CloudyScripts 1.8.39 → 1.9.40
Sign up to get free protection for your applications and to get access to all the features.
- data/Rakefile +1 -1
- data/lib/scripts/ec2/ec2_script.rb +1 -1
- data/lib/scripts/ec2/snapshot_optimization.rb +174 -0
- metadata +165 -175
data/Rakefile
CHANGED
@@ -12,7 +12,7 @@ require 'rake/testtask'
|
|
12
12
|
|
13
13
|
spec = Gem::Specification.new do |s|
|
14
14
|
s.name = 'CloudyScripts'
|
15
|
-
s.version = '1.
|
15
|
+
s.version = '1.9.40'
|
16
16
|
s.has_rdoc = true
|
17
17
|
s.extra_rdoc_files = ['README.rdoc', 'LICENSE']
|
18
18
|
s.summary = 'Scripts to facilitate programming for infrastructure clouds.'
|
@@ -61,7 +61,7 @@ class Ec2Script
|
|
61
61
|
@result[:failed] = false
|
62
62
|
end
|
63
63
|
rescue Exception => e
|
64
|
-
@logger.warn "exception during
|
64
|
+
@logger.warn "exception during execution: #{e}"
|
65
65
|
@logger.warn e.backtrace.join("\n")
|
66
66
|
err = e.to_s
|
67
67
|
err += " (in #{current_state.end_state.to_s})" unless current_state == nil
|
@@ -0,0 +1,174 @@
|
|
1
|
+
require "help/script_execution_state"
|
2
|
+
require "scripts/ec2/ec2_script"
|
3
|
+
require "help/remote_command_handler"
|
4
|
+
#require "help/dm_crypt_helper"
|
5
|
+
require "help/ec2_helper"
|
6
|
+
require "AWS"
|
7
|
+
|
8
|
+
# Identifies a number of resources that can be deleted:
|
9
|
+
# - duplicate snapshots for a given volume exceeding a certain threshold
|
10
|
+
# - unattached volumes created more than 1 day ago
|
11
|
+
|
12
|
+
class SnapshotOptimization < Ec2Script
|
13
|
+
# Input parameters
|
14
|
+
# * ec2_api_handler => object that allows to access the EC2 API
|
15
|
+
def initialize(input_params)
|
16
|
+
super(input_params)
|
17
|
+
end
|
18
|
+
|
19
|
+
def check_input_parameters()
|
20
|
+
if @input_params[:ec2_api_handler] == nil
|
21
|
+
raise Exception.new("no EC2 handler specified")
|
22
|
+
end
|
23
|
+
if @input_params[:delete_snapshots] == nil
|
24
|
+
@input_params[:delete_snapshots] = false
|
25
|
+
end
|
26
|
+
if @input_params[:delete_volumes] == nil
|
27
|
+
@input_params[:delete_volumes] = false
|
28
|
+
end
|
29
|
+
if @input_params[:max_duplicate_snapshots] == nil
|
30
|
+
@input_params[:max_duplicate_snapshots] = 5
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
def load_initial_state()
|
35
|
+
SnapshotOptimizationState.load_state(@input_params)
|
36
|
+
end
|
37
|
+
|
38
|
+
private
|
39
|
+
|
40
|
+
# Here begins the state machine implementation
|
41
|
+
class SnapshotOptimizationState < ScriptExecutionState
|
42
|
+
def self.load_state(context)
|
43
|
+
state = context[:initial_state] == nil ? RetrieveSnapshots.new(context) : context[:initial_state]
|
44
|
+
state
|
45
|
+
end
|
46
|
+
|
47
|
+
end
|
48
|
+
|
49
|
+
# Nothing done yet. Retrieve all snapshots
|
50
|
+
class RetrieveSnapshots < SnapshotOptimizationState
|
51
|
+
def enter
|
52
|
+
post_message("Going to retrieve snapshots on EC2")
|
53
|
+
@context[:result][:duplicate_snapshots] = []
|
54
|
+
@context[:result][:orphan_volumes] = []
|
55
|
+
#
|
56
|
+
@context[:snapshots] = ec2_handler().describe_snapshots(:owner => "self")
|
57
|
+
@logger.info("all snapshots => #{@context[:snapshots].inspect}")
|
58
|
+
IdentifyDuplicateSnapshots.new(@context)
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
# All snapshots retrieved. Group them by volume and identify duplicates
|
63
|
+
class IdentifyDuplicateSnapshots < SnapshotOptimizationState
|
64
|
+
def enter
|
65
|
+
post_message("Going to check for duplicates among snapshots")
|
66
|
+
volume_map = {}
|
67
|
+
unless @context[:snapshots]['snapshotSet'] == nil
|
68
|
+
@context[:snapshots]['snapshotSet']['item'].each() do |snapshot|
|
69
|
+
next unless snapshot['progress'] == "100%"
|
70
|
+
next if snapshot['ownerAlias'] == "amazon"
|
71
|
+
snaps = volume_map[snapshot['volumeId']]
|
72
|
+
if snaps == nil
|
73
|
+
snaps = []
|
74
|
+
volume_map[snapshot['volumeId']] = snaps
|
75
|
+
end
|
76
|
+
snaps << snapshot
|
77
|
+
end
|
78
|
+
end
|
79
|
+
#
|
80
|
+
volume_map.each() do |volume_id, snapshots|
|
81
|
+
to_delete = snapshots.size - @context[:max_duplicate_snapshots]
|
82
|
+
if to_delete <= 0
|
83
|
+
post_message("Number of snapshots for volume #{volume_id} (=#{snapshots.size}) is smaller than #{@context[:max_duplicate_snapshots]} => ignore")
|
84
|
+
else
|
85
|
+
sorted_snaps = snapshots.sort() do |snap1, snap2|
|
86
|
+
Time.parse(snap1['startTime']) <=> Time.parse(snap2['startTime'])
|
87
|
+
end
|
88
|
+
post_message("Identified #{to_delete} snapshots for volume #{volume_id}")
|
89
|
+
@logger.info("not sorted = #{snapshots.inspect}")
|
90
|
+
@logger.info("sorted snaps = #{sorted_snaps.inspect}")
|
91
|
+
0.upto(to_delete-1) do |i|
|
92
|
+
@context[:result][:duplicate_snapshots] << sorted_snaps[i]['snapshotId']
|
93
|
+
end
|
94
|
+
end
|
95
|
+
end
|
96
|
+
if @context[:delete_snapshots]
|
97
|
+
DeleteDuplicateSnapshots.new(@context)
|
98
|
+
else
|
99
|
+
RetrieveVolumes.new(@context)
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
|
104
|
+
# Duplicate snapshots identified. Retrieve volumes.
|
105
|
+
class DeleteDuplicateSnapshots < SnapshotOptimizationState
|
106
|
+
def enter
|
107
|
+
post_message("Going to delete #{@context[:result][:duplicate_snapshots].size} snapshots")
|
108
|
+
@context[:result][:duplicate_snapshots].each() do |snapshot_id|
|
109
|
+
post_message("Going to delete snapshot #{snapshot_id}")
|
110
|
+
ec2_handler().delete_snapshot(:snapshot_id => snapshot_id)
|
111
|
+
end
|
112
|
+
RetrieveVolumes.new(@context)
|
113
|
+
end
|
114
|
+
end
|
115
|
+
|
116
|
+
# Duplicate snapshots deleted. Retrieve volumes.
|
117
|
+
class RetrieveVolumes < SnapshotOptimizationState
|
118
|
+
def enter
|
119
|
+
post_message("Going to retrieve EBS volumes on EC2")
|
120
|
+
@context[:volumes] = ec2_handler().describe_volumes()
|
121
|
+
IdentifyOrphanVolumes.new(@context)
|
122
|
+
end
|
123
|
+
end
|
124
|
+
|
125
|
+
# Volumes retrieved. Identify unattached volumes that are older than a day
|
126
|
+
class IdentifyOrphanVolumes < SnapshotOptimizationState
|
127
|
+
def enter
|
128
|
+
post_message("Going to check for unattached volumes")
|
129
|
+
@logger.info("all volumes => #{@context[:volumes].inspect}")
|
130
|
+
unless @context[:volumes]['volumeSet'] == nil
|
131
|
+
@context[:volumes]['volumeSet']['item'].each() do |volume|
|
132
|
+
if volume['status'] == "available"
|
133
|
+
age = Time.now.to_i - Time.parse(volume['createTime']).to_i
|
134
|
+
@logger.info("age of orphan #{volume['volumeId']}: #{age/(60*60*24).to_f} days")
|
135
|
+
if age < 60*60*24
|
136
|
+
post_message("Volume #{volume['volumeId']} is unattached, but created within the last 24h => ignore")
|
137
|
+
else
|
138
|
+
post_message("Identified unattached volume #{volume['volumeId']}")
|
139
|
+
@context[:result][:orphan_volumes] << volume['volumeId']
|
140
|
+
end
|
141
|
+
@logger.info("complete info on volume: #{volume.inspect}")
|
142
|
+
else
|
143
|
+
post_message("Volume #{volume['volumeId']} is attached => ignore")
|
144
|
+
end
|
145
|
+
end
|
146
|
+
end
|
147
|
+
if @context[:delete_volumes]
|
148
|
+
DeleteUnattachedVolumes.new(@context)
|
149
|
+
else
|
150
|
+
Done.new(@context)
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
# Nothing done yet. Retrieve all security groups
|
156
|
+
class DeleteUnattachedVolumes < SnapshotOptimizationState
|
157
|
+
def enter
|
158
|
+
post_message("Going to delete #{@context[:result][:orphan_volumes].size} volumes")
|
159
|
+
@context[:result][:orphan_volumes].each() do |volume_id|
|
160
|
+
post_message("Going to delete volume #{volume_id}")
|
161
|
+
ec2_handler().delete_volume(:volume_id => volume_id)
|
162
|
+
end
|
163
|
+
Done.new(@context)
|
164
|
+
end
|
165
|
+
end
|
166
|
+
|
167
|
+
# Script done.
|
168
|
+
class Done < SnapshotOptimizationState
|
169
|
+
def done?
|
170
|
+
true
|
171
|
+
end
|
172
|
+
end
|
173
|
+
|
174
|
+
end
|
metadata
CHANGED
@@ -1,13 +1,12 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: CloudyScripts
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
hash: 121
|
5
4
|
prerelease: false
|
6
5
|
segments:
|
7
6
|
- 1
|
8
|
-
-
|
9
|
-
-
|
10
|
-
version: 1.
|
7
|
+
- 9
|
8
|
+
- 40
|
9
|
+
version: 1.9.40
|
11
10
|
platform: ruby
|
12
11
|
authors:
|
13
12
|
- Matthias Jung
|
@@ -15,18 +14,16 @@ autorequire:
|
|
15
14
|
bindir: bin
|
16
15
|
cert_chain: []
|
17
16
|
|
18
|
-
date: 2011-08-
|
17
|
+
date: 2011-08-25 00:00:00 +02:00
|
19
18
|
default_executable:
|
20
19
|
dependencies:
|
21
20
|
- !ruby/object:Gem::Dependency
|
22
21
|
name: amazon-ec2
|
23
22
|
prerelease: false
|
24
23
|
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
24
|
requirements:
|
27
25
|
- - ">="
|
28
26
|
- !ruby/object:Gem::Version
|
29
|
-
hash: 3
|
30
27
|
segments:
|
31
28
|
- 0
|
32
29
|
version: "0"
|
@@ -36,11 +33,9 @@ dependencies:
|
|
36
33
|
name: net-ssh
|
37
34
|
prerelease: false
|
38
35
|
requirement: &id002 !ruby/object:Gem::Requirement
|
39
|
-
none: false
|
40
36
|
requirements:
|
41
37
|
- - ">="
|
42
38
|
- !ruby/object:Gem::Version
|
43
|
-
hash: 3
|
44
39
|
segments:
|
45
40
|
- 0
|
46
41
|
version: "0"
|
@@ -50,11 +45,9 @@ dependencies:
|
|
50
45
|
name: net-scp
|
51
46
|
prerelease: false
|
52
47
|
requirement: &id003 !ruby/object:Gem::Requirement
|
53
|
-
none: false
|
54
48
|
requirements:
|
55
49
|
- - ">="
|
56
50
|
- !ruby/object:Gem::Version
|
57
|
-
hash: 3
|
58
51
|
segments:
|
59
52
|
- 0
|
60
53
|
version: "0"
|
@@ -73,199 +66,200 @@ files:
|
|
73
66
|
- LICENSE
|
74
67
|
- README.rdoc
|
75
68
|
- Rakefile
|
76
|
-
- lib/audit/
|
77
|
-
- lib/audit/
|
78
|
-
- lib/audit/
|
79
|
-
- lib/audit/checks/
|
80
|
-
- lib/audit/checks/MYSQL_HISTORY_1.check
|
81
|
-
- lib/audit/checks/DISTRIBUTION_FACTS.check
|
82
|
-
- lib/audit/checks/HAS_ID.check
|
83
|
-
- lib/audit/checks/MAYBE_HAS_TAR.check
|
84
|
-
- lib/audit/checks/FIND_SHADOW_FILE.check
|
85
|
-
- lib/audit/checks/HAS_UNAME.check
|
86
|
-
- lib/audit/checks/HAS_LSB_RELEASE.check
|
87
|
-
- lib/audit/checks/MYSQL_INIT_3.check
|
88
|
-
- lib/audit/checks/VARIOUS.group
|
89
|
-
- lib/audit/checks/BACKUP_LOG.check
|
90
|
-
- lib/audit/checks/PLATFORM_FACTS.check
|
91
|
-
- lib/audit/checks/script_header.template
|
92
|
-
- lib/audit/checks/SSH_CONFIG_03.check
|
93
|
-
- lib/audit/checks/benchmark.group.ssh
|
94
|
-
- lib/audit/checks/benchmark.group
|
95
|
-
- lib/audit/checks/LYNIS_AUTH_9208.check
|
96
|
-
- lib/audit/checks/SSH_CONFIG_10.check
|
97
|
-
- lib/audit/checks/FIND_PASSWD_FILE.check
|
98
|
-
- lib/audit/checks/LYNIS_AUTH_9204.check
|
99
|
-
- lib/audit/checks/SSH_CONFIG_09.check
|
100
|
-
- lib/audit/checks/MYSQL_INIT_2.check
|
101
|
-
- lib/audit/checks/HAS_GROUPS.check
|
102
|
-
- lib/audit/checks/LOADED_MODULES.check
|
103
|
-
- lib/audit/checks/HAS_CAT.check
|
104
|
-
- lib/audit/checks/HAS_SUPERUSER.check
|
105
|
-
- lib/audit/checks/SLOW.group
|
106
|
-
- lib/audit/checks/SSH_CONFIG_04.check
|
107
|
-
- lib/audit/checks/benchmark.group.full
|
108
|
-
- lib/audit/checks/LYNIS_AUTH_9226.check
|
69
|
+
- lib/audit/benchmark_apache.zip
|
70
|
+
- lib/audit/benchmark_full.zip
|
71
|
+
- lib/audit/benchmark_ssh.zip
|
72
|
+
- lib/audit/checks/APACHE2.group
|
109
73
|
- lib/audit/checks/APACHE2_CONFIG_01.check
|
110
|
-
- lib/audit/checks/
|
111
|
-
- lib/audit/checks/
|
112
|
-
- lib/audit/checks/
|
113
|
-
- lib/audit/checks/APACHE2_INIT_1.check
|
114
|
-
- lib/audit/checks/APACHE2_INIT_2.check
|
115
|
-
- lib/audit/checks/USERS_INIT_2.check
|
116
|
-
- lib/audit/checks/PORTS_OPEN_NETSTAT.check
|
117
|
-
- lib/audit/checks/LIST_ROUTES.check
|
118
|
-
- lib/audit/checks/SSH_CONFIG_06.check
|
119
|
-
- lib/audit/checks/SSH_INIT_1.check
|
120
|
-
- lib/audit/checks/SLOW_1.check
|
121
|
-
- lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check
|
74
|
+
- lib/audit/checks/APACHE2_CONFIG_02.check
|
75
|
+
- lib/audit/checks/APACHE2_CONFIG_03.check
|
76
|
+
- lib/audit/checks/APACHE2_CONFIG_04.check
|
122
77
|
- lib/audit/checks/APACHE2_CONFIG_05.check
|
123
|
-
- lib/audit/checks/HAS_FIND.check
|
124
|
-
- lib/audit/checks/LASTLOG.check
|
125
|
-
- lib/audit/checks/HAS_WHO.check
|
126
|
-
- lib/audit/checks/USERS_INIT_5.check
|
127
|
-
- lib/audit/checks/HAS_TAIL.check
|
128
|
-
- lib/audit/checks/header.template
|
129
|
-
- lib/audit/checks/HAS_NETSTAT.check
|
130
|
-
- lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check
|
131
|
-
- lib/audit/checks/HAS_ROUTE.check
|
132
|
-
- lib/audit/checks/PASSWORD_INFORMATION.check
|
133
|
-
- lib/audit/checks/FIND_SUDOERS_FILE.check
|
134
78
|
- lib/audit/checks/APACHE2_CONFIG_06.check
|
135
|
-
- lib/audit/checks/
|
136
|
-
- lib/audit/checks/
|
79
|
+
- lib/audit/checks/APACHE2_INIT_1.check
|
80
|
+
- lib/audit/checks/APACHE2_INIT_2.check
|
81
|
+
- lib/audit/checks/APACHE2_INIT_3.check
|
82
|
+
- lib/audit/checks/APACHE2_USER_7.check
|
83
|
+
- lib/audit/checks/BACKUP_HOME_DOTFILES.check
|
84
|
+
- lib/audit/checks/BACKUP_LOG.check
|
137
85
|
- lib/audit/checks/BACKUP_MAIL.check
|
138
86
|
- lib/audit/checks/BACKUP_WEB.check
|
139
|
-
- lib/audit/checks/
|
140
|
-
- lib/audit/checks/HAS_TAR.check
|
141
|
-
- lib/audit/checks/benchmark.ssh.zip
|
142
|
-
- lib/audit/checks/HAS_CUT.check
|
143
|
-
- lib/audit/checks/SLOW_3.check
|
144
|
-
- lib/audit/checks/APACHE2_INIT_3.check
|
145
|
-
- lib/audit/checks/SSH_INIT_2.check
|
146
|
-
- lib/audit/checks/SSH_CONFIG_01.check
|
87
|
+
- lib/audit/checks/benchmark.group
|
147
88
|
- lib/audit/checks/benchmark.group.apache
|
148
|
-
- lib/audit/checks/
|
149
|
-
- lib/audit/checks/
|
150
|
-
- lib/audit/checks/
|
151
|
-
- lib/audit/checks/
|
152
|
-
- lib/audit/checks/
|
153
|
-
- lib/audit/checks/
|
154
|
-
- lib/audit/checks/
|
155
|
-
- lib/audit/checks/APACHE2_USER_7.check
|
156
|
-
- lib/audit/checks/SSH_CONFIG_08.check
|
157
|
-
- lib/audit/checks/SSH_CONFIG_07.check
|
158
|
-
- lib/audit/checks/SSH_CONFIG_02.check
|
159
|
-
- lib/audit/checks/LYNIS_AUTH_9228.check
|
89
|
+
- lib/audit/checks/benchmark.group.full
|
90
|
+
- lib/audit/checks/benchmark.group.ssh
|
91
|
+
- lib/audit/checks/benchmark.ssh.zip
|
92
|
+
- lib/audit/checks/CONFIGURATION_BACKUP.check
|
93
|
+
- lib/audit/checks/DIRECTORY_LISTING.check
|
94
|
+
- lib/audit/checks/DISTRIBUTION_FACTS.check
|
95
|
+
- lib/audit/checks/DMESG_OUTPUT.check
|
160
96
|
- lib/audit/checks/FIND_GROUP_FILE.check
|
161
|
-
- lib/audit/checks/
|
162
|
-
- lib/audit/checks/
|
163
|
-
- lib/audit/checks/
|
164
|
-
- lib/audit/checks/
|
165
|
-
- lib/audit/checks/
|
97
|
+
- lib/audit/checks/FIND_PASSWD_FILE.check
|
98
|
+
- lib/audit/checks/FIND_SHADOW_FILE.check
|
99
|
+
- lib/audit/checks/FIND_SUDOERS_FILE.check
|
100
|
+
- lib/audit/checks/footer.template
|
101
|
+
- lib/audit/checks/FREE_SPACE.check
|
166
102
|
- lib/audit/checks/HAS_AWK.check
|
167
|
-
- lib/audit/checks/MOUNTED_DEVICES.check
|
168
|
-
- lib/audit/checks/MAYBE_HAS_HOSTNAME.check
|
169
|
-
- lib/audit/checks/SSH_CONFIG_05.check
|
170
103
|
- lib/audit/checks/HAS_BASE.check
|
104
|
+
- lib/audit/checks/HAS_CAT.check
|
105
|
+
- lib/audit/checks/HAS_COMPRESSOR.check
|
106
|
+
- lib/audit/checks/HAS_CUT.check
|
107
|
+
- lib/audit/checks/HAS_DF.check
|
108
|
+
- lib/audit/checks/HAS_DPKG.check
|
109
|
+
- lib/audit/checks/HAS_FILE_DOWNLOADER.check
|
110
|
+
- lib/audit/checks/HAS_FIND.check
|
171
111
|
- lib/audit/checks/HAS_GREP.check
|
172
|
-
- lib/audit/checks/
|
173
|
-
- lib/audit/checks/
|
174
|
-
- lib/audit/checks/
|
175
|
-
- lib/audit/checks/
|
176
|
-
- lib/audit/checks/
|
112
|
+
- lib/audit/checks/HAS_GROUPCHECK.check
|
113
|
+
- lib/audit/checks/HAS_GROUPS.check
|
114
|
+
- lib/audit/checks/HAS_HOSTNAME.check
|
115
|
+
- lib/audit/checks/HAS_ID.check
|
116
|
+
- lib/audit/checks/HAS_LSB_RELEASE.check
|
117
|
+
- lib/audit/checks/HAS_MOUNT.check
|
118
|
+
- lib/audit/checks/HAS_NETSTAT.check
|
119
|
+
- lib/audit/checks/HAS_PASSWD_CHECK.check
|
177
120
|
- lib/audit/checks/HAS_PS.check
|
178
|
-
- lib/audit/checks/
|
179
|
-
- lib/audit/checks/CONFIGURATION_BACKUP.check
|
121
|
+
- lib/audit/checks/HAS_ROUTE.check
|
180
122
|
- lib/audit/checks/HAS_SH.check
|
181
|
-
- lib/audit/checks/
|
182
|
-
- lib/audit/checks/
|
183
|
-
- lib/audit/checks/
|
184
|
-
- lib/audit/checks/
|
185
|
-
- lib/audit/checks/
|
186
|
-
- lib/audit/checks/
|
123
|
+
- lib/audit/checks/HAS_SORT.check
|
124
|
+
- lib/audit/checks/HAS_STAT.check
|
125
|
+
- lib/audit/checks/HAS_SUPERUSER.check
|
126
|
+
- lib/audit/checks/HAS_TAIL.check
|
127
|
+
- lib/audit/checks/HAS_TAR.check
|
128
|
+
- lib/audit/checks/HAS_TR.check
|
129
|
+
- lib/audit/checks/HAS_UNAME.check
|
130
|
+
- lib/audit/checks/HAS_UNIQ.check
|
131
|
+
- lib/audit/checks/HAS_WC.check
|
132
|
+
- lib/audit/checks/HAS_WHO.check
|
133
|
+
- lib/audit/checks/HAS_YUM.check
|
134
|
+
- lib/audit/checks/header.template
|
135
|
+
- lib/audit/checks/helpers/head.sh
|
136
|
+
- lib/audit/checks/LASTLOG.check
|
137
|
+
- lib/audit/checks/LIST_ROUTES.check
|
187
138
|
- lib/audit/checks/LIST_USER_ACCOUNTS.check
|
188
|
-
- lib/audit/checks/
|
189
|
-
- lib/audit/checks/
|
139
|
+
- lib/audit/checks/LOADED_MODULES.check
|
140
|
+
- lib/audit/checks/LOCAL_NMAP.check
|
141
|
+
- lib/audit/checks/LOGGED_USERS.check
|
142
|
+
- lib/audit/checks/LYNIS_AUTH.group
|
143
|
+
- lib/audit/checks/LYNIS_AUTH_9204.check
|
144
|
+
- lib/audit/checks/LYNIS_AUTH_9208.check
|
145
|
+
- lib/audit/checks/LYNIS_AUTH_9216.check
|
146
|
+
- lib/audit/checks/LYNIS_AUTH_9222.check
|
147
|
+
- lib/audit/checks/LYNIS_AUTH_9226.check
|
148
|
+
- lib/audit/checks/LYNIS_AUTH_9228.check
|
149
|
+
- lib/audit/checks/LYNIS_AUTH_9252.check
|
150
|
+
- lib/audit/checks/MAYBE_HAS_BZIP2.check
|
190
151
|
- lib/audit/checks/MAYBE_HAS_CURL.check
|
191
|
-
- lib/audit/checks/
|
192
|
-
- lib/audit/checks/
|
152
|
+
- lib/audit/checks/MAYBE_HAS_DU.check
|
153
|
+
- lib/audit/checks/MAYBE_HAS_HOSTNAME.check
|
154
|
+
- lib/audit/checks/MAYBE_HAS_ID.check
|
155
|
+
- lib/audit/checks/MAYBE_HAS_LSB_RELEASE.check
|
156
|
+
- lib/audit/checks/MAYBE_HAS_SUPERUSER.check
|
157
|
+
- lib/audit/checks/MAYBE_HAS_TAR.check
|
158
|
+
- lib/audit/checks/MAYBE_HAS_UNAME.check
|
159
|
+
- lib/audit/checks/MAYBE_HAS_WGET.check
|
160
|
+
- lib/audit/checks/MOUNTED_DEVICES.check
|
161
|
+
- lib/audit/checks/MYSQL_HISTORY_1.check
|
193
162
|
- lib/audit/checks/MYSQL_INIT_1.check
|
194
|
-
- lib/audit/checks/
|
195
|
-
- lib/audit/checks/
|
196
|
-
- lib/audit/checks/USERS_INIT_4.check
|
197
|
-
- lib/audit/checks/BACKUP_HOME_DOTFILES.check
|
163
|
+
- lib/audit/checks/MYSQL_INIT_2.check
|
164
|
+
- lib/audit/checks/MYSQL_INIT_3.check
|
198
165
|
- lib/audit/checks/PACKAGES_INSTALLED_DPKG.check
|
199
|
-
- lib/audit/checks/
|
200
|
-
- lib/audit/checks/
|
166
|
+
- lib/audit/checks/PACKAGES_INSTALLED_YUM.check
|
167
|
+
- lib/audit/checks/PASSWORD_INFORMATION.check
|
168
|
+
- lib/audit/checks/PLATFORM_FACTS.check
|
169
|
+
- lib/audit/checks/PORTS_OPEN_NETSTAT.check
|
170
|
+
- lib/audit/checks/PROCESS_LIST.check
|
171
|
+
- lib/audit/checks/script_header.template
|
172
|
+
- lib/audit/checks/SLOW.group
|
173
|
+
- lib/audit/checks/SLOW_1.check
|
174
|
+
- lib/audit/checks/SLOW_2.check
|
175
|
+
- lib/audit/checks/SLOW_3.check
|
201
176
|
- lib/audit/checks/SSH.group
|
202
|
-
- lib/audit/checks/
|
203
|
-
- lib/audit/
|
204
|
-
- lib/audit/
|
205
|
-
- lib/audit/
|
206
|
-
- lib/audit/
|
207
|
-
- lib/audit/
|
208
|
-
- lib/audit/
|
209
|
-
- lib/audit/
|
210
|
-
- lib/audit/
|
177
|
+
- lib/audit/checks/SSH_CONFIG_01.check
|
178
|
+
- lib/audit/checks/SSH_CONFIG_02.check
|
179
|
+
- lib/audit/checks/SSH_CONFIG_03.check
|
180
|
+
- lib/audit/checks/SSH_CONFIG_04.check
|
181
|
+
- lib/audit/checks/SSH_CONFIG_05.check
|
182
|
+
- lib/audit/checks/SSH_CONFIG_06.check
|
183
|
+
- lib/audit/checks/SSH_CONFIG_07.check
|
184
|
+
- lib/audit/checks/SSH_CONFIG_08.check
|
185
|
+
- lib/audit/checks/SSH_CONFIG_09.check
|
186
|
+
- lib/audit/checks/SSH_CONFIG_10.check
|
187
|
+
- lib/audit/checks/SSH_CONFIG_11.check
|
188
|
+
- lib/audit/checks/SSH_INIT_1.check
|
189
|
+
- lib/audit/checks/SSH_INIT_2.check
|
190
|
+
- lib/audit/checks/SSH_KEYS_1.check
|
191
|
+
- lib/audit/checks/USER_INFORMATION.check
|
192
|
+
- lib/audit/checks/USERS_INIT_1.check
|
193
|
+
- lib/audit/checks/USERS_INIT_2.check
|
194
|
+
- lib/audit/checks/USERS_INIT_3.check
|
195
|
+
- lib/audit/checks/USERS_INIT_4.check
|
196
|
+
- lib/audit/checks/USERS_INIT_5.check
|
197
|
+
- lib/audit/checks/VAR_LIST_HOME_DIRECTORIES.check
|
198
|
+
- lib/audit/checks/VARIOUS.group
|
199
|
+
- lib/audit/create_benchmark.sh
|
200
|
+
- lib/audit/lib/audit.rb
|
211
201
|
- lib/audit/lib/audit_facade.rb
|
212
|
-
- lib/audit/lib/benchmark/check.rb
|
213
|
-
- lib/audit/lib/benchmark/rule_result.rb
|
214
|
-
- lib/audit/lib/benchmark/rule_severity.rb
|
215
|
-
- lib/audit/lib/benchmark/item_exception.rb
|
216
|
-
- lib/audit/lib/benchmark/result_code.rb
|
217
202
|
- lib/audit/lib/benchmark/audit_benchmark.rb
|
218
|
-
- lib/audit/lib/benchmark/
|
203
|
+
- lib/audit/lib/benchmark/automatic_dependencies.rb
|
219
204
|
- lib/audit/lib/benchmark/benchmark_factory.rb
|
220
205
|
- lib/audit/lib/benchmark/benchmark_result.rb
|
221
|
-
- lib/audit/lib/benchmark/
|
206
|
+
- lib/audit/lib/benchmark/check.rb
|
222
207
|
- lib/audit/lib/benchmark/group.rb
|
208
|
+
- lib/audit/lib/benchmark/item_exception.rb
|
209
|
+
- lib/audit/lib/benchmark/result_code.rb
|
210
|
+
- lib/audit/lib/benchmark/rule_result.rb
|
223
211
|
- lib/audit/lib/benchmark/rule_role.rb
|
224
|
-
- lib/audit/lib/
|
225
|
-
- lib/audit/lib/
|
226
|
-
- lib/audit/lib/
|
227
|
-
- lib/audit/lib/
|
212
|
+
- lib/audit/lib/benchmark/rule_severity.rb
|
213
|
+
- lib/audit/lib/benchmark/yaml_benchmark.rb
|
214
|
+
- lib/audit/lib/connection/ami_connection.rb
|
215
|
+
- lib/audit/lib/connection/connection_factory.rb
|
216
|
+
- lib/audit/lib/connection/ssh_connection.rb
|
217
|
+
- lib/audit/lib/ec2_utils.rb
|
218
|
+
- lib/audit/lib/http_fingerprint.rb
|
219
|
+
- lib/audit/lib/lazy.rb
|
228
220
|
- lib/audit/lib/linear_script_generator.rb
|
229
|
-
- lib/audit/lib/
|
230
|
-
- lib/audit/lib/
|
231
|
-
- lib/audit/lib/
|
232
|
-
- lib/audit/lib/
|
233
|
-
- lib/audit/lib/parser/command/
|
221
|
+
- lib/audit/lib/main.rb
|
222
|
+
- lib/audit/lib/my_option_parser.rb
|
223
|
+
- lib/audit/lib/nessus_new.rb
|
224
|
+
- lib/audit/lib/nessus_utils.rb
|
225
|
+
- lib/audit/lib/parser/command/abstract_command.rb
|
226
|
+
- lib/audit/lib/parser/command/abstract_command_result.rb
|
227
|
+
- lib/audit/lib/parser/command/attach_file_command.rb
|
234
228
|
- lib/audit/lib/parser/command/check_finished_command.rb
|
235
|
-
- lib/audit/lib/parser/command/message_command.rb
|
236
|
-
- lib/audit/lib/parser/command/data_command.rb
|
237
229
|
- lib/audit/lib/parser/command/cpe_name_command.rb
|
238
|
-
- lib/audit/lib/parser/command/
|
239
|
-
- lib/audit/lib/parser/command/
|
230
|
+
- lib/audit/lib/parser/command/data_command.rb
|
231
|
+
- lib/audit/lib/parser/command/listening_port_command.rb
|
232
|
+
- lib/audit/lib/parser/command/message_command.rb
|
240
233
|
- lib/audit/lib/parser/command/program_name_command.rb
|
241
|
-
- lib/audit/lib/parser/
|
234
|
+
- lib/audit/lib/parser/parse_exception.rb
|
235
|
+
- lib/audit/lib/parser/result_type.rb
|
236
|
+
- lib/audit/lib/parser/script_output_parser.rb
|
237
|
+
- lib/audit/lib/parser/stdout_line_buffer.rb
|
242
238
|
- lib/audit/lib/ssh_fingerprint.rb
|
243
|
-
- lib/audit/lib/
|
244
|
-
- lib/audit/lib/
|
245
|
-
- lib/audit/lib/
|
246
|
-
- lib/audit/lib/
|
247
|
-
- lib/audit/lib/
|
239
|
+
- lib/audit/lib/ssh_fingerprint2.rb
|
240
|
+
- lib/audit/lib/ssh_utils.rb
|
241
|
+
- lib/audit/lib/transformers/web_view_transformer.rb
|
242
|
+
- lib/audit/lib/transformers/yaml_transformer.rb
|
243
|
+
- lib/audit/lib/util/random_string.rb
|
248
244
|
- lib/audit/lib/version.rb
|
249
|
-
- lib/
|
250
|
-
- lib/
|
251
|
-
- lib/
|
252
|
-
- lib/
|
253
|
-
- lib/
|
245
|
+
- lib/cloudyscripts.rb
|
246
|
+
- lib/help/dm_crypt_helper.rb
|
247
|
+
- lib/help/ec2_helper.rb
|
248
|
+
- lib/help/progress_message_listener.rb
|
249
|
+
- lib/help/remote_command_handler.rb
|
250
|
+
- lib/help/script_execution_state.rb
|
251
|
+
- lib/help/state_change_listener.rb
|
252
|
+
- lib/help/state_transition_helper.rb
|
254
253
|
- lib/scripts/ec2/ami2_ebs_conversion.rb
|
255
254
|
- lib/scripts/ec2/audit_via_ssh.rb
|
256
|
-
- lib/scripts/ec2/open_port_checker.rb
|
257
255
|
- lib/scripts/ec2/copy_ami.rb
|
258
256
|
- lib/scripts/ec2/copy_snapshot.rb
|
259
|
-
- lib/scripts/ec2/
|
257
|
+
- lib/scripts/ec2/dm_encrypt.rb
|
260
258
|
- lib/scripts/ec2/download_snapshot.rb
|
261
|
-
- lib/
|
262
|
-
- lib/
|
263
|
-
- lib/
|
264
|
-
- lib/
|
265
|
-
- lib/help/progress_message_listener.rb
|
266
|
-
- lib/help/remote_command_handler.rb
|
267
|
-
- lib/help/state_change_listener.rb
|
268
|
-
- lib/cloudyscripts.rb
|
259
|
+
- lib/scripts/ec2/ec2_script.rb
|
260
|
+
- lib/scripts/ec2/open_port_checker.rb
|
261
|
+
- lib/scripts/ec2/port_range_detector.rb
|
262
|
+
- lib/scripts/ec2/snapshot_optimization.rb
|
269
263
|
has_rdoc: true
|
270
264
|
homepage: http://elastic-security.com
|
271
265
|
licenses: []
|
@@ -276,27 +270,23 @@ rdoc_options: []
|
|
276
270
|
require_paths:
|
277
271
|
- lib
|
278
272
|
required_ruby_version: !ruby/object:Gem::Requirement
|
279
|
-
none: false
|
280
273
|
requirements:
|
281
274
|
- - ">="
|
282
275
|
- !ruby/object:Gem::Version
|
283
|
-
hash: 3
|
284
276
|
segments:
|
285
277
|
- 0
|
286
278
|
version: "0"
|
287
279
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
288
|
-
none: false
|
289
280
|
requirements:
|
290
281
|
- - ">="
|
291
282
|
- !ruby/object:Gem::Version
|
292
|
-
hash: 3
|
293
283
|
segments:
|
294
284
|
- 0
|
295
285
|
version: "0"
|
296
286
|
requirements: []
|
297
287
|
|
298
288
|
rubyforge_project: cloudyscripts
|
299
|
-
rubygems_version: 1.3.
|
289
|
+
rubygems_version: 1.3.6
|
300
290
|
signing_key:
|
301
291
|
specification_version: 3
|
302
292
|
summary: Scripts to facilitate programming for infrastructure clouds.
|