250250
251251import re
252252
253- from salt .exceptions import CommandExecutionError
253+ from hubblestack .exceptions import CommandExecutionError
254254from collections import Counter
255255
256- import hubblestack .extmods . module_runner .comparator
257- from hubblestack .extmods . module_runner .runner import Caller
258- import hubblestack .extmods . module_runner .runner_utils as runner_utils
259- from hubblestack .utils . hubble_error import HubbleCheckValidationError
260- import hubblestack .extmods . hubble_mods .grep as grep_module
256+ import hubblestack .module_runner .comparator
257+ from hubblestack .module_runner .runner import Caller
258+ import hubblestack .module_runner .runner_utils as runner_utils
259+ from hubblestack .exceptions import HubbleCheckValidationError
260+ import hubblestack .audit .grep as grep_module
261261
262262log = logging .getLogger (__name__ )
263263
@@ -424,7 +424,7 @@ def _system_account_non_login(block_id, block_dict, extra_args=None):
424424 if user .strip () != "" :
425425 users_list .append (user .strip ())
426426 result = []
427- cmd = __salt__ ["cmd.run_all" ]('egrep -v "^\+" /etc/passwd ' )
427+ cmd = __mods__ ["cmd.run_all" ]('egrep -v "^\+" /etc/passwd ' )
428428 for line in cmd ['stdout' ].split ('\n ' ):
429429 tokens = line .split (':' )
430430 if tokens [0 ] not in users_list and int (tokens [2 ]) < int (max_system_uid ) and tokens [6 ] not in non_login_shell , "/bin/false" ):
@@ -567,7 +567,7 @@ def _check_directory_files_permission(block_id, block_dict, extra_args=None):
567567 return True if bad_permission_files == [] else str (bad_permission_files )
568568
569569def _compare_file_stats (block_id , path , permission ):
570- path_details = __salt__ ['file.stats' ](path )
570+ path_details = __mods__ ['file.stats' ](path )
571571
572572 comparator_args = {
573573 "type" : "file_permission" ,
@@ -576,7 +576,7 @@ def _compare_file_stats(block_id, path, permission):
576576 }
577577 }
578578
579- ret_status , ret_val = hubblestack .extmods . module_runner .comparator .run (
579+ ret_status , ret_val = hubblestack .module_runner .comparator .run (
580580 block_id , comparator_args , path_details .get ('mode' ))
581581 return True if ret_status else path_details .get ('mode' )
582582
@@ -603,13 +603,13 @@ def _check_service_status(block_id, block_dict, extra_args=None):
603603 service_name = runner_utils .get_param_for_module (block_id , block_dict , 'service_name' )
604604 state = runner_utils .get_param_for_module (block_id , block_dict , 'state' )
605605
606- all_services = __salt__ ['cmd.run' ]('systemctl list-unit-files' )
606+ all_services = __mods__ ['cmd.run' ]('systemctl list-unit-files' )
607607 if re .search (service_name , all_services , re .M ):
608- output = __salt__ ['cmd.retcode' ]('systemctl is-enabled ' + service_name , ignore_retcode = True )
608+ output = __mods__ ['cmd.retcode' ]('systemctl is-enabled ' + service_name , ignore_retcode = True )
609609 if (state == "disabled" and str (output ) == "1" ) or (state == "enabled" and str (output ) == "0" ):
610610 return True
611611 else :
612- return __salt__ ['cmd.run_stdout' ]('systemctl is-enabled ' + service_name , ignore_retcode = True )
612+ return __mods__ ['cmd.run_stdout' ]('systemctl is-enabled ' + service_name , ignore_retcode = True )
613613 else :
614614 if state == "disabled" :
615615 return True
@@ -665,7 +665,7 @@ def _check_users_home_directory_permissions(block_id, block_dict, extra_args=Non
665665 users_list .append (user .strip ())
666666
667667 users_dirs = []
668- cmd = __salt__ ["cmd.run_all" ]('egrep -v "^\+" /etc/passwd ' )
668+ cmd = __mods__ ["cmd.run_all" ]('egrep -v "^\+" /etc/passwd ' )
669669 for line in cmd ['stdout' ].split ('\n ' ):
670670 tokens = line .split (':' )
671671 if tokens [0 ] not in users_list and 'nologin' not in tokens [6 ] and 'false' not in tokens [6 ]:
@@ -712,7 +712,7 @@ def _check_users_own_their_home(block_id, block_dict, extra_args=None):
712712 error += ["Either home directory " + user_uid_dir [2 ] + " of user " + user_uid_dir [0 ] + " is invalid or does not exist." ]
713713 elif int (user_uid_dir [1 ]) >= max_system_uid and user_uid_dir [0 ] != "nfsnobody" and 'nologin' not in user_uid_dir [3 ] \
714714 and 'false' not in user_uid_dir [3 ]:
715- owner = __salt__ ['cmd.run' ]("stat -L -c \" %U\" \" " + user_uid_dir [2 ] + "\" " )
715+ owner = __mods__ ['cmd.run' ]("stat -L -c \" %U\" \" " + user_uid_dir [2 ] + "\" " )
716716 if owner != user_uid_dir [0 ]:
717717 error += ["The home directory " + user_uid_dir [2 ] + " of user " + user_uid_dir [0 ] + " is owned by " + owner ]
718718 else :
@@ -737,7 +737,7 @@ def _check_users_dot_files(block_id, block_dict, extra_args):
737737 dot_files = dot_files .split ('\n ' ) if dot_files != "" else []
738738 for dot_file in dot_files :
739739 if os .path .isfile (dot_file ):
740- path_details = __salt__ ['file.stats' ](dot_file )
740+ path_details = __mods__ ['file.stats' ](dot_file )
741741 given_permission = path_details .get ('mode' )
742742 file_permission = given_permission [- 3 :]
743743 if file_permission [1 ] in ["2" , "3" , "6" , "7" ]:
@@ -1031,7 +1031,7 @@ def _check_sshd_parameters(block_id, block_dict, extra_args=None):
10311031 values = runner_utils .get_param_for_module (block_id , block_dict , 'values' )
10321032 comparetype = runner_utils .get_param_for_module (block_id , block_dict , 'comparetype' , 'regex' )
10331033
1034- output = __salt__ ['cmd.run' ]('sshd -T' )
1034+ output = __mods__ ['cmd.run' ]('sshd -T' )
10351035 if comparetype == 'only' :
10361036 if not values :
10371037 return "You need to provide values for comparetype 'only'."
@@ -1079,5 +1079,5 @@ def _execute_shell_command(cmd, python_shell=False):
10791079 """
10801080 This function will execute passed command in /bin/shell
10811081 """
1082- return __salt__ ['cmd.run' ](cmd , python_shell = python_shell , shell = '/bin/bash' , ignore_retcode = True )
1082+ return __mods__ ['cmd.run' ](cmd , python_shell = python_shell , shell = '/bin/bash' , ignore_retcode = True )
10831083
0 commit comments