HealthCheck-Diagnostic-FilePermissions
view release on metacpan or search on metacpan
lib/HealthCheck/Diagnostic/FilePermissions.pm view on Meta::CPAN
my ($self, $file, $access) = @_;
# Run the tests and construct the error messages, identifying which
# access operation failed.
my $info = "Permissions for '$file':";
my @access_errors;
my %actual = (
read => -r $file,
write => -w $file,
execute => -x $file,
);
foreach ( sort keys %$access ) {
push @{ $access_errors[ $access->{$_} ] }, $_
if $access->{$_} xor $actual{$_};
}
# Return a default success access permission info message if it found
# no errors.
return {
status => 'OK',
info => qq{Have correct access for '$file'},
} unless @access_errors;
# Summarize the failed info messages in the results.
my @info;
push @info, 'Must have permission to '.
$self->pretty_join( @{ $access_errors[1] } ).qq{ '$file'}
if @{ $access_errors[1] || [] };
push @info, 'Must not have permission to '.
$self->pretty_join( @{ $access_errors[0] } ).qq{ '$file'}
if @{ $access_errors[0] || [] };
return {
status => 'CRITICAL',
info => join( '; ', @info ),
};
}
sub check_permissions {
my ($self, $file, $permissions) = @_;
# Stringify the expected and actual permissions so that they can be
# easily understood.
my $actual = sprintf( '%04o', ( stat($file) )[2] & 07777 );
my $expected = sprintf( '%04o', $permissions & 07777 );
return {
status => 'CRITICAL',
info => "Permissions should be $expected but ".
"are $actual for '$file'",
} if $expected != $actual;
return {
status => 'OK',
info => qq{Permissions are $actual for '$file'},
};
}
sub check_owner {
my ($self, $file, $owner) = @_;
my $actual = getpwuid( ( stat $file )[4] );
return {
status => 'CRITICAL',
info => qq{Owner should be $owner but is $actual for '$file'},
} unless $actual eq $owner;
return {
status => 'OK',
info => qq{Owner is $owner for '$file'},
};
}
sub check_group {
my ($self, $file, $group) = @_;
my $actual = getgrgid( ( stat $file )[5] );
return {
status => 'CRITICAL',
info => qq{Group should be $group but is $actual for '$file'},
} unless $actual eq $group;
return {
status => 'OK',
info => qq{Group is $group for '$file'},
};
}
1;
__END__
=pod
=encoding UTF-8
=head1 NAME
HealthCheck::Diagnostic::FilePermissions - Check the paths for expected permissions in a HealthCheck
=head1 VERSION
version v1.4.8
=head1 SYNOPSIS
use HealthCheck::Diagnostic::FilePermissions;
# Just check that a file exists, without instantiating anything.
HealthCheck::Diagnostic::FilePermissions->check(
files => [ '/tmp', '/other_directory' ],
);
# Check that some files have certain permissions.
my $d = HealthCheck::Diagnostic::FilePermissions->new(
files => [ '/tmp', '/var/nfs' ],
);
$d->check( permissions => 0777 );
# Check that it has access to the file(s).
$d->check( access => 'x' ); # Can execute files.
$d->check( access => 'rw' ); # Can read and write files.
( run in 0.773 second using v1.01-cache-2.11-cpan-6aa56a78535 )