Mageia Bugzilla – Attachment 6881 Details for
Bug 16524
Adapting msec to python 3
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
[patch]
Adaptation to python 3
0001-Adaptation-for-python-3.patch (text/plain), 36.27 KB, created by
papoteur
on 2015-08-02 08:30:12 CEST
(
hide
)
Description:
Adaptation to python 3
Filename:
MIME Type:
Creator:
papoteur
Created:
2015-08-02 08:30:12 CEST
Size:
36.27 KB
patch
obsolete
>From ad8d28c1c070c48505cdab236a853360ee459cf2 Mon Sep 17 00:00:00 2001 >From: Papoteur <papoteur@mageialinux-online.org> >Date: Sun, 2 Aug 2015 08:18:38 +0200 >Subject: [PATCH] Adaptation for python 3 > >--- > src/msec/compile.py | 2 +- > src/msec/config.py | 51 ++++++++++++++++++------------------ > src/msec/help_draksec.py | 20 +++++++------- > src/msec/libmsec.py | 64 ++++++++++++++++++++++----------------------- > src/msec/man.py | 14 +++++----- > src/msec/msec.py | 18 ++++++------- > src/msec/msecgui.py | 50 +++++++++++++++++------------------ > src/msec/msecperms.py | 20 +++++++------- > src/msec/plugins/audit.py | 4 +-- > src/msec/plugins/log.py | 4 +-- > src/msec/plugins/msec.py | 8 +++--- > src/msec/plugins/network.py | 4 +-- > src/msec/plugins/pam.py | 4 +-- > src/msec/plugins/sectool.py | 4 +-- > src/msec/plugins/sudo.py | 4 +-- > src/msec/tools.py | 8 +++--- > 16 files changed, 139 insertions(+), 140 deletions(-) > >diff --git a/src/msec/compile.py b/src/msec/compile.py >index b85e3f9..ad7fdca 100755 >--- a/src/msec/compile.py >+++ b/src/msec/compile.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python -O >+#!/usr/bin/python3 -O > ############################################################################# > # File : compile.py > # Package : rpmlint >diff --git a/src/msec/config.py b/src/msec/config.py >index 9f41998..82099f0 100755 >--- a/src/msec/config.py >+++ b/src/msec/config.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python -O >+#!/usr/bin/python3 -O > """This is the configuration file for msec. > The following variables are defined here: > SECURITY_LEVELS: list of supported security levels >@@ -38,7 +38,7 @@ SECURITYLOG = '/var/log/msec.log' > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >@@ -181,15 +181,16 @@ def to_utf8(s): > > def Narg(s): > """ Returs string after decoding if needed """ >- try: >- s.decode() >- return s >- except: >- try: >- t=str(s) >- except: >- return s >- return t.decode(SYS_ENC) >+# try: >+# s.decode() >+# return s >+# except: >+# try: >+ # t=str(s) >+# except: >+# return s >+# return t.decode(SYS_ENC) >+ return s > > # {{{ MsecConfig > class MsecConfig: >@@ -231,7 +232,7 @@ class MsecConfig: > try: > fd = open(self.config) > except: >- self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_value[1]))) >+ self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_info()[1]))) > return False > for line in fd.readlines(): > line = line.strip() >@@ -267,7 +268,7 @@ class MsecConfig: > > def list_options(self): > """Sorts and returns configuration parameters""" >- sortedparams = self.options.keys() >+ sortedparams = list(self.options.keys()) > if sortedparams: > sortedparams.sort() > return sortedparams >@@ -280,10 +281,10 @@ class MsecConfig: > try: > fd = open(self.config, "w") > except: >- self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_value))) >+ self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_info()[1]))) > return False > for comment in self.comments: >- print >>fd, comment >+ print(comment, file=fd) > # sorting keys > for option in self.list_options(): > value = self.options[option] >@@ -310,7 +311,7 @@ class MsecConfig: > pass > else: > value = '"%s"' % value >- print >>fd, "%s=%s" % (option, value) >+ print("%s=%s" % (option, value), file=fd) > return True > # }}} > >@@ -339,7 +340,7 @@ class ExceptionConfig: > fd = open(self.config) > except: > # this file is optional, so if it is not found that's not fatal >- self.log.info(_("loading exceptions file %s: %s") % (self.config, Narg(sys.exc_value[1]))) >+ self.log.info(_("loading exceptions file %s: %s") % (self.config, Narg(sys.exc_info()[1]))) > self.log.info(_("No exceptions loaded")) > return False > for line in fd.readlines(): >@@ -373,7 +374,7 @@ class ExceptionConfig: > def set(self, pos, value): > """Sets a configuration option""" > if pos > 0: >- print "Pos: %d" % pos >+ print("Pos: %d" % pos) > self.options[pos] = value > else: > self.options.append(value) >@@ -393,17 +394,17 @@ class ExceptionConfig: > try: > fd = open(self.config, "w") > except: >- self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_value))) >+ self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_info()[1]))) > return False > for comment in self.comments: >- print >>fd, comment >+ print(comment, file=fd) > # sorting keys > for option,value in self.options: > # TODO: integrate with remove() > if value == None or value == OPTION_DISABLED: > self.log.debug("Skipping %s" % option) > else: >- print >>fd, "%s %s" % (option, value) >+ print("%s %s" % (option, value), file=fd) > return True > # }}} > >@@ -443,7 +444,7 @@ class PermConfig(MsecConfig): > try: > fd = open(self.config) > except: >- self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_value))) >+ self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_info()[1]))) > return False > for line in fd.readlines(): > line = line.strip() >@@ -488,10 +489,10 @@ class PermConfig(MsecConfig): > try: > fd = open(self.config, "w") > except: >- self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_value))) >+ self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_info()[1]))) > return False > for comment in self.comments: >- print >>fd, comment >+ print(comment, file=fd) > # sorting keys > for file in self.options_order: > value = self.options[file] >@@ -509,6 +510,6 @@ class PermConfig(MsecConfig): > force = "\tforce" > else: > force = "" >- print >>fd, "%s\t%s.%s\t%s%s\t%s" % (file, user, group, perm, force, acl) >+ print("%s\t%s.%s\t%s%s\t%s" % (file, user, group, perm, force, acl), file=fd) > return True > # }}} >diff --git a/src/msec/help_draksec.py b/src/msec/help_draksec.py >index 3eb4a6d..6863038 100755 >--- a/src/msec/help_draksec.py >+++ b/src/msec/help_draksec.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > # > # This script creates DrakSec help strings from libmsec code docstrings. > # >@@ -81,20 +81,20 @@ help_wiki = open(help_wiki_file, "w") > log = Log(log_syslog=False, log_file=False) > msec = MSEC(log, plugins='plugins') > >-print >>help_perl, header_perl >-print >>help_python, header_python >-print >>help_wiki, header_wiki >+print(header_perl, file=help_perl) >+print(header_python, file=help_python) >+print(header_wiki, file=help_wiki) > > for variable in config.SETTINGS: > callback, params = config.SETTINGS[variable] > func = msec.get_action(callback) > if func: >- print >>help_perl, function_str_perl % (variable, func.__doc__.strip()) >- print >>help_python, function_str_python % (variable, func.__doc__.strip()) >- print >>help_wiki, function_str_wiki % (variable, func.__doc__.strip()) >+ print(function_str_perl % (variable, func.__doc__.strip()), file=help_perl) >+ print(function_str_python % (variable, func.__doc__.strip()), file=help_python) >+ print(function_str_wiki % (variable, func.__doc__.strip()), file=help_wiki) > >-print >>help_perl, footer_perl >-print >>help_python, footer_python >-print >>help_wiki, footer_wiki >+print(footer_perl, file=help_perl) >+print(footer_python, file=help_python) >+print(footer_wiki, file=help_wiki) > > # draksec_help.py ends here >diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py >index 593c46a..bf6a242 100755 >--- a/src/msec/libmsec.py >+++ b/src/msec/libmsec.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python -O >+#!/usr/bin/python3 -O > """This is the main msec module, responsible for all msec operations. > > The following classes are defined here: >@@ -40,7 +40,7 @@ import gettext > import pwd > import re > import string >-import commands >+import subprocess > import time > import stat > import traceback >@@ -57,7 +57,7 @@ from config import Narg > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >@@ -81,7 +81,7 @@ def move(old, new): > try: > os.rename(old, new) > except: >- error('rename %s %s: %s' % (old, new, str(sys.exc_value))) >+ error('rename %s %s: %s' % (old, new, str(sys.exc_info()[1]))) > > def substitute_re_result(res, s): > for idx in range(0, (res.lastindex or 0) + 1): >@@ -123,7 +123,7 @@ class Log: > self.syslog_h.setFormatter(formatter) > self.logger.addHandler(self.syslog_h) > except: >- print >>sys.stderr, "Logging to syslog not available: %s" % (sys.exc_value[1]) >+ print("Logging to syslog not available: %s" % (sys.exc_info()[1]), file=sys.stderr) > interactive = True > > # log to file >@@ -134,7 +134,7 @@ class Log: > self.file_h.setFormatter(formatter) > self.logger.addHandler(self.file_h) > except: >- print >>sys.stderr, "Logging to '%s' not available: %s" % (self.log_path, sys.exc_value[1]) >+ print("Logging to '%s' not available: %s" % (self.log_path, sys.exc_info()[1]), file=sys.stderr) > interactive = True > > # interactive logging >@@ -247,7 +247,7 @@ class ConfigFiles: > > def write_files(self, commit=True): > """Writes all files back to disk""" >- for f in self.files.values(): >+ for f in list(self.files.values()): > self.log.debug("Attempting to write %s" % f.path) > if commit: > f.write() >@@ -264,7 +264,7 @@ class ConfigFiles: > s = substitute_re_result(res, a[1]) > if commit: > self.log.info(_('%s modified so launched command: %s') % (Narg(f), Narg(s))) >- cmd = commands.getstatusoutput(s) >+ cmd = subprocess.getstatusoutput(s) > cmd = [0, ''] > if cmd[0] == 0: > if cmd[1]: >@@ -312,7 +312,7 @@ class ConfigFile: > else: > self.lines = [] > if file: >- self.lines = string.split(file.read(), "\n") >+ self.lines = file.read().split("\n") > file.close() > return self.lines > >@@ -368,7 +368,7 @@ class ConfigFile: > return link > > def write(self): >- if not (type(self.path) == unicode): >+ if not (type(self.path) == str): > self.pathN = Narg(self.path) > else: > self.pathN = self.path >@@ -378,20 +378,20 @@ class ConfigFile: > try: > os.unlink(self.path) > except: >- error('unlink %s: %s' % (self.pathN, str(sys.exc_value))) >+ error('unlink %s: %s' % (self.pathN, str(sys.exc_info()[1]))) > self.log.info(_('deleted %s') % (self.pathN,)) > elif self.is_touched: > if os.path.exists(self.path): > try: > os.utime(self.path, None) > except: >- self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_value))) >+ self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_info()[1]))) > elif self.suffix and os.path.exists(self.path + self.suffix): > move(self.path + self.suffix, self.path) > try: > os.utime(self.path, None) > except: >- self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_value))) >+ self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_info()[1]))) > else: > self.lines = [] > self.is_modified = 1 >@@ -399,7 +399,7 @@ class ConfigFile: > file.close() > self.log.info(_('touched file %s') % (self.pathN,)) > elif self.sym_link: >- if not (type(self.sym_link) == unicode): >+ if not (type(self.sym_link) == str): > self.sym_linkN = Narg(self.sym_link) > else: > self.sym_linkN = self.sym_link >@@ -414,16 +414,16 @@ class ConfigFile: > try: > os.unlink(self.path) > except: >- self.log.error('unlink %s: %s' % (self.pathN, str(sys.exc_value))) >+ self.log.error('unlink %s: %s' % (self.pathN, str(sys.exc_info()[1]))) > self.log.info(_('deleted %s') % (self.pathN,)) > if not done: > try: > os.symlink(self.sym_link, self.path) > except: >- self.log.error('symlink %s %s: %s' % (self.sym_linkN, self.path, str(sys.exc_value))) >+ self.log.error('symlink %s %s: %s' % (self.sym_linkN, self.path, str(sys.exc_info()[1]))) > self.log.info(_('made symbolic link from %s to %s') % (self.sym_linkN, self.path)) > elif self.is_moved: >- if not (type(self.suffix) == unicode): >+ if not (type(self.suffix) == str): > self.suffixN = Narg(self.suffix) > else: > self.suffixN = self.suffix >@@ -696,7 +696,7 @@ class MSEC: > self.plugins[plugin_name] = plugin > self.log.debug("Loaded plugin '%s'" % plugin_f) > except: >- self.log.error(_("Error loading plugin '%s' from %s: %s") % (plugin_f, file, Narg(sys.exc_value))) >+ self.log.error(_("Error loading plugin '%s' from %s: %s") % (plugin_f, file, Narg(sys.exc_info()[1]))) > > def reset(self): > """Resets the configuration""" >@@ -848,7 +848,7 @@ class PERMS: > regexp = None > > for line in file.readlines(): >- fields = string.split(line) >+ fields = line.split() > if fields[2] in non_localfs: > if regexp: > regexp = regexp + '|' + fields[1] >@@ -885,7 +885,7 @@ class PERMS: > try: > os.chown(file, newuser, -1) > except: >- self.log.error(_("Error changing user on %s: %s") % (file, Narg(sys.exc_value))) >+ self.log.error(_("Error changing user on %s: %s") % (file, Narg(sys.exc_info()[1]))) > else: > self.log.warn(_("Wrong owner of %s: should be %s") % (file, self.get_user_name(newuser))) > if newgroup != None: >@@ -894,7 +894,7 @@ class PERMS: > try: > os.chown(file, -1, newgroup) > except: >- self.log.error(_("Error changing group on %s: %s") % (file, Narg(sys.exc_value))) >+ self.log.error(_("Error changing group on %s: %s") % (file, Narg(sys.exc_info()[1]))) > else: > self.log.warn(_("Wrong group of %s: should be %s") % (file, self.get_group_name(newgroup))) > # permissions should be last, as chown resets them >@@ -905,7 +905,7 @@ class PERMS: > try: > os.chmod(file, newperm) > except: >- self.log.error(_("Error changing permissions on %s: %s") % (file, Narg(sys.exc_value))) >+ self.log.error(_("Error changing permissions on %s: %s") % (file, Narg(sys.exc_info()[1]))) > else: > self.log.warn(_("Wrong permissions of %s: should be %o") % (file, newperm)) > >@@ -919,7 +919,7 @@ class PERMS: > users = newacl.split(",") > for acluser in users : > if acluser.split(":")[0] == "": # clean root from list >- print acluser >+ print(acluser) > continue > # make the acl rule stick > ret = os.system('setfacl -m u:%s %s' % (acluser, file)) >@@ -927,7 +927,7 @@ class PERMS: > # problem setting setfacl > self.log.error(_("Unable to add filesystem-specific ACL %s to %s") % (acluser, file)) > except: >- self.log.error(_("Error changing acl on %s: %s") % (file, Narg(str(sys.exc_value)))) >+ self.log.error(_("Error changing acl on %s: %s") % (file, Narg(str(sys.exc_info()[1])))) > else: > self.log.warn(_("Wrong acl of %s") % (file)) > >@@ -978,12 +978,12 @@ class PERMS: > mode = stat.S_IMODE(full[stat.ST_MODE]) > > if perm != -1 and stat.S_ISDIR(full[stat.ST_MODE]): >- if curperm & 0400: >- curperm = curperm | 0100 >- if curperm & 0040: >- curperm = curperm | 0010 >- if curperm & 0004: >- curperm = curperm | 0001 >+ if curperm & 0o400: >+ curperm = curperm | 0o100 >+ if curperm & 0o040: >+ curperm = curperm | 0o010 >+ if curperm & 0o004: >+ curperm = curperm | 0o001 > > curuser = full[stat.ST_UID] > curgroup = full[stat.ST_GID] >@@ -1022,7 +1022,7 @@ class PERMS: > paths_to_check.extend(glob.glob(f)) > paths_to_check = set(paths_to_check) > # remove unneeded entries from self.files >- for f in self.files.keys(): >+ for f in list(self.files.keys()): > if f not in paths_to_check: > del self.files[f] > return self.files >@@ -1030,5 +1030,5 @@ class PERMS: > > if __name__ == "__main__": > # this should never ever be run directly >- print >>sys.stderr, """This file should not be run directly.""" >+ print("""This file should not be run directly.""", file=sys.stderr) > >diff --git a/src/msec/man.py b/src/msec/man.py >index cc1a2f0..62d5fe6 100755 >--- a/src/msec/man.py >+++ b/src/msec/man.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > #--------------------------------------------------------------- > # Project : Mandriva Linux > # Module : share >@@ -21,7 +21,7 @@ try: > except: > version = "(development version)" > >-header = '''.ds q \N'34' >+header = r'''.ds q \N'34' > .TH msec 8 msec "Mandriva Linux" > .SH NAME > msec \- Mandriva Linux security tools >@@ -288,12 +288,12 @@ msec = MSEC(log) > > #print >>sys.stderr, dir(msec.create_server_link) > >-print header >+print(header) > > # sorting settings according to plugin > callbacks = [] > settings_rev = {} >-for entry in config.SETTINGS.keys(): >+for entry in list(config.SETTINGS.keys()): > callback, params = config.SETTINGS[entry] > callbacks.append(callback) > settings_rev[callback] = (entry, params) >@@ -304,11 +304,11 @@ for callback in callbacks: > variable, params = settings_rev[callback] > func = msec.get_action(callback) > if func: >- print function_str % (callback, func.__doc__.strip(), variable, ", ".join(params)) >+ print(function_str % (callback, func.__doc__.strip(), variable, ", ".join(params))) > if variable in config.CHECKS_WITH_EXCEPTIONS: > # this check supports exceptions >- print """(This check supports exceptions via %s variable defined in \\fB/etc/security/msec/exceptions\\fP file)""" % variable >+ print("""(This check supports exceptions via %s variable defined in \\fB/etc/security/msec/exceptions\\fP file)""" % variable) > >-print footer >+print(footer) > > # man.py ends here >diff --git a/src/msec/msec.py b/src/msec/msec.py >index bbcd4b6..6e816c9 100755 >--- a/src/msec/msec.py >+++ b/src/msec/msec.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python -O >+#!/usr/bin/python3 -O > """This is the main msec module. > It checks/sets the security levels, configures security variables, > and works as a frontend to libmsec. >@@ -28,14 +28,14 @@ import logging > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > > # {{{ usage > def usage(): > """Prints help message""" >- print """Msec: Mageia Security Center (%s). >+ print("""Msec: Mageia Security Center (%s). > > When run without parameters, msec will read the configuration from > /etc/security/msec/msec.conf, and enforce the specified security settings. >@@ -54,7 +54,7 @@ Arguments to msec: > -r, --root <path> path to use as root > -q, --quiet run quietly > -s, --save <level> save current configuration as a new security level >-""" % version >+""" % version) > # }}} > > if __name__ == "__main__": >@@ -84,10 +84,10 @@ if __name__ == "__main__": > levelconf = config.load_defaults(log, level) > params = levelconf.list_options() > if not params: >- print >>sys.stderr, _("Invalid security level '%s'.") % level >+ print(_("Invalid security level '%s'.") % level, file=sys.stderr) > sys.exit(1) > for item in params: >- print "%s=%s" % (item, levelconf.get(item) ) >+ print("%s=%s" % (item, levelconf.get(item) )) > sys.exit(0) > # force new level > elif o[0] == '-f' or o[0] == '--force': >@@ -111,9 +111,9 @@ if __name__ == "__main__": > > # verifying use id > if os.geteuid() != 0: >- print >>sys.stderr, _("Msec: Mageia Security Center (%s)\n") % version >- print >>sys.stderr, _("Error: This application must be executed by root!") >- print >>sys.stderr, _("Run with --help to get help.") >+ print(_("Msec: Mageia Security Center (%s)\n") % version, file=sys.stderr) >+ print(_("Error: This application must be executed by root!"), file=sys.stderr) >+ print(_("Run with --help to get help."), file=sys.stderr) > sys.exit(1) > > # configuring logging >diff --git a/src/msec/msecgui.py b/src/msec/msecgui.py >index d468b15..198b536 100755 >--- a/src/msec/msecgui.py >+++ b/src/msec/msecgui.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python -O >+#!/usr/bin/python3 -O > """ > This is graphical frontend to msec. > """ >@@ -9,7 +9,7 @@ import string > import getopt > import signal > import traceback >-import Queue >+import queue > from textwrap import wrap > from threading import Thread > import time >@@ -26,9 +26,9 @@ try: > import gi > from gi.repository import GObject > from gi.repository import Pango >-except Warning, e: >- print "ERROR: %s" % e >- print "Exiting.." >+except Warning as e: >+ print("ERROR: %s" % e) >+ print("Exiting..") > sys.exit(1) > warnings.resetwarnings() > >@@ -51,7 +51,7 @@ import logging > # localization > import gettext > try: >- gettext.install("msec", unicode=1) >+ gettext.install("msec") > except IOError: > _ = str > >@@ -120,21 +120,21 @@ class BackgroundRunner(Thread): > > def run(self): > """Installs tomoyo policy""" >- print "Running %s" % self.program >+ print("Running %s" % self.program) > try: > res = os.system(self.program) > self.finish.put(res) > except: >- print "Aborted: %s" % sys.exc_value >+ print("Aborted: %s" % sys.exc_info()[1]) > self.finish.put(-1) > > class MsecGui: > """Msec GUI""" > # common columns >- (COLUMN_LEVEL, COLUMN_LEVEL_DESCR, COLUMN_LEVEL_CURRENT) = range(3) >- (COLUMN_OPTION, COLUMN_DESCR, COLUMN_VALUE, COLUMN_CUSTOM) = range(4) >- (COLUMN_PATH, COLUMN_USER, COLUMN_GROUP, COLUMN_PERM, COLUMN_FORCE, COLUMN_ACL) = range(6) >- (COLUMN_EXCEPTION, COLUMN_EXCEPTION_VALUE, COLUMN_POS) = range(3) >+ (COLUMN_LEVEL, COLUMN_LEVEL_DESCR, COLUMN_LEVEL_CURRENT) = list(range(3)) >+ (COLUMN_OPTION, COLUMN_DESCR, COLUMN_VALUE, COLUMN_CUSTOM) = list(range(4)) >+ (COLUMN_PATH, COLUMN_USER, COLUMN_GROUP, COLUMN_PERM, COLUMN_FORCE, COLUMN_ACL) = list(range(6)) >+ (COLUMN_EXCEPTION, COLUMN_EXCEPTION_VALUE, COLUMN_POS) = list(range(3)) > > def __init__(self, log, msec, perms, msecconfig, permconfig, exceptions, embed=None): > """Initializes gui""" >@@ -239,7 +239,7 @@ class MsecGui: > banner.pack_start(label, False, False, 0) > main_vbox.pack_start(banner, False, False, 0) > except: >- print "Banner %s Not found" % ("%s/%s" % (config.MSEC_DIR, BANNER)) >+ print("Banner %s Not found" % ("%s/%s" % (config.MSEC_DIR, BANNER))) > > # creating main UI > self.main_notebook = Gtk.Notebook() >@@ -271,7 +271,7 @@ class MsecGui: > self.toggle_level(self.base_level) > > # pending signals >- self.signals = Queue.Queue() >+ self.signals = queue.Queue() > GLib.timeout_add(500, self.check_signals) > > self.window.show_all() >@@ -280,7 +280,7 @@ class MsecGui: > """Switches to a new security level""" > iter = model.get_iter(path) > level = model.get_value(iter, self.COLUMN_LEVEL) >- print "Switching to %s" % level >+ print("Switching to %s" % level) > self.toggle_level(level, force=True) > > def check_signals(self): >@@ -524,7 +524,7 @@ class MsecGui: > > for option in options: > # retreiving option description >- if not config.SETTINGS.has_key(option): >+ if option not in config.SETTINGS: > # invalid option > self.log.error(_("Invalid option '%s'!") % option) > continue >@@ -585,7 +585,7 @@ class MsecGui: > banner.pack_start(image, False, False, 0) > table.attach(banner, 0, 1, row, row+1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) > except: >- print "Unable to load icon %s: %s" % (icon, sys.exc_value) >+ print("Unable to load icon %s: %s" % (icon, sys.exc_info()[1])) > label = Gtk.Label(label=text) > label.set_property("xalign", 0.0) > label.modify_font(Pango.FontDescription("12")) >@@ -693,7 +693,7 @@ class MsecGui: > with open(logfile, "r") as fd: > data = fd.readlines() > except: >- data = [_("Unable to read log file: %s") % Narg(sys.exc_value)] >+ data = [_("Unable to read log file: %s") % Narg(sys.exc_info()[1])] > dialog = Gtk.Dialog(_("Periodic check results"), > self.window, > 0, >@@ -753,7 +753,7 @@ class MsecGui: > > self.process_events() > # queue to signal that job is finished >- q = Queue.Queue() >+ q = queue.Queue() > > if check == "manual": > program = "/usr/share/msec/security.sh" >@@ -1646,9 +1646,7 @@ class MsecGui: > val_def = conf_def.get(param) > > for i in [param, descr, value]: >- i = Narg(i) >- # if not (type(i) == unicode) and not config.try_decode(i): >- # i = i.decode(config.SYS_ENC) >+ i = Narg(i) > > # asks for new parameter value > dialog = Gtk.Dialog(_("Select new value for %s") % (param), >@@ -1741,13 +1739,13 @@ class MsecGui: > # {{{ usage > def usage(): > """Prints help message""" >- print """Msec: Mandriva Security Center (%s). >+ print("""Msec: Mandriva Security Center (%s). > > Arguments to msecgui: > -h, --help displays this helpful message. > -d enable debugging messages. > -e, --embedded <XID> embed in MCC. >-""" % version >+""" % version) > # }}} > > if __name__ == "__main__": >@@ -1770,9 +1768,9 @@ if __name__ == "__main__": > log_level = logging.DEBUG > elif o[0] == '-e' or o[0] == '--embedded': > try: >- PlugWindowID = long(o[1]) >+ PlugWindowID = int(o[1]) > except: >- print >>sys.stderr, "Error: bad master window XID (%s)!" % o[1] >+ print("Error: bad master window XID (%s)!" % o[1], file=sys.stderr) > sys.exit(1) > > # configuring logging >diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py >index a52315a..2d0887a 100755 >--- a/src/msec/msecperms.py >+++ b/src/msec/msecperms.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python -O >+#!/usr/bin/python3 -O > """This file is responsible for permissions checking and > (optionally) enforcing. > """ >@@ -18,7 +18,7 @@ import getopt > import gettext > > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >@@ -37,7 +37,7 @@ from libmsec import Log, PERMS > # {{{ usage > def usage(): > """Prints help message""" >- print """Msec: Mageia Security Center (%s). >+ print("""Msec: Mageia Security Center (%s). > > This applications verifies and (when required) enforces permissions > of certain files and directories. >@@ -64,7 +64,7 @@ Available parameters: > will perform. > -r, --root <path> path to use as root > -q, --quiet run quietly >-""" % (version, config.PERMCONF, config.PERMCONF) >+""" % (version, config.PERMCONF, config.PERMCONF)) > # }}} > > if __name__ == "__main__": >@@ -93,13 +93,13 @@ if __name__ == "__main__": > permconf = config.load_default_perms(log, level) > params = permconf.list_options() > if not params: >- print >>sys.stderr, _("Invalid security level '%s'.") % level >+ print(_("Invalid security level '%s'.") % level, file=sys.stderr) > sys.exit(1) > for file in params: > user, group, perm, force = permconf.get(file) > if force: >- print "!! forcing permissions on %s" % file >- print "%s: %s.%s perm %s" % (file, user, group, perm) >+ print("!! forcing permissions on %s" % file) >+ print("%s: %s.%s perm %s" % (file, user, group, perm)) > sys.exit(0) > # debugging > elif o[0] == '-d' or o[0] == '--debug': >@@ -118,9 +118,9 @@ if __name__ == "__main__": > > # verifying use id > if os.geteuid() != 0: >- print >>sys.stderr, _("Msec: Mageia Security Center (%s)\n") % version >- print >>sys.stderr, _("Error: This application must be executed by root!") >- print >>sys.stderr, _("Run with --help to get help.") >+ print(_("Msec: Mageia Security Center (%s)\n") % version, file=sys.stderr) >+ print(_("Error: This application must be executed by root!"), file=sys.stderr) >+ print(_("Run with --help to get help."), file=sys.stderr) > sys.exit(1) > > # configuring logging >diff --git a/src/msec/plugins/audit.py b/src/msec/plugins/audit.py >index 2a68aa2..8dee7ab 100755 >--- a/src/msec/plugins/audit.py >+++ b/src/msec/plugins/audit.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for auditing checks""" > > # main plugin class name >@@ -10,7 +10,7 @@ import config > import gettext > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >diff --git a/src/msec/plugins/log.py b/src/msec/plugins/log.py >index b7465c7..993d3c0 100755 >--- a/src/msec/plugins/log.py >+++ b/src/msec/plugins/log.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for log file handling""" > > # main plugin class name >@@ -12,7 +12,7 @@ import config > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >diff --git a/src/msec/plugins/msec.py b/src/msec/plugins/msec.py >index 16deef2..fa8a41d 100755 >--- a/src/msec/plugins/msec.py >+++ b/src/msec/plugins/msec.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for enforcing local security settings""" > > # main plugin class name >@@ -17,7 +17,7 @@ import config > import gettext > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >@@ -434,12 +434,12 @@ class msec: > liloconf = self.configfiles.get_config_file(LILOCONF) > liloconf.exists() and (liloconf.replace_line_matching('^password=', 'password="' + value + '"', 0, 1) or \ > liloconf.insert_after('^boot=', 'password="' + value + '"')) and \ >- Perms.chmod(liloconf.path, 0600) >+ Perms.chmod(liloconf.path, 0o600) > # TODO encrypt password in grub > menulst = self.configfiles.get_config_file(MENULST) > menulst.exists() and (menulst.replace_line_matching('^password\s', 'password "' + value + '"') or \ > menulst.insert_at(0, 'password "' + value + '"')) and \ >- Perms.chmod(menulst.path, 0600) >+ Perms.chmod(menulst.path, 0o600) > # TODO add yaboot support > > def nopassword_loader(self): >diff --git a/src/msec/plugins/network.py b/src/msec/plugins/network.py >index cbee32d..ecaae94 100755 >--- a/src/msec/plugins/network.py >+++ b/src/msec/plugins/network.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for enforcing network security settings""" > > # main plugin class name >@@ -17,7 +17,7 @@ import config > import gettext > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >diff --git a/src/msec/plugins/pam.py b/src/msec/plugins/pam.py >index 353fa2a..e02b6d9 100755 >--- a/src/msec/plugins/pam.py >+++ b/src/msec/plugins/pam.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for enforcing pam-related settings""" > > # main plugin class name >@@ -14,7 +14,7 @@ import config > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >diff --git a/src/msec/plugins/sectool.py b/src/msec/plugins/sectool.py >index 392c5c3..72115a1 100755 >--- a/src/msec/plugins/sectool.py >+++ b/src/msec/plugins/sectool.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for running sectool tests""" > > # main plugin class name >@@ -14,7 +14,7 @@ import config > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >diff --git a/src/msec/plugins/sudo.py b/src/msec/plugins/sudo.py >index b61a078..1f9eddd 100755 >--- a/src/msec/plugins/sudo.py >+++ b/src/msec/plugins/sudo.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > """Msec plugin for sudo""" > > # main plugin class name >@@ -14,7 +14,7 @@ import config > > # localization > try: >- gettext.install('msec', unicode=1) >+ gettext.install('msec') > except IOError: > _ = str > >diff --git a/src/msec/tools.py b/src/msec/tools.py >index cb9d1bf..baaeca2 100755 >--- a/src/msec/tools.py >+++ b/src/msec/tools.py >@@ -1,4 +1,4 @@ >-#!/usr/bin/python >+#!/usr/bin/python3 > # > # msec: helper tools > # >@@ -14,7 +14,7 @@ from config import Narg, SYS_ENC > # localization > import gettext > try: >- gettext.install("msec", unicode=1) >+ gettext.install("msec") > except IOError: > _ = str > >@@ -32,7 +32,7 @@ def find_firewall_info(log): > if l[:3] == "-A ": > firewall_entries.append(l.strip()) > except: >- log.error(_("Unable to parse firewall configuration: %s") % Narg(sys.exc_value)) >+ log.error(_("Unable to parse firewall configuration: %s") % Narg(sys.exc_info()[1])) > # not find out if the firewall is enabled > if len(firewall_entries) == 0: > firewall_status = _("Disabled") >@@ -48,7 +48,7 @@ def get_updates_status(log, updatedir="/var/lib/urpmi"): > updated = time.localtime(ret[stat.ST_MTIME]) > status = _("Last updated: %s") % Narg(updated_s) > except: >- log.error(_("Unable to access %s: %s") % (updatedir, Narg(sys.exc_value))) >+ log.error(_("Unable to access %s: %s") % (updatedir, Narg(sys.exc_info()[1]))) > status = _("Unable to determine update status") > return status > >-- >2.3.8 >
From ad8d28c1c070c48505cdab236a853360ee459cf2 Mon Sep 17 00:00:00 2001 From: Papoteur <papoteur@mageialinux-online.org> Date: Sun, 2 Aug 2015 08:18:38 +0200 Subject: [PATCH] Adaptation for python 3 --- src/msec/compile.py | 2 +- src/msec/config.py | 51 ++++++++++++++++++------------------ src/msec/help_draksec.py | 20 +++++++------- src/msec/libmsec.py | 64 ++++++++++++++++++++++----------------------- src/msec/man.py | 14 +++++----- src/msec/msec.py | 18 ++++++------- src/msec/msecgui.py | 50 +++++++++++++++++------------------ src/msec/msecperms.py | 20 +++++++------- src/msec/plugins/audit.py | 4 +-- src/msec/plugins/log.py | 4 +-- src/msec/plugins/msec.py | 8 +++--- src/msec/plugins/network.py | 4 +-- src/msec/plugins/pam.py | 4 +-- src/msec/plugins/sectool.py | 4 +-- src/msec/plugins/sudo.py | 4 +-- src/msec/tools.py | 8 +++--- 16 files changed, 139 insertions(+), 140 deletions(-) diff --git a/src/msec/compile.py b/src/msec/compile.py index b85e3f9..ad7fdca 100755 --- a/src/msec/compile.py +++ b/src/msec/compile.py @@ -1,4 +1,4 @@ -#!/usr/bin/python -O +#!/usr/bin/python3 -O ############################################################################# # File : compile.py # Package : rpmlint diff --git a/src/msec/config.py b/src/msec/config.py index 9f41998..82099f0 100755 --- a/src/msec/config.py +++ b/src/msec/config.py @@ -1,4 +1,4 @@ -#!/usr/bin/python -O +#!/usr/bin/python3 -O """This is the configuration file for msec. The following variables are defined here: SECURITY_LEVELS: list of supported security levels @@ -38,7 +38,7 @@ SECURITYLOG = '/var/log/msec.log' # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str @@ -181,15 +181,16 @@ def to_utf8(s): def Narg(s): """ Returs string after decoding if needed """ - try: - s.decode() - return s - except: - try: - t=str(s) - except: - return s - return t.decode(SYS_ENC) +# try: +# s.decode() +# return s +# except: +# try: + # t=str(s) +# except: +# return s +# return t.decode(SYS_ENC) + return s # {{{ MsecConfig class MsecConfig: @@ -231,7 +232,7 @@ class MsecConfig: try: fd = open(self.config) except: - self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_value[1]))) + self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_info()[1]))) return False for line in fd.readlines(): line = line.strip() @@ -267,7 +268,7 @@ class MsecConfig: def list_options(self): """Sorts and returns configuration parameters""" - sortedparams = self.options.keys() + sortedparams = list(self.options.keys()) if sortedparams: sortedparams.sort() return sortedparams @@ -280,10 +281,10 @@ class MsecConfig: try: fd = open(self.config, "w") except: - self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_value))) + self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_info()[1]))) return False for comment in self.comments: - print >>fd, comment + print(comment, file=fd) # sorting keys for option in self.list_options(): value = self.options[option] @@ -310,7 +311,7 @@ class MsecConfig: pass else: value = '"%s"' % value - print >>fd, "%s=%s" % (option, value) + print("%s=%s" % (option, value), file=fd) return True # }}} @@ -339,7 +340,7 @@ class ExceptionConfig: fd = open(self.config) except: # this file is optional, so if it is not found that's not fatal - self.log.info(_("loading exceptions file %s: %s") % (self.config, Narg(sys.exc_value[1]))) + self.log.info(_("loading exceptions file %s: %s") % (self.config, Narg(sys.exc_info()[1]))) self.log.info(_("No exceptions loaded")) return False for line in fd.readlines(): @@ -373,7 +374,7 @@ class ExceptionConfig: def set(self, pos, value): """Sets a configuration option""" if pos > 0: - print "Pos: %d" % pos + print("Pos: %d" % pos) self.options[pos] = value else: self.options.append(value) @@ -393,17 +394,17 @@ class ExceptionConfig: try: fd = open(self.config, "w") except: - self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_value))) + self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_info()[1]))) return False for comment in self.comments: - print >>fd, comment + print(comment, file=fd) # sorting keys for option,value in self.options: # TODO: integrate with remove() if value == None or value == OPTION_DISABLED: self.log.debug("Skipping %s" % option) else: - print >>fd, "%s %s" % (option, value) + print("%s %s" % (option, value), file=fd) return True # }}} @@ -443,7 +444,7 @@ class PermConfig(MsecConfig): try: fd = open(self.config) except: - self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_value))) + self.log.error(_("Unable to load configuration file %s: %s") % (self.config, Narg(sys.exc_info()[1]))) return False for line in fd.readlines(): line = line.strip() @@ -488,10 +489,10 @@ class PermConfig(MsecConfig): try: fd = open(self.config, "w") except: - self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_value))) + self.log.error(_("Unable to save %s: %s") % (self.config, Narg(sys.exc_info()[1]))) return False for comment in self.comments: - print >>fd, comment + print(comment, file=fd) # sorting keys for file in self.options_order: value = self.options[file] @@ -509,6 +510,6 @@ class PermConfig(MsecConfig): force = "\tforce" else: force = "" - print >>fd, "%s\t%s.%s\t%s%s\t%s" % (file, user, group, perm, force, acl) + print("%s\t%s.%s\t%s%s\t%s" % (file, user, group, perm, force, acl), file=fd) return True # }}} diff --git a/src/msec/help_draksec.py b/src/msec/help_draksec.py index 3eb4a6d..6863038 100755 --- a/src/msec/help_draksec.py +++ b/src/msec/help_draksec.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 # # This script creates DrakSec help strings from libmsec code docstrings. # @@ -81,20 +81,20 @@ help_wiki = open(help_wiki_file, "w") log = Log(log_syslog=False, log_file=False) msec = MSEC(log, plugins='plugins') -print >>help_perl, header_perl -print >>help_python, header_python -print >>help_wiki, header_wiki +print(header_perl, file=help_perl) +print(header_python, file=help_python) +print(header_wiki, file=help_wiki) for variable in config.SETTINGS: callback, params = config.SETTINGS[variable] func = msec.get_action(callback) if func: - print >>help_perl, function_str_perl % (variable, func.__doc__.strip()) - print >>help_python, function_str_python % (variable, func.__doc__.strip()) - print >>help_wiki, function_str_wiki % (variable, func.__doc__.strip()) + print(function_str_perl % (variable, func.__doc__.strip()), file=help_perl) + print(function_str_python % (variable, func.__doc__.strip()), file=help_python) + print(function_str_wiki % (variable, func.__doc__.strip()), file=help_wiki) -print >>help_perl, footer_perl -print >>help_python, footer_python -print >>help_wiki, footer_wiki +print(footer_perl, file=help_perl) +print(footer_python, file=help_python) +print(footer_wiki, file=help_wiki) # draksec_help.py ends here diff --git a/src/msec/libmsec.py b/src/msec/libmsec.py index 593c46a..bf6a242 100755 --- a/src/msec/libmsec.py +++ b/src/msec/libmsec.py @@ -1,4 +1,4 @@ -#!/usr/bin/python -O +#!/usr/bin/python3 -O """This is the main msec module, responsible for all msec operations. The following classes are defined here: @@ -40,7 +40,7 @@ import gettext import pwd import re import string -import commands +import subprocess import time import stat import traceback @@ -57,7 +57,7 @@ from config import Narg # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str @@ -81,7 +81,7 @@ def move(old, new): try: os.rename(old, new) except: - error('rename %s %s: %s' % (old, new, str(sys.exc_value))) + error('rename %s %s: %s' % (old, new, str(sys.exc_info()[1]))) def substitute_re_result(res, s): for idx in range(0, (res.lastindex or 0) + 1): @@ -123,7 +123,7 @@ class Log: self.syslog_h.setFormatter(formatter) self.logger.addHandler(self.syslog_h) except: - print >>sys.stderr, "Logging to syslog not available: %s" % (sys.exc_value[1]) + print("Logging to syslog not available: %s" % (sys.exc_info()[1]), file=sys.stderr) interactive = True # log to file @@ -134,7 +134,7 @@ class Log: self.file_h.setFormatter(formatter) self.logger.addHandler(self.file_h) except: - print >>sys.stderr, "Logging to '%s' not available: %s" % (self.log_path, sys.exc_value[1]) + print("Logging to '%s' not available: %s" % (self.log_path, sys.exc_info()[1]), file=sys.stderr) interactive = True # interactive logging @@ -247,7 +247,7 @@ class ConfigFiles: def write_files(self, commit=True): """Writes all files back to disk""" - for f in self.files.values(): + for f in list(self.files.values()): self.log.debug("Attempting to write %s" % f.path) if commit: f.write() @@ -264,7 +264,7 @@ class ConfigFiles: s = substitute_re_result(res, a[1]) if commit: self.log.info(_('%s modified so launched command: %s') % (Narg(f), Narg(s))) - cmd = commands.getstatusoutput(s) + cmd = subprocess.getstatusoutput(s) cmd = [0, ''] if cmd[0] == 0: if cmd[1]: @@ -312,7 +312,7 @@ class ConfigFile: else: self.lines = [] if file: - self.lines = string.split(file.read(), "\n") + self.lines = file.read().split("\n") file.close() return self.lines @@ -368,7 +368,7 @@ class ConfigFile: return link def write(self): - if not (type(self.path) == unicode): + if not (type(self.path) == str): self.pathN = Narg(self.path) else: self.pathN = self.path @@ -378,20 +378,20 @@ class ConfigFile: try: os.unlink(self.path) except: - error('unlink %s: %s' % (self.pathN, str(sys.exc_value))) + error('unlink %s: %s' % (self.pathN, str(sys.exc_info()[1]))) self.log.info(_('deleted %s') % (self.pathN,)) elif self.is_touched: if os.path.exists(self.path): try: os.utime(self.path, None) except: - self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_value))) + self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_info()[1]))) elif self.suffix and os.path.exists(self.path + self.suffix): move(self.path + self.suffix, self.path) try: os.utime(self.path, None) except: - self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_value))) + self.log.error('utime %s: %s' % (self.pathN, str(sys.exc_info()[1]))) else: self.lines = [] self.is_modified = 1 @@ -399,7 +399,7 @@ class ConfigFile: file.close() self.log.info(_('touched file %s') % (self.pathN,)) elif self.sym_link: - if not (type(self.sym_link) == unicode): + if not (type(self.sym_link) == str): self.sym_linkN = Narg(self.sym_link) else: self.sym_linkN = self.sym_link @@ -414,16 +414,16 @@ class ConfigFile: try: os.unlink(self.path) except: - self.log.error('unlink %s: %s' % (self.pathN, str(sys.exc_value))) + self.log.error('unlink %s: %s' % (self.pathN, str(sys.exc_info()[1]))) self.log.info(_('deleted %s') % (self.pathN,)) if not done: try: os.symlink(self.sym_link, self.path) except: - self.log.error('symlink %s %s: %s' % (self.sym_linkN, self.path, str(sys.exc_value))) + self.log.error('symlink %s %s: %s' % (self.sym_linkN, self.path, str(sys.exc_info()[1]))) self.log.info(_('made symbolic link from %s to %s') % (self.sym_linkN, self.path)) elif self.is_moved: - if not (type(self.suffix) == unicode): + if not (type(self.suffix) == str): self.suffixN = Narg(self.suffix) else: self.suffixN = self.suffix @@ -696,7 +696,7 @@ class MSEC: self.plugins[plugin_name] = plugin self.log.debug("Loaded plugin '%s'" % plugin_f) except: - self.log.error(_("Error loading plugin '%s' from %s: %s") % (plugin_f, file, Narg(sys.exc_value))) + self.log.error(_("Error loading plugin '%s' from %s: %s") % (plugin_f, file, Narg(sys.exc_info()[1]))) def reset(self): """Resets the configuration""" @@ -848,7 +848,7 @@ class PERMS: regexp = None for line in file.readlines(): - fields = string.split(line) + fields = line.split() if fields[2] in non_localfs: if regexp: regexp = regexp + '|' + fields[1] @@ -885,7 +885,7 @@ class PERMS: try: os.chown(file, newuser, -1) except: - self.log.error(_("Error changing user on %s: %s") % (file, Narg(sys.exc_value))) + self.log.error(_("Error changing user on %s: %s") % (file, Narg(sys.exc_info()[1]))) else: self.log.warn(_("Wrong owner of %s: should be %s") % (file, self.get_user_name(newuser))) if newgroup != None: @@ -894,7 +894,7 @@ class PERMS: try: os.chown(file, -1, newgroup) except: - self.log.error(_("Error changing group on %s: %s") % (file, Narg(sys.exc_value))) + self.log.error(_("Error changing group on %s: %s") % (file, Narg(sys.exc_info()[1]))) else: self.log.warn(_("Wrong group of %s: should be %s") % (file, self.get_group_name(newgroup))) # permissions should be last, as chown resets them @@ -905,7 +905,7 @@ class PERMS: try: os.chmod(file, newperm) except: - self.log.error(_("Error changing permissions on %s: %s") % (file, Narg(sys.exc_value))) + self.log.error(_("Error changing permissions on %s: %s") % (file, Narg(sys.exc_info()[1]))) else: self.log.warn(_("Wrong permissions of %s: should be %o") % (file, newperm)) @@ -919,7 +919,7 @@ class PERMS: users = newacl.split(",") for acluser in users : if acluser.split(":")[0] == "": # clean root from list - print acluser + print(acluser) continue # make the acl rule stick ret = os.system('setfacl -m u:%s %s' % (acluser, file)) @@ -927,7 +927,7 @@ class PERMS: # problem setting setfacl self.log.error(_("Unable to add filesystem-specific ACL %s to %s") % (acluser, file)) except: - self.log.error(_("Error changing acl on %s: %s") % (file, Narg(str(sys.exc_value)))) + self.log.error(_("Error changing acl on %s: %s") % (file, Narg(str(sys.exc_info()[1])))) else: self.log.warn(_("Wrong acl of %s") % (file)) @@ -978,12 +978,12 @@ class PERMS: mode = stat.S_IMODE(full[stat.ST_MODE]) if perm != -1 and stat.S_ISDIR(full[stat.ST_MODE]): - if curperm & 0400: - curperm = curperm | 0100 - if curperm & 0040: - curperm = curperm | 0010 - if curperm & 0004: - curperm = curperm | 0001 + if curperm & 0o400: + curperm = curperm | 0o100 + if curperm & 0o040: + curperm = curperm | 0o010 + if curperm & 0o004: + curperm = curperm | 0o001 curuser = full[stat.ST_UID] curgroup = full[stat.ST_GID] @@ -1022,7 +1022,7 @@ class PERMS: paths_to_check.extend(glob.glob(f)) paths_to_check = set(paths_to_check) # remove unneeded entries from self.files - for f in self.files.keys(): + for f in list(self.files.keys()): if f not in paths_to_check: del self.files[f] return self.files @@ -1030,5 +1030,5 @@ class PERMS: if __name__ == "__main__": # this should never ever be run directly - print >>sys.stderr, """This file should not be run directly.""" + print("""This file should not be run directly.""", file=sys.stderr) diff --git a/src/msec/man.py b/src/msec/man.py index cc1a2f0..62d5fe6 100755 --- a/src/msec/man.py +++ b/src/msec/man.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 #--------------------------------------------------------------- # Project : Mandriva Linux # Module : share @@ -21,7 +21,7 @@ try: except: version = "(development version)" -header = '''.ds q \N'34' +header = r'''.ds q \N'34' .TH msec 8 msec "Mandriva Linux" .SH NAME msec \- Mandriva Linux security tools @@ -288,12 +288,12 @@ msec = MSEC(log) #print >>sys.stderr, dir(msec.create_server_link) -print header +print(header) # sorting settings according to plugin callbacks = [] settings_rev = {} -for entry in config.SETTINGS.keys(): +for entry in list(config.SETTINGS.keys()): callback, params = config.SETTINGS[entry] callbacks.append(callback) settings_rev[callback] = (entry, params) @@ -304,11 +304,11 @@ for callback in callbacks: variable, params = settings_rev[callback] func = msec.get_action(callback) if func: - print function_str % (callback, func.__doc__.strip(), variable, ", ".join(params)) + print(function_str % (callback, func.__doc__.strip(), variable, ", ".join(params))) if variable in config.CHECKS_WITH_EXCEPTIONS: # this check supports exceptions - print """(This check supports exceptions via %s variable defined in \\fB/etc/security/msec/exceptions\\fP file)""" % variable + print("""(This check supports exceptions via %s variable defined in \\fB/etc/security/msec/exceptions\\fP file)""" % variable) -print footer +print(footer) # man.py ends here diff --git a/src/msec/msec.py b/src/msec/msec.py index bbcd4b6..6e816c9 100755 --- a/src/msec/msec.py +++ b/src/msec/msec.py @@ -1,4 +1,4 @@ -#!/usr/bin/python -O +#!/usr/bin/python3 -O """This is the main msec module. It checks/sets the security levels, configures security variables, and works as a frontend to libmsec. @@ -28,14 +28,14 @@ import logging # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str # {{{ usage def usage(): """Prints help message""" - print """Msec: Mageia Security Center (%s). + print("""Msec: Mageia Security Center (%s). When run without parameters, msec will read the configuration from /etc/security/msec/msec.conf, and enforce the specified security settings. @@ -54,7 +54,7 @@ Arguments to msec: -r, --root <path> path to use as root -q, --quiet run quietly -s, --save <level> save current configuration as a new security level -""" % version +""" % version) # }}} if __name__ == "__main__": @@ -84,10 +84,10 @@ if __name__ == "__main__": levelconf = config.load_defaults(log, level) params = levelconf.list_options() if not params: - print >>sys.stderr, _("Invalid security level '%s'.") % level + print(_("Invalid security level '%s'.") % level, file=sys.stderr) sys.exit(1) for item in params: - print "%s=%s" % (item, levelconf.get(item) ) + print("%s=%s" % (item, levelconf.get(item) )) sys.exit(0) # force new level elif o[0] == '-f' or o[0] == '--force': @@ -111,9 +111,9 @@ if __name__ == "__main__": # verifying use id if os.geteuid() != 0: - print >>sys.stderr, _("Msec: Mageia Security Center (%s)\n") % version - print >>sys.stderr, _("Error: This application must be executed by root!") - print >>sys.stderr, _("Run with --help to get help.") + print(_("Msec: Mageia Security Center (%s)\n") % version, file=sys.stderr) + print(_("Error: This application must be executed by root!"), file=sys.stderr) + print(_("Run with --help to get help."), file=sys.stderr) sys.exit(1) # configuring logging diff --git a/src/msec/msecgui.py b/src/msec/msecgui.py index d468b15..198b536 100755 --- a/src/msec/msecgui.py +++ b/src/msec/msecgui.py @@ -1,4 +1,4 @@ -#!/usr/bin/python -O +#!/usr/bin/python3 -O """ This is graphical frontend to msec. """ @@ -9,7 +9,7 @@ import string import getopt import signal import traceback -import Queue +import queue from textwrap import wrap from threading import Thread import time @@ -26,9 +26,9 @@ try: import gi from gi.repository import GObject from gi.repository import Pango -except Warning, e: - print "ERROR: %s" % e - print "Exiting.." +except Warning as e: + print("ERROR: %s" % e) + print("Exiting..") sys.exit(1) warnings.resetwarnings() @@ -51,7 +51,7 @@ import logging # localization import gettext try: - gettext.install("msec", unicode=1) + gettext.install("msec") except IOError: _ = str @@ -120,21 +120,21 @@ class BackgroundRunner(Thread): def run(self): """Installs tomoyo policy""" - print "Running %s" % self.program + print("Running %s" % self.program) try: res = os.system(self.program) self.finish.put(res) except: - print "Aborted: %s" % sys.exc_value + print("Aborted: %s" % sys.exc_info()[1]) self.finish.put(-1) class MsecGui: """Msec GUI""" # common columns - (COLUMN_LEVEL, COLUMN_LEVEL_DESCR, COLUMN_LEVEL_CURRENT) = range(3) - (COLUMN_OPTION, COLUMN_DESCR, COLUMN_VALUE, COLUMN_CUSTOM) = range(4) - (COLUMN_PATH, COLUMN_USER, COLUMN_GROUP, COLUMN_PERM, COLUMN_FORCE, COLUMN_ACL) = range(6) - (COLUMN_EXCEPTION, COLUMN_EXCEPTION_VALUE, COLUMN_POS) = range(3) + (COLUMN_LEVEL, COLUMN_LEVEL_DESCR, COLUMN_LEVEL_CURRENT) = list(range(3)) + (COLUMN_OPTION, COLUMN_DESCR, COLUMN_VALUE, COLUMN_CUSTOM) = list(range(4)) + (COLUMN_PATH, COLUMN_USER, COLUMN_GROUP, COLUMN_PERM, COLUMN_FORCE, COLUMN_ACL) = list(range(6)) + (COLUMN_EXCEPTION, COLUMN_EXCEPTION_VALUE, COLUMN_POS) = list(range(3)) def __init__(self, log, msec, perms, msecconfig, permconfig, exceptions, embed=None): """Initializes gui""" @@ -239,7 +239,7 @@ class MsecGui: banner.pack_start(label, False, False, 0) main_vbox.pack_start(banner, False, False, 0) except: - print "Banner %s Not found" % ("%s/%s" % (config.MSEC_DIR, BANNER)) + print("Banner %s Not found" % ("%s/%s" % (config.MSEC_DIR, BANNER))) # creating main UI self.main_notebook = Gtk.Notebook() @@ -271,7 +271,7 @@ class MsecGui: self.toggle_level(self.base_level) # pending signals - self.signals = Queue.Queue() + self.signals = queue.Queue() GLib.timeout_add(500, self.check_signals) self.window.show_all() @@ -280,7 +280,7 @@ class MsecGui: """Switches to a new security level""" iter = model.get_iter(path) level = model.get_value(iter, self.COLUMN_LEVEL) - print "Switching to %s" % level + print("Switching to %s" % level) self.toggle_level(level, force=True) def check_signals(self): @@ -524,7 +524,7 @@ class MsecGui: for option in options: # retreiving option description - if not config.SETTINGS.has_key(option): + if option not in config.SETTINGS: # invalid option self.log.error(_("Invalid option '%s'!") % option) continue @@ -585,7 +585,7 @@ class MsecGui: banner.pack_start(image, False, False, 0) table.attach(banner, 0, 1, row, row+1, Gtk.AttachOptions.EXPAND | Gtk.AttachOptions.FILL, 0, 0, 0) except: - print "Unable to load icon %s: %s" % (icon, sys.exc_value) + print("Unable to load icon %s: %s" % (icon, sys.exc_info()[1])) label = Gtk.Label(label=text) label.set_property("xalign", 0.0) label.modify_font(Pango.FontDescription("12")) @@ -693,7 +693,7 @@ class MsecGui: with open(logfile, "r") as fd: data = fd.readlines() except: - data = [_("Unable to read log file: %s") % Narg(sys.exc_value)] + data = [_("Unable to read log file: %s") % Narg(sys.exc_info()[1])] dialog = Gtk.Dialog(_("Periodic check results"), self.window, 0, @@ -753,7 +753,7 @@ class MsecGui: self.process_events() # queue to signal that job is finished - q = Queue.Queue() + q = queue.Queue() if check == "manual": program = "/usr/share/msec/security.sh" @@ -1646,9 +1646,7 @@ class MsecGui: val_def = conf_def.get(param) for i in [param, descr, value]: - i = Narg(i) - # if not (type(i) == unicode) and not config.try_decode(i): - # i = i.decode(config.SYS_ENC) + i = Narg(i) # asks for new parameter value dialog = Gtk.Dialog(_("Select new value for %s") % (param), @@ -1741,13 +1739,13 @@ class MsecGui: # {{{ usage def usage(): """Prints help message""" - print """Msec: Mandriva Security Center (%s). + print("""Msec: Mandriva Security Center (%s). Arguments to msecgui: -h, --help displays this helpful message. -d enable debugging messages. -e, --embedded <XID> embed in MCC. -""" % version +""" % version) # }}} if __name__ == "__main__": @@ -1770,9 +1768,9 @@ if __name__ == "__main__": log_level = logging.DEBUG elif o[0] == '-e' or o[0] == '--embedded': try: - PlugWindowID = long(o[1]) + PlugWindowID = int(o[1]) except: - print >>sys.stderr, "Error: bad master window XID (%s)!" % o[1] + print("Error: bad master window XID (%s)!" % o[1], file=sys.stderr) sys.exit(1) # configuring logging diff --git a/src/msec/msecperms.py b/src/msec/msecperms.py index a52315a..2d0887a 100755 --- a/src/msec/msecperms.py +++ b/src/msec/msecperms.py @@ -1,4 +1,4 @@ -#!/usr/bin/python -O +#!/usr/bin/python3 -O """This file is responsible for permissions checking and (optionally) enforcing. """ @@ -18,7 +18,7 @@ import getopt import gettext try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str @@ -37,7 +37,7 @@ from libmsec import Log, PERMS # {{{ usage def usage(): """Prints help message""" - print """Msec: Mageia Security Center (%s). + print("""Msec: Mageia Security Center (%s). This applications verifies and (when required) enforces permissions of certain files and directories. @@ -64,7 +64,7 @@ Available parameters: will perform. -r, --root <path> path to use as root -q, --quiet run quietly -""" % (version, config.PERMCONF, config.PERMCONF) +""" % (version, config.PERMCONF, config.PERMCONF)) # }}} if __name__ == "__main__": @@ -93,13 +93,13 @@ if __name__ == "__main__": permconf = config.load_default_perms(log, level) params = permconf.list_options() if not params: - print >>sys.stderr, _("Invalid security level '%s'.") % level + print(_("Invalid security level '%s'.") % level, file=sys.stderr) sys.exit(1) for file in params: user, group, perm, force = permconf.get(file) if force: - print "!! forcing permissions on %s" % file - print "%s: %s.%s perm %s" % (file, user, group, perm) + print("!! forcing permissions on %s" % file) + print("%s: %s.%s perm %s" % (file, user, group, perm)) sys.exit(0) # debugging elif o[0] == '-d' or o[0] == '--debug': @@ -118,9 +118,9 @@ if __name__ == "__main__": # verifying use id if os.geteuid() != 0: - print >>sys.stderr, _("Msec: Mageia Security Center (%s)\n") % version - print >>sys.stderr, _("Error: This application must be executed by root!") - print >>sys.stderr, _("Run with --help to get help.") + print(_("Msec: Mageia Security Center (%s)\n") % version, file=sys.stderr) + print(_("Error: This application must be executed by root!"), file=sys.stderr) + print(_("Run with --help to get help."), file=sys.stderr) sys.exit(1) # configuring logging diff --git a/src/msec/plugins/audit.py b/src/msec/plugins/audit.py index 2a68aa2..8dee7ab 100755 --- a/src/msec/plugins/audit.py +++ b/src/msec/plugins/audit.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for auditing checks""" # main plugin class name @@ -10,7 +10,7 @@ import config import gettext # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str diff --git a/src/msec/plugins/log.py b/src/msec/plugins/log.py index b7465c7..993d3c0 100755 --- a/src/msec/plugins/log.py +++ b/src/msec/plugins/log.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for log file handling""" # main plugin class name @@ -12,7 +12,7 @@ import config # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str diff --git a/src/msec/plugins/msec.py b/src/msec/plugins/msec.py index 16deef2..fa8a41d 100755 --- a/src/msec/plugins/msec.py +++ b/src/msec/plugins/msec.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for enforcing local security settings""" # main plugin class name @@ -17,7 +17,7 @@ import config import gettext # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str @@ -434,12 +434,12 @@ class msec: liloconf = self.configfiles.get_config_file(LILOCONF) liloconf.exists() and (liloconf.replace_line_matching('^password=', 'password="' + value + '"', 0, 1) or \ liloconf.insert_after('^boot=', 'password="' + value + '"')) and \ - Perms.chmod(liloconf.path, 0600) + Perms.chmod(liloconf.path, 0o600) # TODO encrypt password in grub menulst = self.configfiles.get_config_file(MENULST) menulst.exists() and (menulst.replace_line_matching('^password\s', 'password "' + value + '"') or \ menulst.insert_at(0, 'password "' + value + '"')) and \ - Perms.chmod(menulst.path, 0600) + Perms.chmod(menulst.path, 0o600) # TODO add yaboot support def nopassword_loader(self): diff --git a/src/msec/plugins/network.py b/src/msec/plugins/network.py index cbee32d..ecaae94 100755 --- a/src/msec/plugins/network.py +++ b/src/msec/plugins/network.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for enforcing network security settings""" # main plugin class name @@ -17,7 +17,7 @@ import config import gettext # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str diff --git a/src/msec/plugins/pam.py b/src/msec/plugins/pam.py index 353fa2a..e02b6d9 100755 --- a/src/msec/plugins/pam.py +++ b/src/msec/plugins/pam.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for enforcing pam-related settings""" # main plugin class name @@ -14,7 +14,7 @@ import config # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str diff --git a/src/msec/plugins/sectool.py b/src/msec/plugins/sectool.py index 392c5c3..72115a1 100755 --- a/src/msec/plugins/sectool.py +++ b/src/msec/plugins/sectool.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for running sectool tests""" # main plugin class name @@ -14,7 +14,7 @@ import config # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str diff --git a/src/msec/plugins/sudo.py b/src/msec/plugins/sudo.py index b61a078..1f9eddd 100755 --- a/src/msec/plugins/sudo.py +++ b/src/msec/plugins/sudo.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 """Msec plugin for sudo""" # main plugin class name @@ -14,7 +14,7 @@ import config # localization try: - gettext.install('msec', unicode=1) + gettext.install('msec') except IOError: _ = str diff --git a/src/msec/tools.py b/src/msec/tools.py index cb9d1bf..baaeca2 100755 --- a/src/msec/tools.py +++ b/src/msec/tools.py @@ -1,4 +1,4 @@ -#!/usr/bin/python +#!/usr/bin/python3 # # msec: helper tools # @@ -14,7 +14,7 @@ from config import Narg, SYS_ENC # localization import gettext try: - gettext.install("msec", unicode=1) + gettext.install("msec") except IOError: _ = str @@ -32,7 +32,7 @@ def find_firewall_info(log): if l[:3] == "-A ": firewall_entries.append(l.strip()) except: - log.error(_("Unable to parse firewall configuration: %s") % Narg(sys.exc_value)) + log.error(_("Unable to parse firewall configuration: %s") % Narg(sys.exc_info()[1])) # not find out if the firewall is enabled if len(firewall_entries) == 0: firewall_status = _("Disabled") @@ -48,7 +48,7 @@ def get_updates_status(log, updatedir="/var/lib/urpmi"): updated = time.localtime(ret[stat.ST_MTIME]) status = _("Last updated: %s") % Narg(updated_s) except: - log.error(_("Unable to access %s: %s") % (updatedir, Narg(sys.exc_value))) + log.error(_("Unable to access %s: %s") % (updatedir, Narg(sys.exc_info()[1]))) status = _("Unable to determine update status") return status -- 2.3.8
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 16524
:
6881
|
6883
|
6884
|
6885
|
6886
|
6898
|
6899
|
6900
|
6901
|
6913
|
6922
|
6928