PyPI - acquire - Versions diffs - 3.5.dev8__tar.gz → 3.6__tar.gz - Mend

acquire 3.5.dev8tar.gz → 3.6tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

{acquire-3.5.dev8/acquire.egg-info → acquire-3.6}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: acquire
-Version: 3.5.dev8
+Version: 3.6
 Summary: A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3
@@ -36,6 +36,12 @@ However, there are some options available to use the operating system as a fallb
 For more information, please see [the documentation](https://docs.dissect.tools/en/latest/projects/acquire/index.html).
+## Requirements
+This project is part of the Dissect framework and requires Python.
+Information on the supported Python versions can be found in the Getting Started section of [the documentation](https://docs.dissect.tools/en/latest/index.html#getting-started).
 ## Installation
 `acquire` is available on [PyPI](https://pypi.org/project/acquire/).
@@ -63,12 +69,12 @@ tox
 ```
 For a more elaborate explanation on how to build and test the project, please see [the
-documentation](https://docs.dissect.tools/en/latest/contributing/developing.html#building-testing).
+documentation](https://docs.dissect.tools/en/latest/contributing/tooling.html).
 ## Contributing
 The Dissect project encourages any contribution to the codebase. To make your contribution fit into the project, please
-refer to [the style guide](https://docs.dissect.tools/en/latest/contributing/style-guide.html).
+refer to [the development guide](https://docs.dissect.tools/en/latest/contributing/developing.html).
 ## Copyright and license

{acquire-3.5.dev8 → acquire-3.6}/README.md RENAMED Viewed

@@ -20,6 +20,12 @@ However, there are some options available to use the operating system as a fallb
 For more information, please see [the documentation](https://docs.dissect.tools/en/latest/projects/acquire/index.html).
+## Requirements
+This project is part of the Dissect framework and requires Python.
+Information on the supported Python versions can be found in the Getting Started section of [the documentation](https://docs.dissect.tools/en/latest/index.html#getting-started).
 ## Installation
 `acquire` is available on [PyPI](https://pypi.org/project/acquire/).
@@ -47,12 +53,12 @@ tox
 ```
 For a more elaborate explanation on how to build and test the project, please see [the
-documentation](https://docs.dissect.tools/en/latest/contributing/developing.html#building-testing).
+documentation](https://docs.dissect.tools/en/latest/contributing/tooling.html).
 ## Contributing
 The Dissect project encourages any contribution to the codebase. To make your contribution fit into the project, please
-refer to [the style guide](https://docs.dissect.tools/en/latest/contributing/style-guide.html).
+refer to [the development guide](https://docs.dissect.tools/en/latest/contributing/developing.html).
 ## Copyright and license

{acquire-3.5.dev8 → acquire-3.6}/acquire/acquire.py RENAMED Viewed

@@ -48,6 +48,7 @@ from acquire.utils import (
     get_utc_now,
     get_utc_now_str,
     is_user_admin,
+    normalize_path,
     parse_acquire_args,
     persist_execution_report,
 )
@@ -313,11 +314,10 @@ class NTFS(Module):
     @classmethod
     def collect_usnjrnl(cls, collector: Collector, fs, name: str) -> None:
-        usnjrnl_path = fs.path("$Extend/$Usnjrnl")
         try:
+            usnjrnl_path = fs.path("$Extend/$Usnjrnl:$J")
             entry = usnjrnl_path.get()
-            journal = entry.entry.open("$J")
+            journal = entry.open()
             i = 0
             while journal.runlist[i][0] is None:
@@ -344,10 +344,10 @@ class NTFS(Module):
     @classmethod
     def collect_ntfs_secure(cls, collector: Collector, fs, name: str) -> None:
-        secure_path = fs.path("$Secure")
         try:
+            secure_path = fs.path("$Secure:$SDS")
             entry = secure_path.get()
-            sds = entry.entry.open("$SDS")
+            sds = entry.open()
             collector.output.write(
                 f"{collector.base}/{name}/$Secure:$SDS",
                 sds,
@@ -826,6 +826,7 @@ class Misc(Module):
         ("dir", "sysvol/Windows/System32/WDI/LogFiles/StartupInfo"),
         ("dir", "sysvol/windows/sysvol/domain/policies/"),
         ("dir", "sysvol/windows/system32/GroupPolicy/DataStore/"),
+        ("dir", "sysvol/ProgramData/Microsoft/Group Policy/History/"),
         ("glob", "sysvol/Windows/System32/LogFiles/SUM/*.mdb"),
     ]
@@ -1101,6 +1102,51 @@ class History(Module):
         ("glob", "/Users/*/Library/Application Support/Chromium/*/Archived History"),
         ("glob", "/Users/*/Library/Application Support/Chromium/*/Last Session"),
         ("glob", "/Users/*/Library/Application Support/Chromium/*/Last Tabs"),
+        # Chrome - RHEL/Ubuntu - DNF
+        ("glob", ".config/google-chrome/*/Bookmarks", from_user_home),
+        ("glob", ".config/google-chrome/*/Favicons", from_user_home),
+        ("glob", ".config/google-chrome/*/History", from_user_home),
+        ("glob", ".config/google-chrome/*/Login Data", from_user_home),
+        ("glob", ".config/google-chrome/*/Login Data For Account", from_user_home),
+        ("glob", ".config/google-chrome/*/Shortcuts", from_user_home),
+        ("glob", ".config/google-chrome/*/Top Sites", from_user_home),
+        ("glob", ".config/google-chrome/*/Web Data", from_user_home),
+        # Chrome - RHEL/Ubuntu - Flatpak
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Bookmarks", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Favicons", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/History", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Login Data", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Login Data For Account", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Shortcuts", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Top Sites", from_user_home),
+        ("glob", ".var/app/com.google.Chrome/config/google-chrome/*/Web Data", from_user_home),
+        # Chromium - RHEL/Ubuntu - DNF/apt
+        ("glob", ".config/chromium/*/Bookmarks", from_user_home),
+        ("glob", ".config/chromium/*/Favicons", from_user_home),
+        ("glob", ".config/chromium/*/History", from_user_home),
+        ("glob", ".config/chromium/*/Login Data", from_user_home),
+        ("glob", ".config/chromium/*/Login Data For Account", from_user_home),
+        ("glob", ".config/chromium/*/Shortcuts", from_user_home),
+        ("glob", ".config/chromium/*/Top Sites", from_user_home),
+        ("glob", ".config/chromium/*/Web Data", from_user_home),
+        # Chromium - RHEL/Ubuntu - Flatpak
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Bookmarks", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Favicons", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/History", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Login Data", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Login Data For Account", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Shortcuts", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Top Sites", from_user_home),
+        ("glob", ".var/app/org.chromium.Chromium/config/chromium/*/Web Data", from_user_home),
+        # Chromium - RHEL/Ubuntu - snap
+        ("glob", "snap/chromium/common/chromium/*/Bookmarks", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/Favicons", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/History", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/Login Data", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/Login Data For Account", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/Shortcuts", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/Top Sites", from_user_home),
+        ("glob", "snap/chromium/common/chromium/*/Web Data", from_user_home),
         # Edge
         ("glob", "AppData/Local/Microsoft/Edge/User Data/*/Bookmarks", from_user_home),
         ("glob", "AppData/Local/Microsoft/Edge/User Data/*/Extension Cookies", from_user_home),
@@ -1165,12 +1211,37 @@ class History(Module):
         ("glob", "/Users/*/Library/Application Support/Microsoft Edge/*/Shortcuts"),
         ("glob", "/Users/*/Library/Application Support/Microsoft Edge/*/Top Sites"),
         ("glob", "/Users/*/Library/Application Support/Microsoft Edge/*/Web Data"),
-        # Firefox
+        # Edge - RHEL/Ubuntu - DNF/apt
+        ("glob", ".config/microsoft-edge/*/Bookmarks", from_user_home),
+        ("glob", ".config/microsoft-edge/*/Favicons", from_user_home),
+        ("glob", ".config/microsoft-edge/*/History", from_user_home),
+        ("glob", ".config/microsoft-edge/*/Login Data", from_user_home),
+        ("glob", ".config/microsoft-edge/*/Login Data For Account", from_user_home),
+        ("glob", ".config/microsoft-edge/*/Shortcuts", from_user_home),
+        ("glob", ".config/microsoft-edge/*/Top Sites", from_user_home),
+        ("glob", ".config/microsoft-edge/*/Web Data", from_user_home),
+        # Edge - RHEL/Ubuntu - Flatpak
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Bookmarks", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Favicons", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/History", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Login Data", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Login Data For Account", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Shortcuts", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Top Sites", from_user_home),
+        ("glob", ".var/app/com.microsoft.Edge/config/microsoft-edge/*/Web Data", from_user_home),
+        # Firefox - Windows
         ("glob", "AppData/Local/Mozilla/Firefox/Profiles/*/*.sqlite*", from_user_home),
         ("glob", "AppData/Roaming/Mozilla/Firefox/Profiles/*/*.sqlite*", from_user_home),
         ("glob", "Application Data/Mozilla/Firefox/Profiles/*/*.sqlite*", from_user_home),
+        # Firefox - macOS
         ("glob", "/Users/*/Library/Application Support/Firefox/Profiles/*/*.sqlite*"),
-        # Safari
+        # Firefox - RHEL/Ubuntu - Flatpak
+        ("glob", ".var/app/org.mozilla.firefox/.mozilla/firefox/*/*.sqlite", from_user_home),
+        # Firefox - RHEL/Ubuntu - DNF/apt
+        ("glob", ".mozilla/firefox/*/*.sqlite", from_user_home),
+        # Firefox - RHEL/Ubuntu - snap
+        ("glob", "snap/firefox/common/.mozilla/firefox/*/*.sqlite", from_user_home),
+        # Safari - macOS
         ("glob", "/Users/*/Library/Safari/Bookmarks.plist"),
         ("glob", "/Users/*/Library/Safari/Downloads.plist"),
         ("glob", "/Users/*/Library/Safari/Extensions/Extensions.plist"),
@@ -1551,17 +1622,34 @@ def print_volumes_overview(target):
     log.info("")
+def print_acquire_warning(target: Target) -> None:
+    if target.os != "windows":
+        log.warning("========================================== WARNING ==========================================")
+        log.warning("")
+        log.warning(
+            "The support for operating system '%s' is experimental. Some artifacts may not yet be included and some ",
+            target.os,
+        )
+        log.warning("features may not work as expected. Please notify upstream for any missing artifacts or features.")
+        log.warning("")
+        log.warning("========================================== WARNING ==========================================")
 def acquire_target(target: Target, args: argparse.Namespace, output_ts: Optional[str] = None):
     output_ts = output_ts or get_utc_now_str()
     if args.log_to_dir:
         log_file = args.log_path.joinpath(format_output_name("Unknown", output_ts, "log"))
+        # This will also rename the log file on disk, which was opened in main(), if the name is different
         reconfigure_log_file(log, log_file, delay=True)
     else:
         log_file = args.log_path
     files = []
+    skip_list = set()
     if log_file:
         files.append(log_file)
+        if target.path.name == "local":
+            skip_list.add(normalize_path(target, log_file, resolve=True))
     print_disks_overview(target)
     print_volumes_overview(target)
@@ -1595,6 +1683,8 @@ def acquire_target(target: Target, args: argparse.Namespace, output_ts: Optional
     if target.os == "windows":
         mount_all_ntfs_filesystems(target)
+    print_acquire_warning(target)
     modules_selected = {}
     modules_successful = []
     modules_failed = {}
@@ -1638,14 +1728,19 @@ def acquire_target(target: Target, args: argparse.Namespace, output_ts: Optional
     # Prepare log file and output file names
     if log_file_handler and args.log_to_dir:
         log_file = format_output_name(target.name, output_ts, "log")
+        # This will also rename the log file on disk, which was opened and written previously.
         log_file_handler.set_filename(log_file)
-        log.info("Logging to file %s", Path(log_file_handler.baseFilename).resolve())
+        log_path = Path(log_file_handler.baseFilename).resolve()
+        log.info("Logging to file %s", log_path)
         files = [log_file_handler.baseFilename]
+        if target.path.name == "local":
+            skip_list = {normalize_path(target, log_path, resolve=True)}
     output_path = args.output
     if output_path.is_dir():
         output_dir = format_output_name(target.name, output_ts)
-        output_path = output_path.joinpath(output_dir).resolve()
+        output_path = output_path.joinpath(output_dir)
+    output_path = output_path.resolve()
     output = OUTPUTS[args.output_type](
         output_path,
@@ -1654,15 +1749,19 @@ def acquire_target(target: Target, args: argparse.Namespace, output_ts: Optional
         public_key=args.public_key,
     )
     files.append(output.path)
+    if target.path.name == "local":
+        skip_list.add(normalize_path(target, output.path, resolve=True))
     log.info("Writing output to %s", output.path)
+    if skip_list:
+        log.info("Skipping own files: %s", ", ".join(skip_list))
     log.info("")
     dir_base = "fs"
     if target.os != "windows":
         dir_base = "fs/$rootfs$"
-    with Collector(target, output, base=dir_base) as collector:
+    with Collector(target, output, base=dir_base, skip_list=skip_list) as collector:
         # Acquire specified files
         if args.file or args.directory or args.glob:
             log.info("*** Acquiring specified paths")

{acquire-3.5.dev8 → acquire-3.6}/acquire/collector.py RENAMED Viewed

@@ -20,7 +20,7 @@ from dissect.target.exceptions import (
 )
 from dissect.target.helpers import fsutil
-from acquire.utils import StrEnum, get_formatted_exception
+from acquire.utils import StrEnum, get_formatted_exception, normalize_path
 if TYPE_CHECKING:
     from acquire.outputs.base import Output
@@ -179,10 +179,11 @@ class Collector:
     METADATA_BASE = "$metadata$"
     COMMAND_OUTPUT_BASE = f"{METADATA_BASE}/command-output"
-    def __init__(self, target: Target, output: Output, base="fs"):
+    def __init__(self, target: Target, output: Output, base: str = "fs", skip_list: Optional[set] = None):
         self.target = target
         self.output = output
         self.base = base
+        self.skip_list = skip_list or set()
         self.report = CollectionReport()
         self.bound_module_name = None
@@ -358,7 +359,7 @@ class Collector:
             glob_is_empty = True
             for entry in self.target.fs.path("/").glob(pattern.lstrip("/")):
                 glob_is_empty = False
-                self.collect_path(entry)
+                self.collect_path(entry, module_name=module_name)
         except Exception:
             log.error("- Failed to collect glob %s", pattern, exc_info=True)
             self.report.add_glob_failed(module_name, pattern)
@@ -383,6 +384,11 @@ class Collector:
         if not isinstance(path, fsutil.TargetPath):
             path = self.target.fs.path(path)
+        if self.skip_list and normalize_path(self.target, path) in self.skip_list:
+            self.report.add_path_failed(module_name, path)
+            log.error("- Skipping collection of %s, path is on the skip list", path)
+            return
         try:
             # If a path does not exist, is_dir(), is_file() and is_symlink() will return False (and not raise an
             # exception), so we need to explicitly trigger an exception for this using path.get().

{acquire-3.5.dev8 → acquire-3.6}/acquire/utils.py RENAMED Viewed

@@ -4,6 +4,8 @@ import datetime
 import getpass
 import json
 import os
+import pathlib
+import re
 import sys
 import textwrap
 import traceback
@@ -13,6 +15,7 @@ from pathlib import Path
 from stat import S_IRGRP, S_IROTH, S_IRUSR
 from typing import Any, Optional
+from dissect.target import Target
 from dissect.util.stream import AlignedStream
 from acquire.outputs import OUTPUTS
@@ -63,7 +66,20 @@ class VolatileStream(AlignedStream):
         return False
     def _read(self, offset: int, length: int) -> bytes:
-        return os.read(self.fd, min(length, self.size - offset))
+        result = []
+        while length:
+            try:
+                buf = os.read(self.fd, min(length, self.size - offset))
+            except BlockingIOError:
+                break
+            if not buf:
+                break
+            result.append(buf)
+            offset += len(buf)
+            length -= len(buf)
+        return b"".join(result)
 class StrEnum(str, Enum):
@@ -379,3 +395,22 @@ def format_output_name(prefix: str, postfix: Optional[str] = None, ext: Optional
 def persist_execution_report(path: Path, report_data: dict) -> Path:
     with open(path, "w") as f:
         f.write(json.dumps(report_data, sort_keys=True, indent=4))
+SYSVOL_SUBST = re.compile(r"^(/\?\?/)?[cC]:")
+def normalize_path(target: Target, path: pathlib.Path, resolve: bool = False) -> str:
+    if resolve:
+        path = path.resolve()
+    path = path.as_posix()
+    if not target.fs.case_sensitive:
+        path = path.lower()
+    if target.os == "windows":
+        # As dissect.target always maps c: onto sysvol, we can do this substitution here.
+        path = SYSVOL_SUBST.sub("sysvol", path)
+    return path

acquire-3.6/acquire/version.py ADDED Viewed

@@ -0,0 +1,4 @@
+# file generated by setuptools_scm
+# don't change, don't track in version control
+__version__ = version = '3.6'
+__version_tuple__ = version_tuple = (3, 6)

{acquire-3.5.dev8 → acquire-3.6/acquire.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: acquire
-Version: 3.5.dev8
+Version: 3.6
 Summary: A tool to quickly gather forensic artifacts from disk images or a live system into a lightweight container
 Author-email: Dissect Team <dissect@fox-it.com>
 License: Affero General Public License v3
@@ -36,6 +36,12 @@ However, there are some options available to use the operating system as a fallb
 For more information, please see [the documentation](https://docs.dissect.tools/en/latest/projects/acquire/index.html).
+## Requirements
+This project is part of the Dissect framework and requires Python.
+Information on the supported Python versions can be found in the Getting Started section of [the documentation](https://docs.dissect.tools/en/latest/index.html#getting-started).
 ## Installation
 `acquire` is available on [PyPI](https://pypi.org/project/acquire/).
@@ -63,12 +69,12 @@ tox
 ```
 For a more elaborate explanation on how to build and test the project, please see [the
-documentation](https://docs.dissect.tools/en/latest/contributing/developing.html#building-testing).
+documentation](https://docs.dissect.tools/en/latest/contributing/tooling.html).
 ## Contributing
 The Dissect project encourages any contribution to the codebase. To make your contribution fit into the project, please
-refer to [the style guide](https://docs.dissect.tools/en/latest/contributing/style-guide.html).
+refer to [the development guide](https://docs.dissect.tools/en/latest/contributing/developing.html).
 ## Copyright and license

{acquire-3.5.dev8 → acquire-3.6}/acquire.egg-info/SOURCES.txt RENAMED Viewed

@@ -38,10 +38,14 @@ acquire/uploaders/minio.py
 acquire/uploaders/plugin.py
 acquire/uploaders/plugin_registry.py
 tests/__init__.py
+tests/conftest.py
 tests/test_acquire_command.py
 tests/test_collector.py
 tests/test_esxi_memory.py
 tests/test_file_sorting.py
 tests/test_minio_uploader.py
 tests/test_plugin.py
-tests/test_utils.py
+tests/test_utils.py
+tests/docs/Makefile
+tests/docs/conf.py
+tests/docs/index.rst

{acquire-3.5.dev8 → acquire-3.6}/pyproject.toml RENAMED Viewed

@@ -53,5 +53,4 @@ license-files = ["LICENSE", "COPYRIGHT"]
 include = ["acquire", "acquire.*"]
 [tool.setuptools_scm]
-local_scheme = "no-local-version"
 write_to = "acquire/version.py"

acquire-3.6/tests/conftest.py ADDED Viewed

@@ -0,0 +1,30 @@
+from unittest.mock import Mock
+import pytest
+from dissect.target import Target
+from dissect.target.filesystem import VirtualFile, VirtualFilesystem, VirtualSymlink
+@pytest.fixture
+def mock_file() -> Mock:
+    return Mock()
+@pytest.fixture
+def mock_fs(mock_file) -> VirtualFilesystem:
+    fs = VirtualFilesystem(case_sensitive=False)
+    fs.makedirs("/foo/bar")
+    fs.map_file_entry("/foo/bar/some-file", VirtualFile(fs, "some-file", mock_file))
+    fs.map_file_entry("/foo/bar/own-file", VirtualFile(fs, "own-file", mock_file))
+    fs.map_file_entry("/foo/bar/some-symlink", VirtualSymlink(fs, "some-symlink", "/foo/bar/some-file"))
+    fs.map_file_entry("/foo/own-symlink", VirtualSymlink(fs, "own-symlink", "/foo/bar/own-file"))
+    return fs
+@pytest.fixture
+def mock_target(mock_fs) -> Target:
+    target = Target()
+    target.fs.mount("/", mock_fs)
+    target.filesystems.add(mock_fs)
+    target.os = "mock"
+    return target

acquire-3.6/tests/docs/Makefile ADDED Viewed

@@ -0,0 +1,24 @@
+# Minimal makefile for Sphinx documentation
+#
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS    ?= -jauto
+SPHINXBUILD   ?= sphinx-build
+SOURCEDIR     = .
+BUILDDIR      = build
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+.PHONY: clean help Makefile
+clean: Makefile
+	rm -rf api
+	@$(SPHINXBUILD) -M clean "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

acquire-3.6/tests/docs/conf.py ADDED Viewed

@@ -0,0 +1,34 @@
+extensions = [
+    "autoapi.extension",
+    "sphinx.ext.autodoc",
+    "sphinx.ext.autosectionlabel",
+    "sphinx.ext.doctest",
+    "sphinx.ext.napoleon",
+    "sphinx_argparse_cli",
+]
+exclude_patterns = []
+html_theme = "furo"
+autoapi_type = "python"
+autoapi_dirs = ["../../acquire/"]
+autoapi_ignore = ["*tests*", "*.tox*", "*venv*", "*examples*"]
+autoapi_python_use_implicit_namespaces = True
+autoapi_add_toctree_entry = False
+autoapi_root = "api"
+autoapi_options = [
+    "members",
+    "undoc-members",
+    "show-inheritance",
+    "show-module-summary",
+    "special-members",
+    "imported-members",
+]
+autoapi_keep_files = True
+autoapi_template_dir = "_templates/autoapi"
+autodoc_typehints = "signature"
+autodoc_member_order = "groupwise"
+autosectionlabel_prefix_document = True

acquire-3.6/tests/docs/index.rst ADDED Viewed

@@ -0,0 +1,8 @@
+API Reference
+=============
+.. toctree::
+    :maxdepth: 1
+    :glob:
+    /api/*/*/index

{acquire-3.5.dev8 → acquire-3.6}/tests/test_collector.py RENAMED Viewed

@@ -9,7 +9,7 @@ from dissect.target.exceptions import (
     NotASymlinkError,
     SymlinkRecursionError,
 )
-from dissect.target.filesystem import VirtualFile, VirtualFilesystem, VirtualSymlink
+from dissect.target.filesystem import VirtualFilesystem
 from acquire.collector import Collector
@@ -36,28 +36,6 @@ def test_collector() -> None:
         assert not mock_log.info.call_args.args[0] == "- Collecting file %s: Skipped (DEDUP)"
-@pytest.fixture
-def mock_file() -> Mock:
-    return Mock()
-@pytest.fixture
-def mock_fs(mock_file) -> VirtualFilesystem:
-    fs = VirtualFilesystem(case_sensitive=False)
-    fs.makedirs("/foo/bar")
-    fs.map_file_entry("/foo/bar/some-file", VirtualFile(fs, "some-file", mock_file))
-    fs.map_file_entry("/foo/bar/some-symlink", VirtualSymlink(fs, "some-symlink", "/foo/bar/some_file"))
-    return fs
-@pytest.fixture
-def mock_target(mock_fs) -> Target:
-    target = Target()
-    target.fs.mount("/", mock_fs)
-    target.filesystems.add(mock_fs)
-    return target
 @pytest.fixture
 def mock_collector(mock_target) -> Collector:
     collector = Collector(mock_target, Mock())
@@ -106,24 +84,84 @@ def test_collector_collect_path_file(mock_collector) -> None:
 def test_collector_collect_path_symlink(mock_collector) -> None:
     with patch.object(mock_collector, "collect_symlink", autospec=True):
-        mock_collector.collect_path(
-            "/foo/bar/some-symlink",
-            follow=False,
-            seen_paths=MOCK_SEEN_PATHS,
-            module_name=MOCK_MODULE_NAME,
-        )
-        mock_collector.collect_symlink.assert_called()
+        with patch.object(mock_collector, "collect_file", autospec=True):
+            mock_collector.collect_path(
+                "/foo/bar/some-symlink",
+                follow=False,
+                seen_paths=MOCK_SEEN_PATHS,
+                module_name=MOCK_MODULE_NAME,
+            )
+            mock_collector.collect_symlink.assert_called()
+            mock_collector.collect_file.assert_not_called()
 def test_collector_collect_path_symlink_follow(mock_collector) -> None:
     with patch.object(mock_collector, "collect_symlink", autospec=True):
-        mock_collector.collect_path(
+        with patch.object(mock_collector, "collect_file", autospec=True):
+            mock_collector.collect_path(
+                "/foo/bar/some-symlink",
+                follow=True,
+                seen_paths=MOCK_SEEN_PATHS,
+                module_name=MOCK_MODULE_NAME,
+            )
+            mock_collector.collect_symlink.assert_called()
+            mock_collector.collect_file.assert_called()
+@pytest.mark.parametrize(
+    "path, symlink_called, file_called",
+    [
+        (
+            "/foo/bar/own-file",
+            False,
+            False,
+        ),
+        (
+            "/foo/own-symlink",
+            True,
+            False,
+        ),
+        (
+            "/foo/bar/some-file",
+            False,
+            True,
+        ),
+        (
             "/foo/bar/some-symlink",
-            follow=True,
-            seen_paths=MOCK_SEEN_PATHS,
+            True,
+            True,
+        ),
+    ],
+)
+def test_collector_collect_path_skip_list(mock_collector, path, symlink_called, file_called) -> None:
+    with patch.object(mock_collector, "skip_list", new={"/foo/bar/own-file"}):
+        with patch.object(mock_collector, "collect_symlink", autospec=True):
+            with patch.object(mock_collector, "collect_file", autospec=True):
+                mock_collector.collect_path(
+                    path,
+                    follow=True,
+                    seen_paths=MOCK_SEEN_PATHS,
+                    module_name=MOCK_MODULE_NAME,
+                )
+                if symlink_called:
+                    mock_collector.collect_symlink.assert_called()
+                else:
+                    mock_collector.collect_symlink.assert_not_called()
+                if file_called:
+                    mock_collector.collect_file.assert_called()
+                else:
+                    mock_collector.collect_file.assert_not_called()
+def test_collector_collect_glob(mock_collector) -> None:
+    with patch.object(mock_collector, "collect_file", autospec=True):
+        mock_collector.collect_glob(
+            "/foo/bar/*",
             module_name=MOCK_MODULE_NAME,
         )
-        mock_collector.collect_symlink.assert_called()
+        assert len(mock_collector.collect_file.mock_calls) == 3
+        assert mock_collector.collect_file.call_args.kwargs.get("module_name", None) == MOCK_MODULE_NAME
 def test_collector_collect_path_non_existing_file(mock_collector) -> None:

{acquire-3.5.dev8 → acquire-3.6}/tests/test_utils.py RENAMED Viewed

@@ -3,12 +3,14 @@ import pathlib
 from unittest.mock import MagicMock, patch
 import pytest
+from dissect.target import Target
 from acquire.acquire import MODULES, PROFILES
 from acquire.utils import (
     check_and_set_acquire_args,
     check_and_set_log_args,
     create_argument_parser,
+    normalize_path,
 )
@@ -290,3 +292,91 @@ def test_check_and_set_acquire_args_cagent():
     assert args.cagent_key == cagent_key
     assert args.cagent_certificate == cagent_certificate
+@pytest.mark.parametrize(
+    "path, resolve, norm_path, case_sensitive, os",
+    [
+        (
+            pathlib.Path("/foo/bar"),
+            False,
+            "/foo/bar",
+            True,
+            "dummy",
+        ),
+        (
+            pathlib.Path("/foo/BAR"),
+            False,
+            "/foo/bar",
+            False,
+            "dummy",
+        ),
+        (
+            pathlib.Path("/foo/BAR"),
+            False,
+            "/foo/BAR",
+            True,
+            "dummy",
+        ),
+        (
+            pathlib.Path("/foo/../bar"),
+            False,
+            "/foo/../bar",
+            True,
+            "dummy",
+        ),
+        (
+            pathlib.Path("/foo/../foo/bar"),
+            True,
+            "/foo/bar",
+            True,
+            "dummy",
+        ),
+        (
+            pathlib.PureWindowsPath("c:\\foo\\bar"),
+            False,
+            "sysvol/foo/bar",
+            False,
+            "windows",
+        ),
+        (
+            pathlib.PureWindowsPath("C:\\foo\\bar"),
+            False,
+            "sysvol/foo/bar",
+            False,
+            "windows",
+        ),
+        (
+            pathlib.PureWindowsPath("\\??\\C:\\foo\\bar"),
+            False,
+            "sysvol/foo/bar",
+            False,
+            "windows",
+        ),
+        (
+            pathlib.PureWindowsPath("\\??\\c:\\foo\\bar"),
+            False,
+            "sysvol/foo/bar",
+            False,
+            "windows",
+        ),
+        (
+            pathlib.PureWindowsPath("D:\\foo\\bar"),
+            False,
+            "d:/foo/bar",
+            False,
+            "windows",
+        ),
+    ],
+)
+def test_utils_normalize_path(
+    mock_target: Target,
+    path: pathlib.Path,
+    resolve: bool,
+    norm_path: str,
+    case_sensitive: bool,
+    os: str,
+) -> None:
+    with patch.object(mock_target, "os", new=os):
+        with patch.object(mock_target.fs, "_case_sensitive", new=case_sensitive):
+            assert normalize_path(mock_target, path, resolve=resolve) == norm_path

{acquire-3.5.dev8 → acquire-3.6}/tox.ini RENAMED Viewed

@@ -56,3 +56,24 @@ extend-ignore =
     # See https://github.com/PyCQA/pycodestyle/issues/373
     E203,
 statistics = True
+exclude = acquire/version.py
+[testenv:docs-build]
+allowlist_externals = make
+deps =
+    sphinx
+    sphinx-autoapi
+    sphinx_argparse_cli
+    sphinx-copybutton
+    sphinx-design
+    furo
+commands =
+    make -C tests/docs clean
+    make -C tests/docs html
+[testenv:docs-linkcheck]
+allowlist_externals = make
+deps = {[testenv:docs-build]deps}
+commands =
+    make -C tests/docs clean
+    make -C tests/docs linkcheck

acquire-3.5.dev8/acquire/version.py DELETED Viewed

@@ -1,4 +0,0 @@
-# file generated by setuptools_scm
-# don't change, don't track in version control
-__version__ = version = '3.5.dev8'
-__version_tuple__ = version_tuple = (3, 5, 'dev8')