From 8fc2513d31e04a92c5731c67b44d038630132931 Mon Sep 17 00:00:00 2001 From: chenxinquan Date: Thu, 16 Nov 2023 15:28:11 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E5=9F=BA=E7=BA=BF=E6=89=AB?= =?UTF-8?q?=20=E6=8F=8F=E9=A1=B9'63shadow=E6=96=87=E4=BB=B6=E5=AD=98?= =?UTF-8?q?=E5=9C=A8=E8=AE=BF=E9=97=AE=E6=8E=A7=E5=88=B6=E6=9C=BA=E5=88=B6?= =?UTF-8?q?'?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../63/63shadow文件存在访问控制机制.py | 71 +++++++++++++++++++ .../63/63shadow文件存在访问控制机制.yaml | 22 ++++++ 2 files changed, 93 insertions(+) create mode 100755 data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.py create mode 100755 data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.yaml diff --git a/data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.py b/data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.py new file mode 100755 index 0000000..5e8bd5b --- /dev/null +++ b/data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.py @@ -0,0 +1,71 @@ + +import os +import sys + +################################ +# 常量 + +# for get_env_lang() +STR_GET_ENV_LANG_ZH = "语言环境为中文" +STR_GET_ENV_LANG_EN = "语言环境为英文" +STR_GET_ENV_LANG_UNKNOW = "语言环境未知" + +################################ +# 环境检查函数 + +def get_env_lang(): +# lang = os.getenv("LANG") +# if lang.startswith("zh"): +# return STR_GET_ENV_LANG_ZH +# elif lang.startswith("en"): +# return STR_GET_ENV_LANG_EN +# else: +# return STR_GET_ENV_LANG_UNKNOW +# + if arg_lang == "zh": + return STR_GET_ENV_LANG_ZH + elif arg_lang == "en": + return STR_GET_ENV_LANG_EN + else: + return STR_GET_ENV_LANG_UNKNOW + +def is_root(): + if os.geteuid() == 0: + print(STR_IS_ROOT_TRUE) + return True + else: + print(STR_IS_ROOT_FALSE) + return False + +################################ +# 辅助函数 +def l_print(zh_str, en_str) : + if STR_GET_ENV_LANG_ZH == get_env_lang() : + print(zh_str); + else : + print(en_str); + + +################################ +# 功能函数 +def etc_shadow(): + output = os.popen('ls -l /etc/shadow 2>&1').read().strip() + + + if "-rw-r-----" in output and "root shadow" in output: + l_print("[OK] 测试通过", + "[OK] pass") + else: + l_print("[ERROR] 测试未通过", + "[ERROR] fail") + +################################ +# main +if __name__ == "__main__": + if len(sys.argv)>1: + arg_lang = sys.argv[1] + else: + arg_lang = 'zh' + + etc_shadow() + exit(0) diff --git a/data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.yaml b/data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.yaml new file mode 100755 index 0000000..59943ff --- /dev/null +++ b/data/BaseLine/LocalServices/TestingDepartmentPrivateUseCases/63/63shadow文件存在访问控制机制.yaml @@ -0,0 +1,22 @@ +FormatVer: 20230623 +Id: etc_shadow +Belong: baseline +SiteInfo: + Name: 63shadow文件存在访问控制机制 +Power : "root" +SiteRequests: + Implement: + ImArray: + - Inter : python3 + InterArgs : + Exec : 63shadow文件存在访问控制机制.py + Args : + Inter: + - "[ERROR]" + Condition: None +RepairArgs: + - Inter : python3 + InterArgs : + Exec : + Args : + RepairPower: #root # root权限或者普通用户权限