disable user

This commit is contained in:
edip 2018-11-14 11:03:32 +03:00
parent a0035a3253
commit 774387867d
4 changed files with 40 additions and 19 deletions

View file

@ -25,4 +25,5 @@ get_policy_timeout = 30
[MACHINE] [MACHINE]
type = default type = default
agreement = 2 agreement = 2
user_disabled=1

View file

@ -9,6 +9,7 @@ import signal
import sys import sys
import threading import threading
import time import time
from glob import glob
from base.agreement.agreement import Agreement from base.agreement.agreement import Agreement
from base.command.command_manager import Commander from base.command.command_manager import Commander
@ -294,6 +295,23 @@ class AhenkDaemon(BaseDaemon):
self.is_registered() self.is_registered()
conf_manager= global_scope.get_configuration_manager()
if conf_manager.has_section('MACHINE'):
user_disabled = conf_manager.get("MACHINE", "user_disabled")
if user_disabled==0:
self.logger.info('local user disabling')
global_scope.get_registration().disable_local_users()
conf_manager.set('MACHINE', 'user_disabled', 1)
with open('/etc/ahenk/ahenk.conf', 'w') as configfile:
self.conf_manager.write(configfile)
self.logger.info('local user disabled')
else :
self.logger.info('users already disabled')
#self.logger.info('Ahenk was registered') #self.logger.info('Ahenk was registered')
self.messenger = self.init_messenger() self.messenger = self.init_messenger()

View file

@ -148,22 +148,3 @@ class AnonymousMessenger(ClientXMPP):
self.send_message(mto=self.receiver, mbody=msg, mtype='normal') self.send_message(mto=self.receiver, mbody=msg, mtype='normal')
def disable_local_users(self):
passwd_cmd = 'passwd -l {}'
change_home = 'usermod -m -d {0} {1}'
change_username = 'usermod -l {0} {1}'
content = Util.read_file('/etc/passwd')
kill_all_process = 'killall -KILL -u {}'
for p in pwd.getpwall():
self.logger.info("User: '{0}' will be disabled and changed username and home directory of username".format(p.pw_name))
if not sysx.shell_is_interactive(p.pw_shell):
continue
if p.pw_uid == 0:
continue
if p.pw_name in content:
new_home_dir = p.pw_dir.rstrip('/') + '-local/'
new_username = p.pw_name+'-local'
Util.execute(kill_all_process.format(p.pw_name))
Util.execute(passwd_cmd.format(p.pw_name))
Util.execute(change_username.format(new_username, p.pw_name))
Util.execute(change_home.format(new_home_dir, new_username))

View file

@ -489,3 +489,24 @@ class Registration:
self.util.execute(change_username.format(new_username, p.pw_name)) self.util.execute(change_username.format(new_username, p.pw_name))
self.util.execute(change_home.format(new_home_dir, new_username)) self.util.execute(change_home.format(new_home_dir, new_username))
self.logger.debug("User: '{0}' will be enabled and changed username and home directory of username".format(p.pw_name)) self.logger.debug("User: '{0}' will be enabled and changed username and home directory of username".format(p.pw_name))
def disable_local_users(self):
passwd_cmd = 'passwd -l {}'
change_home = 'usermod -m -d {0} {1}'
change_username = 'usermod -l {0} {1}'
content = Util.read_file('/etc/passwd')
kill_all_process = 'killall -KILL -u {}'
for p in pwd.getpwall():
self.logger.info("User: '{0}' will be disabled and changed username and home directory of username".format(p.pw_name))
if not sysx.shell_is_interactive(p.pw_shell):
continue
if p.pw_uid == 0:
continue
if p.pw_name in content:
new_home_dir = p.pw_dir.rstrip('/') + '-local/'
new_username = p.pw_name+'-local'
Util.execute(kill_all_process.format(p.pw_name))
Util.execute(passwd_cmd.format(p.pw_name))
Util.execute(change_username.format(new_username, p.pw_name))
Util.execute(change_home.format(new_home_dir, new_username))