synced to development branch

This commit is contained in:
Tuncay ÇOLAK 2020-06-24 12:31:50 +03:00
parent 4237ad9810
commit 74e00e8312
24 changed files with 427 additions and 256 deletions

View file

@ -289,6 +289,7 @@ usr/share/ahenk/plugins/login-manager/scripts/check.py
usr/share/ahenk/plugins/login-manager/scripts
usr/share/ahenk/plugins/login-manager/manage.py
usr/share/ahenk/plugins/login-manager/shutdown.py
usr/share/ahenk/plugins/login-manager/machine_restart.py
usr/share/ahenk/plugins/login-manager
usr/share/ahenk/plugins
usr/share/ahenk/api/service/ps_util.py

View file

@ -147,7 +147,7 @@ class AhenkDaemon(BaseDaemon):
def check_registration(self):
""" docstring"""
# max_attempt_number = int(System.Hardware.Network.interface_size()) * 3
max_attempt_number = 1
max_attempt_number = 4
# self.logger.debug()
# logger = Scope.getInstance().getLogger()
registration = Scope.get_instance().get_registration()
@ -158,12 +158,15 @@ class AhenkDaemon(BaseDaemon):
# if registration.registration_request() == False:
# self.registration_failed()
if registration.is_registered() is False:
while registration.is_registered() is False:
print("Registration attemp")
max_attempt_number -= 1
self.logger.debug('Ahenk is not registered. Attempting for registration')
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password)
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password,self.register_directory_server)
if max_attempt_number < 0:
self.logger.warning('Number of Attempting for registration is over')
Util.execute("/etc/init.d/ahenk stop")
break
#if max_attempt_number < 0:
# self.logger.warning('Number of Attempting for registration is over')
# self.registration_failed()
@ -240,10 +243,11 @@ class AhenkDaemon(BaseDaemon):
Util.create_file(System.Ahenk.fifo_file())
Util.set_permission(System.Ahenk.fifo_file(), '600')
def set_register_user(self, hostName, username, password):
def set_register_user(self, hostName, username, password,directoryServer):
self.register_hostname=hostName
self.register_user_name=username
self.register_user_password=password
self.register_directory_server = directoryServer
# if user_disabled is when ahenk service restarted TRUE disabled local users
def disable_local_users(self):
@ -349,7 +353,7 @@ if __name__ == '__main__':
ahenk_daemon = AhenkDaemon(System.Ahenk.pid_path())
try:
if len(sys.argv) == 2 and (sys.argv[1] in ('start', 'stop', 'restart', 'status')):
ahenk_daemon.set_register_user(None, None, None)
ahenk_daemon.set_register_user(None, None, None, None)
if sys.argv[1] == 'start':
if System.Ahenk.is_running() is True:
print('There is already running Ahenk service. It will be killed.[{0}]'.format(
@ -375,12 +379,13 @@ if __name__ == '__main__':
else:
print('Unknown command. Usage : %s start|stop|restart|status|clean' % sys.argv[0])
sys.exit(2)
elif len(sys.argv) > 2 and (sys.argv[1] in ('register')):
elif len(sys.argv) > 2 and (sys.argv[1] in ('start')):
params = sys.argv[1]
hostName = sys.argv[2]
userName = sys.argv[3]
password = sys.argv[4]
ahenk_daemon.set_register_user(hostName,userName,password)
directoryServer = sys.argv[5]
ahenk_daemon.set_register_user(hostName,userName,password,directoryServer)
ahenk_daemon.run()
else:

View file

@ -73,9 +73,13 @@ class Commander(object):
data['event'] = 'remove'
data['plugins'] = params[3]
elif len(params) > 1 and params[1] == 'unregister':
elif len(params) == 2 and params[1] == 'unregister':
data['event'] = params[1]
elif len(params) == 4 and params[1] == 'unregister':
data['event'] = params[1]
data['userName'] = params[2]
data['password'] = params[3]
elif len(params) > 5 and params[1] == 'send':
data['event'] = params[1]

View file

@ -181,12 +181,24 @@ class CommandRunner(object):
message = json.dumps(json_data['message'])
self.messenger.send_direct_message(message)
elif str(json_data['event']) == 'unregister':
elif str(json_data['event']) == 'unregister' and len(json_data)==1:
self.logger.info('Unregistering..')
self.execute_manager.set_unregister_credential_params(None, None)
unregister_message = self.message_manager.unregister_msg()
if unregister_message is not None:
self.messenger.send_direct_message(unregister_message)
elif str(json_data['event']) == 'unregister' and len(json_data)==3:
self.logger.info('Unregistering..')
usernameForCheck = json_data['userName']
passwordForCheck = json_data['password']
## send user credential info to execution manager for hide user notify when remote unregister
self.execute_manager.set_unregister_credential_params(usernameForCheck,usernameForCheck)
self.logger.info('Unregistering by username+'+str(usernameForCheck))
unregister_message = self.message_manager.unregister_msg(usernameForCheck,passwordForCheck)
if unregister_message is not None:
self.messenger.send_direct_message(unregister_message)
elif str(json_data['event']) == 'load':
plugin_name = str(json_data['plugins'])

View file

@ -32,11 +32,12 @@ class AhenkDbService(object):
'parameter_map BLOB', 'deleted INTEGER', 'plugin TEXT', 'cron_expr TEXT',
'file_server TEXT'])
self.check_and_create_table('policy',
['id INTEGER PRIMARY KEY AUTOINCREMENT', 'type TEXT', 'version TEXT', 'name TEXT',
'execution_id TEXT','expiration_date TEXT'])
['id INTEGER PRIMARY KEY AUTOINCREMENT', 'policy_id INTEGER',
'type TEXT', 'version TEXT', 'name TEXT',
'execution_id TEXT', 'expiration_date TEXT', 'assign_date TEXT'])
self.check_and_create_table('profile', ['id INTEGER', 'create_date TEXT', 'label TEXT', 'description TEXT',
'overridable INTEGER', 'active TEXT', 'deleted TEXT',
'profile_data TEXT', 'modify_date TEXT', 'plugin TEXT'])
'profile_data TEXT', 'modify_date TEXT', 'plugin TEXT', 'policy_id INTEGER'])
self.check_and_create_table('plugin',
['id INTEGER PRIMARY KEY AUTOINCREMENT', 'active TEXT', 'create_date TEXT',
'deleted TEXT', 'description TEXT', 'machine_oriented TEXT', 'modify_date TEXT',

View file

@ -1,9 +1,10 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
import os
import json
import time
import datetime
from base.file.file_transfer_manager import FileTransferManager
from base.model.enum.content_type import ContentType
from base.model.enum.message_code import MessageCode
@ -17,6 +18,7 @@ from base.scheduler.custom.schedule_job import ScheduleTaskJob
from base.scope import Scope
from base.system.system import System
from base.util.util import Util
from easygui import *
@ -173,7 +175,10 @@ class ExecutionManager(object):
def execute_default_policy(self, username):
self.logger.debug('Executing active policies for {0} user...'.format(username))
self.task_manager.addPolicy(self.get_active_policies(username))
policy_list = self.get_active_policies(username)
for i in range(len(policy_list)):
self.task_manager.addPolicy(policy_list[i])
def update_scheduled_task(self, arg):
self.logger.debug('Working on scheduled task ...')
@ -215,77 +220,48 @@ class ExecutionManager(object):
def execute_policy(self, arg):
try:
j = json.loads(str(arg))
for i in range(len(j['executePolicyList'])):
policy = self.json_to_PolicyBean(json.loads(json.dumps(j['executePolicyList'][i])))
self.logger.debug('Updating policies...')
policy = self.json_to_PolicyBean(json.loads(arg))
# policy is deleted or unassigned on server
# delete on ahenk db
if policy.get_is_deleted():
existing_policy_id = self.db_service.select('policy', ['id'],
'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id()))
existing_profile_list = self.db_service.select('profile',
['id', 'plugin', 'policy_id'],
' id=' + str(existing_policy_id[0][0]))
for profile in existing_profile_list:
self.db_service.delete('plugin', 'id=' + str(profile[1]))
self.db_service.delete('profile', 'id=' + str(existing_policy_id[0][0]))
self.db_service.delete('policy', 'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id()))
else:
self.policy_executed[policy.get_username()] = True
machine_uid = self.db_service.select_one_result('registration', 'jid', 'registered=1')
ahenk_policy_ver = self.db_service.select_one_result('policy', 'version', 'type = \'A\'')
user_policy_version = self.db_service.select_one_result('policy', 'version',
'type = \'U\' and name = \'' + policy.get_username() + '\'')
'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id()))
profile_columns = ['id', 'create_date', 'modify_date', 'label', 'description', 'overridable', 'active',
'deleted', 'profile_data', 'plugin']
'deleted', 'profile_data', 'policy_id', 'plugin']
plugin_columns = ['active', 'create_date', 'deleted', 'description', 'machine_oriented', 'modify_date',
'name',
'policy_plugin', 'user_oriented', 'version', 'task_plugin', 'x_based']
if policy.get_ahenk_policy_version() != ahenk_policy_ver:
ahenk_policy_id = self.db_service.select_one_result('policy', 'id', 'type = \'A\'')
if ahenk_policy_id is not None:
self.db_service.delete('profile', 'id=' + str(ahenk_policy_id))
self.db_service.delete('plugin', 'id=' + str(ahenk_policy_id))
self.db_service.update('policy', ['version', 'execution_id', 'expiration_date'],
[str(policy.get_ahenk_policy_version()), policy.agent_execution_id,
str(policy.agent_expiration_date)], 'type=\'A\'')
else:
self.db_service.update('policy', ['type', 'version', 'name', 'execution_id', 'expiration_date'],
['A', str(policy.get_ahenk_policy_version()), machine_uid,
policy.get_agent_execution_id(), policy.agent_expiration_date])
ahenk_policy_id = self.db_service.select_one_result('policy', 'id', 'type = \'A\'')
for profile in policy.get_ahenk_profiles():
plugin = profile.get_plugin()
plugin_args = [str(plugin.get_active()), str(plugin.get_create_date()), str(plugin.get_deleted()),
str(plugin.get_description()), str(plugin.get_machine_oriented()),
str(plugin.get_modify_date()), str(plugin.get_name()),
str(plugin.get_policy_plugin()),
str(plugin.get_user_oriented()), str(plugin.get_version()),
str(plugin.get_task_plugin()), str(plugin.get_x_based())]
plugin_id = self.db_service.update('plugin', plugin_columns, plugin_args)
profile_args = [str(ahenk_policy_id), str(profile.get_create_date()),
str(profile.get_modify_date()),
str(profile.get_label()), str(profile.get_description()),
str(profile.get_overridable()), str(profile.get_active()),
str(profile.get_deleted()),
str(profile.get_profile_data()), plugin_id]
self.db_service.update('profile', profile_columns, profile_args)
elif ahenk_policy_ver:
self.logger.debug('Already there is ahenk policy. Command Execution Id is updating')
self.db_service.update('policy', ['execution_id'], [policy.get_agent_execution_id()], 'type = \'A\'')
else:
self.logger.debug('There is no any Ahenk policy.')
if policy.get_user_policy_version() != user_policy_version:
# if user_policy_version is null that means this policy is not added to db
# add this policy to db
if user_policy_version is None:
self.db_service.update('policy', ['policy_id', 'type', 'version', 'name', 'execution_id', 'expiration_date', 'assign_date'],
[policy.get_policy_id(), 'U', str(policy.get_user_policy_version()),
policy.get_username(), policy.user_execution_id,
str(policy.user_expiration_date), str(policy.get_assign_date())])
user_policy_id = self.db_service.select_one_result('policy', 'id',
'type = \'U\' and name=\'' + policy.get_username() + '\'')
if user_policy_id is not None:
# TODO remove profiles' plugins
self.db_service.delete('profile', 'id=' + str(user_policy_id))
self.db_service.delete('plugin', 'id=' + str(user_policy_id))
self.db_service.update('policy', ['version', 'execution_id', 'expiration_date'],
[str(policy.get_user_policy_version()), policy.user_execution_id,
str(policy.user_expiration_date)],
'type=\'U\' and name=\'' + policy.get_username() + '\'')
else:
self.db_service.update('policy', ['type', 'version', 'name', 'execution_id', 'expiration_date'],
['U', str(policy.get_user_policy_version()), policy.get_username(),
policy.get_user_execution_id(), policy.user_expiration_date])
user_policy_id = self.db_service.select_one_result('policy', 'id',
'type = \'U\' and name=\'' + policy.get_username() + '\'')
'type = \'U\' and name=\'' + policy.get_username() + '\''
+ 'and policy_id = ' + str(policy.get_policy_id()))
for profile in policy.get_user_profiles():
plugin = profile.get_plugin()
@ -301,20 +277,64 @@ class ExecutionManager(object):
str(profile.get_label()), str(profile.get_description()),
str(profile.get_overridable()), str(profile.get_active()),
str(profile.get_deleted()),
str(profile.get_profile_data()), plugin_id]
str(profile.get_profile_data()), policy.get_policy_id(), plugin_id]
self.db_service.update('profile', profile_columns, profile_args)
elif user_policy_version:
self.logger.debug('Already there is user policy. . Command Execution Id is updating')
self.db_service.update('policy', ['execution_id'], [policy.get_user_execution_id()], 'type = \'U\'')
else:
self.logger.debug('There is no any user policy')
elif policy.get_user_policy_version() != user_policy_version:
# policy is in db but policy version is updated
# delete profiles and plugins of that policcy and then insert new profiles and plugins
existing_profile_list = self.db_service.select('profile',
['id', 'plugin', 'policy_id'],
' policy_id=\'' + str(policy.get_policy_id()) + '\'')
self.db_service.update('policy', ['version', 'execution_id', 'expiration_date', 'assign_date'],
[str(policy.get_user_policy_version()), policy.user_execution_id,
str(policy.user_expiration_date), str(policy.assign_date)],
'type=\'U\' and name=\'' + policy.get_username() + '\'' +
' and policy_id=\'' + str(policy.get_policy_id()) + '\'')
user_policy_id = self.db_service.select_one_result('policy', 'id',
'type = \'U\' and name=\'' + policy.get_username() + '\'' +
' and policy_id=\'' + str(policy.get_policy_id()) + '\'')
policy = self.get_active_policies(policy.get_username())
# update all profiles
for profile in existing_profile_list:
self.db_service.delete('profile', 'id=' + str(profile[0]))
self.db_service.delete('plugin', 'id=' + str(profile[1]))
# add new profile and policies
for profile in policy.get_user_profiles():
plugin = profile.get_plugin()
plugin_args = [str(plugin.get_active()), str(plugin.get_create_date()), str(plugin.get_deleted()),
str(plugin.get_description()), str(plugin.get_machine_oriented()),
str(plugin.get_modify_date()), str(plugin.get_name()),
str(plugin.get_policy_plugin()),
str(plugin.get_user_oriented()), str(plugin.get_version()),
str(plugin.get_task_plugin()), str(plugin.get_x_based())]
plugin_id = self.db_service.update('plugin', plugin_columns, plugin_args)
profile_args = [str(user_policy_id), str(profile.get_create_date()), str(profile.get_modify_date()),
str(profile.get_label()), str(profile.get_description()),
str(profile.get_overridable()), str(profile.get_active()),
str(profile.get_deleted()),
str(profile.get_profile_data()), policy.get_policy_id(), plugin_id]
self.db_service.update('profile', profile_columns, profile_args)
else:
existing_policy = self.db_service.select('policy', ['id', 'assign_date'],
'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id()))
self.db_service.update('policy', ['assign_date'], [str(policy.get_assign_date())]
, 'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id()))
policy_list = self.get_active_policies(j['username'])
# TODO check is null
self.task_manager.addPolicy(policy)
for i in range(len(policy_list)):
self.task_manager.addPolicy(policy_list[i])
except Exception as e:
self.logger.error('A problem occurred while executing policy. Erroe Message: {0}:'.format(str(e)))
self.logger.error('A problem occurred while executing policy. Error Message: {0}:'.format(str(e)))
def check_expiration(self, expiration):
current_timestamp = int(time.time()) * 1000
@ -329,8 +349,8 @@ class ExecutionManager(object):
try:
# TODO vt den gecerli son tarihi olani cek
user_policy = self.db_service.select('policy', ['id', 'version', 'name', 'expiration_date'],
' type=\'U\' and name=\'' + username + '\'')
user_policy_list = self.db_service.select('policy', ['id', 'version', 'name', 'policy_id', 'expiration_date'],
' type=\'U\' and name=\'' + username + '\' order by assign_date asc')
ahenk_policy = self.db_service.select('policy', ['id', 'version', 'expiration_date'], ' type=\'A\' ')
plugin_columns = ['id', 'active', 'create_date', 'deleted', 'description', 'machine_oriented',
@ -339,10 +359,13 @@ class ExecutionManager(object):
profile_columns = ['id', 'create_date', 'label', 'description', 'overridable', 'active', 'deleted',
'profile_data', 'modify_date', 'plugin']
policy = PolicyBean(username=username)
if len(user_policy) > 0 and self.check_expiration(user_policy[0][3]):
user_policy_version = user_policy[0][0]
policy_list = []
if len(user_policy_list) > 0:
for i in range(len(user_policy_list)):
policy = PolicyBean(username=username)
user_policy_version = user_policy_list[i][0]
policy_id = user_policy_list[i][3]
policy.set_user_policy_version(user_policy_version)
user_profiles = self.db_service.select('profile', profile_columns,
@ -360,31 +383,10 @@ class ExecutionManager(object):
arr_profiles.append(
ProfileBean(profile[0], profile[1], profile[2], profile[3], profile[4], profile[5],
profile[6],
profile[7], profile[8], plugin, policy.get_username()))
profile[7], profile[8], user_policy_list[i][3], plugin, policy.get_username()))
policy.set_user_profiles(arr_profiles)
if len(ahenk_policy) > 0 and self.check_expiration(ahenk_policy[0][2]):
ahenk_policy_version = ahenk_policy[0][0]
policy.set_ahenk_policy_version(ahenk_policy_version)
ahenk_profiles = self.db_service.select('profile', profile_columns,
' id=' + str(ahenk_policy_version) + ' ')
arr_profiles = []
if len(ahenk_profiles) > 0:
for profile in ahenk_profiles:
plu = self.db_service.select('plugin', plugin_columns, ' id=\'' + profile[9] + '\'')[0]
plugin = PluginBean(p_id=plu[0], active=plu[1], create_date=plu[2], deleted=plu[3],
description=plu[4], machine_oriented=plu[5], modify_date=plu[6],
name=plu[7],
policy_plugin=plu[8], user_oriented=plu[9], version=plu[10],
task_plugin=plu[11], x_based=plu[12])
arr_profiles.append(
ProfileBean(profile[0], profile[1], profile[2], profile[3], profile[4], profile[5],
profile[6],
profile[7], profile[8], plugin, policy.get_username()))
policy.set_ahenk_profiles(arr_profiles)
return policy
policy_list.append(policy)
return policy_list
except Exception as e:
self.logger.error('A problem occurred while getting active policies. Error Message : {0}'.format(str(e)))
@ -403,17 +405,27 @@ class ExecutionManager(object):
def unregister(self, msg):
j = json.loads(msg)
status = str(j['status']).lower()
user_name = self.db_service.select_one_result('session', 'username', " 1=1 order by id desc ")
display = self.db_service.select_one_result('session', 'display', " 1=1 order by id desc ")
# user_name = self.db_service.select_one_result('session', 'username', " 1=1 order by id desc ")
# display = self.db_service.select_one_result('session', 'display', " 1=1 order by id desc ")
if 'not_authorized' == str(status):
self.logger.info('Registration is failed. User not authorized')
Util.show_message(user_name,display,'Ahenk Lider MYS sisteminden çıkarmak için yetkili kullanıcı haklarına sahip olmanız gerekmektedir.',
self.logger.info('UnRegistration is failed. User not authorized')
if self.unregister_user_name is None:
user_name = os.getlogin()
display = Util.get_username_display()
Util.show_message(user_name, display,
'Ahenk Lider MYS sisteminden çıkarmak için yetkili kullanıcı haklarına sahip olmanız gerekmektedir.',
'Kullanıcı Yetkilendirme Hatası')
else:
if self.unregister_user_name is None:
user_name = os.getlogin()
display = Util.get_username_display()
Util.show_message(user_name, display, "Ahenk Lider MYS sisteminden çıkarılmıştır.", "")
if Util.show_message(user_name, display, "Değişikliklerin etkili olması için sistem yeniden başlatılacaktır. Lütfen bekleyiniz...", "") :
if Util.show_message(user_name, display,
"Değişikliklerin etkili olması için sistem yeniden başlatılacaktır. Lütfen bekleyiniz...",
""):
registration = Scope.get_instance().get_registration()
registration.purge_and_unregister()
else:
registration = Scope.get_instance().get_registration()
registration.purge_and_unregister()
@ -494,6 +506,7 @@ class ExecutionManager(object):
username = json_data['username']
ahenk_prof_json_arr = json_data['agentPolicyProfiles']
user_prof_json_arr = json_data['userPolicyProfiles']
policy_id = json_data['policyID']
ahenk_prof_arr = []
user_prof_arr = []
@ -508,7 +521,7 @@ class ExecutionManager(object):
task_plugin=plu['taskPlugin'], x_based=plu['xBased'])
ahenk_prof_arr.append(
ProfileBean(prof['id'], prof['createDate'], prof['label'], prof['description'], prof['overridable'],
prof['active'], prof['deleted'], json.dumps(prof['profileData']), prof['modifyDate'],
prof['active'], prof['deleted'], json.dumps(prof['profileData']), prof['modifyDate'], policy_id,
plugin, username))
if user_prof_json_arr is not None:
@ -522,16 +535,19 @@ class ExecutionManager(object):
task_plugin=plu['taskPlugin'], x_based=plu['xBased'])
user_prof_arr.append(
ProfileBean(prof['id'], prof['createDate'], prof['label'], prof['description'], prof['overridable'],
prof['active'], prof['deleted'], json.dumps(prof['profileData']), prof['modifyDate'],
prof['active'], prof['deleted'], json.dumps(prof['profileData']), prof['modifyDate'], policy_id,
plugin, username))
return PolicyBean(ahenk_policy_version=json_data['agentPolicyVersion'],
return PolicyBean(policy_id=json_data['policyID'],
ahenk_policy_version=json_data['agentPolicyVersion'],
user_policy_version=json_data['userPolicyVersion'], ahenk_profiles=ahenk_prof_arr,
user_profiles=user_prof_arr, timestamp=json_data['timestamp'], username=json_data['username'],
agent_execution_id=json_data['agentCommandExecutionId'],
user_execution_id=json_data['userCommandExecutionId'],
agent_expiration_date=json_data['agentPolicyExpirationDate'],
user_expiration_date=json_data['userPolicyExpirationDate'])
user_expiration_date=json_data['userPolicyExpirationDate'],
is_deleted=json_data['isDeleted'],
assign_date=json_data['assignDate'])
def login_response(self, msg):
jData = json.loads(msg)
@ -552,3 +568,7 @@ class ExecutionManager(object):
Util.delete_file(ahenk_policy_file)
Util.create_file(ahenk_policy_file)
Util.write_file(ahenk_policy_file, content)
def set_unregister_credential_params(self, user_name=None, passwd=None):
self.unregister_user_name=user_name
self.unregister_passwd=passwd

View file

@ -105,14 +105,15 @@ class AnonymousMessenger(ClientXMPP):
if 'not_authorized' == str(status):
self.logger.info('Registration is failed. User not authorized')
if self.registration.showUserNotify == True:
Util.show_message(os.getlogin(), ':0','Ahenk Lider MYS sistemine alınamadı !! Sadece yetkili kullanıcılar kayıt yapabilir.', 'Kullanıcı Yetkilendirme Hatası')
self.logger.debug('Disconnecting...')
self.disconnect()
elif 'already_exists' == str(status) or 'registered' == str(status) or 'registered_without_ldap' == str(status):
try:
self.logger.info('Registred from server. Registration process starting.')
self.event_manager.fireEvent('REGISTRATION_SUCCESS', j)
if self.registration.showUserNotify == True:
msg = str(self.host) + " Etki Alanına hoş geldiniz."
Util.show_message(os.getlogin(), ':0' ,msg, "UYARI")
msg = "Değişikliklerin etkili olması için sistem yeniden başlayacaktır. Sistem yeniden başlatılıyor...."
@ -124,17 +125,16 @@ class AnonymousMessenger(ClientXMPP):
#System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))
#sys.exit(2)
Util.shutdown();
except Exception as e:
self.logger.error('Error Message: {0}.'.format(str(e)))
if self.registration.showUserNotify == True:
Util.show_message(os.getlogin(), ':0',str(e))
self.logger.debug('Disconnecting...')
self.disconnect()
elif 'registration_error' == str(status):
self.logger.info('Registration is failed. New registration request will send')
#self.event_manager.fireEvent('REGISTRATION_ERROR', str(j))
if self.registration.showUserNotify == True:
Util.show_message(os.getlogin(), ':0','Ahenk Lider MYS sistemine alınamadı !! Kayıt esnasında hata oluştu. Lütfen sistem yöneticinize başvurunuz.',
'Sistem Hatası')
self.logger.debug('Disconnecting...')

View file

@ -105,6 +105,15 @@ class Messaging(object):
'type = \'U\' and name = \'' + username + '\'')
machine_policy_number = self.db_service.select_one_result('policy', 'version', 'type = \'A\'')
user_policy_list = self.db_service.select('policy', ['id', 'version', 'name', 'policy_id', 'assign_date'],
' type=\'U\' and name=\'' + username + '\'')
# to add policy_id and policy_version
user_policy_hash_list = dict()
if len(user_policy_list) > 0:
for i in range(len(user_policy_list)):
user_policy_hash_list[str(user_policy_list[i][3])] = [user_policy_list[i][1], user_policy_list[i][4]]
data['policyList'] = user_policy_hash_list
data['userPolicyVersion'] = user_policy_number
data['agentPolicyVersion'] = machine_policy_number
@ -155,30 +164,29 @@ class Messaging(object):
self.logger.debug('LDAP Registration message was created')
return json_data
def unregister_msg(self):
user_name = self.db_service.select_one_result('session', 'username')
display = self.db_service.select_one_result('session', 'display')
self.logger.debug('User : ' + str(user_name))
pout = Util.show_unregistration_message(user_name,display,
'Makineyi etki alanından çıkarmak için zorunlu alanları giriniz. Lütfen DEVAM EDEN İŞLEMLERİNİZİ sonlandırdığınıza emin olunuz !',
'ETKI ALANINDAN ÇIKARMA')
self.logger.debug('pout : ' + str(pout))
field_values = pout.split(' ')
user_registration_info = list(field_values)
def unregister_msg(self,usernameForCheck,passwordForCheck):
data = dict()
data['type'] = 'UNREGISTER'
data['from'] = str(self.conf_manager.get('CONNECTION', 'uid'))
data['password'] = str(self.conf_manager.get('CONNECTION', 'password'))
# unregistration from commandline..
if(usernameForCheck==None and passwordForCheck==None):
#user_name = self.db_service.select_one_result('session', 'username')
#display = self.db_service.select_one_result('session', 'display')
user_name = os.getlogin()
display = Util.get_username_display()
self.logger.debug('User : ' + str(user_name))
pout = Util.show_unregistration_message(user_name,display,
'Makineyi etki alanından çıkarmak için zorunlu alanları giriniz. Lütfen DEVAM EDEN İŞLEMLERİNİZİ sonlandırdığınıza emin olunuz !',
'ETKI ALANINDAN ÇIKARMA')
self.logger.debug('pout : ' + str(pout))
field_values = pout.split(' ')
user_registration_info = list(field_values)
data['userName'] = user_registration_info[0];
data['userPassword'] = user_registration_info[1];
else:
data['userName'] = usernameForCheck;
data['userPassword'] = passwordForCheck;
#data['macAddresses'] = str(self.conf_manager.get('REGISTRATION', 'macAddresses'))
#data['ipAddresses'] = str(self.conf_manager.get('REGISTRATION', 'ipAddresses'))

View file

@ -116,7 +116,6 @@ class Messenger(ClientXMPP):
self.logger.info("---------->Received message: {}".format(str(parameter_map)))
else:
self.logger.info('---------->Received message: {0}'.format(str(msg['body'])))
self.event_manger.fireEvent(message_type, str(msg['body']))
self.logger.debug('Fired event is: {0}'.format(message_type))
except Exception as e:

View file

@ -6,9 +6,10 @@
class PolicyBean(object):
"""docstring for PolicyBean"""
def __init__(self, ahenk_policy_version=None, user_policy_version=None, ahenk_profiles=None, user_profiles=None,
def __init__(self, policy_id=None, ahenk_policy_version=None, user_policy_version=None, ahenk_profiles=None, user_profiles=None,
timestamp=None, username=None, agent_execution_id=None, user_execution_id=None,
agent_expiration_date=None, user_expiration_date=None):
agent_expiration_date=None, user_expiration_date=None, is_deleted=None, assign_date=None):
self.policy_id = policy_id
self.ahenk_policy_version = ahenk_policy_version
self.user_policy_version = user_policy_version
self.ahenk_profiles = ahenk_profiles
@ -19,6 +20,14 @@ class PolicyBean(object):
self.user_execution_id = user_execution_id
self.agent_expiration_date = agent_expiration_date
self.user_expiration_date = user_expiration_date
self.is_deleted = is_deleted
self.assign_date = assign_date
def get_policy_id(self):
return self.policy_id
def set_policy_id(self, policy_id):
self.policy_id = policy_id
def get_ahenk_policy_version(self):
return self.ahenk_policy_version
@ -67,3 +76,15 @@ class PolicyBean(object):
def get_user_execution_id(self):
return self.user_execution_id
def set_is_deleted(self, is_deleted):
self.is_deleted = is_deleted
def get_is_deleted(self):
return self.is_deleted
def set_assign_date(self, assign_date):
self.assign_date = assign_date
def get_assign_date(self):
return self.assign_date

View file

@ -8,8 +8,7 @@ from base.model.plugin_bean import PluginBean
class ProfileBean(object):
"""docstring for Profile"""
def __init__(self, p_id=None, create_date=None, label=None, description=None, overridable=None, active=None, deleted=None, profile_data=None, modify_date=None, plugin=None, username=None):
def __init__(self, p_id=None, create_date=None, label=None, description=None, overridable=None, active=None, deleted=None, profile_data=None, modify_date=None, policy_id=None, plugin=None, username=None):
self.id = p_id
self.create_date = create_date
self.modify_date = modify_date
@ -19,6 +18,7 @@ class ProfileBean(object):
self.active = active
self.deleted = deleted
self.profile_data = profile_data
self.policy_id = policy_id
self.plugin = plugin
self.username = username
@ -47,7 +47,7 @@ class ProfileBean(object):
self.label = label
def get_description(self):
return self.modify_date
return self.description
def set_description(self, description):
self.description = description
@ -76,6 +76,12 @@ class ProfileBean(object):
def set_profile_data(self, profile_data):
self.profile_data = profile_data
def get_policy_id(self):
return self.policy_id
def set_policy_id(self, policy_id):
self.policy_id = policy_id
def get_plugin(self):
return self.plugin

View file

@ -202,7 +202,7 @@ class PluginManager(object):
for usr_profile in user_profiles:
if usr_profile.plugin.name == agent_profile.plugin.name:
same_plugin_profile = usr_profile
policy.get_user_policy_version()
if same_plugin_profile is not None:
if agent_profile.overridable.lower() == 'true':
self.logger.debug(

View file

@ -21,5 +21,5 @@ krb5_store_password_if_offline = True
default_shell = /bin/bash
ldap_id_mapping = True
use_fully_qualified_names = False
fallback_homedir = /home/%u@%d
fallback_homedir = /home/%u
access_provider = ad

View file

@ -108,14 +108,6 @@ class ExecuteCancelSSSDAdAuthentication:
else:
self.logger.error("ad_info file not found")
# Configure lightdm.service
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.util.execute("systemctl restart nscd.service")
else:
self.logger.info("99-pardus-xfce.conf not found")
self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.")
return True

View file

@ -14,7 +14,7 @@ class ExecuteSSSDAdAuthentication:
def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
try:
# Create and Configure ad_info file
(result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info")
(result_code, p_out, p_err) = self.util.execute("touch /etc/ahenk/ad_info")
if (result_code == 0):
self.logger.info("AD INFO başarılı bir şekilde oluşturuldu")
# Configure ad_info for deregisteration info

View file

@ -15,7 +15,7 @@ class ExecuteSSSDAuthentication:
def authenticate(self, server_address, dn, admin_dn, admin_password):
try:
ldap_pwdlockout_dn = "cn=DefaultPolicy,ou=PasswordPolicies" + "," + dn
ldap_pwdlockout_dn = "ou=PasswordPolicies" + "," + dn
# pattern for clearing file data from spaces, tabs and newlines
pattern = re.compile(r'\s+')
@ -48,7 +48,7 @@ class ExecuteSSSDAuthentication:
file_data = file_data.replace("###ldap_search_base###", "ldap_search_base = " + dn)
file_data = file_data.replace("###ldap_user_search_base###", "ldap_user_search_base = " + dn)
file_data = file_data.replace("###ldap_group_search_base###", "ldap_group_search_base = " + dn)
file_data = file_data.replace("###ldap_sudo_search_base###", "ldap_sudo_search_base = ou=Roles," + dn)
file_data = file_data.replace("###ldap_sudo_search_base###", "ldap_sudo_search_base = ou=Role,ou=Groups," + dn)
file_sssd.close()
file_sssd = open(sssd_config_file_path, 'w')
@ -58,10 +58,17 @@ class ExecuteSSSDAuthentication:
# Install libpam-sss sssd-common for sssd authentication
(result_code, p_out, p_err) = self.util.execute("sudo apt install libpam-sss sssd-common -y")
if result_code != 0:
self.logger.error("SSSD packages couldn't be downloaded.")
return False
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
if (result_code == 0):
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
else:
self.logger.error("Chmod komutu başarısız : " + str(p_err))
# configure common-session for creating home directories for ldap users
file_common_session = open(common_session_conf_path, 'r')
file_data = file_common_session.read()

View file

@ -50,7 +50,7 @@ class Registration:
else:
self.register(True)
def registration_request(self, hostname,username,password):
def registration_request(self, hostname,username,password,directoryserver):
self.logger.debug('Requesting registration')
# SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None))
@ -60,9 +60,11 @@ class Registration:
self.host = hostname
self.user_name = username
self.user_password= password
self.directory_server = directoryserver
self.showUserNotify = False;
if(username is None and password is None and self.host is None ):
self.showUserNotify = True;
self.host = self.conf_manager.get("CONNECTION", "host")
user_name= os.getlogin()
@ -138,6 +140,28 @@ class Registration:
file_lightdm.close()
self.logger.info("lightdm.conf has been configured.")
if self.desktop_env == "gnome":
pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults"
if not self.util.is_exist(pardus_gnome_path):
self.logger.info("Gnome conf doesn't exist")
else:
reading_file = open(pardus_gnome_path, "r")
new_file_content = ""
for line in reading_file:
stripped_line = line.strip()
new_line = stripped_line.replace("# disable-user-list=true", "disable-user-list=true")
new_file_content += new_line + "\n"
reading_file.close()
writing_file = open(pardus_gnome_path, "w")
writing_file.write(new_file_content)
writing_file.close()
self.logger.info("gdm.conf has been configured.")
# LDAP registration
if self.directory_server == "LDAP":
self.install_and_config_ldap(reg_reply)
@ -343,6 +367,26 @@ class Registration:
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
if self.util.get_desktop_env() == "gnome":
pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults"
if not self.util.is_exist(pardus_gnome_path):
self.logger.info("Gnome conf doesn't exist")
else:
reading_file = open(pardus_gnome_path, "r")
new_file_content = ""
for line in reading_file:
stripped_line = line.strip()
new_line = stripped_line.replace("disable-user-list=true", "# disable-user-list=true")
new_file_content += new_line + "\n"
reading_file.close()
writing_file = open(pardus_gnome_path, "w")
writing_file.write(new_file_content)
writing_file.close()
self.logger.info("gdm.conf has been configured.")
Util.shutdown()
except Exception as e:
self.logger.error("Error while running purge_and_unregister process.. Error Message " + str(e))
@ -448,6 +492,7 @@ class Registration:
config.set('CONNECTION', 'uid', '')
config.set('CONNECTION', 'password', '')
config.set('CONNECTION', 'host', '')
config.set('MACHINE', 'user_disabled', 'false')
with open(System.Ahenk.config_path(), 'w') as file:

View file

@ -462,3 +462,5 @@ class Util:
return desktop_env

View file

@ -23,21 +23,30 @@ class GetFileContent(AbstractPlugin):
if self.is_exist(file_path):
self.logger.info("File exists: " + file_path)
is_file_exists = True
# if the file size is less than 5K
file_size = self.get_size(file_path) / 1024
if file_size <= 5:
file_content = self.read_file(file_path)
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
message='Dosya içeriği başarıyla alındı..',
data=json.dumps({'file_exists': is_file_exists, 'file_content': file_content}),
content_type=self.get_content_type().APPLICATION_JSON.value)
else:
self.logger.error("File size is too large. File Size: {0}K ".format(str(file_size)))
self.context.create_response(code=self.message_code.TASK_ERROR.value,
message='Dosya içeriği getirilemedi. Dosya boyutu çok büyük.',
content_type=self.get_content_type().APPLICATION_JSON.value)
else:
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
message='Dosya bulunamadı..',
content_type=self.get_content_type().APPLICATION_JSON.value)
except Exception as e:
self.logger.error(str(e))
self.context.create_response(code=self.message_code.TASK_ERROR.value,
message='Dosya içeriği alınırken hata oluştu: {0}'.format(str(e)))
def handle_task(task, context):
plugin = GetFileContent(task, context)
plugin.handle_task()

View file

@ -30,7 +30,6 @@ class ADLogin(AbstractPlugin):
ad_username = self.data['ad_username']
admin_password = self.data['admin_password']
ad_port = self.data['ad_port']
disabled_local_user = self.data['disableLocalUser']
execution_result = self.ad_authentication.authenticate(domain_name, hostname, ip_address, admin_password, ad_username)
if execution_result is False:
@ -39,6 +38,8 @@ class ADLogin(AbstractPlugin):
content_type=self.get_content_type().APPLICATION_JSON.value)
else:
# if get disabled_local_user TRUE set user_disabled in ahenk.conf. disabled local users then client reboot
if self.has_attr_json(self.data, 'disableLocalUser') is True:
disabled_local_user = self.data['disableLocalUser']
self.config.read(self.ahenk_conf_path)
if disabled_local_user is True:
# self.registration.disable_local_users()

View file

@ -29,7 +29,14 @@ class LDAPLogin(AbstractPlugin):
# version = self.data['version']
admin_dn = self.data['admin-dn']
admin_password = self.data['admin-password']
disabled_local_user = self.data['disableLocalUser']
if admin_dn is None:
admin_dn = self.Ahenk.dn()
if admin_password is None:
self.config.read(self.ahenk_conf_path)
if self.config.has_section('CONNECTION'):
admin_password = self.config.get("CONNECTION", "password")
execution_result = self.sssd_authentication.authenticate(server_address, dn, admin_dn, admin_password)
if execution_result is False:
@ -38,6 +45,8 @@ class LDAPLogin(AbstractPlugin):
content_type=self.get_content_type().APPLICATION_JSON.value)
else:
# if get disabled_local_user TRUE set user_disabled in ahenk.conf. disabled local users then client reboot
if self.has_attr_json(self.data, 'disableLocalUser') is True:
disabled_local_user = self.data['disableLocalUser']
self.config.read(self.ahenk_conf_path)
if disabled_local_user is True:
# self.registration.disable_local_users()

View file

@ -0,0 +1,31 @@
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# Author:Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
## restart agents
from base.plugin.abstract_plugin import AbstractPlugin
class Restart(AbstractPlugin):
def __init__(self, task, context):
super(AbstractPlugin, self).__init__()
self.task = task
self.context = context
self.logger = self.get_logger()
self.message_code = self.get_message_code()
self.command_restart = 'reboot'
self.logger.debug('Parameters were initialized.')
def handle_task(self):
try:
result_code, p_out, p_err = self.execute(self.command_restart)
self.logger.info("restart agent success")
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
message='İstemci yeniden başarıyla başlatıldı. .')
except Exception as e:
self.logger.error('A problem occured while handling Login-Manager task: {0}'.format(str(e)))
self.context.create_response(code=self.message_code.TASK_ERROR.value,
message='İstemci yeniden başlatılırken bir hata oluştu.')
def handle_task(task, context):
manage = Restart(task, context)
manage.handle_task()

View file

@ -5,16 +5,14 @@
from base.plugin.abstract_plugin import AbstractPlugin
class LoginManager(AbstractPlugin):
class Shutdown(AbstractPlugin):
def __init__(self, task, context):
super(AbstractPlugin, self).__init__()
self.task = task
self.context = context
self.logger = self.get_logger()
self.message_code = self.get_message_code()
self.command_shutdown = 'shutdown -h now'
self.logger.debug('Parameters were initialized.')
def handle_task(self):
@ -29,5 +27,5 @@ class LoginManager(AbstractPlugin):
message='İstemci kapatılırken bir hata oluştu.')
def handle_task(task, context):
manage = LoginManager(task, context)
manage = Shutdown(task, context)
manage.handle_task()