U -Ø_gã@s>ddlZddlmZddlmZmZmZGdd„deeƒZdS)éN©Úglob)ÚPluginÚIndependentPluginÚ PluginOptc@sBeZdZdZdZdZeddeddgZdd „Z d d „Z d d „Z dS)ÚSshzSecure shell serviceZssh)ÚservicesZsecurityÚsystemZidentityÚ userconfsTz5Changes whether module will collect user .ssh configs)ÚdefaultZval_typeZdesccCsD| dddœ¡dddg}| |¡| |¡| d¡r@| ¡dS)NZ sshd_configZ ssh_config)z/etc/ssh/sshd_config$z/etc/ssh/ssh_config$z/etc/ssh/ssh_configz/etc/ssh/sshd_configz/etc/ssh/sshd_config.d/*r )Z add_file_tagsÚ add_copy_specÚincluded_configsZ get_optionÚuser_ssh_files_permissions)ÚselfÚsshcfgs©rú8/usr/lib/python3/dist-packages/sos/report/plugins/ssh.pyÚsetupsþý   z Ssh.setupc Cs¼z¢dd„dd„|DƒDƒ}|D]€}| d¡d}t| |¡dddT}|D]H}t| ¡ƒd ksJ| d ¡rjqJ| ¡ d ¡rJ| ¡}|j|d |d qJW5QRXqWntk r¶YnXdS)z Include subconfig files cSsg|]}|D]}|‘q qSrr)Ú.0ÚfilesÚfrrrÚ 7sþz(Ssh.included_configs..cSsg|]}t|dd‘qS)T)Ú recursiver)rZcopyspecrrrr8sú/éÿÿÿÿÚrúUTF-8©Úencodingrú#Zincludeé)ZtagsN)ÚsplitÚopenÚ path_joinÚlenÚ startswithÚlowerr Ú Exception)rrZcfgfilesZsshcfgÚtagZcfgfileÚlineZconfargrrrr 3s(ÿÿ ÿ$zSsh.included_configsc CsÐt ¡}i}zDtdddd,}|D] }| ¡dd…\}}|||<q"W5QRXWn tk rp| d¡YdSXd d d h}|D]J}|j|kr²||j|kr²| d |j›d ¡q€| |jd¡} |  | ¡q€dS)z  Iterate over .ssh folders in user homes to see their permissions. Bad permissions can prevent SSH from allowing access to given user. z /proc/mountsrrrr ézCouldn't read /proc/mountsNZnfsZnfs4ZautofszSkipping capture in z because it's a remote directoryz.ssh) ÚpwdZgetpwallr"r!r'Z _log_errorÚpw_dirZ _log_infor#Zadd_dir_listing) rZ users_dataZ fs_mount_infoZ mounts_filer)Zfs_fileZ fs_vstypeZ non_local_fsÚuserZhome_dirrrrrKs*    ÿ ÿzSsh.user_ssh_files_permissionsN) Ú__name__Ú __module__Ú __qualname__Z short_descZ plugin_nameZprofilesrÚstrZ option_listrr rrrrrrsÿÿr)r+rZsos.report.pluginsrrrrrrrrÚ s