diff options
author | Holger Weiß <holger@zedat.fu-berlin.de> | 2011-06-29 15:55:45 +0200 |
---|---|---|
committer | Holger Weiß <holger@zedat.fu-berlin.de> | 2011-06-29 15:55:45 +0200 |
commit | a702a5ee53ae8cb5870844237fe88c55dac97734 (patch) | |
tree | 1147fc413cf4e720a5512212cca4046b7637a380 /src/lib/Server | |
parent | 53d46e336d3514ec50f85e5db4ceed16590bf154 (diff) | |
download | bcfg2-a702a5ee53ae8cb5870844237fe88c55dac97734.tar.gz bcfg2-a702a5ee53ae8cb5870844237fe88c55dac97734.tar.bz2 bcfg2-a702a5ee53ae8cb5870844237fe88c55dac97734.zip |
New Info attribute: "sensitive"
The contents/diffs of <Path>s which are marked as "sensitive" are now
omitted from the reports transmitted to the server, so that they won't
end up in the statistics database.
Diffstat (limited to 'src/lib/Server')
-rw-r--r-- | src/lib/Server/Plugin.py | 6 | ||||
-rw-r--r-- | src/lib/Server/Plugins/SSHbase.py | 6 |
2 files changed, 8 insertions, 4 deletions
diff --git a/src/lib/Server/Plugin.py b/src/lib/Server/Plugin.py index f1d9ce75f..3841e637d 100644 --- a/src/lib/Server/Plugin.py +++ b/src/lib/Server/Plugin.py @@ -30,7 +30,8 @@ opts = {'owner': Bcfg2.Options.MDATA_OWNER, 'group': Bcfg2.Options.MDATA_GROUP, 'important': Bcfg2.Options.MDATA_IMPORTANT, 'perms': Bcfg2.Options.MDATA_PERMS, - 'paranoid': Bcfg2.Options.MDATA_PARANOID} + 'paranoid': Bcfg2.Options.MDATA_PARANOID, + 'sensitive': Bcfg2.Options.MDATA_SENSITIVE} mdata_setup = Bcfg2.Options.OptionParser(opts) mdata_setup.parse([]) del mdata_setup['args'] @@ -46,7 +47,8 @@ info_regex = re.compile( \ 'mtime:(\s)*(?P<mtime>\w+)|' + 'owner:(\s)*(?P<owner>\S+)|' + 'paranoid:(\s)*(?P<paranoid>\S+)|' + - 'perms:(\s)*(?P<perms>\w+)|') + 'perms:(\s)*(?P<perms>\w+)|' + + 'sensitive:(\s)*(?P<sensitive>\S+)|') class PluginInitError(Exception): diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py index 4a33c0cb0..b15275815 100644 --- a/src/lib/Server/Plugins/SSHbase.py +++ b/src/lib/Server/Plugins/SSHbase.py @@ -230,10 +230,12 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, keydata = self.entries[filename].data permdata = {'owner': 'root', 'group': 'root', - 'type': 'file', - 'perms': '0600'} + 'type': 'file'} if entry.get('name')[-4:] == '.pub': permdata['perms'] = '0644' + else: + permdata['perms'] = '0600' + permdata['sensitive'] = 'true' [entry.attrib.__setitem__(key, permdata[key]) for key in permdata] if "ssh_host_key.H_" == filename[:15]: entry.attrib['encoding'] = 'base64' |