Liderahenk/Ahenk
1
0
Fork 0
mirror of https://github.com/Pardus-LiderAhenk/ahenk synced 2024-11-13 03:23:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

cancel ad authentication module added

Browse source
This commit is contained in:
Tuncay ÇOLAK 2020-04-03 14:22:30 +03:00
parent d61f10469b
commit a70f3be796
3 changed files with 216 additions and 317 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

150
src/base/registration/execute_cancel_sssd_ad_authentication.py
View file

@ -6,53 +6,44 @@ from base.scope import Scope
from base.util.util import Util
import re
class ExecuteCancelSSSDAdAuthentication:
def __init__(self):
scope = Scope().get_instance()
self.logger = scope.get_logger()
self.util = Util()
self.ad_info_path = "/etc/ahenk/ad_info"
def cancel(self):
try:
# Deleting packages require for AD entegration
self.util.execute("apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
self.util.execute(
"apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
self.util.execute("apt autoremove -y")
# Read information about AD
if self.util.is_exist("/etc/ahenk/ad_info"):
file_data = open("/etc/ahenk/ad_info","r")
ip_address = (file_data.readline())
host_name = (file_data.readline())
file_data.close()
self.logger.info("ad_info dosyasından bilgiler başarılı bir şekilde alındı.")
if self.util.is_exist(self.ad_info_path):
file_data = self.util.read_file_by_line(self.ad_info_path)
self.ip_address = file_data[0].strip("\n")
self.host_name = file_data[1].strip("\n")
self.logger.info(self.ip_address)
self.logger.info(self.host_name)
self.logger.info("Information read successfully from ad_info.")
else:
self.logger.error("ad_info dosyasına ulaşılamadı ")
self.logger.error("ad_info file not found")
try:
if self.util.is_exist("/etc/sssd"):
self.util.delete_folder("/etc/sssd")
# self.util.delete_folder("/etc/sssd")
self.logger.info("SSSD is deleted")
else:
self.logger.info("SSSD is not exist")
except Exception as e:
self.logger.error("Error while running /etc/SSSD.. Error Message " + str(e))
# Re-Configure dhclient.conf deleting AD IP address
try:
dhclient_conf_path = "/etc/dhcp/dhclient.conf"
file_dhclient = open(dhclient_conf_path, 'r')
file_data = file_dhclient.read()
if "prepend domain-name-servers {};".format(ip_address) in file_data:
file_data = file_data.replace(("prepend domain-name-servers {};".format(ip_address)),
if "prepend domain-name-servers {};".format(self.ip_address) in file_data:
file_data = file_data.replace(("prepend domain-name-servers {};".format(self.ip_address)),
"#prepend domain-name-servers 127.0.0.1;")
self.logger.info("dhclient is reconfigured")
else:
@ -63,77 +54,13 @@ class ExecuteCancelSSSDAdAuthentication:
file_dhclient.write(file_data)
file_dhclient.close()
except Exception as e:
self.logger.error("Error while running /dhcp/dhclient.conf.. Error Message " + str(e))
# Pattern for clearing file data from spaces, tabs and newlines
# pattern = re.compile(r'\s+')
# # Re-Configure nsswitch.conf
# file_ns_switch = open("/etc/nsswitch.conf", 'r')
# file_data = file_ns_switch.read()
#
# # Cleared file data from spaces, tabs and newlines
# text = pattern.sub('', file_data)
# #BİR BİR BİR BAKKKKKKKKK
# did_configuration_change = False
# if "passwd:" in text:
# file_data = file_data.replace("passwd: files systemd sss", "passwd: compat")
# did_configuration_change = True
# self.logger.info("passwd:compatss BAŞARILI")
#
#
# if "group:" in text:
# file_data = file_data.replace("group: files systemd sss", "group: compat")
# did_configuration_change = True
# self.logger.info("group:compatss BAŞARILI")
#
#
#
# if "shadow:" in text:
# file_data = file_data.replace("shadow: files sss", "shadow: compat")
# did_configuration_change = True
# self.logger.info("shadow:compatss BAŞARILI")
#
#
# if "services:" in text:
# file_data = file_data.replace("services: db files sss", "services: db files")
# did_configuration_change = True
# self.logger.info("services:compatss BAŞARILI")
#
#
# if "netgroup:" in text:
# file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
# did_configuration_change = True
# self.logger.info("netgroup:nissss BAŞARILI")
#
#
# if "sudoers:" in text:
# file_data = file_data.replace("sudoers: files sss", " ")
# did_configuration_change = True
# self.logger.info("sudoers:filessss BAŞARILI")
#
#
# if did_configuration_change:
# self.logger.info("nsswitch.conf configuration has been configured")
# else:
# self.logger.info("nsswitch.conf has already been configured")
#
# file_ns_switch.close()
# file_ns_switch = open("/etc/nsswitch.conf", 'w')
# file_ns_switch.write(file_data)
# file_ns_switch.close()
# Configure hosts for deleting AD "IP address" and "AD hostname"
try:
hosts_conf_path = "/etc/hosts"
file_hosts = open(hosts_conf_path, 'r')
file_data = file_hosts.read()
if ("{0} {1}".format(ip_address, host_name)) in file_data:
file_data = file_data.replace(("{0} {1}".format(ip_address, host_name)), " ")
if ("{0} {1}".format(self.ip_address, self.host_name)) in file_data:
file_data = file_data.replace(("{0} {1}".format(self.ip_address, self.host_name)), " ")
self.logger.info("hosts is configured")
else:
self.logger.error("hosts is not configured")
@ -142,15 +69,8 @@ class ExecuteCancelSSSDAdAuthentication:
file_hosts.write(file_data)
file_hosts.close()
except Exception as e:
self.logger.error("Error while running /etc/hosts.. Error Message " + str(e))
# Configure common-session for deleting home directories for AD users
try:
common_session_conf_path = "/etc/pam.d/common-session"
file_common_session = open(common_session_conf_path, 'r')
file_data = file_common_session.read()
@ -165,18 +85,13 @@ class ExecuteCancelSSSDAdAuthentication:
file_common_session.write(file_data)
file_common_session.close()
except Exception as e:
self.logger.error("Error while running /etc/pam.d/common-session.. Error Message " + str(e))
# Configure resolv.conf for deleting AD IP address
resolv_conf_path = "/etc/resolv.conf"
file_resolv = open(resolv_conf_path, 'r')
file_data = file_resolv.read()
if ("nameserver {0}".format(ip_address)) in file_data:
file_data = file_data.replace(("nameserver {0}".format(ip_address)), "")
if ("nameserver {0}".format(self.ip_address)) in file_data:
file_data = file_data.replace(("nameserver {0}".format(self.ip_address)), "")
self.logger.info("resolv.conf is configured")
else:
self.logger.error("resolv is not configured")
@ -187,21 +102,11 @@ class ExecuteCancelSSSDAdAuthentication:
file_resolv.close()
# Deleting ad_info file
try:
if self.util.is_exist("/etc/ahenk/ad_info"):
(result_code, p_out, p_err) = self.util.execute("rm -rf /etc/ahenk/ad_info")
if (result_code == 0):
self.logger.info("ad_info Başarılı bir şekilde silindi")
if self.util.is_exist(self.ad_info_path):
self.util.delete_file(self.ad_info_path)
self.logger.info("Deleted ad_info file")
else:
self.logger.error("ad_info silinemedi : " + str(p_err))
else:
self.logger.error("ad_info dosyasına ulaşılamadı ")
except Exception as e:
self.logger.error("Error while running /ad_infoyu SİLERKEN.. Error Message " + str(e))
self.logger.error("ad_info file not found")
# Configure lightdm.service
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
@ -209,6 +114,13 @@ class ExecuteCancelSSSDAdAuthentication:
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.util.execute("systemctl restart nscd.service")
else:
self.logger.info("99-pardus-xfce.conf not found")
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")
self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.")
return True
except Exception as e:
self.logger.error(str(e))
self.logger.info("AD Login İptal etme işlemi esnasında hata oluştu.")
return False

21
src/base/registration/execute_sssd_ad_authentication.py
View file

@ -2,7 +2,6 @@
# -*- coding: utf-8 -*-
# Author: Agah Hulusi ÖZ <enghulusi@gmail.com>
from base.scope import Scope
from base.util.util import Util
@ -12,14 +11,8 @@ class ExecuteSSSDAdAuthentication:
self.logger = scope.get_logger()
self.util = Util()
# self.domain_name = "engerek.local"
# self.host_name = "liderahenk.engerek.local"
# self.ip_address = "172.16.103.28"
# self.password = "Pp123456"
def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
try:
# Create and Configure ad_info file
(result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info")
if (result_code == 0):
@ -62,7 +55,6 @@ class ExecuteSSSDAdAuthentication:
file_default_dhcp.write(file_data)
file_default_dhcp.close()
# Configure /etc/resolv.conf
resolve_conf_path = "/etc/resolv.conf"
resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r")
@ -87,7 +79,6 @@ class ExecuteSSSDAdAuthentication:
file_default_resolve.write(file_data)
file_default_resolve.close()
# Configure /etc/hosts
host_path = "/etc/hosts"
file_default_hosts = open(host_path, 'r')
@ -102,7 +93,6 @@ class ExecuteSSSDAdAuthentication:
file_default_hosts.write(file_data)
file_default_hosts.close()
# Execute the script that required for "samba-common" and "krb5"
(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name))
@ -118,7 +108,6 @@ class ExecuteSSSDAdAuthentication:
else:
self.logger.error("İndirmeler Başarısız : " + str(p_err))
# Configure pam.d/common-session
pamd_common_session_path = "/etc/pam.d/common-session"
file_default_pam = open(pamd_common_session_path, 'r')
@ -177,10 +166,6 @@ class ExecuteSSSDAdAuthentication:
file_sssd.write(file_data)
file_sssd.close()
# Arrangement of chmod as 600 for sssd.conf
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
if(result_code == 0):
@ -216,4 +201,8 @@ class ExecuteSSSDAdAuthentication:
self.logger.info("AD Login işlemi başarı ile sağlandı.")
return True
except Exception as e:
self.logger.error(str(e))
self.logger.info("AD Login işlemi esnasında hata oluştu.")
return False

2
src/plugins/ldap-login/execute_ad_login.py
View file

@ -32,8 +32,6 @@ class ADLogin(AbstractPlugin):
ad_port = self.data['ad_port']
disabled_local_user = self.data['disableLocalUser']
execution_result = self.ad_authentication.authenticate(domain_name, hostname, ip_address, admin_password, ad_username)
if execution_result is False:
self.context.create_response(code=self.message_code.TASK_ERROR.value,