YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add a regenconf diagnoser to report manually modified files...

Browse source
This commit is contained in:
Alexandre Aubin 2019-07-31 21:25:44 +02:00
parent 0dc1909c68
commit 4cbd1b06c2
3 changed files with 69 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
data/hooks/diagnosis/70-regenconf.py Normal file
View file

@ -0,0 +1,42 @@
#!/usr/bin/env python
import os
from yunohost.diagnosis import Diagnoser
from yunohost.regenconf import manually_modified_files, manually_modified_files_compared_to_debian_default
class RegenconfDiagnoser(Diagnoser):
id_ = os.path.splitext(os.path.basename(__file__))[0].split("-")[1]
cache_duration = 300
dependencies = []
def run(self):
regenconf_modified_files = manually_modified_files()
debian_modified_files = manually_modified_files_compared_to_debian_default(ignore_handled_by_regenconf=True)
if regenconf_modified_files == []:
yield dict(meta={"test": "regenconf"},
status="SUCCESS",
summary=("diagnosis_regenconf_allgood", {})
)
else:
for f in regenconf_modified_files:
yield dict(meta={"test": "regenconf", "file": f},
status="WARNING",
summary=("diagnosis_regenconf_manually_modified", {"file": f}),
details=[("diagnosis_regenconf_manually_modified_details", {})]
)
for f in debian_modified_files:
yield dict(meta={"test": "debian", "file": f},
status="WARNING",
summary=("diagnosis_regenconf_manually_modified_debian", {"file": f}),
details=[("diagnosis_regenconf_manually_modified_debian_details", {})]
)
def main(args, env, loggers):
return RegenconfDiagnoser(args, env, loggers).diagnose()

5
locales/en.json
View file

@ -174,6 +174,11 @@
"diagnosis_diskusage_verylow": "Storage {mountpoint} (on device {device}) has only {free_percent}% space remaining. You should really consider cleaning up some space.", "diagnosis_diskusage_verylow": "Storage {mountpoint} (on device {device}) has only {free_percent}% space remaining. You should really consider cleaning up some space.",
"diagnosis_diskusage_low": "Storage {mountpoint} (on device {device}) has only {free_percent}% space remaining. Be careful", "diagnosis_diskusage_low": "Storage {mountpoint} (on device {device}) has only {free_percent}% space remaining. Be careful",
"diagnosis_diskusage_ok": "Storage {mountpoint} (on device {device}) still has {free_percent}% space left!", "diagnosis_diskusage_ok": "Storage {mountpoint} (on device {device}) still has {free_percent}% space left!",
"diagnosis_regenconf_allgood": "All configurations files are in line with the recommended configuration!",
"diagnosis_regenconf_manually_modified": "Configuration file {file} was manually modified.",
"diagnosis_regenconf_manually_modified_details": "This is probably OK as long as you know what you're doing ;) !",
"diagnosis_regenconf_manually_modified_debian": "Configuration file {file} was manually modified compared to Debian's default.",
"diagnosis_regenconf_manually_modified_debian_details": "This may probably be OK, but gotta keep an eye on it...",
"diagnosis_description_ip": "Internet connectivity", "diagnosis_description_ip": "Internet connectivity",
"diagnosis_description_dnsrecords": "DNS records", "diagnosis_description_dnsrecords": "DNS records",
"diagnosis_description_services": "Services status check", "diagnosis_description_services": "Services status check",

43
src/yunohost/regenconf.py
View file

@ -525,31 +525,32 @@ def _process_regen_conf(system_conf, new_conf=None, save=True):
def manually_modified_files(): def manually_modified_files():
# We do this to have --quiet, i.e. don't throw a whole bunch of logs
# just to fetch this...
# Might be able to optimize this by looking at what the regen conf does
# and only do the part that checks file hashes...
cmd = "yunohost tools regen-conf --dry-run --output-as json --quiet"
j = json.loads(subprocess.check_output(cmd.split()))
# j is something like :
# {"postfix": {"applied": {}, "pending": {"/etc/postfix/main.cf": {"status": "modified"}}}
output = [] output = []
for app, actions in j.items(): regenconf_categories = _get_regenconf_infos()
for action, files in actions.items(): for category, infos in regenconf_categories.items():
for filename, infos in files.items(): conffiles = infos["conffiles"]
if infos["status"] == "modified": for path, hash_ in conffiles.items():
output.append(filename) if hash_ != _calculate_hash(path):
output.append(path)
return output return output
def manually_modified_files_compared_to_debian_default(): def manually_modified_files_compared_to_debian_default(ignore_handled_by_regenconf=False):
# from https://serverfault.com/a/90401 # from https://serverfault.com/a/90401
r = subprocess.check_output("dpkg-query -W -f='${Conffiles}\n' '*' \ files = subprocess.check_output("dpkg-query -W -f='${Conffiles}\n' '*' \
| awk 'OFS=\" \"{print $2,$1}' \ | awk 'OFS=\" \"{print $2,$1}' \
| md5sum -c 2>/dev/null \ | md5sum -c 2>/dev/null \
| awk -F': ' '$2 !~ /OK/{print $1}'", shell=True) | awk -F': ' '$2 !~ /OK/{print $1}'", shell=True)
return r.strip().split("\n") files = files.strip().split("\n")
if ignore_handled_by_regenconf:
regenconf_categories = _get_regenconf_infos()
regenconf_files = []
for infos in regenconf_categories.values():
regenconf_files.extend(infos["conffiles"].keys())
files = [f for f in files if f not in regenconf_files]
return files