%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/beacons/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/beacons/btmp.pyc

�
���^c
@@sPdZddlmZmZddlZddlZddlZddlZddlZ	ddl
Z	ddlZ	ddlm
Z
dZdZdZdd	d
ddd
ddddg
Zeje�ZdZeje�ZyddljZeZWnek
reZnXd�Zd�Z d�Z!d�Z"d�Z#d�Z$d�Z%dS(u?	
Beacon to fire events at failed login of users

.. versionadded:: 2015.5.0

Example Configuration
=====================

.. code-block:: yaml

    # Fire events on all failed logins
    beacons:
      btmp: []

    # Matching on user name, using a default time range
    beacons:
      btmp:
        - users:
            gareth:
        - defaults:
            time_range:
                start: '8am'
                end: '4pm'

    # Matching on user name, overriding the default time range
    beacons:
      btmp:
        - users:
            gareth:
                time_range:
                    start: '8am'
                    end: '4pm'
        - defaults:
            time_range:
                start: '8am'
                end: '4pm'

    # Matching on group name, overriding the default time range
    beacons:
      btmp:
        - groups:
            users:
                time_range:
                    start: '8am'
                    end: '4pm'
        - defaults:
            time_range:
                start: '8am'
                end: '4pm'


Use Case: Posting Failed Login Events to Slack
==============================================

This can be done using the following reactor SLS:

.. code-block:: jinja

    report-wtmp:
      runner.salt.cmd:
        - args:
          - fun: slack.post_message
          - channel: mychannel      # Slack channel
          - from_name: someuser     # Slack user
          - message: "Failed login from `{{ data.get('user', '') or 'unknown user' }}` on `{{ data['id'] }}`"

Match the event like so in the master config file:

.. code-block:: yaml

    reactor:

      - 'salt/beacon/*/btmp/':
        - salt://reactor/btmp.sls

.. note::
    This approach uses the :py:mod:`slack execution module
    <salt.modules.slack_notify>` directly on the master, and therefore requires
    that the master has a slack API key in its configuration:

    .. code-block:: yaml

        slack:
          api_key: xoxb-XXXXXXXXXXXX-XXXXXXXXXXXX-XXXXXXXXXXXXXXXXXXXXXXXX

    See the :py:mod:`slack execution module <salt.modules.slack_notify>`
    documentation for more information. While you can use an individual user's
    API key to post to Slack, a bot user is likely better suited for this. The
    :py:mod:`slack engine <salt.engines.slack>` documentation has information
    on how to set up a bot user.
i(tabsolute_importtunicode_literalsN(tmapubtmpu
/var/log/btmpthi32s4s32s256shhiii4i20xutypeuPIDulineuinittabuuseruhostnameuexit_statususessionutimeuaddrubtmp.loccC@stjjt�rtStS(N(tostpathtisfiletBTMPt__virtualname__tFalse(((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pyt__virtual__�sc@sc�s||fSt�t�s.t}d}nt�fd�dD��sYt}d}n||fS(u
    Check time range
    u>The time_range parameter for btmp beacon must be a dictionary.c3@s|]}|�kVqdS(N((t.0tk(ttrange(s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pys	<genexpr>�sustartuenduJThe time_range parameter for btmp beacon must contain start & end options.(ustartuend(t
isinstancetdictR	tall(R
tstatustmsg((R
s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pyt_validate_time_range�s
		cC@s`td|�}|s*tjd|�dSx/|dD]#}||kr5||||<q5q5WdS(u
    Gather group members
    u
group.infou"Group %s does not exist, ignoring.Numembers(t__salt__tlogtwarning(tgrouptgroupstuserst_grouptmember((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pyt_gather_group_members�scC@satrLtj|d�}tj|d�}t||koF|kn�Stjd�tSdS(u
    Check time range
    ustartuenduDateutil is required.N(t_TIME_SUPPORTEDtdateutil_parsertparsetboolRterrorR	(t
time_rangetnowt_startt_end((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pyt_check_time_range�s 
cC@sttkrttSdS(u)
    return the active file location
    N(tLOC_KEYt__context__(((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pyt_get_loc�scC@s�t}d}t|t�s*t}d}n�i}tt|j|��d|kr�t|dt�stt}d}nGxD|dD]8}|d|jdi�}t|||�\}}qW|s�||fSnd|krVt|dt�s�t}d}nGxD|dD]8}|d|jdi�}t|||�\}}qW|sV||fSnd|kr�t|dt�s�t}d	}n.|djdi�}t|||�\}}|s�||fSn||fS(
u+
    Validate the beacon configuration
    uValid beacon configurationu-Configuration for btmp beacon must be a list.uusersu8User configuration for btmp beacon must be a dictionary.u
time_rangeugroupsu9Group configuration for btmp beacon must be a dictionary.udefaultsu<Defaults configuration for btmp beacon must be a dictionary.(	tTrueRtlistR	RtupdateRtgetR(tconfigtvstatustvmsgt_configtusert_time_rangeR((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pytvalidate�sP		
	
	
c	C@s�g}i}i}d
}xY|D]Q}d|kr>|d}nd|krW|d}nd|kr|d}qqWtjjjtd��i}tjtd�}|dkr�|j	dd�|j
�tt<|S|j	|�xtr�tjj
�}|jt�}	t|	�tkr|S|j
�tt<tjt|	�}
i}x�tt�D]�\}}
|
|||
<t||
tjjj�rPt||
t�r�tjjj||
�||
<n||
jd�||
<qPqPWx|D]}t|||�q�W|r�|d|kr�||d}t|t�r]d	|kr]t |d	|�r�|j!|�q�q�|r�d	|kr�t |d	|�r�|j!|�q�q�|j!|�q�q�|r�d	|kr�t |d	|�r�|j!|�q�q�|j!|�q�WWd
QX|S(uM
    Read the last btmp file and return information on the failed logins
    uusersugroupsudefaultsurbiiuuuseru
time_rangeN("tNonetsalttutilstfilestfopenRR(R-R'tseekttellR*tdatetimeR#treadtSIZEtlentstructtunpacktFMTt	enumeratetFIELDSRtexttsixtstring_typestbyteststringutilst
to_unicodetstripRRR&tappend(R.tretRRtdefaultstconfig_itemtfp_tlocR#trawtpackteventtindtfieldRt_user((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pytbeacon
sd



	 

	(&t__doc__t
__future__RRR<tloggingRR@tsalt.utils.stringutilsR6tsalt.utils.filestsalt.ext.sixtsalt.ext.six.movesRRRRBRDtcalcsizeR>R't	getLoggert__name__Rtdateutil.parsertparserRR*RtImportErrorR	R
RRR&R)R4RX(((s5/usr/lib/python2.7/site-packages/salt/beacons/btmp.pyt<module>\sJ	


						=

Zerion Mini Shell 1.0