-_gDddlZddlmZddlmZmZmZGddeeZy)N)glob)PluginIndependentPlugin PluginOptcDeZdZdZdZdZeddedgZdZ d Z d Z y ) SshzSecure shell servicessh)servicessecuritysystemidentity userconfsTz5Changes whether module will collect user .ssh configs)defaultval_typedescc|jdddgd}|j||j||jdr|j yy)N sshd_config ssh_config)z/etc/ssh/sshd_config$z/etc/ssh/ssh_config$)z/etc/ssh/ssh_configz/etc/ssh/sshd_configz/etc/ssh/sshd_config.d/*r) add_file_tags add_copy_specincluded_configs get_optionuser_ssh_files_permissions)selfsshcfgss 8/usr/lib/python3/dist-packages/sos/report/plugins/ssh.pysetupz Ssh.setups_ %2$0   7# g& ??; '  + + - (c. |Dcgc]}t|dc}Dcgc] }|D]}| }}}|D]}|jdd}t|j|dd5}|D]v} t | jdk(s| j d r1| j j d sQ| j} |j| d | x d d d y cc}wcc}}w#1swYxYw#t$rYy wxYw)z Include subconfig files T) recursive/rUTF-8encodingr#include)tagsN) rsplitopen path_joinlen startswithlowerr Exception) rrcopyspecfilesfcfgfilessshcfgtagcfgfilelineconfargs rrzSsh.included_configs3s9 DK 7?DT2  H # Ell3'+$..0##*, E/6 'Etzz|,1T__S5I$::<229=&*jjlG ..wqz.DE E E E   E E   sJDC1DC69D)AC<=(C<& D1 D<D D DDctj}i} tddd5}|D]}|jdd\}}|||< dddhd }|D]n}|j |vr1||j |vr |jd |j d B|j|j d } |j| py#1swYxYw#t$r|j dYywxYw) z Iterate over .ssh folders in user homes to see their permissions. Bad permissions can prevent SSH from allowing access to given user. z /proc/mountsr#r$r%r)NzCouldn't read /proc/mounts>nfsnfs4autofszSkipping capture in z because it's a remote directoryz.ssh) pwdgetpwallr,r+r1 _log_errorpw_dir _log_infor-add_dir_listing) r users_data fs_mount_info mounts_filer9fs_file fs_vstype non_local_fsuserhome_dirs rrzSsh.user_ssh_files_permissionsKs \\^   ncG< 7 '7D+/::<!+<(Wi-6M'*7 71  +D{{m+!$++.,>.t{{m:;~~dkk6:H   * + 7 7  OO8 9  s(C#C  C CCC32C3N) __name__ __module__ __qualname__ short_desc plugin_nameprofilesrstr option_listrrrrrrrs<'JK=H +tc4 6K .,0+rr)r@rsos.report.pluginsrrrrrVrrrXs$ CCW+&#W+r