From 4180f166560db7f540043d5bee14abbc369b0fdd Mon Sep 17 00:00:00 2001
From: Anders Ingemann <anders@ingemann.de>
Date: Sun, 7 Jul 2013 16:59:12 +0200
Subject: [PATCH] Implemented cleanup tasks

---
 providers/ec2/__init__.py      |  6 ++++-
 providers/ec2/tasks/cleanup.py | 44 ++++++++++++++++++++++++++++++++++
 2 files changed, 49 insertions(+), 1 deletion(-)
 create mode 100644 providers/ec2/tasks/cleanup.py

diff --git a/providers/ec2/__init__.py b/providers/ec2/__init__.py
index eecf14b..9d1f598 100644
--- a/providers/ec2/__init__.py
+++ b/providers/ec2/__init__.py
@@ -12,6 +12,7 @@ from tasks import boot
 from tasks import security
 from tasks import network
 from tasks import initd
+from tasks import cleanup
 
 
 def initialize():
@@ -54,7 +55,10 @@ def tasks(tasklist, manifest):
 	             network.ConfigureNetworkIF(),
 	             network.ConfigureDHCP(),
 	             initd.ResolveInitScripts(),
-	             initd.InstallInitScripts())
+	             initd.InstallInitScripts(),
+	             cleanup.ClearMOTD(),
+	             cleanup.ShredHostkeys(),
+	             cleanup.CleanTMP())
 
 	from common.tasks import TriggerRollback
 	tasklist.add(TriggerRollback())
diff --git a/providers/ec2/tasks/cleanup.py b/providers/ec2/tasks/cleanup.py
new file mode 100644
index 0000000..46ff017
--- /dev/null
+++ b/providers/ec2/tasks/cleanup.py
@@ -0,0 +1,44 @@
+from base import Task
+from common import phases
+import os
+
+
+class ClearMOTD(Task):
+	description = 'Clearing the MOTD'
+	phase = phases.system_cleaning
+
+	def run(self, info):
+		with open('/var/run/motd', 'w'):
+			pass
+
+
+class ShredHostkeys(Task):
+	description = 'Securely deleting ssh hostkeys'
+	phase = phases.system_cleaning
+
+	def run(self, info):
+		ssh_hostkeys = ['ssh_host_dsa_key',
+		                'ssh_host_rsa_key']
+		if info.manifest.system['release'] != 'squeeze':
+			ssh_hostkeys.append('ssh_host_ecdsa_key')
+
+		private = [os.path.join(info.root, 'etc/ssh', name) for name in ssh_hostkeys]
+		public = [path + '.pub' for path in private]
+
+		from common.tools import log_check_call
+		log_check_call(['/usr/bin/shred', '--remove'] + private + public)
+
+
+class CleanTMP(Task):
+	description = 'Removing temporary files'
+	phase = phases.system_cleaning
+
+	def run(self, info):
+		import glob
+		tmp_files = glob.glob(os.path.join(info.root, 'tmp/*'))
+		for tmp_file in tmp_files:
+			os.remove(tmp_file)
+
+		log_files = glob.glob(os.path.join(info.root, 'var/log/{bootstrap,dpkg}.log'))
+		for log_file in log_files:
+			os.remove(log_file)