From 774387867dd8888b0fb89ab01d4c9019c368f805 Mon Sep 17 00:00:00 2001 From: edip Date: Wed, 14 Nov 2018 11:03:32 +0300 Subject: [PATCH] disable user --- config/ahenk.conf | 1 + src/ahenkd.py | 18 ++++++++++++++++++ src/base/messaging/anonymous_messenger.py | 19 ------------------- src/base/registration/registration.py | 21 +++++++++++++++++++++ 4 files changed, 40 insertions(+), 19 deletions(-) diff --git a/config/ahenk.conf b/config/ahenk.conf index 5f85a72..88acfb9 100644 --- a/config/ahenk.conf +++ b/config/ahenk.conf @@ -25,4 +25,5 @@ get_policy_timeout = 30 [MACHINE] type = default agreement = 2 +user_disabled=1 diff --git a/src/ahenkd.py b/src/ahenkd.py index fb8d0a0..c13137d 100644 --- a/src/ahenkd.py +++ b/src/ahenkd.py @@ -9,6 +9,7 @@ import signal import sys import threading import time +from glob import glob from base.agreement.agreement import Agreement from base.command.command_manager import Commander @@ -294,6 +295,23 @@ class AhenkDaemon(BaseDaemon): self.is_registered() + conf_manager= global_scope.get_configuration_manager() + + if conf_manager.has_section('MACHINE'): + user_disabled = conf_manager.get("MACHINE", "user_disabled") + if user_disabled==0: + self.logger.info('local user disabling') + global_scope.get_registration().disable_local_users() + + conf_manager.set('MACHINE', 'user_disabled', 1) + + with open('/etc/ahenk/ahenk.conf', 'w') as configfile: + self.conf_manager.write(configfile) + self.logger.info('local user disabled') + else : + self.logger.info('users already disabled') + + #self.logger.info('Ahenk was registered') self.messenger = self.init_messenger() diff --git a/src/base/messaging/anonymous_messenger.py b/src/base/messaging/anonymous_messenger.py index af0c03f..d98e324 100644 --- a/src/base/messaging/anonymous_messenger.py +++ b/src/base/messaging/anonymous_messenger.py @@ -148,22 +148,3 @@ class AnonymousMessenger(ClientXMPP): self.send_message(mto=self.receiver, mbody=msg, mtype='normal') - def disable_local_users(self): - passwd_cmd = 'passwd -l {}' - change_home = 'usermod -m -d {0} {1}' - change_username = 'usermod -l {0} {1}' - content = Util.read_file('/etc/passwd') - kill_all_process = 'killall -KILL -u {}' - for p in pwd.getpwall(): - self.logger.info("User: '{0}' will be disabled and changed username and home directory of username".format(p.pw_name)) - if not sysx.shell_is_interactive(p.pw_shell): - continue - if p.pw_uid == 0: - continue - if p.pw_name in content: - new_home_dir = p.pw_dir.rstrip('/') + '-local/' - new_username = p.pw_name+'-local' - Util.execute(kill_all_process.format(p.pw_name)) - Util.execute(passwd_cmd.format(p.pw_name)) - Util.execute(change_username.format(new_username, p.pw_name)) - Util.execute(change_home.format(new_home_dir, new_username)) diff --git a/src/base/registration/registration.py b/src/base/registration/registration.py index b9d1555..4fe2ae9 100644 --- a/src/base/registration/registration.py +++ b/src/base/registration/registration.py @@ -489,3 +489,24 @@ class Registration: self.util.execute(change_username.format(new_username, p.pw_name)) self.util.execute(change_home.format(new_home_dir, new_username)) self.logger.debug("User: '{0}' will be enabled and changed username and home directory of username".format(p.pw_name)) + + + def disable_local_users(self): + passwd_cmd = 'passwd -l {}' + change_home = 'usermod -m -d {0} {1}' + change_username = 'usermod -l {0} {1}' + content = Util.read_file('/etc/passwd') + kill_all_process = 'killall -KILL -u {}' + for p in pwd.getpwall(): + self.logger.info("User: '{0}' will be disabled and changed username and home directory of username".format(p.pw_name)) + if not sysx.shell_is_interactive(p.pw_shell): + continue + if p.pw_uid == 0: + continue + if p.pw_name in content: + new_home_dir = p.pw_dir.rstrip('/') + '-local/' + new_username = p.pw_name+'-local' + Util.execute(kill_all_process.format(p.pw_name)) + Util.execute(passwd_cmd.format(p.pw_name)) + Util.execute(change_username.format(new_username, p.pw_name)) + Util.execute(change_home.format(new_home_dir, new_username))