From 9a532a4660939603104803601842a66e68ec44f6 Mon Sep 17 00:00:00 2001 From: Chris Cummer Date: Thu, 31 May 2018 17:45:47 -0700 Subject: [PATCH] Clean up the Linux security code a bit --- security/dns.go | 36 +++++++++++++--------- security/firewall.go | 44 +++++++++++++-------------- security/users.go | 71 ++++++++++++++++++++++++-------------------- security/widget.go | 6 ++-- security/wifi.go | 65 +++++++++++++++++++++------------------- 5 files changed, 120 insertions(+), 102 deletions(-) diff --git a/security/dns.go b/security/dns.go index 343ddd94..7360d801 100644 --- a/security/dns.go +++ b/security/dns.go @@ -8,12 +8,30 @@ import ( "github.com/senorprogrammer/wtf/wtf" ) +/* -------------------- Exported Functions -------------------- */ + +func DnsServers() []string { + switch runtime.GOOS { + case "linux": + return dnsLinux() + case "darwin": + return dnsMacOS() + default: + return []string{runtime.GOOS} + } +} + +/* -------------------- Unexported Functions -------------------- */ + func dnsLinux() []string { // This may be very Ubuntu specific cmd := exec.Command("nmcli", "device", "show") out := wtf.ExecuteCommand(cmd) + lines := strings.Split(out, "\n") + dns := []string{} + for _, l := range lines { if strings.HasPrefix(l, "IP4.DNS") { parts := strings.Split(l, ":") @@ -26,22 +44,12 @@ func dnsLinux() []string { func dnsMacOS() []string { cmd := exec.Command("networksetup", "-getdnsservers", "Wi-Fi") out := wtf.ExecuteCommand(cmd) - records := strings.Split(out, "\n") - if len(records) > 0 { - return records + lines := strings.Split(out, "\n") + + if len(lines) > 0 { + return lines } else { return []string{} } } - -func DnsServers() []string { - switch runtime.GOOS { - case "linux": - return dnsLinux() - case "darwin": - return dnsMacOS() - default: - return []string{runtime.GOOS} - } -} diff --git a/security/firewall.go b/security/firewall.go index 507103cc..5867e983 100644 --- a/security/firewall.go +++ b/security/firewall.go @@ -12,17 +12,6 @@ const osxFirewallCmd = "/usr/libexec/ApplicationFirewall/socketfilterfw" /* -------------------- Exported Functions -------------------- */ -func firewallStateLinux() string { - return "[red]NA[white]" -} - -func firewallStateMacOS() string { - cmd := exec.Command(osxFirewallCmd, "--getglobalstate") - str := wtf.ExecuteCommand(cmd) - - return status(str) -} - func FirewallState() string { switch runtime.GOOS { case "linux": @@ -34,17 +23,6 @@ func FirewallState() string { } } -func firewallStealthStateLinux() string { - return "[red]NA[white]" -} - -func firewallStealthStateMacOS() string { - cmd := exec.Command(osxFirewallCmd, "--getstealthmode") - str := wtf.ExecuteCommand(cmd) - - return status(str) -} - func FirewallStealthState() string { switch runtime.GOOS { case "linux": @@ -58,6 +36,28 @@ func FirewallStealthState() string { /* -------------------- Unexported Functions -------------------- */ +func firewallStateLinux() string { + return "[red]NA[white]" +} + +func firewallStateMacOS() string { + cmd := exec.Command(osxFirewallCmd, "--getglobalstate") + str := wtf.ExecuteCommand(cmd) + + return status(str) +} + +func firewallStealthStateLinux() string { + return "[red]NA[white]" +} + +func firewallStealthStateMacOS() string { + cmd := exec.Command(osxFirewallCmd, "--getstealthmode") + str := wtf.ExecuteCommand(cmd) + + return status(str) +} + func status(str string) string { icon := "[red]off[white]" diff --git a/security/users.go b/security/users.go index 75b3cc2c..9bcab534 100644 --- a/security/users.go +++ b/security/users.go @@ -1,5 +1,7 @@ package security +// http://applehelpwriter.com/2017/05/21/how-to-reveal-hidden-users/ + import ( "os/exec" "runtime" @@ -8,38 +10,7 @@ import ( "github.com/senorprogrammer/wtf/wtf" ) -func loggedInUsersLinux() []string { - cmd := exec.Command("who", "-us") - users := wtf.ExecuteCommand(cmd) - - cleaned := []string{} - for _, u := range strings.Split(users, "\n") { - clean := true - col := strings.Split(u, " ") - if len(col) > 0 { - for _, cleanedU := range cleaned { - if strings.Compare(cleanedU, col[0]) == 0 { - clean = false - } - } - if clean { - cleaned = append(cleaned, col[0]) - } - } - - } - - return cleaned -} - -func loggedInUsersMacOs() []string { - cmd := exec.Command("dscl", []string{".", "-list", "/Users"}...) - users := wtf.ExecuteCommand(cmd) - - return cleanUsers(strings.Split(users, "\n")) -} - -// http://applehelpwriter.com/2017/05/21/how-to-reveal-hidden-users/ +/* -------------------- Exported Functions -------------------- */ func LoggedInUsers() []string { switch runtime.GOOS { @@ -52,6 +23,8 @@ func LoggedInUsers() []string { } } +/* -------------------- Unexported Functions -------------------- */ + func cleanUsers(users []string) []string { rejects := []string{"_", "root", "nobody", "daemon", "Guest"} cleaned := []string{} @@ -73,3 +46,37 @@ func cleanUsers(users []string) []string { return cleaned } + +func loggedInUsersLinux() []string { + cmd := exec.Command("who", "-us") + users := wtf.ExecuteCommand(cmd) + + cleaned := []string{} + + for _, user := range strings.Split(users, "\n") { + clean := true + col := strings.Split(user, " ") + + if len(col) > 0 { + for _, cleanedU := range cleaned { + if strings.Compare(cleanedU, col[0]) == 0 { + clean = false + } + } + + if clean { + cleaned = append(cleaned, col[0]) + } + } + + } + + return cleaned +} + +func loggedInUsersMacOs() []string { + cmd := exec.Command("dscl", []string{".", "-list", "/Users"}...) + users := wtf.ExecuteCommand(cmd) + + return cleanUsers(strings.Split(users, "\n")) +} diff --git a/security/widget.go b/security/widget.go index 37653640..7ad2d5bb 100644 --- a/security/widget.go +++ b/security/widget.go @@ -46,9 +46,9 @@ func (widget *Widget) contentFrom(data *SecurityData) string { str = str + fmt.Sprintf(" %8s: %s\n", "Network", data.WifiName) str = str + fmt.Sprintf(" %8s: %s\n", "Crypto", data.WifiEncryption) str = str + "\n" - str = str + " [red]Firewall[white] [red]DNS[white]\n" - str = str + fmt.Sprintf(" %8s: %4s %12s\n", "Enabled", data.FirewallEnabled, data.DnsAt(0)) - str = str + fmt.Sprintf(" %8s: %4s %12s\n", "Stealth", data.FirewallStealth, data.DnsAt(1)) + str = str + " [red]Firewall[white] [red]DNS[white]\n" + str = str + fmt.Sprintf(" %8s: %4s %-16s\n", "Enabled", data.FirewallEnabled, data.DnsAt(0)) + str = str + fmt.Sprintf(" %8s: %4s %-16s\n", "Stealth", data.FirewallStealth, data.DnsAt(1)) str = str + "\n" str = str + " [red]Users[white]\n" str = str + fmt.Sprintf(" %s", strings.Join(data.LoggedInUsers, ", ")) diff --git a/security/wifi.go b/security/wifi.go index 47c31fae..30b75767 100644 --- a/security/wifi.go +++ b/security/wifi.go @@ -13,47 +13,17 @@ const osxWifiArg = "-I" /* -------------------- Exported Functions -------------------- */ -func wifiEncryptionLinux() string { - cmd := exec.Command("nmcli", "-t", "-f", "active,security", "dev", "wifi") - out := wtf.ExecuteCommand(cmd) - name := wtf.FindMatch(`yes:(.+)`, out) - if len(name) > 0 { - return name[0][1] - } - return "" -} - -func wifkEncryptionMacOS() string { - name := wtf.FindMatch(`s*auth: (.+)s*`, wifiInfo()) - return matchStr(name) -} - func WifiEncryption() string { switch runtime.GOOS { case "linux": return wifiEncryptionLinux() case "darwin": - return wifkEncryptionMacOS() + return wifiEncryptionMacOS() default: return "" } } -func wifiNameMacOS() string { - name := wtf.FindMatch(`s*SSID: (.+)s*`, wifiInfo()) - return matchStr(name) -} - -func wifiNameLinux() string { - cmd := exec.Command("nmcli", "-t", "-f", "active,ssid", "dev", "wifi") - out := wtf.ExecuteCommand(cmd) - name := wtf.FindMatch(`yes:(.+)`, out) - if len(name) > 0 { - return name[0][1] - } - return "" -} - func WifiName() string { switch runtime.GOOS { case "linux": @@ -67,11 +37,44 @@ func WifiName() string { /* -------------------- Unexported Functions -------------------- */ +func wifiEncryptionLinux() string { + cmd := exec.Command("nmcli", "-t", "-f", "active,security", "dev", "wifi") + out := wtf.ExecuteCommand(cmd) + + name := wtf.FindMatch(`yes:(.+)`, out) + + if len(name) > 0 { + return name[0][1] + } + + return "" +} + +func wifiEncryptionMacOS() string { + name := wtf.FindMatch(`s*auth: (.+)s*`, wifiInfo()) + return matchStr(name) +} + func wifiInfo() string { cmd := exec.Command(osxWifiCmd, osxWifiArg) return wtf.ExecuteCommand(cmd) } +func wifiNameLinux() string { + cmd := exec.Command("nmcli", "-t", "-f", "active,ssid", "dev", "wifi") + out := wtf.ExecuteCommand(cmd) + name := wtf.FindMatch(`yes:(.+)`, out) + if len(name) > 0 { + return name[0][1] + } + return "" +} + +func wifiNameMacOS() string { + name := wtf.FindMatch(`s*SSID: (.+)s*`, wifiInfo()) + return matchStr(name) +} + func matchStr(data [][]string) string { if len(data) <= 1 { return ""