U i©¹d ã@s*ddlmZmZmZGdd„deeƒZdS)é)ÚPluginÚIndependentPluginÚ PluginOptc@sBeZdZdZdZdZeddeddgZdd „Z d d „Z d d „Z dS)ÚSshzSecure shell serviceZssh)ÚservicesZsecurityÚsystemZidentityÚ userconfsTz5Changes whether module will collect user .ssh configs)ÚdefaultZval_typeZdesccCsB| dddœ¡ddg}| |¡| |¡| d¡r>| ¡dS)NZ sshd_configZ ssh_config)z/etc/ssh/sshd_config$z/etc/ssh/ssh_config$z/etc/ssh/ssh_configz/etc/ssh/sshd_configr)Z add_file_tagsÚ add_copy_specÚincluded_configsZ get_optionÚuser_ssh_files_permissions)ÚselfÚsshcfgs©rú8/usr/lib/python3/dist-packages/sos/report/plugins/ssh.pyÚsetupsþþ   z Ssh.setupc Cs z†|D]|}| d¡d}t| |¡dƒT}|D]H}t| ¡ƒdks.| d¡rNq.| ¡ d¡r.| ¡}|j|d|dq.W5QRXqWntk ršYnXdS) Nú/éÿÿÿÿÚrrú#Zincludeé)Ztags)ÚsplitÚopenÚ path_joinÚlenÚ startswithÚlowerr Ú Exception)r rZsshcfgÚtagZcfgfileÚlineZconfargrrrr 0s$zSsh.included_configsc CsÀ| d¡}|dr\z&t| d¡ƒ}| ¡}W5QRXWqhtk rX| d¡YdSXn |d ¡}|D]N}z4| | d¡dd ¡}| |¡r¢|  d   |¡¡Wqlt k r¸YqlXqldS) z  Iterate over .ssh folders in user homes to see their permissions. Bad permissions can prevent SSH from allowing access to given user. z getent passwdZstatusz /etc/passwdzCouldn't read /etc/passwdNÚoutputú:éz.sshz ls -laZ {}) Zexec_cmdrrÚ readlinesrZ _log_errorÚ splitlinesrZ path_isdirZadd_cmd_outputÚformatÚ IndexError)r Z users_dataZ passwd_fileZusers_data_linesZusr_lineZhome_dirrrrr As      zSsh.user_ssh_files_permissionsN) Ú__name__Ú __module__Ú __qualname__Z short_descZ plugin_nameZprofilesrÚstrZ option_listrr r rrrrrsÿÿrN)Zsos.report.pluginsrrrrrrrrÚ s