# HG changeset patch # User ft # Date 1386598745 -3600 # Node ID cc99197f1e08fb3c14ec5b4c51fa4f209d59533c # Parent 0a5ba0ef10587a2933e792d77d1d002243dcc16c Added notifiaction for user (virus found, ...) diff -r 0a5ba0ef1058 -r cc99197f1e08 src/OsecFS.py --- a/src/OsecFS.py Mon Dec 09 10:12:57 2013 +0100 +++ b/src/OsecFS.py Mon Dec 09 15:19:05 2013 +0100 @@ -222,7 +222,7 @@ remote_ip = netaddr.IPNetwork("%s/%s" %(netifaces.ifaddresses("eth0")[2][0]["addr"], netifaces.ifaddresses("eth0")[2][0]["netmask"]))[1] url_options = {"type" : type, "message" : message } - url = ("http://%s/notification?%s" %(remote_ip, urllib.urlencode(url_options))) + url = ("http://%s:8090/notification?%s" %(remote_ip, urllib.urlencode(url_options))) LOG.debug ("Send notification to \"%s\"" %(url, )) @@ -238,6 +238,9 @@ else: LOG.error("Server returned errorcode: %s" %(response.status,)) +def sendReadOnlyNotification(): + sendNotification("critical", "Filesystem is in read only mode. If you want to export files please initialize an encrypted filesystem.") + class OsecFS (Fuse): __rootpath = None @@ -247,6 +250,7 @@ self.__rootpath = rootpath Fuse.__init__ (self, *args, **kw) LOG.debug ("Init complete.") + sendNotification("information", "Filesystem successfully mounted.") # defines that our working directory will be the __rootpath def fsinit(self): @@ -268,30 +272,35 @@ def chmod (self, path, mode): LOG.debug ("*** chmod %s %s" % (path, oct(mode))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.chmod (fixPath (path), mode) def chown (self, path, uid, gid): LOG.debug ("*** chown %s %s %s" % (path, uid, gid)) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.chown (fixPath (path), uid, gid) def link (self, targetPath, linkPath): LOG.debug ("*** link %s %s" % (targetPath, linkPath)) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.link (fixPath (targetPath), fixPath (linkPath)) def mkdir (self, path, mode): LOG.debug ("*** mkdir %s %s" % (path, oct(mode))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.mkdir (fixPath (path), mode) def mknod (self, path, mode, dev): LOG.debug ("*** mknod %s %s %s" % (path, oct (mode), dev)) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.mknod (fixPath (path), mode, dev) @@ -305,11 +314,13 @@ #infected = scanFileClamAV (rootPath(self.__rootpath, path)) if (infected == True): self.file.close () + sendNotification("critical", "Virus found. Access denied.") return -errno.EACCES whitelisted = whitelistFile (rootPath(self.__rootpath, path)) if (whitelisted == False): self.file.close () + sendNotification("critical", "File not in whitelist. Access denied.") return -errno.EACCES def read (self, path, length, offset): @@ -328,12 +339,14 @@ def rename (self, oldPath, newPath): LOG.debug ("*** rename %s %s %s" % (oldPath, newPath, config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.rename (fixPath (oldPath), fixPath (newPath)) def rmdir (self, path): LOG.debug ("*** rmdir %s %s" % (path, config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.rmdir (fixPath (path)) @@ -344,12 +357,14 @@ def symlink (self, targetPath, linkPath): LOG.debug ("*** symlink %s %s %s" % (targetPath, linkPath, config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.symlink (fixPath (targetPath), fixPath (linkPath)) def truncate (self, path, length): LOG.debug ("*** truncate %s %s %s" % (path, length, config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES f = open (fixPath (path), "a") f.truncate (length) @@ -358,6 +373,7 @@ def unlink (self, path): LOG.debug ("*** unlink %s %s" % (path, config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES os.unlink (fixPath (path)) @@ -369,6 +385,7 @@ LOG.debug ("*** write %s %s %s %s" % (path, buf, offset, config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): self.file.close() + sendReadOnlyNotification() return -errno.EACCES self.file.seek (offset) self.file.write (buf) @@ -382,6 +399,7 @@ def create (self, path, flags, mode): LOG.debug ("*** create %s %s %s %s %s" % (fixPath (path), oct (flags), oct (mode), flag2mode (flags), config.get("Main", "ReadOnly"))) if (config.get("Main", "ReadOnly") == "true"): + sendReadOnlyNotification() return -errno.EACCES self.file = os.fdopen (os.open (fixPath (path), flags, mode), flag2mode (flags)) self.fd = self.file.fileno () @@ -410,11 +428,5 @@ osecfs.flags = 0 osecfs.multithreaded = 0 - # osecfs.parser.add_option (mountopt=config.get("Main", "Mountpoint"), - # metavar="PATH", - # default=config.get("Main", "Rootpath"), - # help="mirror filesystem from under PATH [default: %default]") - # osecfs.parse(values=osecfs, errex=1) - fuse_args = [sys.argv[0], config.get ("Main", "Mountpoint")]; osecfs.main (fuse_args)