[scpubgit/System-Introspector.git] / lib / System / Introspector / Probe / Users.pm

package System::Introspector::Probe::Users;
use Moo;

use System::Introspector::Util qw(
    handle_from_command
    transform_exceptions
    output_from_file
    output_from_command
    files_from_dir
    handle_from_file
);

has passwd_file => (is => 'ro', default => sub { '/etc/passwd' });

sub gather {
    my ($self) = @_;
    return transform_exceptions {
        my $fh = $self->_open_passwd_fh;
        my %user;
        while (defined( my $line = <$fh> )) {
            my $data = $self->_deparse_htpasswd_line($line);
            my $user = $data->{username};
            my $home = $data->{home};
            $data->{groups} = transform_exceptions {
                $self->_gather_user_groups($user);
            };
            $data->{ssh}{keys} = transform_exceptions {
                $self->_gather_ssh_keys($user, $home);
            };
            $data->{crontab} = transform_exceptions {
                $self->_gather_crontab($user);
            };
            $user{ $data->{username} } = $data;
        }
        return { users => \%user };
    };
}

sub _gather_crontab {
    my ($self, $user) = @_;
    my ($out, $err, $ok) = output_from_command
        ['crontab', '-u', $user, '-l'];
    unless ($ok) {
        return {}
            if $err =~ m{^no crontab}i;
        return { __error__ => $err };
    }
    return { body => $out };
}

sub _gather_ssh_keys {
    my ($self, $user, $home) = @_;
    my $ssh_dir = "$home/.ssh";
    my $ssh_authkeys = "$ssh_dir/authorized_keys";
    return {
        files => {},
        authorized => { file_name => $ssh_authkeys, body => '' }
    } unless -d $ssh_dir;
    my %key;
    for my $item (files_from_dir $ssh_dir) {
        next unless $item =~ m{\.pub$};
        $key{ $item } = transform_exceptions {
            return {
                file_name => "$ssh_dir/$item",
                body => scalar output_from_file "$ssh_dir/$item",
            };
        };
    }
    my $auth_keys = (-e $ssh_authkeys) ? (transform_exceptions {
        return {
            file_name => $ssh_authkeys,
            body => scalar output_from_file $ssh_authkeys,
        };
    }) : { file_name => $ssh_authkeys, body => '' };
    return { files => \%key, authorized => $auth_keys };
}

sub _gather_user_groups {
    my ($self, $user) = @_;
    my $groups = output_from_command [groups => $user];
    chomp $groups;
    $groups =~ s{^ .* : \s* }{}x;
    return [split m{\s+}, $groups];
}

sub _deparse_htpasswd_line {
    my ($self, $line) = @_;
    chomp $line;
    my %value;
    @value{qw( username uid gid comment home shell )}
        = (split m{:}, $line)[0, 2..6];
    return \%value;
}

sub _open_passwd_fh {
    my ($self) = @_;
    return handle_from_file $self->passwd_file;
}

1;

__END__

=head1 NAME

System::Introspector::Probe::Users - Gather user information

=head1 DESCRIPTION

Gathers information for all users in C</etc/passwd>, including cronjobs and
installed SSH public keys.

=head1 SEE ALSO

=over

=item L<System::Introspector>

=back

=head1 COPYRIGHT

Copyright (c) 2012 the L<System::Introspector>
L<AUTHOR|System::Introspector/AUTHOR>,
L<CONTRIBUTORS|System::Introspector/CONTRIBUTORS> and
L<SPONSORS|System::Introspector/SPONSORS>.

=head1 LICENSE

This library is free software and may be distributed under the same terms
as perl itself.

=cut
Commit	Line	Data
afd7c030	1	package System::Introspector::Probe::Users;
610f74e8	2	use Moo;
a4e48221	3
	4	use System::Introspector::Util qw(
	5	handle_from_command
	6	transform_exceptions
	7	output_from_file
	8	output_from_command
	9	files_from_dir
	10	handle_from_file
	11	);
610f74e8	12
a39ee88f	13	has passwd_file => (is => 'ro', default => sub { '/etc/passwd' });
a39ee88f	14
610f74e8	15	sub gather {
610f74e8	16	my ($self) = @_;
a4e48221	17	return transform_exceptions {
	18	my $fh = $self->_open_passwd_fh;
	19	my %user;
	20	while (defined( my $line = <$fh> )) {
	21	my $data = $self->_deparse_htpasswd_line($line);
	22	my $user = $data->{username};
	23	my $home = $data->{home};
	24	$data->{groups} = transform_exceptions {
	25	$self->_gather_user_groups($user);
	26	};
	27	$data->{ssh}{keys} = transform_exceptions {
	28	$self->_gather_ssh_keys($user, $home);
	29	};
	30	$data->{crontab} = transform_exceptions {
	31	$self->_gather_crontab($user);
	32	};
386a00c7	33	$user{ $data->{username} } = $data;
a4e48221	34	}
	35	return { users => \%user };
	36	};
610f74e8	37	}
	38
	39	sub _gather_crontab {
	40	my ($self, $user) = @_;
a4e48221	41	my ($out, $err, $ok) = output_from_command
	42	['crontab', '-u', $user, '-l'];
	43	unless ($ok) {
610f74e8	44	return {}
610f74e8	45	if $err =~ m{^no crontab}i;
8b69d66e	46	return { __error__ => $err };
610f74e8	47	}
	48	return { body => $out };
	49	}
	50
	51	sub _gather_ssh_keys {
	52	my ($self, $user, $home) = @_;
95c7aba8	53	my $ssh_dir = "$home/.ssh";
82d8f33c	54	my $ssh_authkeys = "$ssh_dir/authorized_keys";
95c7aba8	55	return {
95c7aba8	56	files => {},
82d8f33c	57	authorized => { file_name => $ssh_authkeys, body => '' }
95c7aba8	58	} unless -d $ssh_dir;
610f74e8	59	my %key;
a4e48221	60	for my $item (files_from_dir $ssh_dir) {
610f74e8	61	next unless $item =~ m{\.pub$};
a4e48221	62	$key{ $item } = transform_exceptions {
a4e48221	63	return {
95c7aba8	64	file_name => "$ssh_dir/$item",
a4e48221	65	body => scalar output_from_file "$ssh_dir/$item",
	66	};
	67	};
610f74e8	68	}
82d8f33c	69	my $auth_keys = (-e $ssh_authkeys) ? (transform_exceptions {
95c7aba8	70	return {
82d8f33c	71	file_name => $ssh_authkeys,
82d8f33c	72	body => scalar output_from_file $ssh_authkeys,
95c7aba8	73	};
82d8f33c	74	}) : { file_name => $ssh_authkeys, body => '' };
95c7aba8	75	return { files => \%key, authorized => $auth_keys };
610f74e8	76	}
	77
	78	sub _gather_user_groups {
	79	my ($self, $user) = @_;
d2180c8c	80	my $groups = output_from_command [groups => $user];
09a9d49a	81	chomp $groups;
09a9d49a	82	$groups =~ s{^ .* : \s* }{}x;
1b608727	83	return [split m{\s+}, $groups];
610f74e8	84	}
	85
	86	sub _deparse_htpasswd_line {
	87	my ($self, $line) = @_;
	88	chomp $line;
	89	my %value;
	90	@value{qw( username uid gid comment home shell )}
	91	= (split m{:}, $line)[0, 2..6];
	92	return \%value;
	93	}
	94
	95	sub _open_passwd_fh {
	96	my ($self) = @_;
a39ee88f	97	return handle_from_file $self->passwd_file;
610f74e8	98	}
	99
	100	1;
535e84b6	101
	102	__END__
	103
	104	=head1 NAME
	105
f24afb0e	106	System::Introspector::Probe::Users - Gather user information
535e84b6	107
	108	=head1 DESCRIPTION
	109
	110	Gathers information for all users in C</etc/passwd>, including cronjobs and
	111	installed SSH public keys.
	112
	113	=head1 SEE ALSO
	114
	115	=over
	116
	117	=item L<System::Introspector>
	118
	119	=back
	120
f24afb0e	121	=head1 COPYRIGHT
	122
	123	Copyright (c) 2012 the L<System::Introspector>
	124	L<AUTHOR\|System::Introspector/AUTHOR>,
	125	L<CONTRIBUTORS\|System::Introspector/CONTRIBUTORS> and
	126	L<SPONSORS\|System::Introspector/SPONSORS>.
	127
	128	=head1 LICENSE
535e84b6	129
f24afb0e	130	This library is free software and may be distributed under the same terms
	131	as perl itself.
	132
	133	=cut