crypto-policies - files in `/etc/crypto-policies/back-ends/`¶

This is a collection of parsers that all deal with the generated configuration files under the /etc/crypto-policies/back-ends/ folder. Parsers included in this module are:

CryptoPoliciesConfig - file `/etc/crypto-policies/config`¶

CryptoPoliciesStateCurrent - file `/etc/crypto-policies/state/current`¶

CryptoPoliciesOpensshserver - file `/etc/crypto-policies/back-ends/opensshserver.config`¶

CryptoPoliciesBind - file `/etc/crypto-policies/back-ends/bind.config`¶

class insights.parsers.crypto_policies.CryptoPoliciesBind(context)[source]¶

Bases: insights.core.Parser

This parser reads the /etc/crypto-policies/back-ends/bind.config file. The sections disable-algorithms and disable-ds-digests are in the properties disable_algorithms and disable_ds_digests.

Sample Input:

disable-algorithms "." {
RSAMD5;
DSA;
};
disable-ds-digests "." {
GOST;
};

Examples

>>> 'GOST' in cp_bind.disable_ds_digests
True
>>> cp_bind.disable_algorithms
['RSAMD5', 'DSA']

parse_content(content)[source]¶: This method must be implemented by classes based on this class.

class insights.parsers.crypto_policies.CryptoPoliciesConfig(context)[source]¶

Bases: insights.core.Parser

This parser reads the /etc/crypto-policies/config file. The contents of the file is a single-line value, available in the value property.

Sample Input:

LEGACY

Examples

>>> cp_c.value
'LEGACY'

parse_content(content)[source]¶: This method must be implemented by classes based on this class.

class insights.parsers.crypto_policies.CryptoPoliciesOpensshserver(context)[source]¶

Bases: insights.core.SysconfigOptions

This parser reads the /etc/crypto-policies/back-ends/opensshserver.config file. It uses the SysconfigOptions parser class to convert the file into a dictionary of options. It also provides the options property as a helper to retrieve the CRYPTO_POLICY variable.

Sample Input:

CRYPTO_POLICY='-oCiphers=aes256-gcm@openssh.com,3des-cbc -oMACs=umac-128-etm@openssh.com'

Examples

>>> 'CRYPTO_POLICY' in cp_os
True
>>> cp_os.options
'-oCiphers=aes256-gcm@openssh.com,3des-cbc -oMACs=umac-128-etm@openssh.com'

options¶

The value of the CRYPTO_POLICY variable if it exists, else None.

Type:	(union[str, None])

class insights.parsers.crypto_policies.CryptoPoliciesStateCurrent(context)[source]¶

Bases: insights.core.Parser

This parser reads the /etc/crypto-policies/state/current file. The contents of the file is a single-line value, available in the value property.

Sample Input:

LEGACY

Examples

>>> cp_sc.value
'LEGACY'

parse_content(content)[source]¶: This method must be implemented by classes based on this class.

crypto-policies - files in /etc/crypto-policies/back-ends/¶

CryptoPoliciesConfig - file /etc/crypto-policies/config¶

CryptoPoliciesStateCurrent - file /etc/crypto-policies/state/current¶

CryptoPoliciesOpensshserver - file /etc/crypto-policies/back-ends/opensshserver.config¶

CryptoPoliciesBind - file /etc/crypto-policies/back-ends/bind.config¶

crypto-policies - files in `/etc/crypto-policies/back-ends/`¶

CryptoPoliciesConfig - file `/etc/crypto-policies/config`¶

CryptoPoliciesStateCurrent - file `/etc/crypto-policies/state/current`¶

CryptoPoliciesOpensshserver - file `/etc/crypto-policies/back-ends/opensshserver.config`¶

CryptoPoliciesBind - file `/etc/crypto-policies/back-ends/bind.config`¶