2011-10-07 19:47:50 +00:00
|
|
|
# emacs: -*- mode: python; py-indent-offset: 4; indent-tabs-mode: t -*-
|
|
|
|
# vi: set ft=python sts=4 ts=4 sw=4 noet :
|
|
|
|
|
2004-10-14 10:38:22 +00:00
|
|
|
# This file is part of Fail2Ban.
|
|
|
|
#
|
|
|
|
# Fail2Ban is free software; you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# Fail2Ban is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with Fail2Ban; if not, write to the Free Software
|
2011-11-21 12:20:20 +00:00
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
2004-10-14 10:38:22 +00:00
|
|
|
|
|
|
|
# Author: Cyril Jaquier
|
2007-09-12 21:38:51 +00:00
|
|
|
# Modified by: Yaroslav Halchenko (SafeConfigParserWithIncludes)
|
2006-07-16 22:21:58 +00:00
|
|
|
# $Revision$
|
2004-10-14 10:38:22 +00:00
|
|
|
|
|
|
|
__author__ = "Cyril Jaquier"
|
2006-07-16 22:21:58 +00:00
|
|
|
__version__ = "$Revision$"
|
|
|
|
__date__ = "$Date$"
|
2004-10-14 10:38:22 +00:00
|
|
|
__copyright__ = "Copyright (c) 2004 Cyril Jaquier"
|
|
|
|
__license__ = "GPL"
|
|
|
|
|
2013-02-17 22:03:23 +00:00
|
|
|
import glob, logging, os
|
2007-09-12 21:38:51 +00:00
|
|
|
from configparserinc import SafeConfigParserWithIncludes
|
2006-10-24 19:40:51 +00:00
|
|
|
from ConfigParser import NoOptionError, NoSectionError
|
2005-02-18 13:30:54 +00:00
|
|
|
|
2005-11-20 17:07:47 +00:00
|
|
|
# Gets the instance of the logger.
|
2006-06-26 20:05:00 +00:00
|
|
|
logSys = logging.getLogger("fail2ban.client.config")
|
2005-11-20 17:07:47 +00:00
|
|
|
|
2007-09-12 21:38:51 +00:00
|
|
|
class ConfigReader(SafeConfigParserWithIncludes):
|
2013-02-17 22:03:23 +00:00
|
|
|
|
|
|
|
DEFAULT_BASEDIR = '/etc/fail2ban'
|
2006-06-26 20:05:00 +00:00
|
|
|
|
2013-02-17 22:03:23 +00:00
|
|
|
def __init__(self, basedir=None):
|
2008-03-04 00:17:56 +00:00
|
|
|
SafeConfigParserWithIncludes.__init__(self)
|
2013-02-17 22:03:23 +00:00
|
|
|
self.setBaseDir(basedir)
|
2006-09-19 20:38:32 +00:00
|
|
|
self.__opts = None
|
2006-06-26 20:05:00 +00:00
|
|
|
|
2013-02-17 22:03:23 +00:00
|
|
|
def setBaseDir(self, basedir):
|
|
|
|
if basedir is None:
|
|
|
|
basedir = ConfigReader.DEFAULT_BASEDIR # stock system location
|
|
|
|
if not (os.path.exists(basedir) and os.access(basedir, os.R_OK | os.X_OK)):
|
|
|
|
raise ValueError("Base configuration directory %s either does not exist "
|
|
|
|
"or is not accessible" % basedir)
|
|
|
|
self._basedir = basedir.rstrip('/')
|
|
|
|
|
|
|
|
def getBaseDir(self):
|
|
|
|
return self._basedir
|
2005-02-18 21:48:34 +00:00
|
|
|
|
2006-09-27 21:01:31 +00:00
|
|
|
def read(self, filename):
|
2013-02-17 22:03:23 +00:00
|
|
|
basename = os.path.join(self._basedir, filename)
|
2013-02-17 22:19:09 +00:00
|
|
|
logSys.debug("Reading configs for %s under %s " % (basename, self._basedir))
|
2013-02-17 22:03:23 +00:00
|
|
|
config_files = [ basename + ".conf",
|
|
|
|
basename + ".local" ]
|
|
|
|
|
|
|
|
# choose only existing ones
|
|
|
|
config_files = filter(os.path.exists, config_files)
|
|
|
|
|
|
|
|
# possible further customizations under a .conf.d directory
|
|
|
|
config_dir = basename + '.d'
|
|
|
|
if os.path.exists(config_dir):
|
|
|
|
if os.path.isdir(config_dir) and os.access(config_dir, os.X_OK | os.R_OK):
|
|
|
|
# files must carry .conf suffix as well
|
|
|
|
config_files += sorted(glob.glob('%s/*.conf' % config_dir))
|
|
|
|
else:
|
|
|
|
logSys.warn("%s exists but not a directory or not accessible"
|
|
|
|
% config_dir)
|
|
|
|
|
|
|
|
# check if files are accessible, warn if any is not accessible
|
|
|
|
# and remove it from the list
|
|
|
|
config_files_accessible = []
|
|
|
|
for f in config_files:
|
|
|
|
if os.access(f, os.R_OK):
|
|
|
|
config_files_accessible.append(f)
|
|
|
|
else:
|
|
|
|
logSys.warn("%s exists but not accessible - skipping" % f)
|
|
|
|
|
|
|
|
if len(config_files_accessible):
|
|
|
|
# at least one config exists and accessible
|
|
|
|
SafeConfigParserWithIncludes.read(self, config_files_accessible)
|
2006-09-07 21:00:44 +00:00
|
|
|
return True
|
|
|
|
else:
|
2013-02-17 22:03:23 +00:00
|
|
|
logSys.error("Found no accessible config files for %r " % filename
|
2013-02-17 22:19:09 +00:00
|
|
|
+ (["under %s" % self.getBaseDir(),
|
2013-02-17 22:03:23 +00:00
|
|
|
"among existing ones: " + ', '.join(config_files)][bool(len(config_files))]))
|
|
|
|
|
2006-09-07 21:00:44 +00:00
|
|
|
return False
|
2013-02-17 22:03:23 +00:00
|
|
|
|
2006-06-26 20:05:00 +00:00
|
|
|
##
|
|
|
|
# Read the options.
|
|
|
|
#
|
|
|
|
# Read the given option in the configuration file. Default values
|
|
|
|
# are used...
|
2005-11-20 17:07:47 +00:00
|
|
|
# Each optionValues entry is composed of an array with:
|
|
|
|
# 0 -> the type of the option
|
|
|
|
# 1 -> the name of the option
|
|
|
|
# 2 -> the default value for the option
|
2006-11-12 14:52:36 +00:00
|
|
|
|
2006-06-26 20:05:00 +00:00
|
|
|
def getOptions(self, sec, options, pOptions = None):
|
2005-02-18 21:48:34 +00:00
|
|
|
values = dict()
|
2005-11-20 17:07:47 +00:00
|
|
|
for option in options:
|
2005-02-18 21:48:34 +00:00
|
|
|
try:
|
2005-02-22 21:10:08 +00:00
|
|
|
if option[0] == "bool":
|
2006-06-26 20:05:00 +00:00
|
|
|
v = self.getboolean(sec, option[1])
|
2005-02-22 21:10:08 +00:00
|
|
|
elif option[0] == "int":
|
2006-06-26 20:05:00 +00:00
|
|
|
v = self.getint(sec, option[1])
|
2005-02-22 21:10:08 +00:00
|
|
|
else:
|
2006-06-26 20:05:00 +00:00
|
|
|
v = self.get(sec, option[1])
|
|
|
|
if not pOptions == None and option[1] in pOptions:
|
|
|
|
continue
|
2005-02-22 21:10:08 +00:00
|
|
|
values[option[1]] = v
|
2006-08-22 21:59:51 +00:00
|
|
|
except NoSectionError, e:
|
|
|
|
# No "Definition" section or wrong basedir
|
|
|
|
logSys.error(e)
|
2006-10-18 20:10:18 +00:00
|
|
|
values[option[1]] = option[2]
|
2005-02-18 21:48:34 +00:00
|
|
|
except NoOptionError:
|
2006-06-26 20:05:00 +00:00
|
|
|
if not option[2] == None:
|
2013-03-26 03:59:42 +00:00
|
|
|
logSys.warn("'%s' not defined in '%s'. Using default one: %r"
|
|
|
|
% (option[1], sec, option[2]))
|
2006-06-26 20:05:00 +00:00
|
|
|
values[option[1]] = option[2]
|
2005-11-20 17:07:47 +00:00
|
|
|
except ValueError:
|
|
|
|
logSys.warn("Wrong value for '" + option[1] + "' in '" + sec +
|
|
|
|
"'. Using default one: '" + `option[2]` + "'")
|
2005-02-23 17:47:30 +00:00
|
|
|
values[option[1]] = option[2]
|
2006-09-19 20:38:32 +00:00
|
|
|
return values
|