mirror of
https://github.com/Pardus-LiderAhenk/ahenk
synced 2024-11-22 13:12:17 +03:00
plugins bash changes
This commit is contained in:
agah
parent
42eeae5037
commit
199b543c6e
5 changed files with 82 additions and 80 deletions
|
|
@ -72,99 +72,101 @@ class CommandRunner(object):
|
||||||
|
|
||||||
if str(json_data['event']) == 'login' and self.check_last_login():
|
if str(json_data['event']) == 'login' and self.check_last_login():
|
||||||
username = json_data['username']
|
username = json_data['username']
|
||||||
display = json_data['display']
|
if username != "Debian-gdm":
|
||||||
desktop = json_data['desktop']
|
display = json_data['display']
|
||||||
|
desktop = json_data['desktop']
|
||||||
|
|
||||||
ip = None
|
ip = None
|
||||||
if 'ip' in json_data:
|
if 'ip' in json_data:
|
||||||
ip = json_data['ip']
|
ip = json_data['ip']
|
||||||
|
|
||||||
domain = None
|
domain = None
|
||||||
if 'domain' in json_data:
|
if 'domain' in json_data:
|
||||||
domain = json_data['domain']
|
domain = json_data['domain']
|
||||||
|
|
||||||
self.logger.info('login event is handled for user: {0}'.format(username))
|
self.logger.info('login event is handled for user: {0}'.format(username))
|
||||||
self.logger.info('login parameters of login user, username: {0}, display: {1}, desktop: {2}, domain: {3}'.format(username, display, desktop, domain))
|
self.logger.info('login parameters of login user, username: {0}, display: {1}, desktop: {2}, domain: {3}'.format(username, display, desktop, domain))
|
||||||
|
|
||||||
Util.execute("systemctl restart sssd.service")
|
Util.execute("systemctl restart sssd.service")
|
||||||
login_message = self.message_manager.login_msg(username,ip)
|
login_message = self.message_manager.login_msg(username,ip)
|
||||||
self.messenger.send_direct_message(login_message)
|
self.messenger.send_direct_message(login_message)
|
||||||
agreement = Agreement()
|
agreement = Agreement()
|
||||||
agreement_choice = None
|
agreement_choice = None
|
||||||
|
|
||||||
if agreement.check_agreement(username) is not True and System.Ahenk.agreement() == '1':
|
if agreement.check_agreement(username) is not True and System.Ahenk.agreement() == '1':
|
||||||
self.logger.debug('User {0} has not accepted agreement.'.format(username))
|
self.logger.debug('User {0} has not accepted agreement.'.format(username))
|
||||||
thread_ask = Process(target=agreement.ask, args=(username, display,))
|
thread_ask = Process(target=agreement.ask, args=(username, display,))
|
||||||
thread_ask.start()
|
thread_ask.start()
|
||||||
agreement_timeout = self.conf_manager.get('SESSION', 'agreement_timeout')
|
agreement_timeout = self.conf_manager.get('SESSION', 'agreement_timeout')
|
||||||
timeout = int(agreement_timeout) # sec
|
timeout = int(agreement_timeout) # sec
|
||||||
timer = time.time()
|
timer = time.time()
|
||||||
while 1:
|
while 1:
|
||||||
if thread_ask.is_alive() is False:
|
if thread_ask.is_alive() is False:
|
||||||
self.logger.warning('{0} was answered the question '.format(username))
|
self.logger.warning('{0} was answered the question '.format(username))
|
||||||
if Agreement().check_agreement(username) is True:
|
if Agreement().check_agreement(username) is True:
|
||||||
self.logger.warning('Choice of {0} is YES'.format(username))
|
self.logger.warning('Choice of {0} is YES'.format(username))
|
||||||
agreement_choice = True
|
agreement_choice = True
|
||||||
break
|
break
|
||||||
elif Agreement().check_agreement(username) is False:
|
elif Agreement().check_agreement(username) is False:
|
||||||
self.logger.warning('Choice of {0} is NO'.format(username))
|
self.logger.warning('Choice of {0} is NO'.format(username))
|
||||||
agreement_choice = False
|
agreement_choice = False
|
||||||
|
Util.close_session(username)
|
||||||
|
break
|
||||||
|
|
||||||
|
if (time.time() - timer) > timeout:
|
||||||
|
if thread_ask.is_alive():
|
||||||
|
thread_ask.terminate()
|
||||||
Util.close_session(username)
|
Util.close_session(username)
|
||||||
|
self.logger.warning(
|
||||||
|
'Session of {0} was ended because of timeout of contract agreement'.format(
|
||||||
|
username))
|
||||||
break
|
break
|
||||||
|
time.sleep(1)
|
||||||
|
|
||||||
if (time.time() - timer) > timeout:
|
if agreement_choice is not None:
|
||||||
if thread_ask.is_alive():
|
self.messenger.send_direct_message(
|
||||||
thread_ask.terminate()
|
self.message_manager.agreement_answer_msg(username, agreement_choice))
|
||||||
Util.close_session(username)
|
else:
|
||||||
self.logger.warning(
|
agreement_choice = True
|
||||||
'Session of {0} was ended because of timeout of contract agreement'.format(
|
|
||||||
username))
|
|
||||||
break
|
|
||||||
time.sleep(1)
|
|
||||||
|
|
||||||
if agreement_choice is not None:
|
if agreement_choice is True or System.Ahenk.agreement() != '1':
|
||||||
self.messenger.send_direct_message(
|
self.db_service.delete('session', '1=1')
|
||||||
self.message_manager.agreement_answer_msg(username, agreement_choice))
|
self.logger.info('Display is {0}, desktop env is {1} for {2}'.format(display, desktop, username))
|
||||||
else:
|
session_columns = self.db_service.get_cols('session')
|
||||||
agreement_choice = True
|
# ['username', 'display', 'desktop', 'timestamp', 'ip', 'domain']
|
||||||
|
self.db_service.update('session', session_columns,
|
||||||
|
[username, display, desktop, str(int(time.time())), ip, domain])
|
||||||
|
|
||||||
if agreement_choice is True or System.Ahenk.agreement() != '1':
|
# Default policy for users --->> START
|
||||||
self.db_service.delete('session', '1=1')
|
self.logger.info("Applying default policies for user {0}".format(Util.get_username()))
|
||||||
self.logger.info('Display is {0}, desktop env is {1} for {2}'.format(display, desktop, username))
|
self.default_policy.default_firefox_policy(Util.get_username())
|
||||||
session_columns = self.db_service.get_cols('session')
|
self.default_policy.disable_update_package_notify(Util.get_username())
|
||||||
# ['username', 'display', 'desktop', 'timestamp', 'ip', 'domain']
|
# Default policy for users --->> STOP
|
||||||
self.db_service.update('session', session_columns,
|
|
||||||
[username, display, desktop, str(int(time.time())), ip, domain])
|
|
||||||
|
|
||||||
# Default policy for users --->> START
|
get_policy_message = self.message_manager.policy_request_msg(username)
|
||||||
self.logger.info("Applying default policies for user {0}".format(Util.get_username()))
|
self.plugin_manager.process_mode('safe', username)
|
||||||
self.default_policy.default_firefox_policy(Util.get_username())
|
self.plugin_manager.process_mode('login', username)
|
||||||
self.default_policy.disable_update_package_notify(Util.get_username())
|
|
||||||
# Default policy for users --->> STOP
|
|
||||||
|
|
||||||
get_policy_message = self.message_manager.policy_request_msg(username)
|
kward = dict()
|
||||||
self.plugin_manager.process_mode('safe', username)
|
kward['timeout_args'] = username
|
||||||
self.plugin_manager.process_mode('login', username)
|
kward['checker_args'] = username
|
||||||
|
|
||||||
kward = dict()
|
SetupTimer.start(Timer(timeout=System.Ahenk.get_policy_timeout(),
|
||||||
kward['timeout_args'] = username
|
timeout_function=self.execute_manager.execute_default_policy,
|
||||||
kward['checker_args'] = username
|
checker_func=self.execute_manager.is_policy_executed, kwargs=kward))
|
||||||
|
|
||||||
SetupTimer.start(Timer(timeout=System.Ahenk.get_policy_timeout(),
|
self.logger.info('Requesting updated policies from Lider. If Ahenk could not reach updated '
|
||||||
timeout_function=self.execute_manager.execute_default_policy,
|
'policies in {0} sec, booked policies will be executed'.format(
|
||||||
checker_func=self.execute_manager.is_policy_executed, kwargs=kward))
|
System.Ahenk.get_policy_timeout()))
|
||||||
|
self.messenger.send_direct_message(get_policy_message)
|
||||||
self.logger.info('Requesting updated policies from Lider. If Ahenk could not reach updated '
|
|
||||||
'policies in {0} sec, booked policies will be executed'.format(
|
|
||||||
System.Ahenk.get_policy_timeout()))
|
|
||||||
self.messenger.send_direct_message(get_policy_message)
|
|
||||||
|
|
||||||
elif str(json_data['event']) == 'logout':
|
elif str(json_data['event']) == 'logout':
|
||||||
username = json_data['username']
|
username = json_data['username']
|
||||||
self.execute_manager.remove_user_executed_policy_dict(username)
|
self.execute_manager.remove_user_executed_policy_dict(username)
|
||||||
self.plugin_manager.process_mode('logout', username)
|
self.plugin_manager.process_mode('logout', username)
|
||||||
self.plugin_manager.process_mode('safe', username)
|
self.plugin_manager.process_mode('safe', username)
|
||||||
self.db_service.delete('session', '1=1')
|
if username != "Debian-gdm":
|
||||||
|
self.db_service.delete('session', '1=1')
|
||||||
# TODO delete all user records while initializing
|
# TODO delete all user records while initializing
|
||||||
self.logger.info('logout event is handled for user: {0}'.format(username))
|
self.logger.info('logout event is handled for user: {0}'.format(username))
|
||||||
ip = None
|
ip = None
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ var=$(lsmod | awk '{print $1}'| grep usblp)
|
||||||
|
|
||||||
service cups stop
|
service cups stop
|
||||||
|
|
||||||
if [ -z "$var" ]
|
if [[ -z "$var" ]]
|
||||||
then
|
then
|
||||||
echo "USB printer devices are already blocked"
|
echo "USB printer devices are already blocked"
|
||||||
else
|
else
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
var=$(lsmod | grep usbhid)
|
var=$(lsmod | grep usbhid)
|
||||||
|
|
||||||
if [ -z "$var" ]
|
if [[ -z "$var" ]]
|
||||||
then
|
then
|
||||||
echo "USB HID devices are already blocked"
|
echo "USB HID devices are already blocked"
|
||||||
else
|
else
|
||||||
|
|
@ -21,7 +21,7 @@ fi
|
||||||
|
|
||||||
var=$(lsmod | grep psmouse)
|
var=$(lsmod | grep psmouse)
|
||||||
|
|
||||||
if [ -z "$var" ]
|
if [[ -z "$var" ]]
|
||||||
then
|
then
|
||||||
echo "psmouse is already blocked"
|
echo "psmouse is already blocked"
|
||||||
else
|
else
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
var=$(lsmod | awk '{print $1}'| grep usb_storage)
|
var=$(lsmod | awk '{print $1}'| grep usb_storage)
|
||||||
|
|
||||||
if [ -z "$var" ]
|
if [[ -z "$var" ]]
|
||||||
then
|
then
|
||||||
echo "USB storage devices are already blocked"
|
echo "USB storage devices are already blocked"
|
||||||
else
|
else
|
||||||
|
|
@ -26,7 +26,7 @@ sleep 2
|
||||||
|
|
||||||
var=$(lsmod | grep usb_storage | awk '{print $4}')
|
var=$(lsmod | grep usb_storage | awk '{print $4}')
|
||||||
|
|
||||||
if [ ! -z "$var" ]
|
if [[ ! -z "$var" ]]
|
||||||
then
|
then
|
||||||
IFS=',' read -ra deps <<< "$var"
|
IFS=',' read -ra deps <<< "$var"
|
||||||
for i in "${deps[@]}"; do
|
for i in "${deps[@]}"; do
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
var=$(lsof -t /dev/video0)
|
var=$(lsof -t /dev/video0)
|
||||||
|
|
||||||
if [ -z "$var" ]
|
if [[ -z "$var" ]]
|
||||||
then
|
then
|
||||||
echo "Webcam is not in use"
|
echo "Webcam is not in use"
|
||||||
else
|
else
|
||||||
|
|
@ -12,7 +12,7 @@ fi
|
||||||
|
|
||||||
var=$(lsmod | awk '{print $1}'| grep uvcvideo)
|
var=$(lsmod | awk '{print $1}'| grep uvcvideo)
|
||||||
|
|
||||||
if [ -z "$var" ]
|
if [[ -z "$var" ]]
|
||||||
then
|
then
|
||||||
echo "Webcam is already blocked"
|
echo "Webcam is already blocked"
|
||||||
else
|
else
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue