| author | hagbard <vyosdev@derith.de> | 2020-08-28 12:01:29 -0700 | 
|---|---|---|
| committer | hagbard <vyosdev@derith.de> | 2020-08-28 12:09:55 -0700 | 
| commit | c29ed43a720f0205dbafa26a0048076bba9d7333 (patch) | |
| tree | 65e1e4da5570ca6a519aa26cfde699a1f1758d5e | |
| parent | da9ec80f80b15d88d3bc2bc1ee13e7136ee14c97 (diff) | |
| download | vyos-1x-c29ed43a720f0205dbafa26a0048076bba9d7333.tar.gz vyos-1x-c29ed43a720f0205dbafa26a0048076bba9d7333.zip | |
T2836: show system integrity broken
| -rw-r--r-- | op-mode-definitions/show-system.xml | 2 | ||||
| -rwxr-xr-x | src/op_mode/show_system_integrity.py | 70 | ||||
| -rwxr-xr-x | src/op_mode/system_integrity.py | 70 | 
3 files changed, 71 insertions, 71 deletions
| diff --git a/op-mode-definitions/show-system.xml b/op-mode-definitions/show-system.xml index 1b98b559b..0623e3b62 100644 --- a/op-mode-definitions/show-system.xml +++ b/op-mode-definitions/show-system.xml @@ -59,7 +59,7 @@              <properties>                <help>Checks overall system integrity</help>              </properties> -            <command>sudo ${vyos_op_scripts_dir}/system_integrity.py</command> +            <command>sudo ${vyos_op_scripts_dir}/show_system_integrity.py</command>            </leafNode>            <leafNode name="kernel-messages">              <properties> diff --git a/src/op_mode/show_system_integrity.py b/src/op_mode/show_system_integrity.py new file mode 100755 index 000000000..c34d41e80 --- /dev/null +++ b/src/op_mode/show_system_integrity.py @@ -0,0 +1,70 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2020 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program.  If not, see <http://www.gnu.org/licenses/>. +# +# + +import sys +import os +import re +import json +from datetime import datetime, timedelta + +version_file = r'/usr/share/vyos/version.json' + + +def _get_sys_build_version(): +    if not os.path.exists(version_file): +        return None +    buf = open(version_file, 'r').read() +    j = json.loads(buf) +    if not 'built_on' in j: +        return None +    return datetime.strptime(j['built_on'], '%a %d %b %Y %H:%M %Z') + + +def _check_pkgs(build_stamp): +    pkg_diffs = { +        'buildtime': str(build_stamp), +        'pkg': {} +    } + +    pkg_info = os.listdir('/var/lib/dpkg/info/') +    for file in pkg_info: +        if re.search('\.list$', file): +            fts = os.stat('/var/lib/dpkg/info/' + file).st_mtime +            dt_str = (datetime.utcfromtimestamp( +                fts).strftime('%Y-%m-%d %H:%M:%S')) +            fdt = datetime.strptime(dt_str, '%Y-%m-%d %H:%M:%S') +            if fdt > build_stamp: +                pkg_diffs['pkg'].update( +                    {str(re.sub('\.list', '', file)): str(fdt)}) + +    if len(pkg_diffs['pkg']) != 0: +        return pkg_diffs +    else: +        return None + + +if __name__ == '__main__': +    built_date = _get_sys_build_version() +    if not built_date: +        sys.exit(1) +    pkgs = _check_pkgs(built_date) +    if pkgs: +        print ( +            "The following packages don\'t fit the image creation time\nbuild time:\t" + pkgs['buildtime']) +        for k, v in pkgs['pkg'].items(): +            print ("installed: " + v + '\t' + k) diff --git a/src/op_mode/system_integrity.py b/src/op_mode/system_integrity.py deleted file mode 100755 index c0e3d1095..000000000 --- a/src/op_mode/system_integrity.py +++ /dev/null @@ -1,70 +0,0 @@ -#!/usr/bin/env python3 -# -# Copyright (C) 2018 VyOS maintainers and contributors -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 or later as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program.  If not, see <http://www.gnu.org/licenses/>. -# -# - -import sys -import os -import re -import itertools -from datetime import datetime, timedelta - -from vyos.util import cmd - -verf = r'/usr/libexec/vyos/op_mode/version.py' - -def get_sys_build_version(): -  if not os.path.exists(verf): -    return None - -  a = cmd('/usr/libexec/vyos/op_mode/version.py') -  if re.search('^Built on:.+',a, re.M) == None: -    return None - -  dt = ( re.sub('Built on: +','', re.search('^Built on:.+',a, re.M).group(0)) ) -  return datetime.strptime(dt,'%a %d %b %Y %H:%M %Z') - -def check_pkgs(dt): -  pkg_diffs = { -    'buildtime' : str(dt), -    'pkg'  : {} -  } - -  pkg_info = os.listdir('/var/lib/dpkg/info/') -  for file in pkg_info: -    if re.search('\.list$', file): -      fts = os.stat('/var/lib/dpkg/info/' + file).st_mtime -      dt_str = (datetime.utcfromtimestamp(fts).strftime('%Y-%m-%d %H:%M:%S')) -      fdt =  datetime.strptime(dt_str, '%Y-%m-%d %H:%M:%S') -      if fdt > dt: -        pkg_diffs['pkg'].update( { str(re.sub('\.list','',file)) : str(fdt)}) - -  if len(pkg_diffs['pkg']) != 0: -    return pkg_diffs -  else: -    return None - -def main(): -  dt = get_sys_build_version() -  pkgs = check_pkgs(dt) -  if pkgs != None: -    print ("The following packages don\'t fit the image creation time\nbuild time:\t" + pkgs['buildtime']) -    for k, v in pkgs['pkg'].items(): -      print ("installed: " + v + '\t' + k) - -if __name__ == '__main__': -  sys.exit( main() ) - | 
