Current File : //proc/self/root/opt/imunify360/venv/share/imunify360/config_schema/antivirus.py |
"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Copyright © 2019 Cloud Linux Software Inc.
This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
import os
NOTIFY, CLEANUP, CLEANUP_ON_SCHEDULE = (
"notify",
"cleanup",
"cleanup_on_schedule",
)
NONE, DAY, WEEK, MONTH = "none", "day", "week", "month"
DEFAULT_INTENSITY_CPU = 2
DEFAULT_INTENSITY_IO = 2
DEFAULT_INTENSITY_RAM = 2048
DEFAULT_RESOURCE_MANAGEMENT_CPU_LIMIT = 2
DEFAULT_RESOURCE_MANAGEMENT_IO_LIMIT = 2
DEFAULT_RESOURCE_MANAGEMENT_RAM_LIMIT = 500
def nullable(coerce):
def f(value):
if value is None:
return value
return coerce(value)
return f
def myimunify_rules(myimunify):
"""
To prevent turning off MyImunify if feature flag exists
"""
if not os.path.exists("/var/imunify360/myimunify-freemium.flag"):
return myimunify
if "enable" in myimunify and not myimunify["enable"]:
myimunify["enable"] = True
return myimunify
def get_root_config():
return {
"BACKUP_RESTORE": {
"type": "dict",
"schema": {
"max_days_in_backup": {
"type": "integer",
"coerce": int,
"min": 1,
"default": 90,
},
"cl_backup_allowed": {
"type": "boolean",
"default": True,
},
"cl_on_premise_backup_allowed": {
"type": "boolean",
"default": False,
},
},
"default": {},
},
"MALWARE_CLEANUP": {
"type": "dict",
"schema": {
"trim_file_instead_of_removal": {
"type": "boolean",
"default": True,
},
"keep_original_files_days": {
"type": "integer",
"coerce": int,
"min": 1,
"default": 14,
},
},
"default": {},
},
"MALWARE_SCANNING": {
"type": "dict",
"schema": {
"try_restore_from_backup_first": {
"type": "boolean",
"default": False,
},
"default_action": {
"type": "string",
"default": CLEANUP,
"allowed": [NOTIFY, CLEANUP, CLEANUP_ON_SCHEDULE],
},
"notify_on_detect": {
"type": "boolean",
"default": False,
},
"enable_scan_inotify": {
"type": "boolean",
"default": True,
},
"optimize_realtime_scan": {
"type": "boolean",
"default": True,
},
"enable_scan_modsec": {
"type": "boolean",
"default": True,
},
"sends_file_for_analysis": {
"type": "boolean",
"default": True,
},
"enable_scan_pure_ftpd": {
"type": "boolean",
"default": True,
},
"scan_modified_files": {
"type": "boolean",
"default": None,
"nullable": True,
},
"cloud_assisted_scan": {
"type": "boolean",
"default": True,
},
"rapid_scan": {
"type": "boolean",
"nullable": False,
"default": True,
},
"rapid_scan_rescan_unchanging_files_frequency": {
"type": "integer",
"coerce": nullable(int),
"nullable": True,
"default": None,
},
"max_signature_size_to_scan": {
"type": "integer",
"coerce": int,
"default": 1048576,
},
"max_cloudscan_size_to_scan": {
"type": "integer",
"coerce": int,
"default": 104857600,
},
"max_mrs_upload_file": {
"type": "integer",
"coerce": int,
"default": 104857600,
},
"detect_elf": {
"type": "boolean",
"nullable": False,
"default": True,
},
"hyperscan": {
"type": "boolean",
"nullable": False,
"default": False,
},
"enable_scan_cpanel": {
"type": "boolean",
"nullable": False,
"default": True,
},
"crontabs": {
"type": "boolean",
"nullable": False,
"default": True,
},
},
"default": {},
},
"MALWARE_SCAN_SCHEDULE": {
"type": "dict",
"schema": {
"interval": {
"type": "string",
"allowed": [NONE, DAY, WEEK, MONTH],
"default": WEEK,
},
"hour": {
"type": "integer",
"coerce": int,
"min": 0,
"max": 23,
"default": 3,
},
"day_of_week": {
"type": "integer",
"coerce": int,
"min": 0,
"max": 7,
"default": 0,
},
"day_of_month": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 31,
"default": 1,
},
},
"default": {},
},
"MALWARE_SCAN_INTENSITY": {
"type": "dict",
"schema": {
"cpu": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 7,
"default": DEFAULT_INTENSITY_CPU,
},
"io": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 7,
"default": DEFAULT_INTENSITY_IO,
},
"ram": {
"type": "integer",
"coerce": int,
"min": 1024,
"default": DEFAULT_INTENSITY_RAM,
},
"user_scan_cpu": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 7,
"default": 2,
},
"user_scan_io": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 7,
"default": 2,
},
"user_scan_ram": {
"type": "integer",
"coerce": int,
"min": 1024,
"default": 1024,
},
},
"default": {},
},
"MALWARE_DATABASE_SCAN": {
"type": "dict",
"schema": {
"enable": {
"type": "boolean",
"default": False,
},
"db_timeout": {
"type": "integer",
"coerce": int,
"min": 1,
"default": 15,
},
},
"default": {},
},
"RESOURCE_MANAGEMENT": {
"type": "dict",
"schema": {
"cpu_limit": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 7,
"default": DEFAULT_RESOURCE_MANAGEMENT_CPU_LIMIT,
},
"io_limit": {
"type": "integer",
"coerce": int,
"min": 1,
"max": 7,
"default": DEFAULT_RESOURCE_MANAGEMENT_IO_LIMIT,
},
"ram_limit": {
"type": "integer",
"coerce": int,
"min": 500,
"default": DEFAULT_RESOURCE_MANAGEMENT_RAM_LIMIT,
},
},
"default": {},
},
"ERROR_REPORTING": {
"type": "dict",
"schema": {"enable": {"type": "boolean", "default": True}},
"default": {},
},
"SEND_ADDITIONAL_DATA": {
"type": "dict",
"schema": {
"enable": {
"type": "boolean",
"default": True,
}
},
"default": {},
},
"ADMIN_CONTACTS": {
"type": "dict",
"schema": {
"emails": {
"type": "list",
"schema": {"type": "string"},
"nullable": False,
"default": [],
},
"enable_icontact_notifications": {
"type": "boolean",
"nullable": False,
"default": True,
},
},
"default": {},
},
"PERMISSIONS": {
"type": "dict",
"schema": {
"support_form": {
"type": "boolean",
"nullable": True,
"default": True,
},
"advisor": {
"type": "boolean",
"nullable": True,
"default": True,
},
"user_ignore_list": {
"type": "boolean",
"nullable": True,
"default": False,
},
"upgrade_button": {
"type": "boolean",
"nullable": False,
"default": True,
},
"allow_malware_scan": {
"type": "boolean",
"nullable": True,
"default": False,
},
"user_override_malware_actions": {
"type": "boolean",
"nullable": False,
"default": False,
},
"user_override_proactive_defense": {
"type": "boolean",
"nullable": False,
"default": False,
"coerce": "user_override_pd_rules",
},
"allow_local_malware_ignore_list_management": {
"type": "boolean",
"nullable": False,
"default": True,
},
},
"default": {},
},
"LOGGER": {
"type": "dict",
"schema": {
"max_log_file_size": {
"type": "integer",
"default": 62914560, # 60MB
},
"backup_count": {
# if 5, store app.log, app.log.1, up to app.log.5
"type": "integer",
"default": 5,
},
"syscall_monitor": {"type": "boolean", "default": False},
},
"default": {},
},
"SECURE_SITE": {
"nullable": True,
# readonly fields are ignored during validation/normalisation
"readonly": True,
"type": "dict",
},
"MY_IMUNIFY": {
"type": "dict",
"coerce": (dict, myimunify_rules),
"schema": {
"enable": {
"type": "boolean",
"default": False,
},
"purchase_page_url": {
"type": "string",
"default":
"https://{{ your billing system host }}:?{{ port }}/",
},
},
"default": {},
},
"CONTROL_PANEL": {
"type": "dict",
"schema": {
"generic_user_notifications": {
"type": "boolean",
"default": True,
},
},
"default": {},
},
}
def get_non_root_config():
return {
"BACKUP_RESTORE": {
"type": "dict",
"schema": {
"max_days_in_backup": {
"type": "integer",
"nullable": True,
"coerce": lambda x: x and int(x),
"min": 1,
"default": None,
},
},
"default": {},
},
"MALWARE_SCANNING": {
"type": "dict",
"schema": {
"default_action": {
"type": "string",
"default": None,
"allowed": [NOTIFY, CLEANUP, CLEANUP_ON_SCHEDULE],
"nullable": True,
},
"try_restore_from_backup_first": {
"type": "boolean",
"nullable": True,
"default": None,
},
},
"default": {},
},
"SECURE_SITE": {
"nullable": True,
"readonly": True,
"type": "dict"
},
"MY_IMUNIFY": {
"type": "dict",
"coerce": (dict, myimunify_rules),
"schema": {
"enable": {
"type": "boolean",
"default": False,
},
"purchase_page_url": {
"type": "string",
"default":
"https://{{ your billing system host }}:?{{ port }}/",
},
},
"default": {},
},
"CONTROL_PANEL": {
"type": "dict",
"schema": {
"generic_user_notifications": {
"type": "boolean",
"nullable": True,
"default": None,
},
},
"default": {},
},
}