Syncing /usr/share/ahenk to src and recreating ahenk.install

This commit is contained in:
Tuncay ÇOLAK 2020-07-23 14:36:37 +03:00
parent cd2fdc6608
commit 6e4b2f5884
11 changed files with 96 additions and 159 deletions

View file

@ -108,7 +108,6 @@ usr/share/ahenk/base/scheduler/custom/scheduledb.py
usr/share/ahenk/base/scheduler/custom/custom_scheduler.py usr/share/ahenk/base/scheduler/custom/custom_scheduler.py
usr/share/ahenk/base/scheduler/custom usr/share/ahenk/base/scheduler/custom
usr/share/ahenk/base/scheduler usr/share/ahenk/base/scheduler
usr/share/ahenk/base/registration/test.py
usr/share/ahenk/base/registration/execute_cancel_sssd_ad_authentication.py usr/share/ahenk/base/registration/execute_cancel_sssd_ad_authentication.py
usr/share/ahenk/base/registration/config-files/ldap usr/share/ahenk/base/registration/config-files/ldap
usr/share/ahenk/base/registration/config-files/pam_script usr/share/ahenk/base/registration/config-files/pam_script

View file

@ -162,7 +162,8 @@ class AhenkDaemon(BaseDaemon):
print("Registration attemp") print("Registration attemp")
max_attempt_number -= 1 max_attempt_number -= 1
self.logger.debug('Ahenk is not registered. Attempting for registration') self.logger.debug('Ahenk is not registered. Attempting for registration')
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password,self.register_directory_server) # registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password,self.register_directory_server)
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password)
if max_attempt_number < 0: if max_attempt_number < 0:
self.logger.warning('Number of Attempting for registration is over') self.logger.warning('Number of Attempting for registration is over')
Util.execute("/etc/init.d/ahenk stop") Util.execute("/etc/init.d/ahenk stop")
@ -248,7 +249,7 @@ class AhenkDaemon(BaseDaemon):
self.register_hostname=hostName self.register_hostname=hostName
self.register_user_name=username self.register_user_name=username
self.register_user_password=password self.register_user_password=password
self.register_directory_server = directoryServer # self.register_directory_server = directoryServer
# if user_disabled is when ahenk service restarted TRUE disabled local users # if user_disabled is when ahenk service restarted TRUE disabled local users
def disable_local_users(self): def disable_local_users(self):
@ -385,8 +386,9 @@ if __name__ == '__main__':
hostName = sys.argv[2] hostName = sys.argv[2]
userName = sys.argv[3] userName = sys.argv[3]
password = sys.argv[4] password = sys.argv[4]
directoryServer = sys.argv[5] # directoryServer = sys.argv[5]
ahenk_daemon.set_register_user(hostName,userName,password,directoryServer) # ahenk_daemon.set_register_user(hostName,userName,password,directoryServer)
ahenk_daemon.set_register_user(hostName,userName,password)
ahenk_daemon.run() ahenk_daemon.run()
else: else:

View file

@ -18,28 +18,30 @@ class AskRegister():
self.title = title self.title = title
self.host = host self.host = host
self.master = tk.Tk() self.master = tk.Tk()
self.text= tk.StringVar()
self.master.title(self.title) self.master.title(self.title)
if self.host != "": tk.Label(self.master, text="* Etki Alanı: ").grid(row=0)
pass self.e1 = tk.Entry(self.master)
else: self.e1.grid(row=0, column=1)
tk.Label(self.master, text="Etki Alanı Sunucusu : ").grid(row=0)
self.e1 = tk.Entry(self.master)
self.e1.grid(row=0, column=1)
tk.Label(self.master, text="Yetkili Kullanıcı : ").grid(row=1) # if self.host != "":
tk.Label(self.master, text="Parola : ").grid(row=2) # pass
# else:
tk.Label(self.master, text="* Yetkili Kullanıcı : ").grid(row=1)
tk.Label(self.master, text="* Parola : ").grid(row=2)
tk.Label(self.master, textvariable= self.text, fg="red").grid(row=3,columnspan=2)
self.e2 = tk.Entry(self.master) self.e2 = tk.Entry(self.master)
self.e3 = tk.Entry(show="*") self.e3 = tk.Entry(show="*")
self.var1 = IntVar() # self.var1 = IntVar()
Checkbutton(self.master, text="Active Directory", variable=self.var1, command=self.check1).grid(row=3, column=0, stick=tk.W, # Checkbutton(self.master, text="Active Directory", variable=self.var1, command=self.check1).grid(row=3, column=0, stick=tk.W,
pady=4) # pady=4)
self.var2 = IntVar() # self.var2 = IntVar()
self.var2.set(1) # self.var2.set(1)
Checkbutton(self.master, text="OpenLDAP", variable=self.var2, command=self.check2).grid(row=3, column=1, stick=tk.W, pady=4) # Checkbutton(self.master, text="OpenLDAP", variable=self.var2, command=self.check2).grid(row=3, column=1, stick=tk.W, pady=4)
self.e2.grid(row=1, column=1) self.e2.grid(row=1, column=1)
self.e3.grid(row=2, column=1) self.e3.grid(row=2, column=1)
@ -49,20 +51,23 @@ class AskRegister():
tk.mainloop() tk.mainloop()
def show(self): def show(self):
if(self.e1.get() =='' or self.e2.get()=='' or self.e3.get()==''):
self.text.set("Lütfen zorunlu alanları doldurunuz!")
else:
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get())
self.master.quit()
# if self.var2.get() == 1:
# if self.host != "":
# print(self.e2.get()+" "+self.e3.get()+" "+"LDAP")
# else:
# print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"LDAP")
#
# if self.var1.get() == 1:
# if self.host != "":
# print(self.e2.get()+" "+self.e3.get()+" "+"AD")
# else:
# print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"AD")
if self.var2.get() == 1:
if self.host != "":
print(self.e2.get()+" "+self.e3.get()+" "+"LDAP")
else:
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"LDAP")
if self.var1.get() == 1:
if self.host != "":
print(self.e2.get()+" "+self.e3.get()+" "+"AD")
else:
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"AD")
self.master.quit()
def check1(self): def check1(self):
self.var2.set(0) self.var2.set(0)

View file

@ -221,6 +221,7 @@ class ExecutionManager(object):
def execute_policy(self, arg): def execute_policy(self, arg):
try: try:
j = json.loads(str(arg)) j = json.loads(str(arg))
self.policy_executed[j['username']] = True
for i in range(len(j['executePolicyList'])): for i in range(len(j['executePolicyList'])):
policy = self.json_to_PolicyBean(json.loads(json.dumps(j['executePolicyList'][i]))) policy = self.json_to_PolicyBean(json.loads(json.dumps(j['executePolicyList'][i])))
self.logger.debug('Updating policies...') self.logger.debug('Updating policies...')
@ -240,7 +241,6 @@ class ExecutionManager(object):
self.db_service.delete('policy', 'type = \'U\' and name = \'' + policy.get_username() + '\'' + self.db_service.delete('policy', 'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id())) 'and policy_id = ' + str(policy.get_policy_id()))
else: else:
self.policy_executed[policy.get_username()] = True
machine_uid = self.db_service.select_one_result('registration', 'jid', 'registered=1') machine_uid = self.db_service.select_one_result('registration', 'jid', 'registered=1')
user_policy_version = self.db_service.select_one_result('policy', 'version', user_policy_version = self.db_service.select_one_result('policy', 'version',
'type = \'U\' and name = \'' + policy.get_username() + '\'' + 'type = \'U\' and name = \'' + policy.get_username() + '\'' +

View file

@ -72,6 +72,11 @@ class Messaging(object):
data['ipAddresses'] = str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', '') data['ipAddresses'] = str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', '')
data['timestamp'] = Util.timestamp() data['timestamp'] = Util.timestamp()
data['userIp'] = ip data['userIp'] = ip
data['osVersion'] = System.Os.version()
data['diskTotal'] = System.Hardware.Disk.total()
data['diskUsed'] = System.Hardware.Disk.used()
data['diskFree'] = System.Hardware.Disk.free()
data['memory'] = System.Hardware.Memory.total()
data['hostname'] = str(System.Os.hostname()) data['hostname'] = str(System.Os.hostname())
self.logger.debug('USER IP : '+ str(ip)+ ' IPADDRESSES : '+ str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', '')) self.logger.debug('USER IP : '+ str(ip)+ ' IPADDRESSES : '+ str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', ''))

View file

@ -50,6 +50,7 @@ class Messenger(ClientXMPP):
self.register_extensions() self.register_extensions()
self.add_listeners() self.add_listeners()
self.roster.auto_subscribe = True
def register_extensions(self): def register_extensions(self):
try: try:

View file

@ -15,10 +15,6 @@ class ExecuteCancelSSSDAdAuthentication:
def cancel(self): def cancel(self):
try: try:
# Deleting packages require for AD entegration
self.util.execute(
"apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
self.util.execute("apt autoremove -y")
# Read information about AD # Read information about AD
if self.util.is_exist(self.ad_info_path): if self.util.is_exist(self.ad_info_path):
@ -31,11 +27,12 @@ class ExecuteCancelSSSDAdAuthentication:
else: else:
self.logger.error("ad_info file not found") self.logger.error("ad_info file not found")
if self.util.is_exist("/etc/sssd"): # Leave old domain
# self.util.delete_folder("/etc/sssd") (result_code, p_out, p_err) = self.util.execute("realm leave ")
self.logger.info("SSSD is deleted") if (result_code == 0):
self.logger.info("Realm Leave komutu başarılı")
else: else:
self.logger.info("SSSD is not exist") self.logger.error("Realm Leave komutu başarısız : " + str(p_err))
# Re-Configure dhclient.conf deleting AD IP address # Re-Configure dhclient.conf deleting AD IP address
dhclient_conf_path = "/etc/dhcp/dhclient.conf" dhclient_conf_path = "/etc/dhcp/dhclient.conf"
@ -54,6 +51,7 @@ class ExecuteCancelSSSDAdAuthentication:
file_dhclient.write(file_data) file_dhclient.write(file_data)
file_dhclient.close() file_dhclient.close()
# Configure hosts for deleting AD "IP address" and "AD hostname" # Configure hosts for deleting AD "IP address" and "AD hostname"
hosts_conf_path = "/etc/hosts" hosts_conf_path = "/etc/hosts"
file_hosts = open(hosts_conf_path, 'r') file_hosts = open(hosts_conf_path, 'r')

View file

@ -13,6 +13,21 @@ class ExecuteSSSDAdAuthentication:
def authenticate(self, domain_name, host_name, ip_address, password, ad_username): def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
try: try:
# Installation of required packages
(result_code, p_out, p_err) = self.util.execute(
"sudo apt-get -y install realmd")
if (result_code == 0):
self.logger.info("İndirmeler Başarılı")
else:
self.logger.error("İndirmeler Başarısız : " + str(p_err))
# Execute the commands that require for leave
(result_code, p_out, p_err) = self.util.execute("realm leave")
if (result_code == 0):
self.logger.info("Realm Leave komutu başarılı")
else:
self.logger.error("Realm Leave komutu başarısız : " + str(p_err))
# Create and Configure ad_info file # Create and Configure ad_info file
(result_code, p_out, p_err) = self.util.execute("touch /etc/ahenk/ad_info") (result_code, p_out, p_err) = self.util.execute("touch /etc/ahenk/ad_info")
if (result_code == 0): if (result_code == 0):
@ -102,7 +117,7 @@ class ExecuteSSSDAdAuthentication:
self.logger.error("Script başarısız oldu : " + str(p_err)) self.logger.error("Script başarısız oldu : " + str(p_err))
# Installation of required packages # Installation of required packages
(result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs") (result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install sssd sssd-tools adcli packagekit samba-common-bin samba-libs")
if (result_code == 0): if (result_code == 0):
self.logger.info("İndirmeler Başarılı") self.logger.info("İndirmeler Başarılı")
else: else:

View file

@ -50,7 +50,7 @@ class Registration:
else: else:
self.register(True) self.register(True)
def registration_request(self, hostname,username,password,directoryserver): def registration_request(self, hostname,username,password):
self.logger.debug('Requesting registration') self.logger.debug('Requesting registration')
# SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None)) # SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None))
@ -60,7 +60,7 @@ class Registration:
self.host = hostname self.host = hostname
self.user_name = username self.user_name = username
self.user_password= password self.user_password= password
self.directory_server = directoryserver # self.directory_server = directoryserver
self.showUserNotify = False; self.showUserNotify = False;
if(username is None and password is None and self.host is None ): if(username is None and password is None and self.host is None ):
@ -79,12 +79,12 @@ class Registration:
self.host = user_registration_info[0] self.host = user_registration_info[0]
self.user_name = user_registration_info[1] self.user_name = user_registration_info[1]
self.user_password = user_registration_info[2] self.user_password = user_registration_info[2]
self.directory_server = user_registration_info[3] # self.directory_server = user_registration_info[3]
else: else:
self.user_name = user_registration_info[0] self.user_name = user_registration_info[0]
self.user_password = user_registration_info[1] self.user_password = user_registration_info[1]
self.directory_server = user_registration_info[2] # self.directory_server = user_registration_info[2]
#anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(user_name,user_password), self.host,self.servicename) #anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(user_name,user_password), self.host,self.servicename)
#anon_messenger.connect_to_server() #anon_messenger.connect_to_server()
@ -99,9 +99,10 @@ class Registration:
self.messenger.send_Direct_message(self.message_manager.ldap_registration_msg()) self.messenger.send_Direct_message(self.message_manager.ldap_registration_msg())
def registration_success(self, reg_reply): def registration_success(self, reg_reply):
try: try:
self.local_user_disable = reg_reply['disableLocalUser'] self.local_user_disable = reg_reply['disableLocalUser']
self.directory_server = reg_reply['directoryServer']
if self.local_user_disable is True: if self.local_user_disable is True:
self.conf_manager.set('MACHINE', 'user_disabled', 'true') self.conf_manager.set('MACHINE', 'user_disabled', 'true')
else: else:
@ -154,19 +155,15 @@ class Registration:
new_line = stripped_line.replace("# disable-user-list=true", "disable-user-list=true") new_line = stripped_line.replace("# disable-user-list=true", "disable-user-list=true")
new_file_content += new_line + "\n" new_file_content += new_line + "\n"
reading_file.close() reading_file.close()
writing_file = open(pardus_gnome_path, "w") writing_file = open(pardus_gnome_path, "w")
writing_file.write(new_file_content) writing_file.write(new_file_content)
writing_file.close() writing_file.close()
self.logger.info("gdm.conf has been configured.") self.logger.info("gdm.conf has been configured.")
# LDAP registration # LDAP registration
if self.directory_server == "LDAP": if self.directory_server == "LDAP":
self.install_and_config_ldap(reg_reply) self.install_and_config_ldap(reg_reply)
# AD registration # AD registration
else: elif self.directory_server == "ACTIVE_DIRECTORY":
self.install_and_config_ad(reg_reply) self.install_and_config_ad(reg_reply)
except Exception as e: except Exception as e:
@ -333,24 +330,26 @@ class Registration:
Util.show_message(os.getlogin(),':0',"Lider MYS sistemine ulaşılamadı. Lütfen sunucu adresini kontrol ediniz....","HATA") Util.show_message(os.getlogin(),':0',"Lider MYS sistemine ulaşılamadı. Lütfen sunucu adresini kontrol ediniz....","HATA")
System.Process.kill_by_pid(int(System.Ahenk.get_pid_number())) System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))
def purge_and_unregister(self): def purge_and_unregister(self,directory_type):
try: try:
self.logger.info('Ahenk conf cleaned')
self.logger.info('Ahenk conf cleaning from db') self.logger.info('Ahenk conf cleaning from db')
self.unregister() self.unregister()
self.logger.info('Ahenk conf cleaned from db')
directory_type = "LDAP" #directory_type = "LDAP"
if self.util.is_exist("/etc/ahenk/ad_info"): #if self.util.is_exist("/etc/ahenk/ad_info"):
directory_type = "AD" # directory_type = "AD"
if directory_type == "LDAP":
self.ldap_login_cancel.cancel()
else:
self.ad_login_cancel.cancel()
self.logger.info('Cleaning ahenk conf..') self.logger.info('Cleaning ahenk conf..')
self.clean() self.clean()
self.logger.info('Ahenk conf cleaned from db') self.logger.info('Ahenk conf cleaned')
if directory_type == "LDAP":
self.logger.info('Ahenk cleaning LDAP config')
self.ldap_login_cancel.cancel()
self.logger.info('Ahenk cleaned LDAP config')
elif directory_type =="ACTIVE_DIRECTORY":
self.logger.info('Ahenk cleaning ACTIVE_DIRECTORY config')
self.ad_login_cancel.cancel()
self.logger.info('Ahenk cleaned ACTIVE_DIRECTORY config')
if self.conf_manager.has_section('MACHINE'): if self.conf_manager.has_section('MACHINE'):
user_disabled = self.conf_manager.get("MACHINE", "user_disabled") user_disabled = self.conf_manager.get("MACHINE", "user_disabled")
@ -362,12 +361,16 @@ class Registration:
self.logger.info('Local users already enabled') self.logger.info('Local users already enabled')
# İf desktop env is XFCE configured lightdm.service # İf desktop env is XFCE configured lightdm.service
if self.util.get_desktop_env() == "xfce": if self.util.get_desktop_env() == "xfce":
self.logger.info('XFCE conf file deleting')
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf" pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path): if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.") self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path) self.util.delete_file(pardus_xfce_path)
self.logger.info('XFCE conf file deleted')
if self.util.get_desktop_env() == "gnome": if self.util.get_desktop_env() == "gnome":
self.logger.info('GNOME conf file deleting')
pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults" pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults"
if not self.util.is_exist(pardus_gnome_path): if not self.util.is_exist(pardus_gnome_path):
self.logger.info("Gnome conf doesn't exist") self.logger.info("Gnome conf doesn't exist")
@ -386,7 +389,7 @@ class Registration:
writing_file.write(new_file_content) writing_file.write(new_file_content)
writing_file.close() writing_file.close()
self.logger.info("gdm.conf has been configured.") self.logger.info("gdm.conf has been configured.")
self.logger.info('GNOME conf file deleted')
Util.shutdown() Util.shutdown()
except Exception as e: except Exception as e:
self.logger.error("Error while running purge_and_unregister process.. Error Message " + str(e)) self.logger.error("Error while running purge_and_unregister process.. Error Message " + str(e))

View file

@ -1,91 +0,0 @@
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# Author: Hasan Kara <h.kara27@gmail.com>
from base.scope import Scope
from base.util.util import Util
import re
class ExecuteCancelSSSDAuthentication:
def __init__(self):
scope = Scope().get_instance()
self.logger = scope.get_logger()
self.util = Util()
def cancel(self):
self.util.execute("apt purge libpam-sss sssd-common -y")
self.util.execute("apt autoremove -y")
if self.util.is_exist("/etc/sssd"):
self.util.delete_folder("/etc/sssd")
# pattern for clearing file data from spaces, tabs and newlines
pattern = re.compile(r'\s+')
# Configure nsswitch.conf
file_ns_switch = open("/etc/nsswitch.conf", 'r')
file_data = file_ns_switch.read()
# cleared file data from spaces, tabs and newlines
text = pattern.sub('', file_data)
did_configuration_change = False
if "passwd:compatsss" in text:
file_data = file_data.replace("passwd: compat sss", "passwd: compat")
did_configuration_change = True
if "group:compatsss" in text:
file_data = file_data.replace("group: compat sss", "group: compat")
did_configuration_change = True
if "shadow:compatsss" in text:
file_data = file_data.replace("shadow: compat sss", "shadow: compat")
did_configuration_change = True
if "services:dbfilessss" in text:
file_data = file_data.replace("services: db files sss", "services: db files")
did_configuration_change = True
if "netgroup:nissss" in text:
file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
did_configuration_change = True
if "sudoers:filessss" in text:
file_data = file_data.replace("sudoers: files sss", "")
did_configuration_change = True
if did_configuration_change:
self.logger.info("nsswitch.conf configuration has been configured")
else:
self.logger.info("nsswitch.conf has already been configured")
file_ns_switch.close()
file_ns_switch = open("/etc/nsswitch.conf", 'w')
file_ns_switch.write(file_data)
file_ns_switch.close()
common_session_conf_path = "/etc/pam.d/common-session"
# configure common-session for creating home directories for ldap users
file_common_session = open(common_session_conf_path, 'r')
file_data = file_common_session.read()
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" in file_data:
file_data = file_data.replace("session optional pam_mkhomedir.so skel=/etc/skel umask=077", "")
self.logger.info("common-session is configured")
file_common_session.close()
file_common_session = open(common_session_conf_path, 'w')
file_common_session.write(file_data)
file_common_session.close()
# Configure lightdm.service
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.util.execute("systemctl restart nscd.service")
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")