File: create_sockets_disabled.py

package info (click to toggle)
scap-security-guide 0.1.39-2
  • links: PTS, VCS
  • area: main
  • in suites: buster, sid
  • size: 31,836 kB
  • sloc: xml: 129,736; python: 7,462; sh: 3,796; makefile: 27
file content (58 lines) | stat: -rwxr-xr-x 1,683 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#!/usr/bin/env python2

#
# create_sockets_disabled.py
#   automatically generate checks for disabled sockets.
#
# NOTE: The file 'template_socket_disabled' should be located in the same
# working directory as this script. The template contains the following tags
# that *must* be replaced successfully in order for the checks to work.
#
# SOCKETNAME - the name of the socket that should be disabled
# PACKAGENAME - the name of the package that installs the socket
#

import sys
import re

from template_common import *

def output_checkfile(socketinfo):
    # get the items out of the list
    socketname, packagename = socketinfo

    file_content = load_modified(
        "./template_socket_disabled",
        { "SOCKETNAME":  socketname }
    )

    if packagename:
        file_from_template(
            "./template_socket_disabled",
            {
                "SOCKETNAME":  socketname,
                "PACKAGENAME": packagename
            },
            "./oval/socket_{0}_disabled.xml", socketname
        )

    else:
        file_from_template(
            "./template_socket_disabled",
            {
                "SOCKETNAME":  socketname,
            },
            regex_replace = [
                ("\n\s*<criteria.*>\n\s*<extend_definition.*/>", ""),
                ("\s*</criteria>\n\s*</criteria>", "\n    </criteria>")
            ],
            filename_format = "./oval/socket_{0}_disabled.xml",
            filename_value = socketname
        )

def csv_format():
    return ("Provide a CSV file containing lines of the format: " +
               "socketname,packagename")

if __name__ == "__main__":
    main(sys.argv, csv_format(), output_checkfile)