File: create_audit_rules_execution.py

package info (click to toggle)
scap-security-guide 0.1.39-2
  • links: PTS, VCS
  • area: main
  • in suites: buster, sid
  • size: 31,836 kB
  • sloc: xml: 129,736; python: 7,462; sh: 3,796; makefile: 27
file content (56 lines) | stat: -rwxr-xr-x 1,762 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/python2

#
# create_audit_rules_execution.py
#        generate template-based checks for privileged commands rules
# WARNING: this class uses the templates from audit_rules_privileged_commands as they are pretty much the same


from template_common import FilesGenerator, UnknownTargetError

import os
import re


class AuditRulesExecutionGenerator(FilesGenerator):
    def generate(self, target, args):
        path = args[0]
        name = os.path.basename(path).replace('[-\./]', '_')
        if target == "oval":
            self.file_from_template(
                "./template_OVAL_audit_rules_privileged_commands",
                {
                    "%ID%": "audit_rules_execution_" + name,
                    "%TITLE%": "Record Any Attempts to Run " + name,
                    "%NAME%":	name,
                    "%PATH%":	path.replace("/", "\\/")
                },
                "./oval/audit_rules_execution_{0}.xml", name
            )

        elif target == "bash":
            self.file_from_template(
                "./template_BASH_audit_rules_privileged_commands",
                {
                    "%PATH%":	path
                },
                "./bash/audit_rules_execution_{0}.sh", name
            )

        elif target == "ansible":
            self.file_from_template(
                "./template_ANSIBLE_audit_rules_privileged_commands",
                {
                    "%NAME%":	name,
                    "%PATH%":	path
                },
                "./ansible/audit_rules_execution_{0}.yml", name
            )

        else:
            raise UnknownTargetError(target)

    def csv_format(self):
        return("CSV should contains lines of the format: " +
               "PATH")