sysidentity

package
v0.0.0-...-9159377 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 19, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PasswdFilePath    = "/etc/passwd"
	ShadowFilePath    = "/etc/shadow"
	GshadowFilePath   = "/etc/gshadow"
	GroupFilePath     = "/etc/group"
	LoginDefsFilePath = "/etc/login.defs"
	SudoersFilePath   = "/etc/sudoers"
	AuthKeysFileName  = "authorized_keys"

	//todo: move to one of the runtime detection packages
	AuthLogFilePath = "/var/log/auth.log"
)
View Source
const (
	HashTypeDES          = "" //yes, it's empty
	HashTypeMD5          = "1"
	HashTypeBlowfish     = "2a"
	HashTypeBcrypt       = "2b"
	HashTypeEksblowfish  = "2y"
	HashTypeSHA256       = "5"
	HashTypeSHA512       = "6"
	HashTypeYescrypt     = "y"
	HashTypeGostYescrypt = "gy"
	HashTypeScrypt       = "7"
)
View Source
const (
	NoPasswordLoginUser    = "!"
	NoPasswordLoginService = "*"
)
View Source
const FieldNotSet = -1
View Source
const (
	HasShadowFileRecord = "x"
)

Variables

View Source
var HashTypes = map[string]string{
	HashTypeDES:          "DES",
	HashTypeMD5:          "MD5",
	HashTypeBlowfish:     "blowfish",
	HashTypeBcrypt:       "bcrypt",
	HashTypeEksblowfish:  "eksblowfish",
	HashTypeSHA256:       "SHA256",
	HashTypeSHA512:       "SHA512",
	HashTypeYescrypt:     "yescrypt",
	HashTypeGostYescrypt: "gost-yescrypt",
	HashTypeScrypt:       "scrypt",
}
View Source
var NoLoginShells = map[string]struct{}{
	"/sbin/nologin":     {},
	"/usr/sbin/nologin": {},
	"/bin/false":        {},
}

Functions

func AlgoNameFromType

func AlgoNameFromType(data string) string

func IsAuthKeyFile

func IsAuthKeyFile(fullPath string) bool

func IsSourceFile

func IsSourceFile(fullPath string) bool

Types

type AuthorizedKeysFileInfo

type AuthorizedKeysFileInfo struct {
	Records []SshKeyRecord `json:"records"`
}

type DataSet

type DataSet struct {
	PasswdFilePath string
	PasswdData     []byte
	ShadowFilePath string
	ShadowData     []byte
	GroupFilePath  string
	GroupData      []byte
	AuthKeysData   map[string][]byte
}

func NewDataSet

func NewDataSet() *DataSet

func (*DataSet) AddData

func (ref *DataSet) AddData(filePath string, data []byte) bool

type DataSource

type DataSource struct {
	FilePath string             `json:"file_path"`
	Metadata DataSourceMetadata `json:"metadata"`
}

type DataSourceMetadata

type DataSourceMetadata struct {
	Sha1Hash string `json:"sha1_hash,omitempty"`
	FileSize int64  `json:"file_size"`
	ModeText string `json:"mode"`
}

type GroupFileInfo

type GroupFileInfo struct {
	Records []GroupRecord `json:"records"`
}

func ReadGroupData

func ReadGroupData(data []byte) (*GroupFileInfo, error)

func ReadGroupFile

func ReadGroupFile(filePath string) (*GroupFileInfo, error)

type GroupInfo

type GroupInfo struct {
	Name     string   `json:"name"`
	ID       int      `json:"id"`
	Members  []string `json:"members"`
	Password string   `json:"password,omitempty"`
}

type GroupRecord

type GroupRecord struct {
	Group      string   `json:"gid"`      //group name
	Password   string   `json:"password"` //password hash, usually empty / unused (actual password hashes are in gshadow)
	GID        int      `json:"gid"`
	MembersRaw string   `json:"members_raw"`
	Members    []string `json:"members"`
	RawData    string   `json:"raw_data"`
}

func ParseGroupRecord

func ParseGroupRecord(line string) (GroupRecord, error)

type PasswdFileInfo

type PasswdFileInfo struct {
	Records []PasswdRecord `json:"records"`
}

func ReadPasswdData

func ReadPasswdData(data []byte) (*PasswdFileInfo, error)

func ReadPasswdFile

func ReadPasswdFile(filePath string) (*PasswdFileInfo, error)

type PasswdRecord

type PasswdRecord struct {
	Username     string `json:"username"`
	Password     string `json:"password"` //password hash, "x" if the actual password hash is in the shadow file
	UID          int    `json:"uid"`
	GID          int    `json:"gid"`
	Info         string `json:"info"`  //additional user identity info / GECOS
	Home         string `json:"home"`  //home directory
	Shell        string `json:"shell"` //shell exected when user logs in
	RawData      string `json:"raw_data"`
	NoLoginShell bool   `json:"no_login_shell"`
}

func ParsePasswdRecord

func ParsePasswdRecord(line string) (PasswdRecord, error)

func (PasswdRecord) UsesShadow

func (ref PasswdRecord) UsesShadow() bool

type PasswordHash

type PasswordHash struct {
	AlgoTypeRaw     string `json:"algo_type_raw,omitempty"`
	AlgoType        string `json:"algo_type,omitempty"`
	AlgoParam       string `json:"algo_param,omitempty"` //encoded (need to decode)
	Salt            string `json:"salt,omitempty"`
	Hash            string `json:"hash,omitempty"`
	NoPasswordLogin bool   `json:"no_password_login"`
}

func NewPasswordHash

func NewPasswordHash(data string) PasswordHash

func (PasswordHash) UsesWeakAlgo

func (ref PasswordHash) UsesWeakAlgo() bool

type Report

type Report struct {
	Users   map[string]*UserInfo  `json:"users"`
	Groups  map[string]*GroupInfo `json:"groups"`
	Sources []*DataSource         `json:"sources"`
}

func NewReportFromData

func NewReportFromData(data *DataSet) (*Report, error)

func (*Report) StringJSONPretty

func (ref *Report) StringJSONPretty() string

type ShadowFileInfo

type ShadowFileInfo struct {
	Records []ShadowRecord `json:"records"`
}

func ReadShadowData

func ReadShadowData(data []byte) (*ShadowFileInfo, error)

func ReadShadowFile

func ReadShadowFile(filePath string) (*ShadowFileInfo, error)

type ShadowRecord

type ShadowRecord struct {
	Username       string
	PasswordRaw    string
	Password       PasswordHash
	LastChangeRaw  int
	LastChangeDate time.Time
	MinimumAge     int
	MaximumAge     int
	WarningPeriod  int
	InactiveDays   int
	ExpirationRaw  int
	ExpirationDate time.Time
	Reserved       string
	RawData        string
}

func ParseShadowRecord

func ParseShadowRecord(line string) (ShadowRecord, error)

func (ShadowRecord) LoginWithoutPassword

func (ref ShadowRecord) LoginWithoutPassword() bool

type SshKeyRecord

type SshKeyRecord struct {
	KeyType      string   `json:"key_type"`
	Key          string   `json:"key"` //base64 encoded
	Comment      string   `json:"comment"`
	Command      string   `json:"command,omitempty"`
	Environments []string `json:"environments,omitempty"`
	OtherOptions []string `json:"other_options,omitempty"`
	RawData      string   `json:"raw_data"`
	FilePath     string   `json:"file_path"`
}

type UserInfo

type UserInfo struct {
	Username       string       `json:"username"`
	PasswdPassword string       `json:"passwd_password"`
	ShadowPassword PasswordHash `json:"shadow_password"`
	UID            int          `json:"uid"`
	GID            int          `json:"gid"`
	ExtraInfo      string       `json:"extra_info"`
	Home           string       `json:"home"`
	Shell          string       `json:"shell"`
	NoLoginShell   bool         `json:"no_login_shell"`

	LastChangeRaw  int       `json:"last_change_raw"`
	LastChangeDate time.Time `json:"last_change_date"`
	MinimumAge     int       `json:"minimum_age"`
	MaximumAge     int       `json:"maximum_age"`
	WarningPeriod  int       `json:"warning_period"`
	InactiveDays   int       `json:"inactive_days"`
	ExpirationRaw  int       `json:"expiration_raw"`
	ExpirationDate time.Time `json:"expiration_date"`

	SshKeys []*SshKeyRecord `json:"ssh_keys,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL