carrots

package module

v0.0.1 Latest Latest Go to latest Published: Oct 5, 2022 License: BSD-2-Clause Imports: 7 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/mcandre/carrots

Links

Open Source Insights

README ¶

carrots: in situ permission scanner

EXAMPLES

$ cd examples

$ carrots
.ssh/id_test: expected chmod 0600, got 0644

ABOUT

carrots scans file paths for permission discrepancies. For example, SSH requires files and directories to adhere to a standard chmod permission bit policy. When carrots detects a discrepancy, it emits a warning.

INSTALL FROM SOURCE

$ go install github.com/mcandre/carrots/cmd/carrots@latest

RUNTIME REQUIREMENTS

None

CONTRIBUTING

For more information on developing tug itself, see DEVELOPMENT.md.

LICENSE

BSD-2-Clause

USAGE

carrots follows classical UNIX CLI conventions: Basic exit codes, and no output except in case of an issue.

By default, carrots analyzes the current working directory tree. To analyze other paths, list some files and/or directories explicitly. For example, to scan your live SSH directory tree:

$ carrots ~/.ssh

🥕

Documentation ¶

Index ¶

Constants
Variables
func Report(roots []string) int
func Scan(roots []string) ([]string, []error)
type Scanner
- func NewScanner() (*Scanner, error)

Constants ¶

View Source

const Version = "0.0.1"

Version is semver.

Variables ¶

View Source

var SSHKeyPattern = regexp.MustCompile("^id_.+$")

SSHKeyPattern matches SSH key filenames.

View Source

var SSHPublicKeyPattern = regexp.MustCompile("^id_.+\\.pub$")

SSHPublicKeyPattern matches SSH public key filenames.

Functions ¶

func Report ¶

func Report(roots []string) int

Report emits any warnings the console. If warnings are present, returns 1. Else, returns 0.

func Scan ¶

func Scan(roots []string) ([]string, []error)

Scan checks the given root file path recursively for known permission discrepancies.

Types ¶

type Scanner ¶

type Scanner struct {
	// Warnings denote an actionable permission discrepancy.
	Warnings []string

	// Home denotes the current user's home directory.
	Home string
}

Scanner collects warnings.

func NewScanner ¶

func NewScanner() (*Scanner, error)

NewScanner constructs a scanner.

func (Scanner) ScanFileExists ¶

func (o Scanner) ScanFileExists(pth string, info os.FileInfo) error

ScanFileExists checks paths for existence.

func (Scanner) ScanHome ¶

func (o Scanner) ScanHome(pth string, info os.FileInfo) []string

ScanHome analyzes home directories.

func (Scanner) ScanSSH ¶

func (o Scanner) ScanSSH(pth string, info os.FileInfo) []string

ScanSSH analyzes .ssh directories.

func (Scanner) ScanSSHAuthorizedKeys ¶

func (o Scanner) ScanSSHAuthorizedKeys(pth string, info os.FileInfo) []string

ScanSSHAuthorizedKeys analyzes authorized_keys files.

func (Scanner) ScanSSHConfig ¶

func (o Scanner) ScanSSHConfig(pth string, info os.FileInfo) []string

ScanSSHConfig analyzes .ssh/config files.

func (Scanner) ScanSSHKeys ¶

func (o Scanner) ScanSSHKeys(pth string, info os.FileInfo) []string

ScanSSHKeys analyzes .ssh/id_.+(\.pub)? files.

func (Scanner) ScanSSHKnownHosts ¶

func (o Scanner) ScanSSHKnownHosts(pth string, info os.FileInfo) []string

ScanSSHKnownHosts analyzes known_hosts files.

func (*Scanner) Walk ¶

func (o *Scanner) Walk(pth string, info os.FileInfo, err error) error

Walk traverses a file path recursively, collecting known permission discrepancies.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
carrots

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL