benya/tg-admin-bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Expand security status details

Browse Source
This commit is contained in:
Alex
2026-02-07 23:57:50 +03:00
parent 26eb756ec8
commit 4c5c085832
1 changed files with 42 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
system_checks.py
View File

@@ -19,10 +19,49 @@ def security() -> str:
if not out or "ERROR:" in out:
return "🔐 Security\n\n⚠️ permitrootlogin not found"
if "no" in out.lower():
return "🔐 Security\n\n🟢 Root login disabled"
lines = ["🔐 Security\n"]
return "🔐 Security\n\n🔴 Root login ENABLED"
if "no" in out.lower():
lines.append("🟢 Root login disabled")
else:
lines.append("🔴 Root login ENABLED")
pass_auth = _cmd("sshd -T | grep -i '^passwordauthentication'")
if pass_auth and "ERROR:" not in pass_auth:
lines.append("🔴 Password auth enabled" if "yes" in pass_auth.lower() else "🟢 Password auth disabled")
pubkey_auth = _cmd("sshd -T | grep -i '^pubkeyauthentication'")
if pubkey_auth and "ERROR:" not in pubkey_auth:
lines.append("🟢 Pubkey auth enabled" if "yes" in pubkey_auth.lower() else "🔴 Pubkey auth disabled")
sec_updates = _cmd("apt list --upgradable 2>/dev/null | grep -i security | wc -l")
if sec_updates and "ERROR:" not in sec_updates:
try:
count = int(sec_updates.strip())
lines.append(f"🔔 Security updates: {count}")
except ValueError:
pass
time_info = _cmd("timedatectl")
if time_info and "ERROR:" not in time_info:
tz = None
ntp = None
synced = None
for line in time_info.splitlines():
if "Time zone:" in line:
tz = line.split("Time zone:", 1)[1].strip()
if "NTP service:" in line:
ntp = line.split("NTP service:", 1)[1].strip()
if "System clock synchronized:" in line:
synced = line.split("System clock synchronized:", 1)[1].strip()
if tz:
lines.append(f"🕒 Time zone: {tz}")
if ntp:
lines.append(f"🔧 NTP service: {ntp}")
if synced:
lines.append(f"⏱ Clock synced: {synced}")
return "\n".join(lines)
# ---------- DISKS ----------