Added syslog logging and some command line arguments
-s: Do NOT log to syslog : Log errors only -v: + executed command -vv: + matching regexp -vvv: + command output & return code
This commit is contained in:
Sven Velt
parent
be2ff6a2cd
commit
f0a969d40f
|
|
@ -1,10 +1,27 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
|
|
||||||
|
import argparse
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import shlex
|
import shlex
|
||||||
import subprocess
|
import subprocess
|
||||||
import sys
|
import sys
|
||||||
|
import syslog
|
||||||
|
|
||||||
|
parser = argparse.ArgumentParser()
|
||||||
|
parser.add_argument('--verbose', '-v', action='count', default=0)
|
||||||
|
parser.add_argument('--silent', action='store_true', default=False)
|
||||||
|
args = parser.parse_args()
|
||||||
|
|
||||||
|
if args.silent:
|
||||||
|
args.verbose = -1
|
||||||
|
|
||||||
|
if args.verbose >= 0:
|
||||||
|
syslog.openlog(
|
||||||
|
ident=sys.argv[0],
|
||||||
|
logoption=syslog.LOG_PID,
|
||||||
|
facility=syslog.LOG_LOCAL3 | syslog.LOG_ERR
|
||||||
|
)
|
||||||
|
|
||||||
allowed = [
|
allowed = [
|
||||||
##### System informations
|
##### System informations
|
||||||
|
|
@ -34,21 +51,36 @@ allowed = [
|
||||||
cmdline = os.getenv('SSH_ORIGINAL_COMMAND')
|
cmdline = os.getenv('SSH_ORIGINAL_COMMAND')
|
||||||
if not cmdline:
|
if not cmdline:
|
||||||
print('This is just a wrapper, no command specified!')
|
print('This is just a wrapper, no command specified!')
|
||||||
|
if args.verbose >= 0:
|
||||||
|
syslog.syslog('Called without SSH_ORIGINAL_COMMAND')
|
||||||
sys.exit(3)
|
sys.exit(3)
|
||||||
|
|
||||||
for maybe in allowed:
|
for maybe in allowed:
|
||||||
if re.match(maybe, cmdline):
|
if re.match(maybe, cmdline):
|
||||||
cmdline = shlex.split(cmdline)
|
if args.verbose >= 2:
|
||||||
|
syslog.syslog(syslog.LOG_INFO, 'Found command line >%s< with regexp >%s<' % ( cmdline, maybe ) )
|
||||||
|
cmdlinelist = shlex.split(cmdline)
|
||||||
|
|
||||||
try:
|
try:
|
||||||
cmd = subprocess.Popen(cmdline, stdout=subprocess.PIPE)
|
cmd = subprocess.Popen(cmdlinelist, stdout=subprocess.PIPE)
|
||||||
except Exception as exc:
|
except Exception as exc:
|
||||||
print('Could not execute plugin ("%s"): %s' % (' '.join(cmdline), exc))
|
print('Could not execute plugin ("%s"): %s' % cmdline)
|
||||||
|
if args.verbose >= 0:
|
||||||
|
syslog.syslog('Could not execute plugin >%s<' % cmdline)
|
||||||
sys.exit(3)
|
sys.exit(3)
|
||||||
else:
|
else:
|
||||||
print(cmd.communicate()[0].rstrip().decode('utf-8'))
|
(out, outerr) = cmd.communicate()
|
||||||
|
out = out.rstrip().decode('utf-8')
|
||||||
|
outerr = (outerr or b'').rstrip().decode('utf-8')
|
||||||
|
print(out)
|
||||||
|
if args.verbose >= 1:
|
||||||
|
syslog.syslog('Executed command line >%s<' % cmdline)
|
||||||
|
if args.verbose >= 3:
|
||||||
|
syslog.syslog('Output >%s<, Error >%s<' % (out, outerr))
|
||||||
sys.exit(cmd.returncode)
|
sys.exit(cmd.returncode)
|
||||||
|
|
||||||
print('%s: No allowed command found!' % sys.argv[0])
|
print('%s: No allowed command found!' % sys.argv[0])
|
||||||
|
if args.verbose >= 0:
|
||||||
|
syslog.syslog('No allowed command found for >%s<' % cmdline)
|
||||||
sys.exit(3)
|
sys.exit(3)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue