API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 1st, 2018
121
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.50 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/ruby
  2. =begin
  3. #- Description:
  4. We need to have a script to perform a periodically review of the user account that have a login permission to all Linux :server.
  5. our objective is to insure that the users exist on the system is authorized and only a val:id user.
  6.  
  7. !! We should have a list of authorized users for each customer !!
  8.  
  9. #~~~~~~~~~~~~~~~~~~~~~~~
  10. #=-Notes-=
  11. # sudo gem install net-ssh colorize
  12. # usage: luc.rb -l :server-list.txt
  13.  
  14. update-alternatives --config ruby
  15. update-alternatives --config gem
  16. #~~~~~~~~~~~~~~~~~~~~~~~
  17.  
  18. =end
  19.  
  20. require 'rubygems'
  21. require 'net/ssh'
  22. require 'colorize'
  23. require 'parseconfig'
  24. #require 'highline'
  25. #require 'crypt/blowfish'
  26.  
  27. $log_file = 'log.txt'
  28. $ok = "[ " + "SUCCESS!".green + " ]"
  29. $nok = "[ " + "FAILED".red + " ]"
  30. $time = "[ " + "TIMEOUT".yellow + " ]"
  31.  
  32.  
  33.  
  34. module Utils
  35. def cmd
  36. cmds =
  37. {
  38. :users => "awk -F: '$3 >= 500 {print $1,$3,$6}' /etc/passwd" ,
  39. :lastlog => 'lastlog -u emerg | grep -v "Username" | awk \'{print $6"-"$5"-"$9" @ "$7"("$8")"}\'',
  40. :ip => "sudo /sbin/ip addr | grep -i inet | grep -v -e inet6 -e 127.0.0.1 | awk '{print $2}'"
  41. }
  42. return cmds
  43. end
  44. end
  45.  
  46. class Connect
  47. # TODO brute force password & ports
  48.  
  49. def initialize(host , user , pass = "redhat" , port = 22)
  50. include Utils
  51. @host = host
  52. @user = user
  53. @pass = pass
  54. @port = port
  55. end
  56.  
  57. def ssh
  58. @ssh = Net::SSH.start( @host , @user , :password => pass , :port => @port , :timeout => 7 )
  59. end
  60.  
  61. end
  62.  
  63.  
  64.  
  65.  
  66. class Info
  67.  
  68. # We need to retrieve following info from servers
  69. #-> Customer
  70. # |--> Server
  71. # |---> Users
  72. # |- id
  73. # |- name
  74. # |- home
  75. # |- last login
  76. # |- Authorization
  77. =begin
  78. - Make iterate around each *_servers & *_users and make it as categories
  79. - check x_users depend on x_servers
  80. - if x_users is not exist , consider the general one "admin + dbas"
  81. =end
  82.  
  83. def initialize
  84. @config = ParseConfig.new('/home/conf1.conf')
  85. end
  86.  
  87. def customers
  88. group_list = @config.groups
  89. customers_groups = group_list[1..-1] # Exclude "authorized" group
  90. return customers_groups # ["customer1", "customer2", "customerX"]
  91. end
  92.  
  93. def all_users
  94. @config['authorized']['users'] = @config['authorized']['users'].delete(' ').delete("\t").delete("\n").strip.split(%r{,\s*})
  95. users = @config['authorized']['users']
  96. return users # ["user1", "user2", "userX"]
  97. end
  98.  
  99. def servers_category(customer_name)
  100. all_categories = @config["#{customer_name}"].keys
  101. servers_category = all_categories.delete_if{|param| param.include?("user")}
  102. return servers_category # ["x_servers" , "y_servers"]
  103. end
  104.  
  105. def servers(customer_name , category_servers) # It retrieves all server of category
  106. @config["#{customer_name}"]["#{category_servers}"] = @config["#{customer_name}"]["#{category_servers}"].delete(' ').delete("\t").delete("\n").strip.split(%r{,\s*})
  107. servers = @config["#{customer_name}"]["#{category_servers}"]
  108. return servers # ["server1" , "server2" , "serverX"]
  109. end
  110.  
  111. def users_category(customer_name)
  112. all_categories = @config["#{customer_name}"].keys
  113. users_category = all_categories.delete_if{|param| param.include?("server")}
  114. return users_category # ["x_users" , "y_users"]
  115. end
  116.  
  117. def users(customer_name , category_users = all_users) # same "server", It retrieves all users of category
  118. @config["#{customer_name}"]["#{category_users}"] = @config["#{customer_name}"]["#{category_users}"].delete(' ').delete("\t").delete("\n").strip.split(%r{,\s*})
  119. users = @config["#{customer_name}"]["#{category_users}"]
  120. return users # ["user1" , "user2" , "userX"]
  121. end
  122.  
  123.  
  124. def parse
  125.  
  126. end
  127.  
  128.  
  129. end
  130.  
  131.  
  132.  
  133. =begin
  134. config = Info.new
  135. puts "List all customers"
  136. p config.customers
  137. puts "List all Users"
  138. puts "\n\n\n"
  139.  
  140. p config.all_users
  141. puts "\n\n\n"
  142.  
  143. puts "List all Customers' Servers Categories"
  144. config.customers.each do |customer|
  145. p config.servers_category(customer)
  146. end
  147. puts "\n\n\n"
  148.  
  149. puts "List all Servers in Categories for each customer"
  150. config.customers.each do |customer|
  151. config.servers_category(customer).each do |category|
  152. p category , config.servers(customer ,category )
  153. end
  154. end
  155. puts "\n\n\n"
  156.  
  157. puts "List all Customers' Users Categories"
  158. config.customers.each do |customer|
  159. p config.users_category(customer)
  160. end
  161. puts "\n\n\n"
  162.  
  163. puts "List all Customers' Users Categories"
  164. config.customers.each do |customer|
  165. config.users_category(customer).each do |category|
  166. p customer, category , config.users(customer ,category )
  167. end
  168. end
  169. =end
  170.  
  171.  
  172.  
  173. #class Lua
  174. #
  175. # def initialize
  176. # @info = Info.new
  177. # #@ssh = Connect.new
  178. # end
  179. #
  180. #
  181. #
  182. # def authorized?
  183. #
  184. # end
  185. #
  186. # def report
  187. #
  188. # end
  189. #
  190. #
  191. #end
  192.  
  193.  
  194.  
  195.  
  196.  
  197.  
  198.  
  199.  
  200.  
  201. # Good format
  202. #customing = {
  203. #
  204. # :customer1 =>
  205. # {:server1 => [{:id=>500 , :name=>"KING", :home=>"/:home/KING" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"},
  206. # {:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"}],
  207. # :server2 => [{:id=>500 , :name=>"KING", :home=>"/:home/KING" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"},
  208. # {:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"}]} ,
  209. #
  210. # :customer2 =>
  211. # {:server1 => [{:id=>500 , :name=>"KING", :home=>"/:home/KING" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"},
  212. # {:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"}],
  213. # :server2 => [{:id=>500 , :name=>"KING", :home=>"/:home/KING" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"},
  214. # {:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :lastlog => "29-Aug-2012 @ 15:16:06(+0300)"}]}
  215. #}
  216. ################
  217.  
  218. # customers = [
  219. # [:customer1 => [[:server1 => [
  220. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  221. # [:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :creation => "2-1-2012" , :lastlog => "23-7-2012"],
  222. # [:id=>502 , :name=>"KING2", :home=>"/:home/KING2" , :creation => "3-1-2012" , :lastlog => "23-7-2012"]
  223. # ]
  224. # ] ,
  225. # [:server2 => [
  226. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  227. # [:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :creation => "2-1-2012" , :lastlog => "23-7-2012"],
  228. # [:id=>502 , :name=>"KING2", :home=>"/:home/KING2" , :creation => "3-1-2012" , :lastlog => "23-7-2012"]
  229. # ]
  230. # ]
  231. # ]
  232. # ],
  233. #
  234. # [:customer1 => [[:server1 => [
  235. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  236. # [:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :creation => "2-1-2012" , :lastlog => "23-7-2012"],
  237. # [:id=>502 , :name=>"KING2", :home=>"/:home/KING2" , :creation => "3-1-2012" , :lastlog => "23-7-2012"]
  238. # ]
  239. # ] ,
  240. # [:server2 => [
  241. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  242. # [:id=>501 , :name=>"KING1", :home=>"/:home/KING1" , :creation => "2-1-2012" , :lastlog => "23-7-2012"],
  243. # [:id=>502 , :name=>"KING2", :home=>"/:home/KING2" , :creation => "3-1-2012" , :lastlog => "23-7-2012"]
  244. # ]
  245. # ]
  246. # ]
  247. # ]
  248. # ]
  249. #
  250. #customerss = {
  251. #
  252. # :customer1 => [
  253. # :server1 => [[:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  254. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"]
  255. # ], # server1
  256. #
  257. # :server2 => [[:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  258. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"]
  259. # ] #server2
  260. #
  261. # ] , #cust1
  262. #
  263. # :customer2 => [
  264. # :server1 => [[:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  265. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"]
  266. # ], # server1
  267. #
  268. # :server2 => [[:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"],
  269. # [:id=>500 , :name=>"KING", :home=>"/:home/KING" , :creation => "1-1-2012" , :lastlog => "23-7-2012"]
  270. # ] #server2
  271. #
  272. # ] #cust2
  273. #
  274. # } # end
  275. #
  276. #
  277.  
  278.  
  279.  
  280.  
  281.  
  282.  
  283.  
  284.  
  285.  
  286. =begin
  287. Net::SSH.start( host , user , :password => pass , :port => 15000 , :timeout => 7 ) do |ssh|
  288.  
  289. ssh.open_channel do |ch1|
  290.  
  291. ch1.on_request "exit-status" do |ch2, data|
  292. $exit_status = data.read_long
  293. end # end of ch2
  294.  
  295. ch1.request_pty do |ch3, success|
  296. puts ch3.exec("ls")
  297. if success
  298. puts "Success!!"
  299. puts ch3.exec("ls")
  300. end
  301. end # end of ch3
  302.  
  303. ch1.wait
  304. end # end of ch1
  305.  
  306. end # end of SSH.start
  307. =end
  308.  
  309.  
  310.  
  311.  
  312.  
  313.  
  314.  
  315.  
  316.  
  317.  
  318.  
  319.  
  320.  
  321.  
  322.  
  323.  
  324.  
  325.  
  326.  
  327.  
  328.  
  329.  
  330.  
  331.  
  332.  
  333.  
  334.  
  335.  
  336.  
  337.  
  338.  
  339.  
  340.  
  341.  
  342.  
  343. #list = ARGV[0]
  344.  
  345. #question = HighLine.new
  346. #pass = question.ask("Enter sudo user password: ") { |q| q.echo = "★" }
  347.  
  348.  
  349.  
  350.  
  351. #blowfish = Crypt::Blowfish.new("A key up to 56 bytes long")
  352. #plainBlock = "ABCD1234"
  353. #encryptedBlock = blowfish.encrypt_block(plainBlock)
  354. #decryptedBlock = blowfish.decrypt_block(encryptedBlock)
  355. #
  356. #
  357. #if list == nil
  358. # puts "Usage: ruby check-my-root.rb [FILE :name]"
  359. # exit
  360. #end
  361. #
  362. #
  363. #
  364. #class Info
  365. #
  366. # def initialize
  367. # @grep = Tempfile.new('.grep.txt')
  368. # @awk = Tempfile.open('.awk.txt')
  369. # end
  370. #
  371. # def grep(grep)
  372. # File.open(grep , "r") do |file|
  373. # file.each_line do |line|
  374. # File.open(".grep.txt" , "a+") do |grep|
  375. # grep.puts line if line.include?("http") || line.include?("https") # grep lines has http(stop2list) only
  376. # end
  377. # end
  378. # end
  379. # end
  380. #
  381. # def awk
  382. # grep_ary = IO.readlines(".grep.txt")
  383. # grep_ary.each do |line|
  384. # File.open(".awk.txt" , "a+") do |stop2list|
  385. # stop2list.puts "#{line.split(" ")[2]}:#{line.split(" ")[6]}" # Write stop2list of format(IP:URL) in .awk.txt
  386. # end
  387. # end
  388. # end
  389. #
  390. #
  391. #
  392. #end
  393.  
  394.  
  395.  
  396. #IO.readlines(list).each do |s|
  397. #
  398. # begin
  399. ## user = s.split(":")[1].to_s.chomp
  400. # Net::SSH.start( s.split(":")[0].to_s.chomp , 'root' , :password => s.split(":")[1].to_s.chomp , :port => 22 , :timeout => 7 ) do |ssh|
  401. #
  402. # ssh.open_channel do |ch1|
  403. #
  404. # ch1.on_request "exit-status" do |ch2, data|
  405. # $exit_status = data.read_long
  406. # end # end of ch2
  407. #
  408. # ch1.request_pty do |ch3, success|
  409. # ch3.exec("ls")
  410. # if success
  411. # File.open($log_file , 'a+') {|log| log.puts "#{s.split(":")[0].to_s.chomp}: #{s.split(":")[1].to_s.chomp}"}
  412. # puts "#{s.split(":")[0].to_s.chomp}" + "\t" + "#{$ok}"
  413. # sleep 0.1
  414. # end
  415. # end # end of ch3
  416. # ch1.wait
  417. # end # end of ch1
  418. #
  419. # end # end of SSH.start
  420. # rescue Timeout::Error
  421. # puts "#{s.split(":")[0].to_s.chomp}" + "\t" + "#{$time}"
  422. # rescue
  423. # puts "#{s.split(":")[0].to_s.chomp}" + "\t" + "#{$nok}"
  424. # end
  425. #end # end of IO
  426. #
  427. #
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!