#!/usr/bin/python -tt

# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Library General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
# copyright (c) 2011 Red Hat, inc
# written by skvidal

import sys
import os
import syck
import glob

stateyaml = '/tmp/state-yaml/' # 
modfiles = '/tmp/modified-files/'

known_changed = [ '/etc/cron.d/smolt',
  '/etc/func/minion.conf',
  '/etc/inittab',
  '/etc/securetty',
  '/etc/sysconfig/snmpd.options',
  '/etc/sysctl.conf',
  '/usr/share/snmp/mibs/.index',
  '/var/lib/rkhunter/db/mirrors.dat',
  '/var/lib/rkhunter/db/programs_bad.dat',
  '/etc/printcap',
  '/etc/bacula2/bacula-fd.conf',
  '/etc/login.defs',
  '/etc/aliases',
  '/etc/smartd.conf',
  '/usr/share/GeoIP/GeoIP.dat',
  ]

endings_to_ignore = [ 'pyc', 'pyo']

for fn in sorted(glob.glob(modfiles + '*.output')):
    changed = {}
    results = []
    bn = fn.split('/')[-1]
    hn = bn.replace('.output', '')
    files = open(fn, 'r').readlines()
    files = files[2:]
    for s in files:
        s = s.strip()
        if not s:
            continue
        csum, fn = s.split('  ')
        # stuff to ignore
        if fn in known_changed:
            continue
        if fn.split('.')[-1] in endings_to_ignore:
            continue

        changed[fn] = csum
       
    if os.path.exists(stateyaml + bn):
        pvers = {}
        y = syck.load('\n'.join(open(stateyaml + bn, 'r').readlines()[2:]))
        for k in y:
            if k.startswith('File['):
                pfn = k.replace('File[', '')
                pfn = pfn.replace(']', '')
                v = y[k]
                if 'checksums' in v:
                    if 'md5' in v['checksums']:
                        csum = v['checksums']['md5'].replace('{md5}', '')
                        pvers[pfn] = csum
                       
    for i in changed:
        
        if i in pvers and changed[i] == pvers[i]: # if it matches the csum puppet has, move along
            continue
        results.append(i)
               
              
           
    if results:     
        print hn
        for f in sorted(results):
            print '  ' + f
        print ''