mirror of
https://github.com/Rushilwiz/SkoolOS.git
synced 2025-04-09 15:00:21 -04:00
175 lines
5.4 KiB
Python
175 lines
5.4 KiB
Python
"""
|
|
A simple background service to log events in a directory,
|
|
check for git commands in bash/zsh history,
|
|
and check for non-whitelisted files in the watched directory.
|
|
"""
|
|
import time
|
|
import sys
|
|
import os
|
|
import pyinotify
|
|
from . import checker
|
|
from pathlib import Path
|
|
|
|
|
|
class EventHandler(pyinotify.ProcessEvent):
|
|
"""
|
|
Custom event handler for watching a SkoolOS work directory
|
|
"""
|
|
_methods = [
|
|
"IN_CREATE",
|
|
"IN_CLOSE_WRITE",
|
|
"IN_DELETE",
|
|
"IN_MOVED_TO",
|
|
"IN_MOVED_FROM",
|
|
"IN_OPEN",
|
|
]
|
|
|
|
def process_IN_CREATE(self, event):
|
|
"""
|
|
Generates an output to record for IN_CREATE events
|
|
param event: event automatically passed to function
|
|
return: none
|
|
"""
|
|
description = \
|
|
"Event: Created file\n" \
|
|
"Event Path: {}\n" \
|
|
"Timestamp: {}\n".format(
|
|
event.pathname,
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime())
|
|
)
|
|
print(description)
|
|
|
|
def process_IN_CLOSE_WRITE(self, event):
|
|
"""
|
|
Generates an output to record for IN_CLOSE_WRITE events
|
|
param event: event automatically passed to function
|
|
return: none
|
|
"""
|
|
description = \
|
|
"Event: Wrote to a file\n" \
|
|
"Event Path: {}\n" \
|
|
"Timestamp: {}\n".format(
|
|
event.pathname,
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime())
|
|
)
|
|
print(description)
|
|
|
|
def process_IN_DELETE(self, event):
|
|
"""
|
|
Generates an output to record for IN_DELETE events
|
|
param event: event automatically passed to function
|
|
return: none
|
|
"""
|
|
description = \
|
|
"Event: Deleted file\n" \
|
|
"Event Path: {}\n" \
|
|
"Timestamp: {}\n".format(
|
|
event.pathname,
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime())
|
|
)
|
|
print(description)
|
|
|
|
def process_IN_MOVED_TO(self, event):
|
|
"""
|
|
Generates an output to record for IN_MOVED_TO events
|
|
param event: event automatically passed to function
|
|
return: none
|
|
"""
|
|
description = \
|
|
"Event: Moved a file in\n" \
|
|
"Event Path: {}\n" \
|
|
"Timestamp: {}\n".format(
|
|
event.pathname,
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime())
|
|
)
|
|
print(description)
|
|
|
|
def process_IN_MOVED_FROM(self, event):
|
|
"""
|
|
Generates an output to record for IN_MOVED_FROM events
|
|
param event: event automatically passed to function
|
|
return: none
|
|
"""
|
|
description = \
|
|
"Event: Moved a file out\n" \
|
|
"Event Path: {}\n" \
|
|
"Timestamp: {}\n".format(
|
|
event.pathname,
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime())
|
|
)
|
|
print(description)
|
|
|
|
def process_IN_OPEN(self, event):
|
|
"""
|
|
Generates an output to record for IN_OPEN events
|
|
param event: event automatically passed to function
|
|
return: none
|
|
"""
|
|
description = \
|
|
"Event: Opened file\n" \
|
|
"Event Path: {}\n" \
|
|
"Timestamp: {}\n".format(
|
|
event.pathname,
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime())
|
|
)
|
|
print(description)
|
|
|
|
|
|
NOTIFIER = None
|
|
STDOUT = sys.stdout
|
|
DIR = None
|
|
START_TIME = None
|
|
|
|
|
|
def watch_dir(watched_dir=str(Path.home()), log_dir="SkoolOS/logs"):
|
|
"""
|
|
Watches the specified directory for changes and outputs it in
|
|
human readable format to a log file in the specified log directory.
|
|
param watched_dir: directory to watch for changes
|
|
param log_dir: directory to store log files
|
|
return: none
|
|
"""
|
|
global DIR
|
|
global START_TIME
|
|
global NOTIFIER
|
|
DIR = watched_dir
|
|
if not os.path.exists(log_dir):
|
|
os.makedirs(log_dir)
|
|
logfile = open(
|
|
log_dir + "/skoolos_" +
|
|
time.strftime("%m%d%Y-%H%M%S", time.localtime()), 'w')
|
|
START_TIME = time.time()
|
|
wm = pyinotify.WatchManager()
|
|
mask = pyinotify.IN_CREATE | pyinotify.IN_CLOSE_WRITE | pyinotify.IN_DELETE | \
|
|
pyinotify.IN_MOVED_TO | pyinotify.IN_MOVED_FROM | pyinotify.IN_OPEN
|
|
NOTIFIER = pyinotify.ThreadedNotifier(wm, EventHandler())
|
|
NOTIFIER.start()
|
|
sys.stdout = open("/dev/null", 'w')
|
|
wm.add_watch(watched_dir, mask, rec=True)
|
|
time.sleep(1)
|
|
sys.stdout = logfile
|
|
print("Start time: " +
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime()) + "\n")
|
|
|
|
|
|
def stop_watching():
|
|
"""
|
|
Stops the watch started by watch_dir()
|
|
return: none
|
|
"""
|
|
NOTIFIER.stop()
|
|
now = time.time()
|
|
print("End time: " +
|
|
time.strftime("%A, %B %d, %Y %H:%M:%S", time.localtime()))
|
|
print("\nTotal work time: " +
|
|
time.strftime("%H:%M:%S", time.gmtime(now - START_TIME)))
|
|
print("\n" + checker.shell_check())
|
|
suspicious_files = checker.file_check(DIR)
|
|
if suspicious_files != []:
|
|
print(
|
|
"\n\n--------------------------------------------------\n\n\n" +
|
|
"WARNING: One or more file did not have file extensions that are acceptable.\n"
|
|
+ "The paths to these files are listed below:\n")
|
|
print(*suspicious_files, sep='\n')
|
|
sys.stdout = STDOUT
|