Class: Pipeline::FIM
Instance Attribute Summary
Attributes inherited from BaseTask
#appname, #description, #findings, #labels, #name, #stage, #trigger, #warnings
Instance Method Summary collapse
- #analyze ⇒ Object
-
#initialize(trigger, tracker) ⇒ FIM
constructor
A new instance of FIM.
- #run ⇒ Object
- #supported? ⇒ Boolean
Methods inherited from BaseTask
#directories_with?, #report, #severity, #warn
Constructor Details
#initialize(trigger, tracker) ⇒ FIM
Returns a new instance of FIM.
10 11 12 13 14 15 16 17 |
# File 'lib/pipeline/tasks/fim.rb', line 10 def initialize(trigger, tracker) super(trigger,tracker) @name = "FIM" @description = "File integrity monitor" @stage = :file @result = '' @labels << "filesystem" end |
Instance Method Details
#analyze ⇒ Object
46 47 48 49 50 51 52 53 |
# File 'lib/pipeline/tasks/fim.rb', line 46 def analyze list = @result.split(/\n/) list.each do |v| # v.slice! installdir Pipeline.notify v report "File changed.", v, @name, :low end end |
#run ⇒ Object
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# File 'lib/pipeline/tasks/fim.rb', line 19 def run rootpath = @trigger.path if File.exists?("/area81/tmp/#{rootpath}/filehash") Pipeline.notify "File Hashes found, comparing to file system" cmd="hashdeep -j99 -r -a -vv -k /area81/tmp/#{rootpath}/filehash #{rootpath}" # Ugly stdout parsing r=/(.*): No match/ Open3.popen3(cmd) do |stdin, stdout, stderr, wait_thr| while line = stdout.gets if line.match r @result << line end end end else Pipeline.notify "No existing baseline - generating initial hashes" cmd="mkdir -p /area81/tmp/#{rootpath}; hashdeep -j99 -r #{rootpath} > /area81/tmp/#{rootpath}/filehash" Open3.popen3(cmd) do |stdin, stdout, stderr, wait_thr| while line = stdout.gets puts "." end end @result = '' end end |
#supported? ⇒ Boolean
55 56 57 58 |
# File 'lib/pipeline/tasks/fim.rb', line 55 def supported? # In future, verify tool is available. return true end |