-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathalerter.py
71 lines (52 loc) · 1.76 KB
/
alerter.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/usr/bin/python
import os
import json
import sys
import smtplib
from email.mime.text import MIMEText
store_dir = '/var/lib/pam_alerter'
settings_file = 'alerter.json'
user = os.getenv('PAM_USER')
host = os.getenv('PAM_RHOST', 'unknown')
service = os.getenv('PAM_SERVICE', 'unknown')
pam_type = os.getenv('PAM_TYPE')
pam_tty = os.getenv('PAM_TTY')
if not os.path.isdir(store_dir):
os.makedirs(store_dir)
def load_settings(filename):
try:
with open(filename, 'r') as f:
_settings = json.load(f)
except:
_settings = []
return _settings
def save_settings(filename, _settings):
with open(filename, 'w') as f:
json.dump(_settings, f, indent=4, sort_keys=True)
def send_email(message):
msg = MIMEText(message, 'plain')
msg['Subject'] = 'Login alert for %s' % user
msg['From'] = sender
msg['To'] = receivers[0]
smtpObj = smtplib.SMTP('localhost')
smtpObj.sendmail(sender, receivers, msg.as_string())
script_directory = os.path.dirname(os.path.abspath(__file__))
settings_file = os.path.join(script_directory, settings_file)
settings = load_settings(settings_file)
sender = settings['sender']
receivers = settings['receivers']
white_ips = settings['white_ips']
# security check
if user != os.path.basename(user):
message = 'strange user: "%s"!' % user
send_email(message)
sys.exit();
ip_list_per_user = os.path.join(store_dir, user)
known_ips = load_settings(ip_list_per_user)
if pam_type != 'close_session':
if host not in known_ips:
known_ips.append(host)
save_settings(ip_list_per_user, known_ips)
if host not in white_ips:
message = 'Login by: %s from: %s\n\nservice = %s pam_type = %s' % (user, host, service, pam_type)
send_email(message)