Example query:
with compliance_check as (
select sha256,
case when sha256 = 'omgwtfbbqrandomchars00112233445566' then 'OK' else 'FAILED' end ztl_status
from hash
where path = '/path/to/conf'
)
#!/usr/bin/python | |
# -*- coding: utf-8 -*- | |
import glob | |
import os | |
import subprocess | |
import sys | |
sys.path.append('/usr/local/munki/munkilib') | |
import FoundationPlist | |
path = '/Users/abanks/Library/AutoPkg/Cache' |
USE_PKGBUILD=1 | |
include /usr/local/share/luggage/luggage.make | |
TITLE=iWorkDummyReceipts | |
REVERSE_DOMAIN=org.my.iWorkDummyReceipts | |
PACKAGE_VERSION=0.1 | |
PAYLOAD=pack-iWorkDummyReceipts | |
pack-iWorkDummyReceipts: l_Applications | |
@sudo mkdir -p -m 755 ${WORK_D}/Applications/{Numbers,Pages,Keynote}.app/Contents/_MASReceipt | |
@sudo touch ${WORK_D}/Applications/{Numbers,Pages,Keynote}.app/Contents/_MASReceipt/receipt |
#!/usr/bin/python | |
"""Shoves down santa rules 5 at a time to whitelist certs/binaries | |
NOTICE - if you have a sync server like Zentral configured, you cannot add rules | |
""" | |
import os | |
import subprocess | |
from multiprocessing.dummy import Pool as ThreadPool | |
if os.geteuid() != 0: | |
exit("Please run this script as root.") |
<div class="panel panel-default panel-traffic-light"> | |
<div class="panel-heading"> | |
{{ title }} | |
</div> | |
<!-- /.panel-heading --> | |
<div class="panel-body"> | |
<a href="{% url 'machine_list_front' plugin 'gatekeep' %}" class="btn btn-danger"> | |
<span class="bigger"> {{ gatekeep }} </span><br /> | |
{{ gatekeep_label }} |
#!/usr/bin/python | |
import glob | |
import gzip | |
certs = [ | |
"2aa4b9973b7ba07add447ee4da8b5337c3ee2c3a991911e80e7282e8a751fc32",# apples | |
"33b9aee3b089c922952c9240a40a0daa271bebf192cf3f7d964722e8f2170e48",# santas - everything after this isn't included... | |
"15b8ce88e10f04c88a5542234fbdfc1487e9c2f64058a05027c7c34fc4201153",# GoogleSoftwareUpdateAgent (~) | |
"1808a95f11169c7212a45b44c1c547c1f3e810915014bd892435253a3f8761ca",# Citrix ServiceRecords/ReceiverHelper |
#!/usr/bin/python | |
"""Check osquery output against whitelisted CA's.""" | |
import json | |
import os | |
import subprocess | |
import sys | |
OUTPUT=$(/usr/bin/basename "$1" | /usr/bin/sed -e "s/.pkg//g") | |
/usr/sbin/pkgutil --expand "$1" /tmp/"$OUTPUT" | |
open -a "Archive Utility.app" /tmp/"$OUTPUT"/Payload |
#!/usr/local/munki/simian/bin/python | |
# | |
# Copyright 2010 Google Inc. All Rights Reserved. | |
"""Script to output Simian dependent facter-like output of various variables.""" | |
import json | |
import os | |
import re | |
import subprocess |