YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

[mod] move spectre-meltdown check to diagnosis function

Browse source
This commit is contained in:
Laurent Peuch 2018-01-05 16:30:33 +01:00
parent b60d8ca822
commit a934b3fd19
2 changed files with 9 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
data/actionsmap/yunohost.yml
View file

@ -1460,11 +1460,6 @@ tools:
full: --force
action: store_true
### tools_reboot()
meltdown-spectre-check:
action_help: Check if the server is vulnerable to meltdown/spectre
api: GET /meltdown-spectre-check
subcategories:
migrations:

17
src/yunohost/tools.py
View file

@ -42,8 +42,12 @@ import apt.progress
from moulinette import msettings, msignals, m18n
from moulinette.core import MoulinetteError, init_authenticator
from moulinette.utils.log import getActionLogger
<<<<<<< b60d8ca822d08c8e3fdf8a17505ff3e285b28164
from moulinette.utils.process import check_output
from moulinette.utils.filesystem import read_json, write_to_json
=======
from moulinette.utils.filesystem import read_json, write_to_json, read_file
>>>>>>> [mod] move spectre-meltdown check to diagnosis function
from yunohost.app import app_fetchlist, app_info, app_upgrade, app_ssowatconf, app_list, _install_appslist_fetch_cron
from yunohost.domain import domain_add, domain_list, get_public_ip, _get_maindomain, _set_maindomain
from yunohost.dyndns import _dyndns_available, _dyndns_provides
@ -632,6 +636,11 @@ def tools_diagnosis(auth, private=False):
diagnosis['private']['regen_conf'] = service_regen_conf(with_diff=True, dry_run=True)
diagnosis['security'] = {
# source https://askubuntu.com/questions/992137/how-to-check-that-kpti-is-enabled-on-my-ubuntu
"spectre-meltdown": "cpu_insecure" not in read_file("/proc/cpuinfo")
}
return diagnosis
@ -836,14 +845,6 @@ def tools_migrations_state():
return read_json(MIGRATIONS_STATE_PATH)
def tools_meltdown_spectre_check():
"""
Check if the installation is vulnerable to meltdown/spectre.
"""
# source https://askubuntu.com/questions/992137/how-to-check-that-kpti-is-enabled-on-my-ubuntu
return {"safe": "cpu_insecure" in open("/proc/cpuinfo")}
def tools_shell(auth, command=None):
"""
Launch an (i)python shell in the YunoHost context.