mirror of
https://github.com/Pardus-LiderAhenk/ahenk
synced 2024-12-22 18:42:16 +03:00
added debian folder and updated src
This commit is contained in:
parent
251be4f047
commit
c316314924
276 changed files with 18159 additions and 262 deletions
|
@ -7,14 +7,14 @@ pluginfolderpath = /usr/share/ahenk/plugins/
|
|||
mainmodulename = main
|
||||
|
||||
[CONNECTION]
|
||||
uid =
|
||||
password =
|
||||
uid =
|
||||
password =
|
||||
host =
|
||||
port = 5222
|
||||
use_tls = false
|
||||
receiverjid = lider_sunucu
|
||||
receiverresource =
|
||||
servicename =
|
||||
servicename = im.liderahenk.org
|
||||
receivefileparam = /tmp/
|
||||
|
||||
[SESSION]
|
||||
|
@ -26,4 +26,3 @@ get_policy_timeout = 30
|
|||
type = default
|
||||
agreement = 2
|
||||
user_disabled = false
|
||||
|
||||
|
|
300
debian/ahenk.install
vendored
Normal file
300
debian/ahenk.install
vendored
Normal file
|
@ -0,0 +1,300 @@
|
|||
etc/logrotate.d/ahenk
|
||||
etc/logrotate.d
|
||||
etc/init.d/ahenk
|
||||
etc/init.d
|
||||
etc/ahenk/ahenk.conf
|
||||
etc/ahenk/log.conf
|
||||
etc/ahenk
|
||||
etc
|
||||
usr/share/libpam-script/pam_script_ses_open
|
||||
usr/share/libpam-script/pam_script_ses_close
|
||||
usr/share/libpam-script
|
||||
usr/share/ahenk/base/util/util.py
|
||||
usr/share/ahenk/base/util
|
||||
usr/share/ahenk/base/model/profile.py
|
||||
usr/share/ahenk/base/model/profile_bean.py
|
||||
usr/share/ahenk/base/model/task.py
|
||||
usr/share/ahenk/base/model/enum/message_type.py
|
||||
usr/share/ahenk/base/model/enum/content_type.py
|
||||
usr/share/ahenk/base/model/enum/__init__.py
|
||||
usr/share/ahenk/base/model/enum/message_code.py
|
||||
usr/share/ahenk/base/model/enum
|
||||
usr/share/ahenk/base/model/task_bean.py
|
||||
usr/share/ahenk/base/model/plugin.py
|
||||
usr/share/ahenk/base/model/__init__.py
|
||||
usr/share/ahenk/base/model/message_factory.py
|
||||
usr/share/ahenk/base/model/policy.py
|
||||
usr/share/ahenk/base/model/response.py
|
||||
usr/share/ahenk/base/model/modes/logout_mode.py
|
||||
usr/share/ahenk/base/model/modes/safe_mode.py
|
||||
usr/share/ahenk/base/model/modes/__init__.py
|
||||
usr/share/ahenk/base/model/modes/init_mode.py
|
||||
usr/share/ahenk/base/model/modes/shutdown_mode.py
|
||||
usr/share/ahenk/base/model/modes/login_mode.py
|
||||
usr/share/ahenk/base/model/modes
|
||||
usr/share/ahenk/base/model/plugin_bean.py
|
||||
usr/share/ahenk/base/model/policy_bean.py
|
||||
usr/share/ahenk/base/model
|
||||
usr/share/ahenk/base/timer/timer.py
|
||||
usr/share/ahenk/base/timer/setup_timer.py
|
||||
usr/share/ahenk/base/timer
|
||||
usr/share/ahenk/base/config/config_manager.py
|
||||
usr/share/ahenk/base/config/__init__.py
|
||||
usr/share/ahenk/base/config
|
||||
usr/share/ahenk/base/default_policy/config-files/xfce4-notifyd.xml
|
||||
usr/share/ahenk/base/default_policy/config-files
|
||||
usr/share/ahenk/base/default_policy/default_policy.py
|
||||
usr/share/ahenk/base/default_policy/__init__.py
|
||||
usr/share/ahenk/base/default_policy
|
||||
usr/share/ahenk/base/deamon/__init__.py
|
||||
usr/share/ahenk/base/deamon/base_daemon.py
|
||||
usr/share/ahenk/base/deamon
|
||||
usr/share/ahenk/base/mail/mail_manager.py
|
||||
usr/share/ahenk/base/mail
|
||||
usr/share/ahenk/base/messaging/__init__.py
|
||||
usr/share/ahenk/base/messaging/anonymous_messenger.py
|
||||
usr/share/ahenk/base/messaging/messaging.py
|
||||
usr/share/ahenk/base/messaging/message_response_queue.py
|
||||
usr/share/ahenk/base/messaging/messenger.py
|
||||
usr/share/ahenk/base/messaging
|
||||
usr/share/ahenk/base/task/task_in_queue.py
|
||||
usr/share/ahenk/base/task/__init__.py
|
||||
usr/share/ahenk/base/task/task_job.py
|
||||
usr/share/ahenk/base/task/task_manager.py
|
||||
usr/share/ahenk/base/task
|
||||
usr/share/ahenk/base/command/command_runner.py
|
||||
usr/share/ahenk/base/command/command_manager.py
|
||||
usr/share/ahenk/base/command/fifo.py
|
||||
usr/share/ahenk/base/command
|
||||
usr/share/ahenk/base/__init__.py
|
||||
usr/share/ahenk/base/event/event_base.py
|
||||
usr/share/ahenk/base/event/event_manager.py
|
||||
usr/share/ahenk/base/event
|
||||
usr/share/ahenk/base/agreement/confirm.py
|
||||
usr/share/ahenk/base/agreement/agreement.py
|
||||
usr/share/ahenk/base/agreement/ahenkmessage.py
|
||||
usr/share/ahenk/base/agreement/ask.py
|
||||
usr/share/ahenk/base/agreement/unregistrationmessage.py
|
||||
usr/share/ahenk/base/agreement
|
||||
usr/share/ahenk/base/plugin/abstract_plugin.py
|
||||
usr/share/ahenk/base/plugin/plugin_queue.py
|
||||
usr/share/ahenk/base/plugin/plugin_manager_factory.py
|
||||
usr/share/ahenk/base/plugin/plugin.py
|
||||
usr/share/ahenk/base/plugin/__init__.py
|
||||
usr/share/ahenk/base/plugin/plugin_manager.py
|
||||
usr/share/ahenk/base/plugin/file_handler.py
|
||||
usr/share/ahenk/base/plugin/plugin_install_listener.py
|
||||
usr/share/ahenk/base/plugin
|
||||
usr/share/ahenk/base/file/ssh_file_transfer.py
|
||||
usr/share/ahenk/base/file/http_file_transfer.py
|
||||
usr/share/ahenk/base/file/file_transfer_manager.py
|
||||
usr/share/ahenk/base/file
|
||||
usr/share/ahenk/base/scope.py
|
||||
usr/share/ahenk/base/execution/__init__.py
|
||||
usr/share/ahenk/base/execution/execution_manager.py
|
||||
usr/share/ahenk/base/execution
|
||||
usr/share/ahenk/base/database/ahenk_db_service.py
|
||||
usr/share/ahenk/base/database
|
||||
usr/share/ahenk/base/logger/__init__.py
|
||||
usr/share/ahenk/base/logger/ahenk_logger.py
|
||||
usr/share/ahenk/base/logger
|
||||
usr/share/ahenk/base/scheduler/scheduler_factory.py
|
||||
usr/share/ahenk/base/scheduler/base_scheduler.py
|
||||
usr/share/ahenk/base/scheduler/__init__.py
|
||||
usr/share/ahenk/base/scheduler/custom/schedule_job.py
|
||||
usr/share/ahenk/base/scheduler/custom/all_match.py
|
||||
usr/share/ahenk/base/scheduler/custom/__init__.py
|
||||
usr/share/ahenk/base/scheduler/custom/scheduledb.py
|
||||
usr/share/ahenk/base/scheduler/custom/custom_scheduler.py
|
||||
usr/share/ahenk/base/scheduler/custom
|
||||
usr/share/ahenk/base/scheduler
|
||||
usr/share/ahenk/base/registration/test.py
|
||||
usr/share/ahenk/base/registration/execute_cancel_sssd_ad_authentication.py
|
||||
usr/share/ahenk/base/registration/config-files/ldap
|
||||
usr/share/ahenk/base/registration/config-files/pam_script
|
||||
usr/share/ahenk/base/registration/config-files/krb5.conf
|
||||
usr/share/ahenk/base/registration/config-files/sssd_ad.conf
|
||||
usr/share/ahenk/base/registration/config-files/sssd.conf
|
||||
usr/share/ahenk/base/registration/config-files
|
||||
usr/share/ahenk/base/registration/execute_ldap_login.py
|
||||
usr/share/ahenk/base/registration/execute_sssd_authentication.py
|
||||
usr/share/ahenk/base/registration/__init__.py
|
||||
usr/share/ahenk/base/registration/execute_sssd_ad_authentication.py
|
||||
usr/share/ahenk/base/registration/registration.py
|
||||
usr/share/ahenk/base/registration/execute_cancel_ldap_login.py
|
||||
usr/share/ahenk/base/registration/scripts/ldap-login.sh
|
||||
usr/share/ahenk/base/registration/scripts/ad.sh
|
||||
usr/share/ahenk/base/registration/scripts
|
||||
usr/share/ahenk/base/registration/execute_cancel_sssd_authentication.py
|
||||
usr/share/ahenk/base/registration
|
||||
usr/share/ahenk/base/system/system.py
|
||||
usr/share/ahenk/base/system
|
||||
usr/share/ahenk/base
|
||||
usr/share/ahenk/__init__.py
|
||||
usr/share/ahenk/ahenkd.py
|
||||
usr/share/ahenk/helper/__init__.py
|
||||
usr/share/ahenk/helper/system.py
|
||||
usr/share/ahenk/helper
|
||||
usr/share/ahenk/plugins/network-manager/delete_network.py
|
||||
usr/share/ahenk/plugins/network-manager/delete_domain.py
|
||||
usr/share/ahenk/plugins/network-manager/allow_port.py
|
||||
usr/share/ahenk/plugins/network-manager/add_host.py
|
||||
usr/share/ahenk/plugins/network-manager/add_network.py
|
||||
usr/share/ahenk/plugins/network-manager/main.py
|
||||
usr/share/ahenk/plugins/network-manager/get_network_information.py
|
||||
usr/share/ahenk/plugins/network-manager/delete_dns.py
|
||||
usr/share/ahenk/plugins/network-manager/add_dns.py
|
||||
usr/share/ahenk/plugins/network-manager/block_port.py
|
||||
usr/share/ahenk/plugins/network-manager/delete_host.py
|
||||
usr/share/ahenk/plugins/network-manager/add_domain.py
|
||||
usr/share/ahenk/plugins/network-manager/change_hostname.py
|
||||
usr/share/ahenk/plugins/network-manager
|
||||
usr/share/ahenk/plugins/ldap/init.py
|
||||
usr/share/ahenk/plugins/ldap/safe.py
|
||||
usr/share/ahenk/plugins/ldap/login.py
|
||||
usr/share/ahenk/plugins/ldap/main.py
|
||||
usr/share/ahenk/plugins/ldap/move_agent.py
|
||||
usr/share/ahenk/plugins/ldap/delete_agent.py
|
||||
usr/share/ahenk/plugins/ldap/policy.py
|
||||
usr/share/ahenk/plugins/ldap/task_command_id.py
|
||||
usr/share/ahenk/plugins/ldap/rename_entry.py
|
||||
usr/share/ahenk/plugins/ldap/shutdown.py
|
||||
usr/share/ahenk/plugins/ldap/logout.py
|
||||
usr/share/ahenk/plugins/ldap
|
||||
usr/share/ahenk/plugins/service/service_management.py
|
||||
usr/share/ahenk/plugins/service/init.py
|
||||
usr/share/ahenk/plugins/service/service_list.py
|
||||
usr/share/ahenk/plugins/service/main.py
|
||||
usr/share/ahenk/plugins/service/get_services.py
|
||||
usr/share/ahenk/plugins/service
|
||||
usr/share/ahenk/plugins/resource-usage/main.py
|
||||
usr/share/ahenk/plugins/resource-usage/resource_info_alert.py
|
||||
usr/share/ahenk/plugins/resource-usage/send_mail.py
|
||||
usr/share/ahenk/plugins/resource-usage/resource_info_fetcher.py
|
||||
usr/share/ahenk/plugins/resource-usage/shutdown.py
|
||||
usr/share/ahenk/plugins/resource-usage
|
||||
usr/share/ahenk/plugins/sudoers/safe.py
|
||||
usr/share/ahenk/plugins/sudoers/main.py
|
||||
usr/share/ahenk/plugins/sudoers/policy.py
|
||||
usr/share/ahenk/plugins/sudoers
|
||||
usr/share/ahenk/plugins/rsyslog/main.py
|
||||
usr/share/ahenk/plugins/rsyslog/policy.py
|
||||
usr/share/ahenk/plugins/rsyslog
|
||||
usr/share/ahenk/plugins/disk-quota/init.py
|
||||
usr/share/ahenk/plugins/disk-quota/safe.py
|
||||
usr/share/ahenk/plugins/disk-quota/main.py
|
||||
usr/share/ahenk/plugins/disk-quota/policy.py
|
||||
usr/share/ahenk/plugins/disk-quota/get_quota.py
|
||||
usr/share/ahenk/plugins/disk-quota/line.py
|
||||
usr/share/ahenk/plugins/disk-quota/fstab.py
|
||||
usr/share/ahenk/plugins/disk-quota/api/disk_quota.py
|
||||
usr/share/ahenk/plugins/disk-quota/api/disk_quota_ltsp.py
|
||||
usr/share/ahenk/plugins/disk-quota/api
|
||||
usr/share/ahenk/plugins/disk-quota
|
||||
usr/share/ahenk/plugins/network-inventory/main.py
|
||||
usr/share/ahenk/plugins/network-inventory/multiple-file-transfer.py
|
||||
usr/share/ahenk/plugins/network-inventory/scannetwork.py
|
||||
usr/share/ahenk/plugins/network-inventory/installahenk.py
|
||||
usr/share/ahenk/plugins/network-inventory
|
||||
usr/share/ahenk/plugins/conky/main.py
|
||||
usr/share/ahenk/plugins/conky/policy.py
|
||||
usr/share/ahenk/plugins/conky/execute_conky.py
|
||||
usr/share/ahenk/plugins/conky/execute_xmessage.py
|
||||
usr/share/ahenk/plugins/conky/ask.py
|
||||
usr/share/ahenk/plugins/conky
|
||||
usr/share/ahenk/plugins/local-user/panelconf/xfce4-panel.xml
|
||||
usr/share/ahenk/plugins/local-user/panelconf
|
||||
usr/share/ahenk/plugins/local-user/init.py
|
||||
usr/share/ahenk/plugins/local-user/main.py
|
||||
usr/share/ahenk/plugins/local-user/delete_user.py
|
||||
usr/share/ahenk/plugins/local-user/get_groups.py
|
||||
usr/share/ahenk/plugins/local-user/add_user.py
|
||||
usr/share/ahenk/plugins/local-user/edit_user.py
|
||||
usr/share/ahenk/plugins/local-user/scripts/find_locked_users.sh
|
||||
usr/share/ahenk/plugins/local-user/scripts/remove_locked_users.sh
|
||||
usr/share/ahenk/plugins/local-user/scripts
|
||||
usr/share/ahenk/plugins/local-user/get_users.py
|
||||
usr/share/ahenk/plugins/local-user
|
||||
usr/share/ahenk/plugins/file-management/main.py
|
||||
usr/share/ahenk/plugins/file-management/write_to_file.py
|
||||
usr/share/ahenk/plugins/file-management/get_file_content.py
|
||||
usr/share/ahenk/plugins/file-management
|
||||
usr/share/ahenk/plugins/ldap-login/init.py
|
||||
usr/share/ahenk/plugins/ldap-login/main.py
|
||||
usr/share/ahenk/plugins/ldap-login/execute_ldap_login.py
|
||||
usr/share/ahenk/plugins/ldap-login/execute_cancel_ldap_login.py
|
||||
usr/share/ahenk/plugins/ldap-login/execute_ad_login.py
|
||||
usr/share/ahenk/plugins/ldap-login
|
||||
usr/share/ahenk/plugins/browser/main.py
|
||||
usr/share/ahenk/plugins/browser/policy.py
|
||||
usr/share/ahenk/plugins/browser
|
||||
usr/share/ahenk/plugins/usb/manage-usb.py
|
||||
usr/share/ahenk/plugins/usb/init.py
|
||||
usr/share/ahenk/plugins/usb/main.py
|
||||
usr/share/ahenk/plugins/usb/policy.py
|
||||
usr/share/ahenk/plugins/usb/scripts/ENABLED_webcam.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/DISABLED_usbhid.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/DISABLED_webcam.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/ENABLED_printer.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/ENABLED_usbhid.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/DISABLED_printer.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/ENABLED_usbstorage.sh
|
||||
usr/share/ahenk/plugins/usb/scripts/DISABLED_usbstorage.sh
|
||||
usr/share/ahenk/plugins/usb/scripts
|
||||
usr/share/ahenk/plugins/usb/logout.py
|
||||
usr/share/ahenk/plugins/usb
|
||||
usr/share/ahenk/plugins/remote-access/main.py
|
||||
usr/share/ahenk/plugins/remote-access/setup-vnc-server.py
|
||||
usr/share/ahenk/plugins/remote-access
|
||||
usr/share/ahenk/plugins/package-manager/init.py
|
||||
usr/share/ahenk/plugins/package-manager/get_execution_info.py
|
||||
usr/share/ahenk/plugins/package-manager/repositories.py
|
||||
usr/share/ahenk/plugins/package-manager/main.py
|
||||
usr/share/ahenk/plugins/package-manager/package_sources.py
|
||||
usr/share/ahenk/plugins/package-manager/show_package_archive.py
|
||||
usr/share/ahenk/plugins/package-manager/installed_packages.py
|
||||
usr/share/ahenk/plugins/package-manager/package_management.py
|
||||
usr/share/ahenk/plugins/package-manager/package_archive.py
|
||||
usr/share/ahenk/plugins/package-manager/scripts/sourcelist.sh
|
||||
usr/share/ahenk/plugins/package-manager/scripts
|
||||
usr/share/ahenk/plugins/package-manager/check_package.py
|
||||
usr/share/ahenk/plugins/package-manager/packages.py
|
||||
usr/share/ahenk/plugins/package-manager
|
||||
usr/share/ahenk/plugins/user-privilege/init.py
|
||||
usr/share/ahenk/plugins/user-privilege/safe.py
|
||||
usr/share/ahenk/plugins/user-privilege/main.py
|
||||
usr/share/ahenk/plugins/user-privilege/policy.py
|
||||
usr/share/ahenk/plugins/user-privilege/shutdown.py
|
||||
usr/share/ahenk/plugins/user-privilege
|
||||
usr/share/ahenk/plugins/manage-root/init.py
|
||||
usr/share/ahenk/plugins/manage-root/safe.py
|
||||
usr/share/ahenk/plugins/manage-root/login.py
|
||||
usr/share/ahenk/plugins/manage-root/main.py
|
||||
usr/share/ahenk/plugins/manage-root/policy.py
|
||||
usr/share/ahenk/plugins/manage-root/shutdown.py
|
||||
usr/share/ahenk/plugins/manage-root/set_root_password.py
|
||||
usr/share/ahenk/plugins/manage-root/logout.py
|
||||
usr/share/ahenk/plugins/manage-root
|
||||
usr/share/ahenk/plugins/script/main.py
|
||||
usr/share/ahenk/plugins/script/policy.py
|
||||
usr/share/ahenk/plugins/script/execute_script.py
|
||||
usr/share/ahenk/plugins/script
|
||||
usr/share/ahenk/plugins/login-manager/init.py
|
||||
usr/share/ahenk/plugins/login-manager/safe.py
|
||||
usr/share/ahenk/plugins/login-manager/main.py
|
||||
usr/share/ahenk/plugins/login-manager/policy.py
|
||||
usr/share/ahenk/plugins/login-manager/machine_shutdown.py
|
||||
usr/share/ahenk/plugins/login-manager/scripts/cron.sh
|
||||
usr/share/ahenk/plugins/login-manager/scripts/check.py
|
||||
usr/share/ahenk/plugins/login-manager/scripts
|
||||
usr/share/ahenk/plugins/login-manager/manage.py
|
||||
usr/share/ahenk/plugins/login-manager/shutdown.py
|
||||
usr/share/ahenk/plugins/login-manager
|
||||
usr/share/ahenk/plugins
|
||||
usr/share/ahenk/api/service/ps_util.py
|
||||
usr/share/ahenk/api/service
|
||||
usr/share/ahenk/api
|
||||
usr/share/ahenk
|
||||
usr/share
|
||||
usr
|
||||
|
15
debian/ahenk.postinst
vendored
Normal file
15
debian/ahenk.postinst
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
#mkdir -p /usr/share/ahenk/plugins
|
||||
|
||||
# update ahenk from 1.0.0-6 to 1.0.0-7
|
||||
if [ ! -d /etc/ahenk ]; then
|
||||
|
||||
mkdir -p /etc/ahenk
|
||||
cp -rf /tmp/ahenk/* /etc/ahenk
|
||||
fi
|
||||
|
||||
systemctl enable ahenk
|
||||
systemctl start ahenk
|
15
debian/ahenk.postinst.debhelper
vendored
Normal file
15
debian/ahenk.postinst.debhelper
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
|
||||
# Automatically added by dh_python3:
|
||||
if which py3compile >/dev/null 2>&1; then
|
||||
py3compile -p ahenk /usr/share/ahenk -V 3.2-
|
||||
fi
|
||||
|
||||
# End automatically added section
|
||||
# Automatically added by dh_installinit
|
||||
if [ "$1" = "configure" ] || [ "$1" = "abort-upgrade" ]; then
|
||||
if [ -x "/etc/init.d/ahenk" ]; then
|
||||
update-rc.d ahenk defaults >/dev/null
|
||||
invoke-rc.d ahenk start || exit $?
|
||||
fi
|
||||
fi
|
||||
# End automatically added section
|
7
debian/ahenk.postrm
vendored
Normal file
7
debian/ahenk.postrm
vendored
Normal file
|
@ -0,0 +1,7 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
if [ -d /etc/ahenk ] && [ "$1" = "purge" ];then
|
||||
rm -rf /etc/ahenk
|
||||
fi
|
12
debian/ahenk.postrm.debhelper
vendored
Normal file
12
debian/ahenk.postrm.debhelper
vendored
Normal file
|
@ -0,0 +1,12 @@
|
|||
# Automatically added by dh_installinit
|
||||
if [ "$1" = "purge" ] ; then
|
||||
update-rc.d ahenk remove >/dev/null
|
||||
fi
|
||||
|
||||
|
||||
# In case this system is running systemd, we make systemd reload the unit files
|
||||
# to pick up changes.
|
||||
if [ -d /run/systemd/system ] ; then
|
||||
systemctl --system daemon-reload >/dev/null || true
|
||||
fi
|
||||
# End automatically added section
|
14
debian/ahenk.preinst
vendored
Normal file
14
debian/ahenk.preinst
vendored
Normal file
|
@ -0,0 +1,14 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
# Create necessary directories
|
||||
#update ahenk from 1.0.0-6 to 1.0.0-7
|
||||
if [ -d /etc/ahenk ]; then
|
||||
|
||||
cp -rf /etc/ahenk /tmp
|
||||
|
||||
else
|
||||
|
||||
mkdir -p /etc/ahenk
|
||||
fi
|
13
debian/ahenk.service
vendored
Normal file
13
debian/ahenk.service
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
[Unit]
|
||||
Description=Starts Ahenk at system startup
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
ExecStart=/usr/bin/python3 /usr/share/ahenk/ahenkd.py start
|
||||
ExecStop=/usr/bin/python3 /usr/share/ahenk/ahenkd.py stop
|
||||
PIDFile=/var/run/ahenkd.pid
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
45
debian/ahenk_init
vendored
Normal file
45
debian/ahenk_init
vendored
Normal file
|
@ -0,0 +1,45 @@
|
|||
#! /bin/bash
|
||||
### BEGIN INIT INFO
|
||||
# Provides: ahenk
|
||||
# Required-Start: $remote_fs $syslog $network
|
||||
# Required-Stop: $remote_fs $syslog $network
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: Manages ahenk service.
|
||||
# Description: Debian init script for the ahenk executables
|
||||
# scheduler
|
||||
### END INIT INFO
|
||||
#
|
||||
# Author: S Suleyman Arslan <sarslan@innova.com.tr>
|
||||
#
|
||||
|
||||
# Activate the python virtual environment
|
||||
# . /path_to_virtualenv/activate
|
||||
case "$1" in
|
||||
start)
|
||||
echo "Starting server"
|
||||
# Start the daemon
|
||||
#python $AHENKDPATH start
|
||||
systemctl start ahenk.service
|
||||
;;
|
||||
stop)
|
||||
echo "Stopping server"
|
||||
systemctl stop ahenk.service
|
||||
;;
|
||||
restart)
|
||||
echo "Restarting server"
|
||||
systemctl restart ahenk.service
|
||||
;;
|
||||
status)
|
||||
echo "Server Status"
|
||||
# Status of the daemon
|
||||
systemctl status ahenk.service
|
||||
;;
|
||||
*)
|
||||
# Refuse to do other stuff
|
||||
echo "Usage: /etc/init.d/ahenk.sh {start|stop|restart|status}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
188
debian/changelog
vendored
Normal file
188
debian/changelog
vendored
Normal file
|
@ -0,0 +1,188 @@
|
|||
ahenk (1.0.0-9) unstable; urgency=medium
|
||||
|
||||
* added debian folder
|
||||
* added debian folder
|
||||
* updated changelog file
|
||||
* added dep network-inventory plugin
|
||||
* updated changelog file
|
||||
* synced to development branch
|
||||
|
||||
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Tue, 15 Oct 2019 10:37:55 +0300
|
||||
|
||||
ahenk (1.0.0-8) unstable; urgency=medium
|
||||
|
||||
[ Gökhan Gurbetoğlu ]
|
||||
* Chronological order of roadmap
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* added method to delete local users after registration ahenk
|
||||
* added method to disabled local users after registration ahenk
|
||||
* registration with hostname
|
||||
|
||||
[ Cihangir Akturk ]
|
||||
* Use std library whenever possible
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* changed local user name and home directory name when registration agent
|
||||
* changed local user name and home directory name when registration agent
|
||||
* bugfix
|
||||
|
||||
[ Ömer ÇAKMAK ]
|
||||
* receiverjid and agreement default values changed
|
||||
|
||||
[ root ]
|
||||
* Method for getting device language and getting computer model for showing Ahenk informations on Lider Console are added to core.
|
||||
|
||||
[ hasankara ]
|
||||
* Method for getting device language and getting computer model for showing Ahenk informations on Lider Console are added to core.
|
||||
* tab is removed
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* killall process of local user
|
||||
|
||||
[ hasankara ]
|
||||
* Update registration.py
|
||||
* missing header locale is added to util.py
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* enabled local user when unregistration agent
|
||||
|
||||
[ edip ]
|
||||
* Ahenk Registration for user authorization..
|
||||
* registarition bugfix
|
||||
* register and unregister from user gui
|
||||
* register bugfix
|
||||
|
||||
[ Edip YILDIZ ]
|
||||
* Update util.py
|
||||
|
||||
[ edip ]
|
||||
* disable user change
|
||||
* disable user
|
||||
* disable user config set
|
||||
* bugfix
|
||||
* registration attemp
|
||||
* bugfix
|
||||
* sdf
|
||||
* bugfix
|
||||
* unregistariton message fixed
|
||||
* unregister bugfix
|
||||
* unregister message for user display
|
||||
* unregister show message fixed
|
||||
* lider messages changed
|
||||
* unregister
|
||||
* ldap config check user and server
|
||||
* registrtion db change user table for session
|
||||
* polkit issues
|
||||
* registration for cache
|
||||
* check message file
|
||||
* registration add util methods
|
||||
* adding config for cache
|
||||
* pam config change for agent id
|
||||
* pam ldap login and cancel operations are moved to registration module
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* script executable ldap-login.sh
|
||||
|
||||
[ edip ]
|
||||
* add user info for registiration process
|
||||
|
||||
[ Hasan Kara ]
|
||||
* SSSD config and installation python files are copied under registration
|
||||
|
||||
[ edip ]
|
||||
* registrarion for sssd
|
||||
|
||||
[ Hasan Kara ]
|
||||
* firefox autostart is added if profile is not created for user.
|
||||
|
||||
[ edip ]
|
||||
* change log
|
||||
|
||||
[ hasankara ]
|
||||
* sssd bug has been solved for clients which has language turkish
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* add user mode changed to 0700 in file /etc/adduser.conf
|
||||
* sssd configuraton for ldap login
|
||||
|
||||
[ Hasan Kara ]
|
||||
* sudo role refresh time is set to 1 sec
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* added polkit file
|
||||
|
||||
[ Hasan Kara ]
|
||||
* restarting sssd service is added to login method
|
||||
* sssd ldap full and smart refresh times has been edited
|
||||
* sssd ldap_sudo_search_base has been made dynamic
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* added default policy for users
|
||||
* added xfce4-notifyd.xml template file and set owner and group user's .config file
|
||||
* set display to messsages.py
|
||||
* set offline_credentials_expiration time and set display unregister ui
|
||||
* send display parameter to unregister_message
|
||||
* added get user display number methode
|
||||
* created autostart file for firefox, firefox-esr and iceweasel when user first login
|
||||
* root password removed from Receşved message
|
||||
* bugfix: get display number
|
||||
* bugfix: logging set on message type
|
||||
* added debian folder
|
||||
* added debian folder
|
||||
* updated changelog file
|
||||
* added dep network-inventory plugin
|
||||
* synced to development branch
|
||||
|
||||
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Tue, 15 Oct 2019 09:47:28 +0300
|
||||
|
||||
ahenk (1.0.0-7) unstable; urgency=medium
|
||||
|
||||
[ Ömer Çakmak ]
|
||||
* Add dependency python3-easygui
|
||||
* Changed to package installer dpkg
|
||||
* the agent conf file is deleted while the agent is purged
|
||||
* update agent from 1.0.0-6 to 1.0.0-7
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
|
||||
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Wed, 25 Apr 2018 16:05:13 +0300
|
||||
|
||||
ahenk (1.0.0-6) unstable; urgency=medium
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
* Add preinst script to fix uninstalled configs
|
||||
|
||||
[ Tuncay ÇOLAK ]
|
||||
|
||||
-- Tuncay ÇOLAK <tcolak@localhost.localdomain> Mon, 12 Feb 2018 11:07:33 +0300
|
||||
|
||||
ahenk (1.0.0-5) unstable; urgency=medium
|
||||
|
||||
* fix postins syntax
|
||||
|
||||
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Fri, 24 Nov 2017 10:33:23 +0300
|
||||
|
||||
ahenk (1.0.0-4) unstable; urgency=medium
|
||||
|
||||
* update postrm script
|
||||
|
||||
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Fri, 24 Nov 2017 10:21:56 +0300
|
||||
|
||||
ahenk (1.0.0-3) unstable; urgency=medium
|
||||
|
||||
* udpate control file and postins script for overriding pam script
|
||||
|
||||
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Fri, 24 Nov 2017 10:04:38 +0300
|
||||
|
||||
ahenk (1.0.0-2) unstable; urgency=medium
|
||||
|
||||
* Add postinstall and post remove script to take everything under control
|
||||
|
||||
-- Yunusemre Şentürk <yunusemre.senturk@pardus.org.tr> Wed, 22 Nov 2017 09:59:39 +0300
|
||||
|
||||
ahenk (1.0.0-1) onyedi; urgency=medium
|
||||
|
||||
* Initial release.
|
||||
|
||||
-- Yunusemre Şentürk <yunusemre.senturk@pardus.org.tr> Tue, 21 Nov 2017 15:06:11 +0300
|
1
debian/compat
vendored
Normal file
1
debian/compat
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
9
|
42
debian/control
vendored
Normal file
42
debian/control
vendored
Normal file
|
@ -0,0 +1,42 @@
|
|||
Source: ahenk
|
||||
Section: utils
|
||||
Priority: optional
|
||||
Maintainer: İsmail Başaran <ismail.basaran@tubitak.gov.tr>
|
||||
Uploaders: Yunusemre Şentürk <yunusemre.senturk@pardus.org.tr>
|
||||
Build-Depends: debhelper (>=9), dh-python, python3-all
|
||||
Standards-Version: 3.9.8
|
||||
Homepage: http://www.liderahenk.org.tr
|
||||
X-Python3-Version: >= 3.2
|
||||
|
||||
Package: ahenk
|
||||
Architecture: all
|
||||
Depends: ${misc:Depends},
|
||||
${python3:Depends},
|
||||
python3-cpuinfo,
|
||||
python3-netifaces,
|
||||
python3-paramiko,
|
||||
python3-psutil,
|
||||
python3-sleekxmpp,
|
||||
python3-watchdog,
|
||||
python3-easygui,
|
||||
libpam-script,
|
||||
acct,
|
||||
chkconfig,
|
||||
x11vnc,
|
||||
conky,
|
||||
conky-all,
|
||||
nmap,
|
||||
whois,
|
||||
cpulimit,
|
||||
policykit-1,
|
||||
sudo,
|
||||
rsyslog,
|
||||
rsyslog-relp,
|
||||
quota,
|
||||
quotatool,
|
||||
ahenk-register
|
||||
Replaces: libpam-runtime
|
||||
Description: The client side of the Lider Ahenk Project
|
||||
Lider Ahenk is an open source project which provides solutions
|
||||
to manage, monitor and audit unlimited number of different
|
||||
systems and users on a network.
|
28
debian/copyright
vendored
Normal file
28
debian/copyright
vendored
Normal file
|
@ -0,0 +1,28 @@
|
|||
Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Upstream-Name: ahenk
|
||||
Source: https://github.com/Pardus-LiderAhenk/ahenk
|
||||
|
||||
Files: *
|
||||
Copyright: 2017 İsmail Başaran <ismail.basaran@tubitak.gov.tr>
|
||||
License: GPL-3.0+
|
||||
|
||||
Files: debian/*
|
||||
Copyright: 2017 Yunusemre Şentürk <yunusemre.senturk@pardus.org.tr>
|
||||
License: GPL-3.0+
|
||||
|
||||
License: GPL-3.0+
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
.
|
||||
This package is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
.
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
.
|
||||
On Debian systems, the complete text of the GNU General
|
||||
Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
|
1
debian/debhelper-build-stamp
vendored
Normal file
1
debian/debhelper-build-stamp
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
ahenk
|
2
debian/files
vendored
Normal file
2
debian/files
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
ahenk_1.0.0-7.1_all.deb utils optional
|
||||
ahenk_1.0.0-7.1_amd64.buildinfo utils optional
|
19
debian/gbp.conf
vendored
Normal file
19
debian/gbp.conf
vendored
Normal file
|
@ -0,0 +1,19 @@
|
|||
# Configuration file for "gbp <command>"
|
||||
|
||||
[DEFAULT]
|
||||
# the default branch for upstream sources:
|
||||
upstream-branch = master
|
||||
# the default branch for the debian patch:
|
||||
debian-branch = debian
|
||||
# the default tag formats used:
|
||||
upstream-tag = %(version)s
|
||||
debian-tag = debian/%(version)s
|
||||
# don't check if debian-branch == current branch:
|
||||
ignore-branch = True
|
||||
# Use color when on a terminal, alternatives: on/true, off/false or auto
|
||||
color = auto
|
||||
|
||||
# Options only affecting gbp buildpackage
|
||||
[buildpackage]
|
||||
# Look for a tag matching the upstream version when creating a tarball
|
||||
upstream-tree = tag
|
0
debian/patches/series
vendored
Normal file
0
debian/patches/series
vendored
Normal file
6
debian/rules
vendored
Executable file
6
debian/rules
vendored
Executable file
|
@ -0,0 +1,6 @@
|
|||
#!/usr/bin/make -f
|
||||
# You must remove unused comment lines for the released package.
|
||||
#export DH_VERBOSE = 1
|
||||
|
||||
%:
|
||||
dh $@ --with python3
|
1
debian/source/format
vendored
Normal file
1
debian/source/format
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
3.0 (quilt)
|
2
debian/source/local-options
vendored
Normal file
2
debian/source/local-options
vendored
Normal file
|
@ -0,0 +1,2 @@
|
|||
#abort-on-upstream-changes
|
||||
#unapply-patches
|
1
debian/watch
vendored
Normal file
1
debian/watch
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
version=3
|
28
etc/ahenk/ahenk.conf
Normal file
28
etc/ahenk/ahenk.conf
Normal file
|
@ -0,0 +1,28 @@
|
|||
[BASE]
|
||||
logconfigurationfilepath = /etc/ahenk/log.conf
|
||||
dbpath = /etc/ahenk/ahenk.db
|
||||
|
||||
[PLUGIN]
|
||||
pluginfolderpath = /usr/share/ahenk/plugins/
|
||||
mainmodulename = main
|
||||
|
||||
[CONNECTION]
|
||||
uid =
|
||||
password =
|
||||
host =
|
||||
port = 5222
|
||||
use_tls = false
|
||||
receiverjid = lider_sunucu
|
||||
receiverresource = Smack
|
||||
servicename = im.liderahenk.org
|
||||
receivefileparam = /tmp/
|
||||
|
||||
[SESSION]
|
||||
agreement_timeout = 30
|
||||
registration_timeout = 30
|
||||
get_policy_timeout = 30
|
||||
|
||||
[MACHINE]
|
||||
type = default
|
||||
agreement = 2
|
||||
user_disabled = false
|
23
etc/ahenk/log.conf
Normal file
23
etc/ahenk/log.conf
Normal file
|
@ -0,0 +1,23 @@
|
|||
[formatters]
|
||||
keys=default
|
||||
|
||||
[formatter_default]
|
||||
format=format=%(asctime)s %(name)-12s %(levelname)-8s %(message)s
|
||||
class=logging.Formatter
|
||||
|
||||
[handlers]
|
||||
keys=file
|
||||
|
||||
[handler_file]
|
||||
class=logging.FileHandler
|
||||
level=DEBUG
|
||||
formatter=default
|
||||
args=("/var/log/ahenk.log", "w")
|
||||
|
||||
[loggers]
|
||||
keys=root
|
||||
|
||||
[logger_root]
|
||||
level=DEBUG
|
||||
formatter=default
|
||||
handlers=file
|
45
etc/init.d/ahenk
Normal file
45
etc/init.d/ahenk
Normal file
|
@ -0,0 +1,45 @@
|
|||
#! /bin/bash
|
||||
### BEGIN INIT INFO
|
||||
# Provides: ahenk
|
||||
# Required-Start: $remote_fs $syslog $network
|
||||
# Required-Stop: $remote_fs $syslog $network
|
||||
# Default-Start: 2 3 4 5
|
||||
# Default-Stop: 0 1 6
|
||||
# Short-Description: Manages ahenk service.
|
||||
# Description: Debian init script for the ahenk executables
|
||||
# scheduler
|
||||
### END INIT INFO
|
||||
#
|
||||
# Author: S Suleyman Arslan <sarslan@innova.com.tr>
|
||||
#
|
||||
|
||||
# Activate the python virtual environment
|
||||
# . /path_to_virtualenv/activate
|
||||
case "$1" in
|
||||
start)
|
||||
echo "Starting server"
|
||||
# Start the daemon
|
||||
#python $AHENKDPATH start
|
||||
systemctl start ahenk.service
|
||||
;;
|
||||
stop)
|
||||
echo "Stopping server"
|
||||
systemctl stop ahenk.service
|
||||
;;
|
||||
restart)
|
||||
echo "Restarting server"
|
||||
systemctl restart ahenk.service
|
||||
;;
|
||||
status)
|
||||
echo "Server Status"
|
||||
# Status of the daemon
|
||||
systemctl status ahenk.service
|
||||
;;
|
||||
*)
|
||||
# Refuse to do other stuff
|
||||
echo "Usage: /etc/init.d/ahenk.sh {start|stop|restart|status}"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
exit 0
|
11
etc/logrotate.d/ahenk
Normal file
11
etc/logrotate.d/ahenk
Normal file
|
@ -0,0 +1,11 @@
|
|||
/var/log/ahenk.log {
|
||||
weekly
|
||||
missingok
|
||||
notifempty
|
||||
rotate 5
|
||||
compress
|
||||
delaycompress
|
||||
copytruncate
|
||||
minsize 1000k
|
||||
create 0766 root root
|
||||
}
|
|
@ -159,10 +159,10 @@ class AhenkDaemon(BaseDaemon):
|
|||
# self.registration_failed()
|
||||
|
||||
if registration.is_registered() is False:
|
||||
print("Registation attemp")
|
||||
print("Registration attemp")
|
||||
max_attempt_number -= 1
|
||||
self.logger.debug('Ahenk is not registered. Attempting for registration')
|
||||
registration.registration_request()
|
||||
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password)
|
||||
|
||||
#if max_attempt_number < 0:
|
||||
# self.logger.warning('Number of Attempting for registration is over')
|
||||
|
@ -240,28 +240,33 @@ class AhenkDaemon(BaseDaemon):
|
|||
Util.create_file(System.Ahenk.fifo_file())
|
||||
Util.set_permission(System.Ahenk.fifo_file(), '600')
|
||||
|
||||
def disable_local_users(self):
|
||||
def set_register_user(self, hostName, username, password):
|
||||
self.register_hostname=hostName
|
||||
self.register_user_name=username
|
||||
self.register_user_password=password
|
||||
|
||||
# if user_disabled is when ahenk service restarted TRUE disabled local users
|
||||
def disable_local_users(self):
|
||||
self.logger.info('Local users disable action start..')
|
||||
conf_manager = Scope.get_instance().get_configuration_manager()
|
||||
|
||||
if conf_manager.has_section('MACHINE'):
|
||||
user_disabled = conf_manager.get("MACHINE", "user_disabled")
|
||||
self.logger.info('User disabled value=' + str(user_disabled))
|
||||
if user_disabled == '0':
|
||||
if user_disabled == 'true':
|
||||
self.logger.info('local user disabling')
|
||||
Scope.get_instance().get_registration().disable_local_users()
|
||||
|
||||
conf_manager.set('MACHINE', 'user_disabled', '1')
|
||||
conf_manager.set('MACHINE', 'user_disabled', 'disabled')
|
||||
|
||||
with open('/etc/ahenk/ahenk.conf', 'w') as configfile:
|
||||
self.logger.info('oepning config file ')
|
||||
self.logger.info('opening config file ')
|
||||
conf_manager.write(configfile)
|
||||
|
||||
user_disabled = conf_manager.get("MACHINE", "user_disabled")
|
||||
self.logger.info('User succesfully disabled value=' + str(user_disabled))
|
||||
|
||||
else:
|
||||
self.logger.info('users already disabled')
|
||||
self.logger.info('local users will not be disabled because local_user_paramater is FALSE')
|
||||
|
||||
def run(self):
|
||||
""" docstring"""
|
||||
|
@ -310,7 +315,7 @@ class AhenkDaemon(BaseDaemon):
|
|||
|
||||
self.check_registration()
|
||||
|
||||
#self.is_registered()
|
||||
self.is_registered()
|
||||
|
||||
self.disable_local_users()
|
||||
|
||||
|
@ -322,7 +327,8 @@ class AhenkDaemon(BaseDaemon):
|
|||
self.init_signal_listener()
|
||||
self.logger.info('Signals listeners was set')
|
||||
|
||||
Agreement().agreement_contract_update()
|
||||
# Agreement().agreement_contract_update()
|
||||
|
||||
global_scope.put_custom_map('ahenk_daemon', ahenk_daemon)
|
||||
self.init_message_response_queue()
|
||||
|
||||
|
@ -343,6 +349,7 @@ if __name__ == '__main__':
|
|||
ahenk_daemon = AhenkDaemon(System.Ahenk.pid_path())
|
||||
try:
|
||||
if len(sys.argv) == 2 and (sys.argv[1] in ('start', 'stop', 'restart', 'status')):
|
||||
ahenk_daemon.set_register_user(None, None, None)
|
||||
if sys.argv[1] == 'start':
|
||||
if System.Ahenk.is_running() is True:
|
||||
print('There is already running Ahenk service. It will be killed.[{0}]'.format(
|
||||
|
@ -368,6 +375,14 @@ if __name__ == '__main__':
|
|||
else:
|
||||
print('Unknown command. Usage : %s start|stop|restart|status|clean' % sys.argv[0])
|
||||
sys.exit(2)
|
||||
elif len(sys.argv) > 2 and (sys.argv[1] in ('register')):
|
||||
params = sys.argv[1]
|
||||
hostName = sys.argv[2]
|
||||
userName = sys.argv[3]
|
||||
password = sys.argv[4]
|
||||
ahenk_daemon.set_register_user(hostName,userName,password)
|
||||
ahenk_daemon.run()
|
||||
|
||||
else:
|
||||
result = Commander().set_event(sys.argv)
|
||||
if result is None:
|
||||
|
|
|
@ -1,47 +1,86 @@
|
|||
# #!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
import tkinter as tk
|
||||
from tkinter import *
|
||||
import os
|
||||
import sys
|
||||
from easygui import multpasswordbox, msgbox
|
||||
|
||||
def ask(message, title, host):
|
||||
class AskRegister():
|
||||
|
||||
field_names=[]
|
||||
message = None
|
||||
title = None
|
||||
host = ""
|
||||
|
||||
if host =='':
|
||||
field_names.append("Etki Alanı Sunucusu:")
|
||||
def __init__(self, message, title, host):
|
||||
|
||||
field_names.append("Yetkili Kullanıcı")
|
||||
field_names.append("Parola")
|
||||
self.message = message
|
||||
self.title = title
|
||||
self.host = host
|
||||
self.master = tk.Tk()
|
||||
self.master.title(self.title)
|
||||
|
||||
field_values = multpasswordbox(
|
||||
msg=message,
|
||||
title=title, fields=(field_names))
|
||||
if self.host != "":
|
||||
pass
|
||||
else:
|
||||
tk.Label(self.master, text="Etki Alanı Sunucusu : ").grid(row=0)
|
||||
self.e1 = tk.Entry(self.master)
|
||||
self.e1.grid(row=0, column=1)
|
||||
|
||||
if field_values is None:
|
||||
return print('N');
|
||||
tk.Label(self.master, text="Yetkili Kullanıcı : ").grid(row=1)
|
||||
tk.Label(self.master, text="Parola : ").grid(row=2)
|
||||
|
||||
is_fieldvalue_empty = False;
|
||||
self.e2 = tk.Entry(self.master)
|
||||
self.e3 = tk.Entry(show="*")
|
||||
|
||||
for value in field_values:
|
||||
if value == '':
|
||||
is_fieldvalue_empty = True;
|
||||
self.var1 = IntVar()
|
||||
Checkbutton(self.master, text="Active Directory", variable=self.var1, command=self.check1).grid(row=3, column=0, stick=tk.W,
|
||||
pady=4)
|
||||
self.var2 = IntVar()
|
||||
self.var2.set(1)
|
||||
Checkbutton(self.master, text="OpenLDAP", variable=self.var2, command=self.check2).grid(row=3, column=1, stick=tk.W, pady=4)
|
||||
|
||||
if is_fieldvalue_empty:
|
||||
msgbox("Lütfen zorunlu alanları giriniz.", ok_button="Tamam")
|
||||
return print('Z');
|
||||
|
||||
if host =='':
|
||||
print(field_values[0],field_values[1],field_values[2])
|
||||
else:
|
||||
print(field_values[0], field_values[1])
|
||||
self.e2.grid(row=1, column=1)
|
||||
self.e3.grid(row=2, column=1)
|
||||
|
||||
tk.Button(self.master, text='Çıkış', command=self.master.quit).grid(row=4, column=0, sticky=tk.W, pady=4)
|
||||
tk.Button(self.master, text='Tamam', command=self.show).grid(row=4, column=1, sticky=tk.W, pady=4)
|
||||
tk.mainloop()
|
||||
|
||||
def show(self):
|
||||
|
||||
if self.var2.get() == 1:
|
||||
if self.host != "":
|
||||
print(self.e2.get()+" "+self.e3.get()+" "+"LDAP")
|
||||
else:
|
||||
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"LDAP")
|
||||
|
||||
if self.var1.get() == 1:
|
||||
if self.host != "":
|
||||
print(self.e2.get()+" "+self.e3.get()+" "+"AD")
|
||||
else:
|
||||
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"AD")
|
||||
|
||||
self.master.quit()
|
||||
|
||||
def check1(self):
|
||||
self.var2.set(0)
|
||||
|
||||
def check2(self):
|
||||
self.var1.set(0)
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
||||
if len(sys.argv) > 1:
|
||||
try:
|
||||
message=sys.argv[1]
|
||||
title=sys.argv[2]
|
||||
host=sys.argv[3]
|
||||
ask(message,title, host)
|
||||
m_message = sys.argv[1]
|
||||
t_title = sys.argv[2]
|
||||
h_host = sys.argv[3]
|
||||
display = sys.argv[4]
|
||||
os.environ["DISPLAY"] = display
|
||||
app = AskRegister(m_message, t_title, h_host)
|
||||
except Exception as e:
|
||||
print(str(e))
|
||||
else:
|
||||
print('Argument fault. Check your parameters or content of parameters. Parameters: ' + str(sys.argv))
|
||||
print("Argument fault. Check your parameters or content of parameters. Parameters:" + str(sys.argv))
|
|
@ -2,10 +2,10 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
|
||||
|
||||
import os
|
||||
import sys
|
||||
import easygui
|
||||
|
||||
|
||||
def confirm(message, title):
|
||||
choice = easygui.buttonbox(msg=message, title=title, choices=["Tamam"])
|
||||
|
||||
|
@ -17,8 +17,10 @@ def confirm(message, title):
|
|||
|
||||
if __name__ == '__main__':
|
||||
|
||||
if len(sys.argv) == 3:
|
||||
if len(sys.argv) == 4:
|
||||
try:
|
||||
display=sys.argv[3]
|
||||
os.environ["DISPLAY"] = display
|
||||
confirm(sys.argv[1], sys.argv[2])
|
||||
except Exception as e:
|
||||
print(str(e))
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
import os
|
||||
import sys
|
||||
from easygui import multpasswordbox, msgbox
|
||||
|
||||
|
@ -12,17 +13,17 @@ def ask(message, title):
|
|||
title=title, fields=(field_names))
|
||||
|
||||
if field_values is None:
|
||||
return print('N');
|
||||
return print('N')
|
||||
|
||||
is_fieldvalue_empty = False;
|
||||
is_fieldvalue_empty = False
|
||||
|
||||
for value in field_values:
|
||||
if value == '':
|
||||
is_fieldvalue_empty = True;
|
||||
is_fieldvalue_empty = True
|
||||
|
||||
if is_fieldvalue_empty:
|
||||
msgbox("Lütfen zorunlu alanları giriniz.", ok_button="Tamam")
|
||||
return print('Z');
|
||||
return print('Z')
|
||||
|
||||
print(field_values[0], field_values[1])
|
||||
|
||||
|
@ -32,6 +33,8 @@ if __name__ == '__main__':
|
|||
try:
|
||||
message=sys.argv[1]
|
||||
title=sys.argv[2]
|
||||
display = sys.argv[3]
|
||||
os.environ["DISPLAY"] = display
|
||||
ask(message,title)
|
||||
except Exception as e:
|
||||
print(str(e))
|
||||
|
|
|
@ -13,6 +13,7 @@ from base.system.system import System
|
|||
from base.timer.setup_timer import SetupTimer
|
||||
from base.timer.timer import Timer
|
||||
from base.util.util import Util
|
||||
from base.default_policy.default_policy import DefaultPolicy
|
||||
|
||||
|
||||
class CommandRunner(object):
|
||||
|
@ -25,6 +26,7 @@ class CommandRunner(object):
|
|||
self.conf_manager = scope.get_configuration_manager()
|
||||
self.db_service = scope.get_db_service()
|
||||
self.execute_manager = scope.get_execution_manager()
|
||||
self.default_policy = DefaultPolicy()
|
||||
|
||||
def check_last_login(self):
|
||||
last_login_tmstmp = self.db_service.select_one_result('session', 'timestamp')
|
||||
|
@ -36,6 +38,16 @@ class CommandRunner(object):
|
|||
else:
|
||||
return True
|
||||
|
||||
def delete_polkit_user(self):
|
||||
content = "[Configuration] \nAdminIdentities=unix-user:root"
|
||||
ahenk_policy_file = "/etc/polkit-1/localauthority.conf.d/99-ahenk-policy.conf"
|
||||
if not Util.is_exist(ahenk_policy_file):
|
||||
self.logger.info('Ahenk polkit file not found')
|
||||
else:
|
||||
Util.delete_file(ahenk_policy_file)
|
||||
Util.write_file(ahenk_policy_file, content)
|
||||
self.logger.info('Root added ahenk polkit file')
|
||||
|
||||
def run_command_from_fifo(self, num, stack):
|
||||
""" docstring"""
|
||||
|
||||
|
@ -61,18 +73,24 @@ class CommandRunner(object):
|
|||
display = json_data['display']
|
||||
desktop = json_data['desktop']
|
||||
|
||||
|
||||
ip = None
|
||||
if 'ip' in json_data:
|
||||
ip = json_data['ip']
|
||||
|
||||
self.logger.info('login event is handled for user: {0}'.format(username))
|
||||
Util.execute("systemctl restart sssd.service")
|
||||
login_message = self.message_manager.login_msg(username,ip)
|
||||
self.messenger.send_direct_message(login_message)
|
||||
|
||||
agreement = Agreement()
|
||||
agreement_choice = None
|
||||
|
||||
## Default policy for users
|
||||
|
||||
self.logger.info("Applying default policies for user {0}".format(username))
|
||||
self.default_policy.default_firefox_policy(username)
|
||||
self.default_policy.disable_update_package_notify(username)
|
||||
|
||||
if agreement.check_agreement(username) is not True and System.Ahenk.agreement() == '1':
|
||||
self.logger.debug('User {0} has not accepted agreement.'.format(username))
|
||||
thread_ask = Process(target=agreement.ask, args=(username, display,))
|
||||
|
@ -151,6 +169,9 @@ class CommandRunner(object):
|
|||
logout_message = self.message_manager.logout_msg(username,ip)
|
||||
self.messenger.send_direct_message(logout_message)
|
||||
|
||||
self.logger.info('Ahenk polkit file deleting..')
|
||||
self.delete_polkit_user()
|
||||
|
||||
self.plugin_manager.process_mode('logout', username)
|
||||
self.plugin_manager.process_mode('safe', username)
|
||||
|
||||
|
@ -160,7 +181,6 @@ class CommandRunner(object):
|
|||
message = json.dumps(json_data['message'])
|
||||
self.messenger.send_direct_message(message)
|
||||
|
||||
|
||||
elif str(json_data['event']) == 'unregister':
|
||||
self.logger.info('Unregistering..')
|
||||
unregister_message = self.message_manager.unregister_msg()
|
||||
|
|
|
@ -55,6 +55,7 @@ class AhenkDbService(object):
|
|||
self.check_and_create_table('mail', ['id INTEGER PRIMARY KEY AUTOINCREMENT', 'command TEXT', 'mailstatus INTEGER', 'timestamp TEXT'])
|
||||
|
||||
self.check_and_create_table('service', ['id INTEGER PRIMARY KEY AUTOINCREMENT', 'serviceName TEXT', 'serviceStatus TEXT','timestamp TEXT','task_id INTEGER'])
|
||||
self.check_and_create_table('app_restriction', ['id INTEGER PRIMARY KEY AUTOINCREMENT', 'application_name TEXT', 'username TEXT', 'restriction INTEGER'])
|
||||
|
||||
|
||||
def get_cols(self, table_name):
|
||||
|
@ -193,4 +194,4 @@ class AhenkDbService(object):
|
|||
self.cursor.close()
|
||||
self.connection.close()
|
||||
except Exception as e:
|
||||
self.logger.error('Closing database connection error: {0}'.format(str(e)))
|
||||
self.logger.error('Closing database connection error: {0}'.format(str(e)))
|
||||
|
|
0
src/base/default_policy/__init__.py
Normal file
0
src/base/default_policy/__init__.py
Normal file
12
src/base/default_policy/config-files/xfce4-notifyd.xml
Normal file
12
src/base/default_policy/config-files/xfce4-notifyd.xml
Normal file
|
@ -0,0 +1,12 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<channel name="xfce4-notifyd" version="1.0">
|
||||
<property name="notify-location" type="empty"/>
|
||||
<property name="theme" type="empty"/>
|
||||
<property name="initial-opacity" type="empty"/>
|
||||
<property name="applications" type="empty">
|
||||
<property name="known_applications" type="array">
|
||||
<value type="string" value="nm-applet"/>
|
||||
</property>
|
||||
</property>
|
||||
</channel>
|
147
src/base/default_policy/default_policy.py
Normal file
147
src/base/default_policy/default_policy.py
Normal file
|
@ -0,0 +1,147 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Tuncay Çolak <tuncay.colak@tubitak.gov.tr> <tncyclk05@gmail.com>
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
# Default Policy for users
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import xml.etree.ElementTree as ET
|
||||
|
||||
|
||||
class DefaultPolicy:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
## default firefox policy for user
|
||||
def default_firefox_policy(self, username):
|
||||
exec_command = None
|
||||
firefox_path = None
|
||||
|
||||
if self.util.is_exist("/usr/lib/firefox-esr/"):
|
||||
firefox_path = "/usr/lib/firefox-esr/"
|
||||
exec_command = "firefox-esr"
|
||||
|
||||
elif self.util.is_exist('/opt/firefox-esr/'):
|
||||
firefox_path = "/opt/firefox-esr/"
|
||||
exec_command = "firefox-esr"
|
||||
|
||||
elif self.util.is_exist('/usr/lib/iceweasel/'):
|
||||
firefox_path = "/usr/lib/iceweasel/"
|
||||
exec_command = "iceweasel"
|
||||
|
||||
elif self.util.is_exist('/opt/firefox/'):
|
||||
firefox_path = "/opt/firefox/"
|
||||
exec_command = "firefox"
|
||||
|
||||
else:
|
||||
self.logger.error('Firefox installation path not found')
|
||||
|
||||
self.logger.info("if mozilla profile is not created run firefox to create profile for user: " + username)
|
||||
if not Util.is_exist("/home/" + username + "/.mozilla/"):
|
||||
self.logger.info("firefox profile does not exist. Check autostart file.")
|
||||
if not Util.is_exist("/home/" + username + "/.config/autostart/"):
|
||||
self.logger.info(".config/autostart folder does not exist. Creating folder.")
|
||||
Util.create_directory("/home/" + username + "/.config/autostart/")
|
||||
else:
|
||||
self.logger.info(".config/autostart folder exists.")
|
||||
self.logger.info(
|
||||
"Checking if {0}-autostart-for-profile.desktop autorun file exists.".format(exec_command))
|
||||
|
||||
if not Util.is_exist(
|
||||
"/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command)):
|
||||
self.logger.info(
|
||||
"{0}-autostart-for-profile.desktop autorun file does not exists. Creating file.".format(
|
||||
exec_command))
|
||||
Util.create_file(
|
||||
"/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command))
|
||||
content = "[Desktop Entry]\n\n" \
|
||||
"Type=Application\n\n" \
|
||||
"Exec={0}{1} www.liderahenk.org".format(firefox_path, exec_command)
|
||||
Util.write_file(
|
||||
"/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command),
|
||||
content)
|
||||
self.logger.info(
|
||||
"Autorun config is written to {0}-autostart-for-profile.desktop.".format(exec_command))
|
||||
else:
|
||||
self.logger.info("{0}-autostart-for-profile.desktop exists".format(exec_command))
|
||||
else:
|
||||
self.logger.info(".mozilla firefox profile path exists. Delete autorun file.")
|
||||
Util.delete_file(
|
||||
"/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command))
|
||||
|
||||
|
||||
## disabled update package notify for user
|
||||
def disable_update_package_notify(self, username):
|
||||
|
||||
xfce4_notify_template_path = "/usr/share/ahenk/base/default_policy/config-files/xfce4-notifyd.xml"
|
||||
|
||||
fileName = "/home/{0}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml".format(username)
|
||||
|
||||
if not self.util.is_exist(fileName):
|
||||
## if configuration file does not exist will be create /home/{username}/.config/xfce4/xfconf/xfce-perchannel-xml/
|
||||
self.logger.info("Configuration file does not exist")
|
||||
self.util.create_directory("/home/{0}/.config/xfce4/xfconf/xfce-perchannel-xml/".format(username))
|
||||
self.logger.info("Created directory /home/{0}/.config/xfce4/xfconf/xfce-perchannel-xml/".format(username))
|
||||
self.util.copy_file(xfce4_notify_template_path, "/home/{0}/.config/xfce4/xfconf/xfce-perchannel-xml/".format(username))
|
||||
self.logger.info("Copy xfce4-notifyd.xml template file")
|
||||
gid = self.util.file_group("/home/{0}".format(username))
|
||||
cmd = "chown -R {0}:{1} /home/{0}/.config".format(username, gid)
|
||||
self.util.execute(cmd)
|
||||
self.logger.info("Set permissons for /home/{0}.config directory".format(username))
|
||||
|
||||
self.notifyd_xml_parser(username)
|
||||
else:
|
||||
self.logger.info("Configuration file exist")
|
||||
self.notifyd_xml_parser(username)
|
||||
|
||||
pk_update_icon_file = "/etc/xdg/autostart/pk-update-icon.desktop"
|
||||
if self.util.is_exist(pk_update_icon_file):
|
||||
self.logger.info("{0} file exists".format(pk_update_icon_file))
|
||||
self.util.rename_file(pk_update_icon_file, pk_update_icon_file+".ahenk")
|
||||
self.logger.info("Renamed from {0} to {0}.ahenk".format(pk_update_icon_file))
|
||||
self.logger.info("Disabled autostart for pk-update-icon")
|
||||
|
||||
else:
|
||||
self.logger.info("File not found")
|
||||
|
||||
self.logger.info("Disable notifications if there is a package update notification for user: " + username)
|
||||
|
||||
def notifyd_xml_parser(self, username):
|
||||
|
||||
fileName = "/home/{0}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-notifyd.xml".format(username)
|
||||
tree = ET.parse(fileName)
|
||||
root = tree.getroot()
|
||||
app_name_for_blocking = "pk-update-icon"
|
||||
element = root.find("./property/[@name='applications']")
|
||||
if element is None:
|
||||
self.logger.info("applications element could not be found.")
|
||||
else:
|
||||
element = root.find("./property/property[@name='muted_applications']")
|
||||
if element is None:
|
||||
self.logger.info("muted_applications element could not be found.")
|
||||
self.logger.info("adding muted_applications element to applications tag.")
|
||||
element = root.find("./property/[@name='applications']")
|
||||
new_element = ET.SubElement(element, 'property')
|
||||
new_element.attrib["name"] = 'muted_applications'
|
||||
new_element.attrib["type"] = 'array'
|
||||
tree.write(fileName)
|
||||
else:
|
||||
self.logger.info("muted_applications tag exists.")
|
||||
|
||||
self.logger.info("checking if '" + app_name_for_blocking + "' exists in muted_applications tag.")
|
||||
element = root.find(
|
||||
"./property/property[@name='muted_applications']/value[@value='{0}']".format(app_name_for_blocking))
|
||||
if element is None:
|
||||
self.logger.info("'" + app_name_for_blocking + "' is not found in muted_applications element.")
|
||||
self.logger.info("'" + app_name_for_blocking + "' will be added to muted_applications tag.")
|
||||
element = root.find("./property/property[@name='muted_applications']")
|
||||
new_element = ET.SubElement(element, 'value')
|
||||
new_element.attrib["type"] = 'string'
|
||||
new_element.attrib["value"] = app_name_for_blocking
|
||||
tree.write(fileName)
|
||||
else:
|
||||
self.logger.info("'" + app_name_for_blocking + "' is already added to muted_applications tag.")
|
|
@ -45,6 +45,7 @@ class ExecutionManager(object):
|
|||
self.event_manager.register_event(MessageType.RESPONSE_AGREEMENT.value, self.agreement_update)
|
||||
self.event_manager.register_event(MessageType.UPDATE_SCHEDULED_TASK.value, self.update_scheduled_task)
|
||||
self.event_manager.register_event(MessageType.REGISTRATION_RESPONSE.value, self.unregister) # registration message for unregister event
|
||||
self.event_manager.register_event(MessageType.LOGIN_RESPONSE.value, self.login_response) # registration message for unregister event
|
||||
|
||||
def agreement_update(self, arg):
|
||||
|
||||
|
@ -410,9 +411,9 @@ class ExecutionManager(object):
|
|||
self.logger.info('Registration is failed. User not authorized')
|
||||
Util.show_message(user_name,display,'Ahenk Lider MYS sisteminden çıkarmak için yetkili kullanıcı haklarına sahip olmanız gerekmektedir.',
|
||||
'Kullanıcı Yetkilendirme Hatası')
|
||||
else :
|
||||
else:
|
||||
Util.show_message(user_name, display, "Ahenk Lider MYS sisteminden çıkarılmıştır.", "")
|
||||
if Util.show_message(user_name, display, "Değişikliklerin etkili olması için sistemi yeniden başlatmanız gerekmektedir.", "") :
|
||||
if Util.show_message(user_name, display, "Değişikliklerin etkili olması için sistem yeniden başlatılacaktır. Lütfen bekleyiniz...", "") :
|
||||
registration= Scope.get_instance().get_registration()
|
||||
registration.purge_and_unregister()
|
||||
|
||||
|
@ -531,3 +532,23 @@ class ExecutionManager(object):
|
|||
user_execution_id=json_data['userCommandExecutionId'],
|
||||
agent_expiration_date=json_data['agentPolicyExpirationDate'],
|
||||
user_expiration_date=json_data['userPolicyExpirationDate'])
|
||||
|
||||
def login_response(self, msg):
|
||||
jData = json.loads(msg)
|
||||
username = jData['userName']
|
||||
if username is not None:
|
||||
self.create_sudo_polkit(username)
|
||||
|
||||
|
||||
def create_sudo_polkit(self,username):
|
||||
content = "[Configuration] \nAdminIdentities=unix-user:{}".format(username)
|
||||
ahenk_policy_file = "/etc/polkit-1/localauthority.conf.d/99-ahenk-policy.conf"
|
||||
if not Util.is_exist(ahenk_policy_file):
|
||||
Util.create_file(ahenk_policy_file)
|
||||
Util.write_file(ahenk_policy_file, content)
|
||||
self.logger.debug('Ahenk polkit file created and user added.. User : {}'.format(username))
|
||||
else:
|
||||
self.logger.debug('Writing result to file')
|
||||
Util.delete_file(ahenk_policy_file)
|
||||
Util.create_file(ahenk_policy_file)
|
||||
Util.write_file(ahenk_policy_file, content)
|
||||
|
|
|
@ -95,8 +95,8 @@ class AnonymousMessenger(ClientXMPP):
|
|||
|
||||
def recv_direct_message(self, msg):
|
||||
if msg['type'] in ['normal']:
|
||||
self.logger.debug('---------->Received message: {0}'.format(str(msg['body'])))
|
||||
self.logger.debug('Reading registration reply')
|
||||
self.logger.info('---------->Received message: {0}'.format(str(msg['body'])))
|
||||
self.logger.info('Reading registration reply')
|
||||
j = json.loads(str(msg['body']))
|
||||
message_type = j['type']
|
||||
status = str(j['status']).lower()
|
||||
|
|
|
@ -72,6 +72,7 @@ class Messaging(object):
|
|||
data['ipAddresses'] = str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', '')
|
||||
data['timestamp'] = Util.timestamp()
|
||||
data['userIp'] = ip
|
||||
data['hostname'] = str(System.Os.hostname())
|
||||
|
||||
self.logger.debug('USER IP : '+ str(ip)+ ' IPADDRESSES : '+ str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', ''))
|
||||
|
||||
|
@ -113,7 +114,7 @@ class Messaging(object):
|
|||
self.logger.debug('Get Policies message was created')
|
||||
return json_data
|
||||
|
||||
def registration_msg(self, userName= None, userPassword=None):
|
||||
def registration_msg(self, userName= None, userPassword=None, directoryServer=None):
|
||||
data = dict()
|
||||
data['type'] = 'REGISTER'
|
||||
data['from'] = self.db_service.select_one_result('registration', 'jid', ' 1=1')
|
||||
|
@ -132,9 +133,13 @@ class Messaging(object):
|
|||
if userPassword is not None:
|
||||
data["userPassword"] = str(userPassword)
|
||||
|
||||
if directoryServer is not None:
|
||||
data["directoryServer"] = str(directoryServer)
|
||||
|
||||
data['timestamp'] = self.db_service.select_one_result('registration', 'timestamp', ' 1=1')
|
||||
json_data = json.dumps(data)
|
||||
self.logger.debug('Registration message was created')
|
||||
self.logger.info('Registration message was created. Data content: '+ json_data)
|
||||
return json_data
|
||||
|
||||
def ldap_registration_msg(self):
|
||||
|
|
|
@ -99,10 +99,24 @@ class Messenger(ClientXMPP):
|
|||
|
||||
def recv_direct_message(self, msg):
|
||||
if msg['type'] in ['normal']:
|
||||
self.logger.info('---------->Received message: {0}'.format(str(msg['body'])))
|
||||
try:
|
||||
j = json.loads(str(msg['body']))
|
||||
message_type = j['type']
|
||||
self.logger.debug("Get message type: "+str(message_type))
|
||||
|
||||
if j['type'] == "EXECUTE_POLICY":
|
||||
self.logger.info('---------->Received message: {0}'.format(str(msg['body'])))
|
||||
|
||||
if j['type'] == "EXECUTE_TASK":
|
||||
i = json.loads(str(j['task']))
|
||||
plugin_name = i['plugin']['name']
|
||||
if plugin_name == "manage-root":
|
||||
parameter_map = i['parameterMap']
|
||||
parameter_map.pop("RootPassword")
|
||||
self.logger.info("---------->Received message: {}".format(str(parameter_map)))
|
||||
else:
|
||||
self.logger.info('---------->Received message: {0}'.format(str(msg['body'])))
|
||||
|
||||
self.event_manger.fireEvent(message_type, str(msg['body']))
|
||||
self.logger.debug('Fired event is: {0}'.format(message_type))
|
||||
except Exception as e:
|
||||
|
|
|
@ -24,3 +24,4 @@ class MessageType(Enum):
|
|||
RESPONSE_AGREEMENT = 'RESPONSE_AGREEMENT'
|
||||
UPDATE_SCHEDULED_TASK = 'UPDATE_SCHEDULED_TASK'
|
||||
REGISTRATION_RESPONSE ='REGISTRATION_RESPONSE'
|
||||
LOGIN_RESPONSE = 'LOGIN_RESPONSE'
|
||||
|
|
37
src/base/registration/config-files/krb5.conf
Normal file
37
src/base/registration/config-files/krb5.conf
Normal file
|
@ -0,0 +1,37 @@
|
|||
[libdefaults]
|
||||
default_realm = ENGEREK.LOCAL
|
||||
kdc_timesync = 1
|
||||
ccache_type = 4
|
||||
forwardable = true
|
||||
proxiable = true
|
||||
fcc-mit-ticketflags = true
|
||||
|
||||
[realms]
|
||||
ENGEREK.LOCAL = {
|
||||
admin_server = liderahenk.engerek.local
|
||||
kdc = liderahenk.engerek.local
|
||||
}
|
||||
|
||||
[domain_realm]
|
||||
.engerek.local = ENGEREK.LOCAL
|
||||
|
||||
|
||||
------------------------------------------------------------------------------------------
|
||||
[libdefaults]
|
||||
default_realm = ENGEREK.LOCAL
|
||||
kdc_timesync = 1
|
||||
ccache_type = 4
|
||||
forwardable = true
|
||||
proxiable = true
|
||||
fcc-mit-ticketflags = true
|
||||
|
||||
[realms]
|
||||
###realm### = {
|
||||
|
||||
###admin_server###
|
||||
###kdc###
|
||||
|
||||
}
|
||||
|
||||
[domain_realm]
|
||||
###own_domain_realm###
|
20
src/base/registration/config-files/ldap
Normal file
20
src/base/registration/config-files/ldap
Normal file
|
@ -0,0 +1,20 @@
|
|||
Name: Ahenk LDAP Authentication
|
||||
Default: yes
|
||||
Priority: 128
|
||||
Auth-Type: Primary
|
||||
Auth-Initial:
|
||||
[success=end authinfo_unavail=ignore default=ignore] pam_ldap.so
|
||||
Auth:
|
||||
[success=end authinfo_unavail=ignore default=ignore] pam_ldap.so use_first_pass
|
||||
Account-Type: Primary
|
||||
Account:
|
||||
[success=end new_authtok_reqd=done authinfo_unavail=1 default=ignore] pam_ldap.so
|
||||
Password-Type: Primary
|
||||
Password-Initial:
|
||||
[success=end user_unknown=ignore default=die] pam_ldap.so
|
||||
Password:
|
||||
[success=end user_unknown=ignore default=die] pam_ldap.so try_first_pass
|
||||
Session-Type: Additional
|
||||
Session:
|
||||
optional pam_ldap.so
|
||||
required pam_mkhomedir.so skel=/etc/skel umask=066
|
12
src/base/registration/config-files/pam_script
Normal file
12
src/base/registration/config-files/pam_script
Normal file
|
@ -0,0 +1,12 @@
|
|||
Name: Ahenk PAM scripts
|
||||
Default: yes
|
||||
Priority: 257
|
||||
Auth-Type: Primary
|
||||
Auth:
|
||||
optional pam_script.so
|
||||
Account-Type: Primary
|
||||
Account:
|
||||
optional pam_script.so
|
||||
Session-Type: Additional
|
||||
Session:
|
||||
optional pam_script.so
|
44
src/base/registration/config-files/sssd.conf
Normal file
44
src/base/registration/config-files/sssd.conf
Normal file
|
@ -0,0 +1,44 @@
|
|||
[sssd]
|
||||
config_file_version = 2
|
||||
services = nss, pam, sudo
|
||||
domains = LDAP
|
||||
|
||||
[nss]
|
||||
|
||||
[sudo]
|
||||
|
||||
[pam]
|
||||
pam_verbosity=2
|
||||
pam_account_locked_message = Hesap Kilitli
|
||||
offline_credentials_expiration = 90
|
||||
|
||||
[domain/LDAP]
|
||||
debug_level = 9
|
||||
id_provider = ldap
|
||||
auth_provider = ldap
|
||||
access_provider = ldap
|
||||
#ldap_access_filter = (employeeType=admin)
|
||||
ldap_access_order = ppolicy
|
||||
pam_verbosity=2
|
||||
###ldap_pwdlockout_dn###
|
||||
ldap_schema = rfc2307
|
||||
###ldap_uri###
|
||||
###ldap_default_bind_dn###
|
||||
###ldap_default_authtok###
|
||||
ldap_default_authtok_type = password
|
||||
###ldap_search_base###
|
||||
###ldap_user_search_base###
|
||||
###ldap_group_search_base###
|
||||
ldap_user_object_class = posixAccount
|
||||
ldap_user_gecos = cn
|
||||
ldap_tls_reqcert = never
|
||||
ldap_auth_disable_tls_never_use_in_production = true
|
||||
override_shell = /bin/bash
|
||||
enumerate = true
|
||||
cache_credentials = true
|
||||
sudo_provider = ldap
|
||||
###ldap_sudo_search_base###
|
||||
###90 days
|
||||
ldap_sudo_full_refresh_interval=7776000
|
||||
###30 days
|
||||
ldap_sudo_smart_refresh_interval=2592000
|
25
src/base/registration/config-files/sssd_ad.conf
Normal file
25
src/base/registration/config-files/sssd_ad.conf
Normal file
|
@ -0,0 +1,25 @@
|
|||
[nss]
|
||||
filter_groups = root,adm
|
||||
filter_users = root,adm
|
||||
reconnection_retries = 3
|
||||
|
||||
[pam]
|
||||
reconnection_retries = 3
|
||||
|
||||
[sssd]
|
||||
###domains###
|
||||
config_file_version = 2
|
||||
services = nss, pam
|
||||
|
||||
###[domain/###
|
||||
###ad_domain###
|
||||
###krb5_realm###
|
||||
realmd_tags = manages-system joined-with-adcli
|
||||
cache_credentials = True
|
||||
id_provider = ad
|
||||
krb5_store_password_if_offline = True
|
||||
default_shell = /bin/bash
|
||||
ldap_id_mapping = True
|
||||
use_fully_qualified_names = False
|
||||
fallback_homedir = /home/%u@%d
|
||||
access_provider = ad
|
101
src/base/registration/execute_cancel_ldap_login.py
Normal file
101
src/base/registration/execute_cancel_ldap_login.py
Normal file
|
@ -0,0 +1,101 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
|
||||
class ExecuteCancelLDAPLogin:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def cancel(self):
|
||||
self.logger.info('Purge ldap packages')
|
||||
self.util.execute("apt-get install sudo -y")
|
||||
self.util.execute("apt purge libpam-ldap libnss-ldap ldap-utils sudo-ldap nss-updatedb libnss-db libpam-ccreds -y")
|
||||
self.util.execute("apt autoremove -y")
|
||||
|
||||
self.logger.info('purging successfull')
|
||||
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
ldap_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/ldap"
|
||||
ldap_original_file_path = "/usr/share/pam-configs/ldap"
|
||||
|
||||
pam_script_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/pam_script"
|
||||
pam_script_original_file_path = "/usr/share/pam-configs/pam_script"
|
||||
|
||||
if self.util.is_exist(ldap_back_up_file_path):
|
||||
self.logger.info("Replacing {0} with {1}".format(ldap_original_file_path, ldap_back_up_file_path))
|
||||
self.util.copy_file(ldap_back_up_file_path, ldap_original_file_path)
|
||||
self.logger.info("Deleting {0}".format(ldap_back_up_file_path))
|
||||
self.util.delete_file(ldap_back_up_file_path)
|
||||
|
||||
if self.util.is_exist(pam_script_back_up_file_path):
|
||||
self.logger.info(
|
||||
"Replacing {0} with {1}".format(pam_script_original_file_path, pam_script_back_up_file_path))
|
||||
self.util.copy_file(pam_script_back_up_file_path, pam_script_original_file_path)
|
||||
self.logger.info("Deleting {0}".format(pam_script_back_up_file_path))
|
||||
self.util.delete_file(pam_script_back_up_file_path)
|
||||
|
||||
(result_code, p_out, p_err) = self.util.execute("DEBIAN_FRONTEND=noninteractive pam-auth-update --package")
|
||||
if result_code == 0:
|
||||
self.logger.info("'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' has run successfully")
|
||||
else:
|
||||
self.logger.error(
|
||||
"'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: " + p_err)
|
||||
|
||||
# Configure nsswitch.conf
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
file_data = file_ns_switch.read()
|
||||
|
||||
# cleared file data from spaces, tabs and newlines
|
||||
text = pattern.sub('', file_data)
|
||||
|
||||
did_configuration_change = False
|
||||
if "passwd:compatldap[NOTFOUND=return]db" in text:
|
||||
file_data = file_data.replace("passwd: compat ldap [NOTFOUND=return] db", "passwd: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "group:compatldap[NOTFOUND=return]db" in text:
|
||||
file_data = file_data.replace("group: compat ldap [NOTFOUND=return] db", "group: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "shadow:compatldap" in text:
|
||||
file_data = file_data.replace("shadow: compat ldap", "shadow: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "#gshadow:files" in text:
|
||||
file_data = file_data.replace("#gshadow: files", "gshadow: files")
|
||||
did_configuration_change = True
|
||||
|
||||
if did_configuration_change:
|
||||
self.logger.info("nsswitch.conf configuration has been configured")
|
||||
else:
|
||||
self.logger.info("nsswitch.conf has already been configured")
|
||||
|
||||
file_ns_switch.close()
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
|
||||
# Configure ldap-cache
|
||||
nss_update_cron_job_file_path = "/etc/cron.daily/nss-updatedb"
|
||||
if self.util.is_exist(nss_update_cron_job_file_path):
|
||||
self.util.delete_file(nss_update_cron_job_file_path)
|
||||
self.logger.info("{0} is deleted.".format(nss_update_cron_job_file_path))
|
||||
|
||||
# Configure lightdm.service
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
self.logger.info("Operation finished")
|
||||
|
126
src/base/registration/execute_cancel_sssd_ad_authentication.py
Normal file
126
src/base/registration/execute_cancel_sssd_ad_authentication.py
Normal file
|
@ -0,0 +1,126 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Agah Hulusi ÖZ <enghulusi@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
class ExecuteCancelSSSDAdAuthentication:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
self.ad_info_path = "/etc/ahenk/ad_info"
|
||||
|
||||
def cancel(self):
|
||||
try:
|
||||
# Deleting packages require for AD entegration
|
||||
self.util.execute(
|
||||
"apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
|
||||
self.util.execute("apt autoremove -y")
|
||||
|
||||
# Read information about AD
|
||||
if self.util.is_exist(self.ad_info_path):
|
||||
file_data = self.util.read_file_by_line(self.ad_info_path)
|
||||
self.ip_address = file_data[0].strip("\n")
|
||||
self.host_name = file_data[1].strip("\n")
|
||||
self.logger.info(self.ip_address)
|
||||
self.logger.info(self.host_name)
|
||||
self.logger.info("Information read successfully from ad_info.")
|
||||
else:
|
||||
self.logger.error("ad_info file not found")
|
||||
|
||||
if self.util.is_exist("/etc/sssd"):
|
||||
# self.util.delete_folder("/etc/sssd")
|
||||
self.logger.info("SSSD is deleted")
|
||||
else:
|
||||
self.logger.info("SSSD is not exist")
|
||||
|
||||
# Re-Configure dhclient.conf deleting AD IP address
|
||||
dhclient_conf_path = "/etc/dhcp/dhclient.conf"
|
||||
file_dhclient = open(dhclient_conf_path, 'r')
|
||||
file_data = file_dhclient.read()
|
||||
|
||||
if "prepend domain-name-servers {};".format(self.ip_address) in file_data:
|
||||
file_data = file_data.replace(("prepend domain-name-servers {};".format(self.ip_address)),
|
||||
"#prepend domain-name-servers 127.0.0.1;")
|
||||
self.logger.info("dhclient is reconfigured")
|
||||
else:
|
||||
self.logger.error("dhclient is'not reconfigured")
|
||||
|
||||
file_dhclient.close()
|
||||
file_dhclient = open(dhclient_conf_path, 'w')
|
||||
file_dhclient.write(file_data)
|
||||
file_dhclient.close()
|
||||
|
||||
# Configure hosts for deleting AD "IP address" and "AD hostname"
|
||||
hosts_conf_path = "/etc/hosts"
|
||||
file_hosts = open(hosts_conf_path, 'r')
|
||||
file_data = file_hosts.read()
|
||||
|
||||
if ("{0} {1}".format(self.ip_address, self.host_name)) in file_data:
|
||||
file_data = file_data.replace(("{0} {1}".format(self.ip_address, self.host_name)), " ")
|
||||
self.logger.info("hosts is configured")
|
||||
else:
|
||||
self.logger.error("hosts is not configured")
|
||||
file_hosts.close()
|
||||
file_hosts = open(hosts_conf_path, 'w')
|
||||
file_hosts.write(file_data)
|
||||
file_hosts.close()
|
||||
|
||||
# Configure common-session for deleting home directories for AD users
|
||||
common_session_conf_path = "/etc/pam.d/common-session"
|
||||
file_common_session = open(common_session_conf_path, 'r')
|
||||
file_data = file_common_session.read()
|
||||
|
||||
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" in file_data:
|
||||
file_data = file_data.replace("session optional pam_mkhomedir.so skel=/etc/skel umask=077", " ")
|
||||
self.logger.info("common-session is configured")
|
||||
else:
|
||||
self.logger.error("common session is not configured")
|
||||
|
||||
file_common_session.close()
|
||||
file_common_session = open(common_session_conf_path, 'w')
|
||||
file_common_session.write(file_data)
|
||||
file_common_session.close()
|
||||
|
||||
# Configure resolv.conf for deleting AD IP address
|
||||
resolv_conf_path = "/etc/resolv.conf"
|
||||
file_resolv = open(resolv_conf_path, 'r')
|
||||
file_data = file_resolv.read()
|
||||
|
||||
if ("nameserver {0}".format(self.ip_address)) in file_data:
|
||||
file_data = file_data.replace(("nameserver {0}".format(self.ip_address)), "")
|
||||
self.logger.info("resolv.conf is configured")
|
||||
else:
|
||||
self.logger.error("resolv is not configured")
|
||||
|
||||
file_resolv.close()
|
||||
file_resolv = open(resolv_conf_path, 'w')
|
||||
file_resolv.write(file_data)
|
||||
file_resolv.close()
|
||||
|
||||
# Deleting ad_info file
|
||||
if self.util.is_exist(self.ad_info_path):
|
||||
self.util.delete_file(self.ad_info_path)
|
||||
self.logger.info("Deleted ad_info file")
|
||||
else:
|
||||
self.logger.error("ad_info file not found")
|
||||
|
||||
# Configure lightdm.service
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
else:
|
||||
self.logger.info("99-pardus-xfce.conf not found")
|
||||
|
||||
self.logger.info("AD Login iptal etme işlemi başarı ile sağlandı.")
|
||||
return True
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.logger.info("AD Login İptal etme işlemi esnasında hata oluştu.")
|
||||
return False
|
85
src/base/registration/execute_cancel_sssd_authentication.py
Normal file
85
src/base/registration/execute_cancel_sssd_authentication.py
Normal file
|
@ -0,0 +1,85 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
|
||||
class ExecuteCancelSSSDAuthentication:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def cancel(self):
|
||||
self.util.execute("apt purge libpam-sss sssd-common -y")
|
||||
self.util.execute("apt autoremove -y")
|
||||
|
||||
if self.util.is_exist("/etc/sssd"):
|
||||
self.util.delete_folder("/etc/sssd")
|
||||
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
# Configure nsswitch.conf
|
||||
# file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
# file_data = file_ns_switch.read()
|
||||
#
|
||||
# # cleared file data from spaces, tabs and newlines
|
||||
# text = pattern.sub('', file_data)
|
||||
|
||||
# did_configuration_change = False
|
||||
# if "passwd:compatsss" in text:
|
||||
# file_data = file_data.replace("passwd: compat sss", "passwd: compat")
|
||||
# did_configuration_change = True
|
||||
#
|
||||
# if "group:compatsss" in text:
|
||||
# file_data = file_data.replace("group: compat sss", "group: compat")
|
||||
# did_configuration_change = True
|
||||
#
|
||||
# if "shadow:compatsss" in text:
|
||||
# file_data = file_data.replace("shadow: compat sss", "shadow: compat")
|
||||
# did_configuration_change = True
|
||||
#
|
||||
# if "services:dbfilessss" in text:
|
||||
# file_data = file_data.replace("services: db files sss", "services: db files")
|
||||
# did_configuration_change = True
|
||||
#
|
||||
# if "netgroup:nissss" in text:
|
||||
# file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
|
||||
# did_configuration_change = True
|
||||
#
|
||||
# if "sudoers:filessss" in text:
|
||||
# file_data = file_data.replace("sudoers: files sss", "")
|
||||
# did_configuration_change = True
|
||||
#
|
||||
# if did_configuration_change:
|
||||
# self.logger.info("nsswitch.conf configuration has been configured")
|
||||
# else:
|
||||
# self.logger.info("nsswitch.conf has already been configured")
|
||||
|
||||
# file_ns_switch.close()
|
||||
# file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
# file_ns_switch.write(file_data)
|
||||
# file_ns_switch.close()
|
||||
|
||||
common_session_conf_path = "/etc/pam.d/common-session"
|
||||
|
||||
# configure common-session for creating home directories for ldap users
|
||||
file_common_session = open(common_session_conf_path, 'r')
|
||||
file_data = file_common_session.read()
|
||||
|
||||
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" in file_data:
|
||||
file_data = file_data.replace("session optional pam_mkhomedir.so skel=/etc/skel umask=077", "")
|
||||
self.logger.info("common-session is configured")
|
||||
|
||||
file_common_session.close()
|
||||
file_common_session = open(common_session_conf_path, 'w')
|
||||
file_common_session.write(file_data)
|
||||
file_common_session.close()
|
||||
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")
|
||||
|
232
src/base/registration/execute_ldap_login.py
Normal file
232
src/base/registration/execute_ldap_login.py
Normal file
|
@ -0,0 +1,232 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
|
||||
class ExecuteLDAPLogin:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def login(self, server_address, dn, version, admin_dn, admin_password):
|
||||
try:
|
||||
self.logger.info("----------------> server_address: " + server_address)
|
||||
self.logger.info("----------------> dn: " + dn)
|
||||
self.logger.info("----------------> version: " + version)
|
||||
self.logger.info("----------------> admin_dn: " + admin_dn)
|
||||
self.logger.info("----------------> admin_password: " + admin_password)
|
||||
#(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/test.sh")
|
||||
(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ldap-login.sh {0} {1} {2} {3} {4}".format(server_address, "\'" + dn + "\'", "\'" + admin_dn + "\'", "\'" + admin_password + "\'", version))
|
||||
if result_code == 0:
|
||||
self.logger.info("Script has run successfully")
|
||||
else:
|
||||
self.logger.error("Script could not run successfully: " + p_err)
|
||||
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
pam_scripts_original_directory_path = "/usr/share/ahenk/pam_scripts_original"
|
||||
|
||||
ldap_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/ldap"
|
||||
ldap_original_file_path = "/usr/share/pam-configs/ldap"
|
||||
ldap_configured_file_path = "/usr/share/ahenk/plugins/ldap-login/config-files/ldap"
|
||||
|
||||
pam_script_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/pam_script"
|
||||
pam_script_original_file_path = "/usr/share/pam-configs/pam_script"
|
||||
pam_script_configured_file_path = "/usr/share/ahenk/plugins/ldap-login/config-files/pam_script"
|
||||
|
||||
# create pam_scripts_original directory if not exists
|
||||
if not self.util.is_exist(pam_scripts_original_directory_path):
|
||||
self.logger.info("Creating {0} directory.".format(pam_scripts_original_directory_path))
|
||||
self.util.create_directory(pam_scripts_original_directory_path)
|
||||
|
||||
if self.util.is_exist(ldap_back_up_file_path):
|
||||
self.logger.info("Changing {0} with {1}.".format(ldap_original_file_path, ldap_configured_file_path))
|
||||
self.util.copy_file(ldap_configured_file_path, ldap_original_file_path)
|
||||
else:
|
||||
self.logger.info("Backing up {0}".format(ldap_original_file_path))
|
||||
self.util.copy_file(ldap_original_file_path, ldap_back_up_file_path)
|
||||
self.logger.info(
|
||||
"{0} file is replaced with {1}.".format(ldap_original_file_path, ldap_configured_file_path))
|
||||
self.util.copy_file(ldap_configured_file_path, ldap_original_file_path)
|
||||
|
||||
if self.util.is_exist(pam_script_back_up_file_path):
|
||||
self.util.copy_file(pam_script_configured_file_path, pam_script_original_file_path)
|
||||
self.logger.info(
|
||||
"{0} is replaced with {1}.".format(pam_script_original_file_path, pam_script_configured_file_path))
|
||||
else:
|
||||
self.logger.info("Backing up {0}".format(pam_script_original_file_path))
|
||||
self.util.copy_file(pam_script_original_file_path, pam_script_back_up_file_path)
|
||||
self.logger.info("{0} file is replaced with {1}".format(pam_script_original_file_path,
|
||||
pam_script_configured_file_path))
|
||||
self.util.copy_file(pam_script_configured_file_path, pam_script_original_file_path)
|
||||
|
||||
(result_code, p_out, p_err) = self.util.execute("DEBIAN_FRONTEND=noninteractive pam-auth-update --package")
|
||||
if result_code == 0:
|
||||
self.logger.info("'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' has run successfully")
|
||||
else:
|
||||
self.logger.error(
|
||||
"'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: " + p_err)
|
||||
|
||||
# Configure nsswitch.conf
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
file_data = file_ns_switch.read()
|
||||
|
||||
# cleared file data from spaces, tabs and newlines
|
||||
text = pattern.sub('', file_data)
|
||||
|
||||
is_configuration_done_before = False
|
||||
if ("passwd:compatldap" not in text):
|
||||
file_data = file_data.replace("passwd: compat", "passwd: compat ldap")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if ("group:compatldap" not in text):
|
||||
file_data = file_data.replace("group: compat", "group: compat ldap")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if ("shadow:compatldap" not in text):
|
||||
file_data = file_data.replace("shadow: compat", "shadow: compat ldap")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if is_configuration_done_before:
|
||||
self.logger.info("nsswitch.conf configuration has been completed")
|
||||
else:
|
||||
self.logger.info("nsswitch.conf is already configured")
|
||||
|
||||
file_ns_switch.close()
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
|
||||
# configure ldap-cache
|
||||
self.logger.info("Starting to ldap-cache configurations.")
|
||||
result_code, p_out, p_err = self.util.execute("apt-get install nss-updatedb -y")
|
||||
if result_code != 0:
|
||||
self.logger.error("Error occured while downloading nss-updatedb.")
|
||||
else:
|
||||
self.logger.info("nss-updatedb downloaded successfully. Configuring /etc/nsswitch.conf.")
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
file_data = file_ns_switch.read()
|
||||
|
||||
# cleared file data from spaces, tabs and newlines
|
||||
text = pattern.sub('', file_data)
|
||||
|
||||
did_configuration_change = False
|
||||
if "passwd:compatldap[NOTFOUND=return]db" not in text:
|
||||
file_data = file_data.replace("passwd: compat ldap",
|
||||
"passwd: compat ldap [NOTFOUND=return] db")
|
||||
did_configuration_change = True
|
||||
|
||||
if "group:compatldap[NOTFOUND=return]db" not in text:
|
||||
file_data = file_data.replace("group: compat ldap",
|
||||
"group: compat ldap [NOTFOUND=return] db")
|
||||
did_configuration_change = True
|
||||
|
||||
if "gshadow:files" in text and "#gshadow:files" not in text:
|
||||
file_data = file_data.replace("gshadow: files", "#gshadow: files")
|
||||
did_configuration_change = True
|
||||
|
||||
if did_configuration_change:
|
||||
self.logger.info("nsswitch.conf configuration has been configured for ldap cache.")
|
||||
else:
|
||||
self.logger.info("nsswitch.conf has already been configured for ldap cache.")
|
||||
|
||||
file_ns_switch.close()
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
self.util.execute("nss_updatedb ldap")
|
||||
|
||||
# create cron job for ldap cache
|
||||
content = "#!/bin/bash\n" \
|
||||
"nss-updatedb ldap"
|
||||
nss_update_cron_job_file_path = "/etc/cron.daily/nss-updatedb"
|
||||
if self.util.is_exist(nss_update_cron_job_file_path):
|
||||
self.logger.info(
|
||||
"{0} exists. File will be deleted and creating new one.".format(nss_update_cron_job_file_path))
|
||||
self.util.delete_file(nss_update_cron_job_file_path)
|
||||
self.util.create_file(nss_update_cron_job_file_path)
|
||||
self.util.write_file(nss_update_cron_job_file_path, content, 'w+')
|
||||
self.util.execute("chmod +x " + nss_update_cron_job_file_path)
|
||||
else:
|
||||
self.logger.info(
|
||||
"{0} doesnt exist. File will be created and content will be written.".format(
|
||||
nss_update_cron_job_file_path))
|
||||
self.util.create_file(nss_update_cron_job_file_path)
|
||||
self.util.write_file(nss_update_cron_job_file_path, content, 'w+')
|
||||
self.util.execute("chmod +x " + nss_update_cron_job_file_path)
|
||||
|
||||
# configure /etc/libnss-ldap.conf
|
||||
libnss_ldap_file_path = "/etc/libnss-ldap.conf"
|
||||
content = "bind_policy hard" \
|
||||
"\nnss_reconnect_tries 1" \
|
||||
"\nnss_reconnect_sleeptime 1" \
|
||||
"\nnss_reconnect_maxsleeptime 8" \
|
||||
"\nnss_reconnect_maxconntries 2"
|
||||
if self.util.is_exist(libnss_ldap_file_path):
|
||||
self.logger.info("{0} exists.".format(libnss_ldap_file_path))
|
||||
self.util.execute("sed -i '/bind_policy hard/c\\' " + libnss_ldap_file_path)
|
||||
self.util.execute("sed -i '/nss_reconnect_tries 1/c\\' " + libnss_ldap_file_path)
|
||||
self.util.execute("sed -i '/nss_reconnect_sleeptime 1/c\\' " + libnss_ldap_file_path)
|
||||
self.util.execute("sed -i '/nss_reconnect_maxsleeptime 8/c\\' " + libnss_ldap_file_path)
|
||||
self.util.execute("sed -i '/nss_reconnect_maxconntries 2/c\\' " + libnss_ldap_file_path)
|
||||
self.util.write_file(libnss_ldap_file_path, content, 'a+')
|
||||
self.logger.info("Configuration has been made to {0}.".format(libnss_ldap_file_path))
|
||||
|
||||
result_code, p_out, p_err = self.util.execute("apt-get install libnss-db libpam-ccreds -y")
|
||||
if result_code != 0:
|
||||
self.logger.error("Error occured while downloading libnss-db libpam-ccreds.")
|
||||
else:
|
||||
self.logger.error("libnss-db libpam-ccreds are downloaded.")
|
||||
|
||||
# configure sudo-ldap
|
||||
sudo_ldap_conf_file_path = "/etc/sudo-ldap.conf"
|
||||
content = "sudoers_base ou=Roles," + dn \
|
||||
+ "\nBASE " + dn \
|
||||
+ "\nURI ldap://" + server_address
|
||||
# clean if config is already written
|
||||
self.util.execute("sed -i '/BASE /c\\' " + sudo_ldap_conf_file_path)
|
||||
self.util.execute("sed -i '/sudoers_base /c\\' " + sudo_ldap_conf_file_path)
|
||||
self.util.execute("sed -i '/URI /c\\' " + sudo_ldap_conf_file_path)
|
||||
|
||||
if self.util.is_exist(sudo_ldap_conf_file_path):
|
||||
self.logger.info("{0} exists.".format(sudo_ldap_conf_file_path))
|
||||
self.util.write_file(sudo_ldap_conf_file_path, content, 'a+')
|
||||
self.logger.info("Content is written to {0} successfully.".format(sudo_ldap_conf_file_path))
|
||||
|
||||
# Configure lightdm.service
|
||||
# check if 99-pardus-xfce.conf exists if not create
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if not self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf does not exist.")
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]\n")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm has been configured.")
|
||||
else:
|
||||
self.logger.info("99-pardus-xfce.conf exists. Delete file and create new one.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm.conf has been configured.")
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
self.util.execute("pam-auth-update --force")
|
||||
self.logger.info("LDAP Login operation has been completed.")
|
||||
|
||||
self.logger.info("LDAP Login işlemi başarı ile sağlandı.")
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.logger.info("LDAP Login işlemi esnasında hata oluştu.")
|
||||
raise Exception('LDAP Ayarları yapılırken hata oluştu. Lütfen ağ bağlantınızı kontrol ediniz. Deponuzun güncel olduğundan emin olunuz.')
|
208
src/base/registration/execute_sssd_ad_authentication.py
Normal file
208
src/base/registration/execute_sssd_ad_authentication.py
Normal file
|
@ -0,0 +1,208 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Agah Hulusi ÖZ <enghulusi@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
|
||||
class ExecuteSSSDAdAuthentication:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
|
||||
try:
|
||||
# Create and Configure ad_info file
|
||||
(result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info")
|
||||
if (result_code == 0):
|
||||
self.logger.info("AD INFO başarılı bir şekilde oluşturuldu")
|
||||
# Configure ad_info for deregisteration info
|
||||
default_ad_info_path = "/etc/ahenk/ad_info"
|
||||
file_default_ad_info = open(default_ad_info_path, 'r')
|
||||
file_data = file_default_ad_info.read()
|
||||
|
||||
file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + (
|
||||
"{}".format(domain_name)) + "\n" + ("{}".format(ad_username))
|
||||
self.logger.info("/etc/ahenk/ad_info bilgiler girildi.")
|
||||
file_default_ad_info.close()
|
||||
file_default_ad_info = open(default_ad_info_path, 'w')
|
||||
file_default_ad_info.write(file_data)
|
||||
file_default_ad_info.close()
|
||||
else:
|
||||
self.logger.error("ad_info oluşturma komutu başarısız : " + str(p_err))
|
||||
|
||||
self.logger.info("Authenticate starting....")
|
||||
# Configure /etc/dhcp/dhclient.conf
|
||||
dhclient_conf_path = "/etc/dhcp/dhclient.conf"
|
||||
dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r")
|
||||
dhc_conf_temp = open(dhclient_conf_path, 'w')
|
||||
|
||||
for lines in dhc_conf:
|
||||
if (lines == "#prepend domain-name-servers 127.0.0.1;\n"):
|
||||
lines = lines.replace(lines, ("prepend domain-name-servers {};\n".format(ip_address)))
|
||||
dhc_conf_temp.write(lines)
|
||||
dhc_conf_temp.close()
|
||||
|
||||
file_default_dhcp = open(dhclient_conf_path, 'r')
|
||||
file_data = file_default_dhcp.read()
|
||||
|
||||
if ("prepend domain-name-servers {};\n".format(ip_address)) not in file_data:
|
||||
file_data = file_data + "\n" + ("prepend domain-name-servers {};".format(ip_address))
|
||||
|
||||
file_default_dhcp.close()
|
||||
file_default_dhcp = open(dhclient_conf_path, 'w')
|
||||
file_default_dhcp.write(file_data)
|
||||
file_default_dhcp.close()
|
||||
|
||||
# Configure /etc/resolv.conf
|
||||
resolve_conf_path = "/etc/resolv.conf"
|
||||
resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r")
|
||||
resolve_conf_temp = open(resolve_conf_path, 'w')
|
||||
|
||||
for lines in resolve_conf:
|
||||
if (lines == ("nameserver {}\n".format(ip_address))):
|
||||
continue
|
||||
lines = lines.replace(lines, ("#" + lines))
|
||||
resolve_conf_temp.write(lines)
|
||||
resolve_conf_temp.close()
|
||||
|
||||
file_default_resolve = open(resolve_conf_path, 'r')
|
||||
file_data = file_default_resolve.read()
|
||||
|
||||
if ("nameserver {}\n".format(ip_address)) not in file_data:
|
||||
file_data = file_data + "\n" + ("nameserver {}\n".format(ip_address))
|
||||
self.logger.info("/etc/resolv.conf is configured")
|
||||
|
||||
file_default_resolve.close()
|
||||
file_default_resolve = open(resolve_conf_path, 'w')
|
||||
file_default_resolve.write(file_data)
|
||||
file_default_resolve.close()
|
||||
|
||||
# Configure /etc/hosts
|
||||
host_path = "/etc/hosts"
|
||||
file_default_hosts = open(host_path, 'r')
|
||||
file_data = file_default_hosts.read()
|
||||
|
||||
if ("{0} {1}".format(ip_address, host_name)) not in file_data:
|
||||
file_data = file_data + "\n" + ("{0} {1}".format(ip_address, host_name))
|
||||
self.logger.info("/etc/hosts is configured")
|
||||
|
||||
file_default_hosts.close()
|
||||
file_default_hosts = open(host_path, 'w')
|
||||
file_default_hosts.write(file_data)
|
||||
file_default_hosts.close()
|
||||
|
||||
# Execute the script that required for "samba-common" and "krb5"
|
||||
(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}".format(domain_name.upper(),host_name))
|
||||
|
||||
if(result_code == 0):
|
||||
self.logger.info("Script başarılı bir şekilde çalıştırıldı.")
|
||||
else:
|
||||
self.logger.error("Script başarısız oldu : " + str(p_err))
|
||||
|
||||
# Installation of required packages
|
||||
(result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs")
|
||||
if (result_code == 0):
|
||||
self.logger.info("İndirmeler Başarılı")
|
||||
else:
|
||||
self.logger.error("İndirmeler Başarısız : " + str(p_err))
|
||||
|
||||
# Configure pam.d/common-session
|
||||
pamd_common_session_path = "/etc/pam.d/common-session"
|
||||
file_default_pam = open(pamd_common_session_path, 'r')
|
||||
file_data = file_default_pam.read()
|
||||
|
||||
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data:
|
||||
file_data = file_data + "\n" + "session optional pam_mkhomedir.so skel=/etc/skel umask=077"
|
||||
self.logger.info("/etc/pam.d/common-session is configured")
|
||||
|
||||
file_default_pam.close()
|
||||
file_default_pam = open(pamd_common_session_path, 'w')
|
||||
file_default_pam.write(file_data)
|
||||
file_default_pam.close()
|
||||
|
||||
# Execute the commands that require for join Domain
|
||||
(result_code, p_out, p_err) = self.util.execute("realm discover {}".format(domain_name.upper()))
|
||||
if (result_code == 0):
|
||||
self.logger.info("Realm Discover komutu başarılı")
|
||||
else:
|
||||
self.logger.error("Realm Discover komutu başarısız : " + str(p_err))
|
||||
|
||||
(result_code, p_out, p_err) = self.util.execute("echo \"{0}\" | realm join --user={1} {2}".format(password, ad_username, domain_name.upper()))
|
||||
if (result_code == 0):
|
||||
self.logger.info("Realm Join komutu başarılı")
|
||||
else:
|
||||
self.logger.error("Realm Join komutu başarısız : " + str(p_err))
|
||||
|
||||
# Configure sssd template
|
||||
sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf"
|
||||
sssd_config_folder_path = "/etc/sssd"
|
||||
sssd_config_file_path = "/etc/sssd/sssd.conf"
|
||||
|
||||
if not self.util.is_exist(sssd_config_folder_path):
|
||||
self.util.create_directory(sssd_config_folder_path)
|
||||
self.logger.info("{0} folder is created".format(sssd_config_folder_path))
|
||||
|
||||
if self.util.is_exist(sssd_config_file_path):
|
||||
self.util.delete_file(sssd_config_file_path)
|
||||
self.logger.info("delete sssd org conf")
|
||||
|
||||
self.util.copy_file(sssd_config_template_path, sssd_config_folder_path)
|
||||
self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path))
|
||||
self.util.rename_file("/etc/sssd/sssd_ad.conf", "/etc/sssd/sssd.conf")
|
||||
|
||||
# Configure sssd.conf
|
||||
file_sssd = open(sssd_config_file_path, 'r')
|
||||
file_data = file_sssd.read()
|
||||
|
||||
file_data = file_data.replace("###domains###", "domains = {}".format(domain_name))
|
||||
file_data = file_data.replace("###[domain/###", "[domain/{}]".format(domain_name))
|
||||
file_data = file_data.replace("###ad_domain###", "ad_domain = {}".format(domain_name))
|
||||
file_data = file_data.replace("###krb5_realm###", "krb5_realm = {}".format(domain_name.upper()))
|
||||
|
||||
file_sssd.close()
|
||||
file_sssd = open(sssd_config_file_path, 'w')
|
||||
file_sssd.write(file_data)
|
||||
file_sssd.close()
|
||||
|
||||
# Arrangement of chmod as 600 for sssd.conf
|
||||
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
|
||||
if(result_code == 0):
|
||||
self.logger.info("Chmod komutu başarılı bir şekilde çalıştırıldı")
|
||||
else:
|
||||
self.logger.error("Chmod komutu başarısız : " + str(p_err))
|
||||
|
||||
# Configure sssd for language environment
|
||||
default_sssd_path = "/etc/default/sssd"
|
||||
file_default_sssd = open(default_sssd_path, 'r')
|
||||
file_data = file_default_sssd.read()
|
||||
|
||||
if not self.util.is_exist(default_sssd_path):
|
||||
self.util.create_directory(default_sssd_path)
|
||||
self.logger.info("{0} folder is created".format(default_sssd_path))
|
||||
|
||||
if self.util.is_exist(default_sssd_path):
|
||||
self.util.delete_file(default_sssd_path)
|
||||
self.logger.info("delete sssd org conf")
|
||||
|
||||
if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data :
|
||||
file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
|
||||
self.logger.info("/etc/default/sssd is configured")
|
||||
|
||||
file_default_sssd.close()
|
||||
file_default_sssd = open(default_sssd_path, 'w')
|
||||
file_default_sssd.write(file_data)
|
||||
file_default_sssd.close()
|
||||
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
# self.util.execute("pam-auth-update --force")
|
||||
self.logger.info("AD Login operation has been completed.")
|
||||
|
||||
self.logger.info("AD Login işlemi başarı ile sağlandı.")
|
||||
return True
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.logger.info("AD Login işlemi esnasında hata oluştu.")
|
||||
return False
|
||||
|
163
src/base/registration/execute_sssd_authentication.py
Normal file
163
src/base/registration/execute_sssd_authentication.py
Normal file
|
@ -0,0 +1,163 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
|
||||
class ExecuteSSSDAuthentication:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def authenticate(self, server_address, dn, admin_dn, admin_password):
|
||||
try:
|
||||
ldap_pwdlockout_dn = "cn=DefaultPolicy,ou=PasswordPolicies" + "," + dn
|
||||
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd.conf"
|
||||
sssd_config_folder_path = "/etc/sssd"
|
||||
sssd_config_file_path = "/etc/sssd/sssd.conf"
|
||||
sssd_language_conf = "/etc/default/sssd"
|
||||
|
||||
common_session_conf_path = "/etc/pam.d/common-session"
|
||||
|
||||
# copy configuration file to /etc/sssd/sssd.conf before package installation
|
||||
# create sssd folder in /etc
|
||||
if not self.util.is_exist(sssd_config_folder_path):
|
||||
self.util.create_directory(sssd_config_folder_path)
|
||||
self.logger.info("{0} folder is created".format(sssd_config_folder_path))
|
||||
|
||||
# Copy sssd.conf template under /etc/sssd
|
||||
self.util.copy_file(sssd_config_template_path, sssd_config_folder_path)
|
||||
self.logger.info("{0} config file is copied under {1}".format(sssd_config_template_path, sssd_config_folder_path))
|
||||
|
||||
# Configure sssd.conf
|
||||
file_sssd = open (sssd_config_file_path, 'r')
|
||||
file_data = file_sssd.read()
|
||||
|
||||
file_data = file_data.replace("###ldap_pwdlockout_dn###", "ldap_pwdlockout_dn = " + ldap_pwdlockout_dn)
|
||||
file_data = file_data.replace("###ldap_uri###", "ldap_uri = " + "ldap://" + server_address + "/")
|
||||
file_data = file_data.replace("###ldap_default_bind_dn###", "ldap_default_bind_dn = " + admin_dn)
|
||||
file_data = file_data.replace("###ldap_default_authtok###", "ldap_default_authtok = " + admin_password)
|
||||
file_data = file_data.replace("###ldap_search_base###", "ldap_search_base = " + dn)
|
||||
file_data = file_data.replace("###ldap_user_search_base###", "ldap_user_search_base = " + dn)
|
||||
file_data = file_data.replace("###ldap_group_search_base###", "ldap_group_search_base = " + dn)
|
||||
file_data = file_data.replace("###ldap_sudo_search_base###", "ldap_sudo_search_base = ou=Roles," + dn)
|
||||
|
||||
file_sssd.close()
|
||||
file_sssd = open(sssd_config_file_path, 'w')
|
||||
file_sssd.write(file_data)
|
||||
file_sssd.close()
|
||||
|
||||
# Install libpam-sss sssd-common for sssd authentication
|
||||
(result_code, p_out, p_err) = self.util.execute("sudo apt install libpam-sss sssd-common -y")
|
||||
|
||||
if result_code != 0:
|
||||
self.logger.error("SSSD packages couldn't be downloaded.")
|
||||
return False
|
||||
|
||||
# configure common-session for creating home directories for ldap users
|
||||
file_common_session = open(common_session_conf_path, 'r')
|
||||
file_data = file_common_session.read()
|
||||
|
||||
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data :
|
||||
file_data = file_data + "\n" + "session optional pam_mkhomedir.so skel=/etc/skel umask=077"
|
||||
self.logger.info("common-session is configured")
|
||||
|
||||
file_common_session.close()
|
||||
file_common_session = open(common_session_conf_path, 'w')
|
||||
file_common_session.write(file_data)
|
||||
file_common_session.close()
|
||||
|
||||
# configure sssd for language environment
|
||||
file_default_sssd = open(sssd_language_conf, 'r')
|
||||
file_data = file_default_sssd.read()
|
||||
|
||||
if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data :
|
||||
file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
|
||||
self.logger.info("/etc/default/sssd is configured")
|
||||
|
||||
file_default_sssd.close()
|
||||
file_default_sssd = open(sssd_language_conf, 'w')
|
||||
file_default_sssd.write(file_data)
|
||||
file_default_sssd.close()
|
||||
|
||||
self.logger.info("Restarting sssd service.")
|
||||
self.util.execute("systemctl restart sssd.service")
|
||||
|
||||
# Configure nsswitch.conf
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
file_data = file_ns_switch.read()
|
||||
|
||||
# cleared file data from spaces, tabs and newlines
|
||||
text = pattern.sub('', file_data)
|
||||
|
||||
is_configuration_done_before = False
|
||||
if "passwd:compatsss" not in text and "passwd:compat" in text:
|
||||
file_data = file_data.replace("passwd: compat", "passwd: compat sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "passwd:filessystemdsss" not in text and "passwd:filessystemd" in text:
|
||||
file_data = file_data.replace("passwd: files systemd", "passwd: files systemd sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "group:compatsss" not in text and "group:compat" in text:
|
||||
file_data = file_data.replace("group: compat", "group: compat sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "group:filessystemdsss" not in text and "group:filessystemd" in text:
|
||||
file_data = file_data.replace("group: files systemd", "group: files systemd sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "shadow:compatsss" not in text and "shadow:compat" in text:
|
||||
file_data = file_data.replace("shadow: compat", "shadow: compat sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "shadow:filessss" not in text and "shadow:files" in text:
|
||||
file_data = file_data.replace("shadow: files", "shadow: files sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "services:dbfilessss" not in text:
|
||||
file_data = file_data.replace("services: db files", "services: db files sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "netgroup:nissss" not in text:
|
||||
file_data = file_data.replace("netgroup: nis", "netgroup: nis sss")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if "sudoers:filessss" not in text and "sudoers:files" in text:
|
||||
file_data = file_data.replace("sudoers: files", "sudoers: files sss")
|
||||
is_configuration_done_before = True
|
||||
elif "sudoers:filessss" in text:
|
||||
is_configuration_done_before = False
|
||||
else:
|
||||
file_data = file_data + "sudoers: files sss"
|
||||
|
||||
|
||||
if is_configuration_done_before:
|
||||
self.logger.info("nsswitch.conf configuration has been completed")
|
||||
else:
|
||||
self.logger.info("nsswitch.conf is already configured")
|
||||
|
||||
file_ns_switch.close()
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
# self.util.execute("pam-auth-update --force")
|
||||
self.logger.info("LDAP Login operation has been completed.")
|
||||
|
||||
self.logger.info("LDAP Login işlemi başarı ile sağlandı.")
|
||||
return True
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.logger.info("LDAP Login işlemi esnasında hata oluştu.")
|
||||
return False
|
||||
|
|
@ -15,8 +15,11 @@ import pwd
|
|||
from base.timer.setup_timer import SetupTimer
|
||||
from base.timer.timer import Timer
|
||||
import re
|
||||
import sys
|
||||
import os
|
||||
from base.registration.execute_cancel_sssd_authentication import ExecuteCancelSSSDAuthentication
|
||||
from base.registration.execute_sssd_authentication import ExecuteSSSDAuthentication
|
||||
from base.registration.execute_sssd_ad_authentication import ExecuteSSSDAdAuthentication
|
||||
from base.registration.execute_cancel_sssd_ad_authentication import ExecuteCancelSSSDAdAuthentication
|
||||
|
||||
class Registration:
|
||||
def __init__(self):
|
||||
|
@ -28,55 +31,65 @@ class Registration:
|
|||
self.conf_manager = scope.get_configuration_manager()
|
||||
self.db_service = scope.get_db_service()
|
||||
self.util = Util()
|
||||
self.service_name='im.liderahenk.org'
|
||||
self.servicename='im.liderahenk.org'
|
||||
self.local_user_disable = None
|
||||
|
||||
#self.event_manager.register_event('REGISTRATION_RESPONSE', self.registration_process)
|
||||
self.event_manager.register_event('REGISTRATION_SUCCESS', self.registration_success)
|
||||
self.event_manager.register_event('REGISTRATION_ERROR', self.registration_error)
|
||||
|
||||
self.ldap_login_cancel = ExecuteCancelSSSDAuthentication()
|
||||
self.ad_login_cancel = ExecuteCancelSSSDAdAuthentication()
|
||||
self.ldap_login = ExecuteSSSDAuthentication()
|
||||
self.ad_login = ExecuteSSSDAdAuthentication()
|
||||
|
||||
self.directory_server = None
|
||||
|
||||
if self.is_registered():
|
||||
self.logger.debug('Ahenk already registered')
|
||||
else:
|
||||
self.register(True)
|
||||
|
||||
def registration_request(self):
|
||||
def registration_request(self, hostname,username,password):
|
||||
|
||||
self.logger.debug('Requesting registration')
|
||||
# SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None))
|
||||
|
||||
self.host = self.conf_manager.get("CONNECTION", "host")
|
||||
self.servicename = self.conf_manager.get("CONNECTION", "servicename")
|
||||
|
||||
self.user_name = ''
|
||||
self.user_password= ''
|
||||
self.host = hostname
|
||||
self.user_name = username
|
||||
self.user_password= password
|
||||
|
||||
user_name= os.getlogin()
|
||||
if(username is None and password is None and self.host is None ):
|
||||
|
||||
self.logger.debug('User : '+ str(user_name))
|
||||
self.host = self.conf_manager.get("CONNECTION", "host")
|
||||
|
||||
pout = Util.show_registration_message(user_name,'Makineyi Lider MYS sistemine kaydetmek için bilgileri ilgili alanlara giriniz. LÜTFEN DEVAM EDEN İŞLEMLERİ SONLANDIRDIĞINZA EMİN OLUNUZ !',
|
||||
'LIDER MYS SISTEMINE KAYIT', self.host)
|
||||
user_name= os.getlogin()
|
||||
self.logger.debug('User : '+ str(user_name))
|
||||
pout = Util.show_registration_message(user_name,'Makineyi Lider MYS sistemine kaydetmek için bilgileri ilgili alanlara giriniz. LÜTFEN DEVAM EDEN İŞLEMLERİ SONLANDIRDIĞINZA EMİN OLUNUZ !',
|
||||
'LIDER MYS SISTEMINE KAYIT', self.host)
|
||||
self.logger.debug('pout : ' + str(pout))
|
||||
field_values = pout.split(' ')
|
||||
user_registration_info = list(field_values)
|
||||
|
||||
self.logger.debug('pout : ' + str(pout))
|
||||
if self.host == '':
|
||||
self.host = user_registration_info[0]
|
||||
self.user_name = user_registration_info[1]
|
||||
self.user_password = user_registration_info[2]
|
||||
self.directory_server = user_registration_info[3]
|
||||
|
||||
field_values = pout.split(' ')
|
||||
|
||||
user_registration_info = list(field_values)
|
||||
|
||||
if self.host == '' :
|
||||
self.host = user_registration_info[0]
|
||||
self.user_name = user_registration_info[1];
|
||||
self.user_password = user_registration_info[2];
|
||||
else:
|
||||
self.user_name = user_registration_info[0];
|
||||
self.user_password = user_registration_info[1];
|
||||
else:
|
||||
self.user_name = user_registration_info[0]
|
||||
self.user_password = user_registration_info[1]
|
||||
self.directory_server = user_registration_info[2]
|
||||
|
||||
#anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(user_name,user_password), self.host,self.servicename)
|
||||
#anon_messenger.connect_to_server()
|
||||
|
||||
self.logger.debug('Requesting registration')
|
||||
SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None))
|
||||
anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(self.user_name,self.user_password), self.host,self.servicename)
|
||||
anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(self.user_name,self.user_password,self.directory_server), self.host,self.servicename)
|
||||
anon_messenger.connect_to_server()
|
||||
|
||||
def ldap_registration_request(self):
|
||||
|
@ -84,147 +97,59 @@ class Registration:
|
|||
self.messenger.send_Direct_message(self.message_manager.ldap_registration_msg())
|
||||
|
||||
def registration_success(self, reg_reply):
|
||||
self.logger.info('Registration update starting')
|
||||
|
||||
try:
|
||||
self.local_user_disable = reg_reply['disableLocalUser']
|
||||
if self.local_user_disable is True:
|
||||
self.conf_manager.set('MACHINE', 'user_disabled', 'true')
|
||||
else:
|
||||
self.conf_manager.set('MACHINE', 'user_disabled', 'false')
|
||||
|
||||
self.logger.info('LDAP Registration update starting')
|
||||
dn = str(reg_reply['agentDn'])
|
||||
self.logger.info('Current dn:' + dn)
|
||||
self.logger.info('updating host name and service')
|
||||
self.install_and_config_ldap(reg_reply)
|
||||
self.update_registration_attrs(dn)
|
||||
|
||||
# lightdm configuration by desktop env is XFCE
|
||||
self.desktop_env = self.util.get_desktop_env()
|
||||
self.logger.info("Get desktop environment is {0}".format(self.desktop_env))
|
||||
if self.desktop_env == "xfce":
|
||||
# Configure lightdm.service
|
||||
# check if 99-pardus-xfce.conf exists if not create
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if not self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf does not exist.")
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]\n")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm has been configured.")
|
||||
else:
|
||||
self.logger.info("99-pardus-xfce.conf exists. Delete file and create new one.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm.conf has been configured.")
|
||||
|
||||
# LDAP registration
|
||||
if self.directory_server == "LDAP":
|
||||
self.install_and_config_ldap(reg_reply)
|
||||
# AD registration
|
||||
else:
|
||||
self.install_and_config_ad(reg_reply)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('Registartion error. Error Message: {0}.'.format(str(e)))
|
||||
self.logger.error('Registration error. Error Message: {0}.'.format(str(e)))
|
||||
print(e)
|
||||
raise
|
||||
|
||||
def install_and_config_ldap(self, reg_reply):
|
||||
self.logger.info('ldap install process starting')
|
||||
server_address = str(reg_reply['ldapServer'])
|
||||
dn = str(reg_reply['ldapBaseDn'])
|
||||
version = str(reg_reply['ldapVersion'])
|
||||
admin_dn = str(reg_reply['ldapUserDn']) # get user full dn from server.. password same
|
||||
admin_password = self.user_password # same user get from server
|
||||
|
||||
if server_address != '' and dn != '' and version != '' and admin_dn != '' and admin_password != '':
|
||||
(result_code, p_out, p_err) = self.util.execute("/bin/bash /usr/share/ahenk/plugins/ldap-login/scripts/ldap-login.sh {0} {1} {2} {3} {4}".format(
|
||||
server_address, "\'" + dn + "\'", "\'" + admin_dn + "\'", "\'" + admin_password + "\'", version))
|
||||
if result_code == 0:
|
||||
self.logger.info("Script has run successfully")
|
||||
self.change_pam_ldap_configs()
|
||||
else:
|
||||
self.logger.error("Script could not run successfully: " + p_err)
|
||||
print("ERROR ---> " + str(p_err))
|
||||
raise Exception('LDAP Ayarları yapılırken hata oluştu. Lütfen ağ bağlantınızı kontrol ediniz. Deponuzun güncel olduğundan emin olunuz.')
|
||||
else :
|
||||
raise Exception(
|
||||
'LDAP Ayarları yapılırken hata oluştu. Lütfen ağ bağlantınızı kontrol ediniz. Deponuzun güncel olduğundan emin olunuz.')
|
||||
|
||||
|
||||
|
||||
def registration_error(self, reg_reply):
|
||||
self.re_register()
|
||||
|
||||
|
||||
def change_pam_ldap_configs(self):
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
pam_scripts_original_directory_path = "/usr/share/ahenk/pam_scripts_original"
|
||||
|
||||
ldap_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/ldap"
|
||||
ldap_original_file_path = "/usr/share/pam-configs/ldap"
|
||||
ldap_configured_file_path = "/usr/share/ahenk/plugins/ldap-login/config-files/ldap"
|
||||
|
||||
pam_script_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/pam_script"
|
||||
pam_script_original_file_path = "/usr/share/pam-configs/pam_script"
|
||||
pam_script_configured_file_path = "/usr/share/ahenk/plugins/ldap-login/config-files/pam_script"
|
||||
|
||||
#create pam_scripts_original directory if not exists
|
||||
if not self.util.is_exist(pam_scripts_original_directory_path):
|
||||
self.logger.info("Creating {0} directory.".format(pam_scripts_original_directory_path))
|
||||
self.util.create_directory(pam_scripts_original_directory_path)
|
||||
|
||||
if self.util.is_exist(ldap_back_up_file_path):
|
||||
self.logger.info("Changing {0} with {1}.".format(ldap_original_file_path, ldap_configured_file_path))
|
||||
self.util.copy_file(ldap_configured_file_path, ldap_original_file_path)
|
||||
else:
|
||||
self.logger.info("Backing up {0}".format(ldap_original_file_path))
|
||||
self.util.copy_file(ldap_original_file_path, ldap_back_up_file_path)
|
||||
self.logger.info("{0} file is replaced with {1}.".format(ldap_original_file_path, ldap_configured_file_path))
|
||||
self.util.copy_file(ldap_configured_file_path, ldap_original_file_path)
|
||||
|
||||
if self.util.is_exist(pam_script_back_up_file_path):
|
||||
self.util.copy_file(pam_script_configured_file_path, pam_script_original_file_path)
|
||||
self.logger.info("{0} is replaced with {1}.".format(pam_script_original_file_path, pam_script_configured_file_path))
|
||||
else:
|
||||
self.logger.info("Backing up {0}".format(pam_script_original_file_path))
|
||||
self.util.copy_file(pam_script_original_file_path, pam_script_back_up_file_path)
|
||||
self.logger.info("{0} file is replaced with {1}".format(pam_script_original_file_path, pam_script_configured_file_path))
|
||||
self.util.copy_file(pam_script_configured_file_path, pam_script_original_file_path)
|
||||
|
||||
(result_code, p_out, p_err) = self.util.execute("DEBIAN_FRONTEND=noninteractive pam-auth-update --package")
|
||||
if result_code == 0:
|
||||
self.logger.info("'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' has run successfully")
|
||||
else:
|
||||
self.logger.error("'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: " + p_err)
|
||||
|
||||
|
||||
# Configure nsswitch.conf
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
file_data = file_ns_switch.read()
|
||||
|
||||
# cleared file data from spaces, tabs and newlines
|
||||
text = pattern.sub('', file_data)
|
||||
|
||||
is_configuration_done_before = False
|
||||
if ("passwd:compatldap" not in text):
|
||||
file_data = file_data.replace("passwd: compat", "passwd: compat ldap")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if ("group:compatldap" not in text):
|
||||
file_data = file_data.replace("group: compat", "group: compat ldap")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if ("shadow:compatldap" not in text):
|
||||
file_data = file_data.replace("shadow: compat", "shadow: compat ldap")
|
||||
is_configuration_done_before = True
|
||||
|
||||
if is_configuration_done_before:
|
||||
self.logger.info("nsswitch.conf configuration has been completed")
|
||||
else:
|
||||
self.logger.info("nsswitch.conf is already configured")
|
||||
|
||||
file_ns_switch.close()
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
|
||||
# Configure lightdm.service
|
||||
# check if 99-pardus-xfce.conf exists if not create
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if not self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf does not exist.")
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]\n")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm has been configured.")
|
||||
else:
|
||||
self.logger.info("99-pardus-xfce.conf exists. Delete file and create new one.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm.conf has been configured.")
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
self.logger.info("Operation finished")
|
||||
|
||||
|
||||
def update_registration_attrs(self, dn=None):
|
||||
self.logger.debug('Registration configuration is updating...')
|
||||
self.db_service.update('registration', ['dn', 'registered'], [dn, 1], ' registered = 0')
|
||||
|
@ -244,7 +169,39 @@ class Registration:
|
|||
self.conf_manager.write(configfile)
|
||||
self.logger.debug('Registration configuration file is updated')
|
||||
|
||||
def install_and_config_ldap(self, reg_reply):
|
||||
self.logger.info('ldap install process starting')
|
||||
server_address = str(reg_reply['ldapServer'])
|
||||
dn = str(reg_reply['ldapBaseDn'])
|
||||
version = str(reg_reply['ldapVersion'])
|
||||
admin_dn = str(reg_reply['ldapUserDn']) # get user full dn from server.. password same
|
||||
#admin_password = self.user_password # same user get from server
|
||||
admin_password = self.db_service.select_one_result('registration', 'password', ' registered=1')
|
||||
self.ldap_login.authenticate(server_address, dn, admin_dn, admin_password)
|
||||
|
||||
if server_address != '' and dn != '' and version != '' and admin_dn != '' and admin_password != '':
|
||||
self.logger.info("SSSD configuration process starting....")
|
||||
self.logger.info("SSSD configuration process starting....")
|
||||
else :
|
||||
raise Exception(
|
||||
'LDAP Ayarları yapılırken hata oluştu. Lütfen ağ bağlantınızı kontrol ediniz. Deponuzun güncel olduğundan emin olunuz.')
|
||||
|
||||
def install_and_config_ad(self, reg_reply):
|
||||
self.logger.info('AD install process starting')
|
||||
domain_name = str(reg_reply['adDomainName'])
|
||||
host_name = str(reg_reply['adHostName'])
|
||||
ip_address = str(reg_reply['adIpAddress'])
|
||||
password = str(reg_reply['adAdminPassword'])
|
||||
ad_username = str(reg_reply['adAdminUserName'])
|
||||
|
||||
if domain_name is None or host_name is None or ip_address is None or password is None :
|
||||
self.logger.error("Registration params is null")
|
||||
return
|
||||
|
||||
self.ad_login.authenticate(domain_name, host_name, ip_address, password, ad_username)
|
||||
|
||||
def registration_error(self, reg_reply):
|
||||
self.re_register()
|
||||
|
||||
def is_registered(self):
|
||||
try:
|
||||
|
@ -349,43 +306,50 @@ class Registration:
|
|||
'and it is connected to XMPP server! Check your Ahenk configuration file (/etc/ahenk/ahenk.conf)')
|
||||
self.logger.error('Ahenk is shutting down...')
|
||||
print('Ahenk is shutting down...')
|
||||
|
||||
Util.show_message(os.getlogin(),':0',"Lider MYS sistemine ulaşılamadı. Lütfen sunucu adresini kontrol ediniz....","HATA")
|
||||
|
||||
System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))
|
||||
|
||||
|
||||
|
||||
def purge_and_unregister(self):
|
||||
try:
|
||||
|
||||
|
||||
self.logger.info('Ahenk conf cleaned')
|
||||
self.logger.info('Ahenk conf cleaning from db')
|
||||
self.unregister()
|
||||
self.logger.info('Purge ldap packages')
|
||||
Util.execute("sudo apt purge libpam-ldap libnss-ldap ldap-utils -y")
|
||||
# self.logger.info('Purge ahenk packages')
|
||||
# Util.execute("sudo apt purge ahenk ahenk-* -y")
|
||||
Util.execute("sudo apt autoremove -y")
|
||||
self.change_configs_after_purge()
|
||||
self.logger.info('purging successfull')
|
||||
|
||||
directory_type = "LDAP"
|
||||
if self.util.is_exist("/etc/ahenk/ad_info"):
|
||||
directory_type = "AD"
|
||||
|
||||
if directory_type == "LDAP":
|
||||
self.ldap_login_cancel.cancel()
|
||||
else:
|
||||
self.ad_login_cancel.cancel()
|
||||
|
||||
self.logger.info('Cleaning ahenk conf..')
|
||||
self.clean()
|
||||
self.logger.info('Ahenk conf cleaned from db')
|
||||
self.logger.info('Enable Users')
|
||||
self.enable_local_users()
|
||||
Util.shutdown()
|
||||
|
||||
if self.conf_manager.has_section('MACHINE'):
|
||||
user_disabled = self.conf_manager.get("MACHINE", "user_disabled")
|
||||
self.logger.info('User disabled value=' + str(user_disabled))
|
||||
if user_disabled != 'false':
|
||||
self.logger.info('Enable Users')
|
||||
self.enable_local_users()
|
||||
else:
|
||||
self.logger.info('Local users already enabled')
|
||||
# İf desktop env is XFCE configured lightdm.service
|
||||
if self.util.get_desktop_env() == "xfce":
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
|
||||
Util.shutdown()
|
||||
except Exception as e:
|
||||
self.logger.error("Error while running purge_and_unregister process.. Error Message " + str(e))
|
||||
|
||||
|
||||
#System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))
|
||||
#sys.exit(2)
|
||||
|
||||
def change_configs_after_purge(self):
|
||||
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
|
@ -402,7 +366,8 @@ class Registration:
|
|||
self.util.delete_file(ldap_back_up_file_path)
|
||||
|
||||
if self.util.is_exist(pam_script_back_up_file_path):
|
||||
self.logger.info("Replacing {0} with {1}".format(pam_script_original_file_path, pam_script_back_up_file_path))
|
||||
self.logger.info(
|
||||
"Replacing {0} with {1}".format(pam_script_original_file_path, pam_script_back_up_file_path))
|
||||
self.util.copy_file(pam_script_back_up_file_path, pam_script_original_file_path)
|
||||
self.logger.info("Deleting {0}".format(pam_script_back_up_file_path))
|
||||
self.util.delete_file(pam_script_back_up_file_path)
|
||||
|
@ -411,7 +376,8 @@ class Registration:
|
|||
if result_code == 0:
|
||||
self.logger.info("'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' has run successfully")
|
||||
else:
|
||||
self.logger.error("'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: " + p_err)
|
||||
self.logger.error(
|
||||
"'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: " + p_err)
|
||||
|
||||
# Configure nsswitch.conf
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
|
@ -421,18 +387,22 @@ class Registration:
|
|||
text = pattern.sub('', file_data)
|
||||
|
||||
did_configuration_change = False
|
||||
if "passwd:compatldap" in text:
|
||||
file_data = file_data.replace("passwd: compat ldap", "passwd: compat")
|
||||
if "passwd:compatldap[NOTFOUND=return]db" in text:
|
||||
file_data = file_data.replace("passwd: compat ldap [NOTFOUND=return] db", "passwd: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "group:compatldap" in text:
|
||||
file_data = file_data.replace("group: compat ldap", "group: compat")
|
||||
if "group:compatldap[NOTFOUND=return]db" in text:
|
||||
file_data = file_data.replace("group: compat ldap [NOTFOUND=return] db", "group: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "shadow:compatldap" in text:
|
||||
file_data = file_data.replace("shadow: compat ldap", "shadow: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "#gshadow:files" in text:
|
||||
file_data = file_data.replace("#gshadow: files", "gshadow: files")
|
||||
did_configuration_change = True
|
||||
|
||||
if did_configuration_change:
|
||||
self.logger.info("nsswitch.conf configuration has been configured")
|
||||
else:
|
||||
|
@ -443,6 +413,12 @@ class Registration:
|
|||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
|
||||
# Configure ldap-cache
|
||||
nss_update_cron_job_file_path = "/etc/cron.daily/nss-updatedb"
|
||||
if self.util.is_exist(nss_update_cron_job_file_path):
|
||||
self.util.delete_file(nss_update_cron_job_file_path)
|
||||
self.logger.info("{0} is deleted.".format(nss_update_cron_job_file_path))
|
||||
|
||||
# Configure lightdm.service
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if self.util.is_exist(pardus_xfce_path):
|
||||
|
@ -452,7 +428,6 @@ class Registration:
|
|||
self.util.execute("systemctl restart nscd.service")
|
||||
self.logger.info("Operation finished")
|
||||
|
||||
|
||||
def clean(self):
|
||||
print('Ahenk cleaning..')
|
||||
import configparser
|
||||
|
@ -473,7 +448,7 @@ class Registration:
|
|||
|
||||
config.set('CONNECTION', 'uid', '')
|
||||
config.set('CONNECTION', 'password', '')
|
||||
config.set('MACHINE', 'user_disabled', '0')
|
||||
config.set('MACHINE', 'user_disabled', 'false')
|
||||
|
||||
with open(System.Ahenk.config_path(), 'w') as file:
|
||||
config.write(file)
|
||||
|
@ -508,6 +483,20 @@ class Registration:
|
|||
change_username = 'usermod -l {0} {1}'
|
||||
content = Util.read_file('/etc/passwd')
|
||||
kill_all_process = 'killall -KILL -u {}'
|
||||
change_permisson = "chmod -R 700 {}"
|
||||
|
||||
add_user_conf_file = "/etc/adduser.conf"
|
||||
file_dir_mode = open(add_user_conf_file, 'r')
|
||||
file_data = file_dir_mode.read()
|
||||
file_data = file_data.replace("DIR_MODE=0755", "DIR_MODE=0700")
|
||||
file_dir_mode.close()
|
||||
|
||||
file_dir_mode = open(add_user_conf_file, 'w')
|
||||
file_dir_mode.write(file_data)
|
||||
file_dir_mode.close()
|
||||
|
||||
self.logger.info("add user mode changed to 0700 in file {}".format(add_user_conf_file))
|
||||
|
||||
for p in pwd.getpwall():
|
||||
self.logger.info("User: '{0}' will be disabled and changed username and home directory of username".format(p.pw_name))
|
||||
if not sysx.shell_is_interactive(p.pw_shell):
|
||||
|
@ -521,3 +510,4 @@ class Registration:
|
|||
Util.execute(passwd_cmd.format(p.pw_name))
|
||||
Util.execute(change_username.format(new_username, p.pw_name))
|
||||
Util.execute(change_home.format(new_home_dir, new_username))
|
||||
Util.execute(change_permisson.format(new_home_dir))
|
||||
|
|
26
src/base/registration/scripts/ad.sh
Normal file
26
src/base/registration/scripts/ad.sh
Normal file
|
@ -0,0 +1,26 @@
|
|||
#!/bin/bash
|
||||
#set debconf krb5 and samba-common
|
||||
|
||||
ad_domain_name=$1
|
||||
ad_host_name=$2
|
||||
|
||||
echo "samba-common samba-common/workgroup string WORKGROUP" | sudo debconf-set-selections
|
||||
echo "samba-common samba-common/dhcp boolean false" | sudo debconf-set-selections
|
||||
echo "samba-common samba-common/do_debconf boolean true" | sudo debconf-set-selections
|
||||
apt-get -y install samba-common
|
||||
|
||||
|
||||
cat > /root/debconf-krb5.conf <<EOF
|
||||
|
||||
krb5-config krb5-config/read_conf boolean true
|
||||
krb5-config krb5-config/kerberos_servers string
|
||||
krb5-config krb5-config/add_servers boolean false
|
||||
krb5-config krb5-config/default_realm string ${ad_domain_name}
|
||||
krb5-config krb5-config/add_servers_realm string ${ad_host_name}
|
||||
krb5-config krb5-config/admin_server string ${ad_host_name}
|
||||
EOF
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
cat /root/debconf-krb5.conf | debconf-set-selections
|
||||
apt-get install krb5-user -y
|
||||
|
||||
|
60
src/base/registration/scripts/ldap-login.sh
Executable file
60
src/base/registration/scripts/ldap-login.sh
Executable file
|
@ -0,0 +1,60 @@
|
|||
#!/bin/bash
|
||||
|
||||
#Author: <tuncay.colak@tubitak.gov.tr>
|
||||
#set debconf libnss-ldap and libpam-ldap
|
||||
|
||||
ldap_hostname=$1
|
||||
ldap_base_dn=$2
|
||||
ldap_user_dn=$3
|
||||
ldap_user_pwd=$4
|
||||
ldap_version=$5
|
||||
|
||||
echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections
|
||||
|
||||
## libnss-ldap
|
||||
echo -e " \
|
||||
libnss-ldap libnss-ldap/dblogin boolean false
|
||||
libnss-ldap shared/ldapns/base-dn string $ldap_base_dn
|
||||
libnss-ldap libnss-ldap/binddn string $ldap_user_dn
|
||||
libnss-ldap libnss-ldap/dbrootlogin boolean true
|
||||
libnss-ldap libnss-ldap/override boolean true
|
||||
libnss-ldap shared/ldapns/ldap-server string $ldap_hostname
|
||||
libnss-ldap libnss-ldap/confperm boolean false
|
||||
libnss-ldap libnss-ldap/rootbinddn string $ldap_user_dn
|
||||
libnss-ldap shared/ldapns/ldap_version select $ldap_version
|
||||
libnss-ldap libnss-ldap/nsswitch note
|
||||
libpam-ldap libpam-ldap/dblogin boolean false
|
||||
libpam-ldap libpam-ldap/dbrootlogin boolean true
|
||||
libpam-ldap libpam-ldap/override boolean true
|
||||
libpam-ldap libpam-ldap/pam_password string crypt
|
||||
libpam-ldap libpam-ldap/rootbinddn string $ldap_user_dn
|
||||
libpam-ldap libpam-runtime/override boolean false \
|
||||
" | debconf-set-selections
|
||||
|
||||
echo "Name: libnss-ldap/bindpw
|
||||
Template: libnss-ldap/bindpw
|
||||
Owners: libnss-ldap, libnss-ldap:amd64
|
||||
|
||||
Name: libnss-ldap/rootbindpw
|
||||
Template: libnss-ldap/rootbindpw
|
||||
Value:
|
||||
Owners: libnss-ldap, libnss-ldap:amd64
|
||||
Flags: seen
|
||||
|
||||
Name: libpam-ldap/bindpw
|
||||
Template: libpam-ldap/bindpw
|
||||
Owners: libpam-ldap, libpam-ldap:amd64
|
||||
|
||||
Name: libpam-ldap/rootbindpw
|
||||
Template: libpam-ldap/rootbindpw
|
||||
Value:
|
||||
Owners: libpam-ldap, libpam-ldap:amd64
|
||||
Flags: seen
|
||||
Variables:
|
||||
filename = /etc/pam_ldap.secret
|
||||
package = libpam-ldap" >> /var/cache/debconf/passwords.dat
|
||||
|
||||
echo $ldap_user_pwd > /etc/pam_ldap.secret
|
||||
apt update
|
||||
apt-get install libpam-ldap libnss-ldap ldap-utils -y
|
||||
SUDO_FORCE_REMOVE=yes apt-get install sudo-ldap -y
|
91
src/base/registration/test.py
Normal file
91
src/base/registration/test.py
Normal file
|
@ -0,0 +1,91 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
|
||||
class ExecuteCancelSSSDAuthentication:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def cancel(self):
|
||||
self.util.execute("apt purge libpam-sss sssd-common -y")
|
||||
self.util.execute("apt autoremove -y")
|
||||
|
||||
if self.util.is_exist("/etc/sssd"):
|
||||
self.util.delete_folder("/etc/sssd")
|
||||
|
||||
# pattern for clearing file data from spaces, tabs and newlines
|
||||
pattern = re.compile(r'\s+')
|
||||
|
||||
# Configure nsswitch.conf
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
file_data = file_ns_switch.read()
|
||||
|
||||
# cleared file data from spaces, tabs and newlines
|
||||
text = pattern.sub('', file_data)
|
||||
|
||||
did_configuration_change = False
|
||||
if "passwd:compatsss" in text:
|
||||
file_data = file_data.replace("passwd: compat sss", "passwd: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "group:compatsss" in text:
|
||||
file_data = file_data.replace("group: compat sss", "group: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "shadow:compatsss" in text:
|
||||
file_data = file_data.replace("shadow: compat sss", "shadow: compat")
|
||||
did_configuration_change = True
|
||||
|
||||
if "services:dbfilessss" in text:
|
||||
file_data = file_data.replace("services: db files sss", "services: db files")
|
||||
did_configuration_change = True
|
||||
|
||||
if "netgroup:nissss" in text:
|
||||
file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
|
||||
did_configuration_change = True
|
||||
|
||||
if "sudoers:filessss" in text:
|
||||
file_data = file_data.replace("sudoers: files sss", "")
|
||||
did_configuration_change = True
|
||||
|
||||
if did_configuration_change:
|
||||
self.logger.info("nsswitch.conf configuration has been configured")
|
||||
else:
|
||||
self.logger.info("nsswitch.conf has already been configured")
|
||||
|
||||
file_ns_switch.close()
|
||||
file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
file_ns_switch.write(file_data)
|
||||
file_ns_switch.close()
|
||||
|
||||
common_session_conf_path = "/etc/pam.d/common-session"
|
||||
|
||||
# configure common-session for creating home directories for ldap users
|
||||
file_common_session = open(common_session_conf_path, 'r')
|
||||
file_data = file_common_session.read()
|
||||
|
||||
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" in file_data:
|
||||
file_data = file_data.replace("session optional pam_mkhomedir.so skel=/etc/skel umask=077", "")
|
||||
self.logger.info("common-session is configured")
|
||||
|
||||
file_common_session.close()
|
||||
file_common_session = open(common_session_conf_path, 'w')
|
||||
file_common_session.write(file_data)
|
||||
file_common_session.close()
|
||||
|
||||
# Configure lightdm.service
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
|
||||
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")
|
||||
|
|
@ -17,16 +17,21 @@ from base.scope import Scope
|
|||
|
||||
|
||||
class Util:
|
||||
|
||||
|
||||
def __init__(self):
|
||||
super().__init__()
|
||||
|
||||
@staticmethod
|
||||
def get_ask_path_file():
|
||||
return '/usr/share/ahenk/base/agreement/'
|
||||
|
||||
@staticmethod
|
||||
def close_session(username):
|
||||
Util.execute('pkill -9 -u {0}'.format(username))
|
||||
|
||||
@staticmethod
|
||||
def shutdown():
|
||||
print("shutting down")
|
||||
Util.execute('reboot')
|
||||
|
||||
@staticmethod
|
||||
|
@ -138,6 +143,16 @@ class Util:
|
|||
except:
|
||||
raise
|
||||
|
||||
@staticmethod
|
||||
def get_executable_path(app_name):
|
||||
path = None
|
||||
try:
|
||||
path = shutil.which(app_name)
|
||||
except:
|
||||
raise
|
||||
finally:
|
||||
return path
|
||||
|
||||
@staticmethod
|
||||
def execute(command, stdin=None, env=None, cwd=None, shell=True, result=True, as_user=None, ip=None):
|
||||
|
||||
|
@ -182,7 +197,7 @@ class Util:
|
|||
command.append(script_path)
|
||||
else:
|
||||
raise Exception('[Util] Script is required')
|
||||
if parameters is not None:
|
||||
if parameters is not None:
|
||||
for p in parameters:
|
||||
command.append(p)
|
||||
|
||||
|
@ -225,8 +240,9 @@ class Util:
|
|||
def file_group(full_path):
|
||||
try:
|
||||
st = os.stat(full_path)
|
||||
gid = st.st_uid
|
||||
return grp.getgrgid(gid)[0]
|
||||
gid = st.st_gid
|
||||
# return grp.getgrgid(gid)[0]
|
||||
return gid
|
||||
except:
|
||||
raise
|
||||
|
||||
|
@ -332,15 +348,20 @@ class Util:
|
|||
Util.execute('export DISPLAY={0}; su - {1} -c \'{2}\''.format(display, user, inner_command))
|
||||
|
||||
@staticmethod
|
||||
def show_message(username,display=':0',message='', title=''):
|
||||
ask_path = '/usr/share/ahenk/base/agreement/confirm.py'
|
||||
def show_message(username, display, message='', title=''):
|
||||
ask_path = Util.get_ask_path_file()+ 'confirm.py'
|
||||
|
||||
Scope.get_instance().get_logger().debug('DISPLAYYYY --------->>>>>>>>: ' + str(display))
|
||||
|
||||
if display is None:
|
||||
display_number = Util.get_username_display()
|
||||
else:
|
||||
display_number = display
|
||||
try:
|
||||
|
||||
if username is not None:
|
||||
command = 'export DISPLAY={0};su - {1} -c \'python3 {2} \"{3}\" \"{4}\"\''.format(display, username,
|
||||
ask_path,
|
||||
message,
|
||||
title)
|
||||
command = 'su - {0} -c \'python3 {1} \"{2}\" \"{3}\" \"{4}\"\''.format(username, ask_path, message,
|
||||
title, display_number)
|
||||
result_code, p_out, p_err = Util.execute(command)
|
||||
|
||||
if p_out.strip() == 'Y':
|
||||
|
@ -355,22 +376,26 @@ class Util:
|
|||
except Exception as e :
|
||||
print("Error when showing message " + str(e))
|
||||
|
||||
return None;
|
||||
return None
|
||||
|
||||
|
||||
|
||||
@staticmethod
|
||||
def show_registration_message(login_user_name,message,title,host=None):
|
||||
ask_path = '/usr/share/ahenk/base/agreement/ahenkmessage.py'
|
||||
display_number = ":0"
|
||||
|
||||
ask_path = Util.get_ask_path_file()+ 'ahenkmessage.py'
|
||||
|
||||
# display_number = ":0"
|
||||
display_number = Util.get_username_display()
|
||||
|
||||
if host is None:
|
||||
command = 'export DISPLAY={0}; su - {1} -c \"python3 {2} \'{3}\' \'{4}\' \"'.format(display_number, login_user_name,
|
||||
ask_path, message, title)
|
||||
command = 'su - {0} -c \"python3 {1} \'{2}\' \'{3}\' \'{4}\' \"'.format(login_user_name,
|
||||
ask_path, message, title, display_number)
|
||||
else:
|
||||
command = 'export DISPLAY={0}; su - {1} -c \"python3 {2} \'{3}\' \'{4}\' \'{5}\' \"'.format(display_number,
|
||||
login_user_name,
|
||||
command = 'su - {0} -c \"python3 {1} \'{2}\' \'{3}\' \'{4}\' \'{5}\' \"'.format(login_user_name,
|
||||
ask_path,
|
||||
message, title,
|
||||
host)
|
||||
host, display_number)
|
||||
result_code, p_out, p_err = Util.execute(command)
|
||||
|
||||
pout = str(p_out).replace('\n', '')
|
||||
|
@ -380,16 +405,42 @@ class Util:
|
|||
@staticmethod
|
||||
def show_unregistration_message(login_user_name,display_number,message,title):
|
||||
|
||||
ask_path = '/usr/share/ahenk/base/agreement/unregistrationmessage.py'
|
||||
ask_path = Util.get_ask_path_file()+ 'unregistrationmessage.py'
|
||||
|
||||
command = 'export DISPLAY={0}; su - {1} -c \"python3 {2} \'{3}\' \'{4}\' \"'.format(display_number,
|
||||
login_user_name,
|
||||
ask_path,
|
||||
message, title
|
||||
)
|
||||
command = 'su - {0} -c \"python3 {1} \'{2}\' \'{3}\' \'{4}\' \"'.format(login_user_name, ask_path, message, title, display_number)
|
||||
result_code, p_out, p_err = Util.execute(command)
|
||||
|
||||
pout = str(p_out).replace('\n', '')
|
||||
|
||||
return pout
|
||||
|
||||
@staticmethod
|
||||
def get_username_display():
|
||||
result_code, p_out, p_err = Util.execute("who | awk '{print $1, $5}' | sed 's/(://' | sed 's/)//'", result=True)
|
||||
|
||||
result = []
|
||||
lines = str(p_out).split('\n')
|
||||
for line in lines:
|
||||
arr = line.split(' ')
|
||||
if len(arr) > 1 and str(arr[1]).isnumeric() is True:
|
||||
result.append(line)
|
||||
|
||||
params = str(result[0]).split(' ')
|
||||
display_number = params[1]
|
||||
display_number = ":"+str(display_number)
|
||||
return display_number
|
||||
|
||||
@staticmethod
|
||||
def get_desktop_env():
|
||||
xfce4_session = "/usr/bin/xfce4-session"
|
||||
gnome_session = "/usr/bin/gnome-session"
|
||||
desktop_env = None
|
||||
result_code, p_out, p_err = Util.execute("ls {}".format(gnome_session))
|
||||
if result_code == 0:
|
||||
desktop_env = "gnome"
|
||||
result_code, p_out, p_err = Util.execute("ls {}".format(xfce4_session))
|
||||
if result_code == 0:
|
||||
desktop_env = "xfce"
|
||||
|
||||
return desktop_env
|
||||
|
||||
|
|
18
src/plugins/browser/main.py
Normal file
18
src/plugins/browser/main.py
Normal file
|
@ -0,0 +1,18 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: >
|
||||
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
|
||||
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'browser'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = 'Browser plugin provides to managing user or global firefox profile like setting homepage etc.'
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = True
|
||||
inf['machine_oriented'] = True
|
||||
inf['developer'] = 'bm.volkansahin@gmail.com'
|
||||
|
||||
return inf
|
173
src/plugins/browser/policy.py
Normal file
173
src/plugins/browser/policy.py
Normal file
|
@ -0,0 +1,173 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
|
||||
# Author: Tuncay Çolak <tuncay.colak@tubitak.gov.tr> <tncyclk05@gmail.com>
|
||||
|
||||
import json
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
class Browser(AbstractPlugin):
|
||||
"""docstring for Browser"""
|
||||
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.mozilla_config_file = 'mozilla.cfg'
|
||||
self.local_settings_JS_file = 'local-settings.js'
|
||||
self.local_settings_JS_path = 'defaults/pref/'
|
||||
self.logger.info('Parameters were initialized.')
|
||||
|
||||
def handle_policy(self):
|
||||
self.logger.info('Browser plugin handling...')
|
||||
try:
|
||||
username = self.context.get('username')
|
||||
self.logger.info('Username: {}'.format(username))
|
||||
if username is not None:
|
||||
self.logger.debug('Writing preferences to user profile')
|
||||
self.write_to_user_profile(username)
|
||||
self.context.create_response(code=self.message_code.POLICY_PROCESSED.value, message='Kullanıcı browser profili başarıyla uygulandı.')
|
||||
else:
|
||||
self.logger.debug('Writing preferences to global profile')
|
||||
self.write_to_global_profile()
|
||||
self.context.create_response(code=self.message_code.POLICY_PROCESSED.value, message='Ajan browser profili başarıyla uygulandı.')
|
||||
self.logger.info('Browser profile is handled successfully')
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occurred while handling browser profile: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.POLICY_ERROR.value, message='Browser profili uygulanırken bir hata oluştu.')
|
||||
|
||||
def write_to_user_profile(self, username):
|
||||
|
||||
try:
|
||||
username = str(username).strip()
|
||||
profile_paths = self.find_user_preference_paths(username)
|
||||
if profile_paths is not None:
|
||||
# User might have multiple firefox profile directories
|
||||
for path in profile_paths:
|
||||
if self.is_exist(path):
|
||||
path = str(path) + '/user.js'
|
||||
user_jss = open(path, 'w')
|
||||
preferences = json.loads(self.data)['preferences']
|
||||
self.logger.debug('Writing preferences to user.js file ...')
|
||||
for pref in preferences:
|
||||
if pref['value'].isdigit() or str(pref['value']) == 'false' or str(pref['value']) == 'true':
|
||||
value = pref['value']
|
||||
else:
|
||||
value = '\"' + pref['value'] + '\"'
|
||||
line = 'user_pref("' + str(pref['preferenceName']) + '",' + value + ');\n'
|
||||
user_jss.write(line)
|
||||
|
||||
self.logger.debug('User preferences were wrote successfully')
|
||||
user_jss.close()
|
||||
change_owner = 'chown ' + username + ':' + username + ' ' + path
|
||||
self.execute(change_owner)
|
||||
self.logger.debug('Preferences file owner is changed')
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occurred while writing user profile: {0}'.format(str(e)))
|
||||
# Remove global lock files to tell Firefox to load the user
|
||||
|
||||
installation_path_list = self.find_firefox_installation_path()
|
||||
for installation_path in installation_path_list:
|
||||
if installation_path is None:
|
||||
self.logger.error('Firefox installation directory could not be found! Finishing task...')
|
||||
return
|
||||
self.silent_remove(str(installation_path) + self.mozilla_config_file)
|
||||
self.silent_remove(str(installation_path) + self.local_settings_JS_path + self.local_settings_JS_file)
|
||||
self.logger.debug('User profiles have been set successfully')
|
||||
|
||||
def write_to_global_profile(self):
|
||||
|
||||
firefox_installation_path_list = self.find_firefox_installation_path()
|
||||
|
||||
if firefox_installation_path_list is not None:
|
||||
for firefox_installation_path in firefox_installation_path_list:
|
||||
preferences = None
|
||||
try:
|
||||
preferences = json.loads(str(self.data))['preferences']
|
||||
except Exception as e:
|
||||
self.logger.error('Problem occurred while getting preferences. Error Message: {}'.format(str(e)))
|
||||
|
||||
mozilla_cfg = open(str(firefox_installation_path) + self.mozilla_config_file, 'w')
|
||||
self.logger.debug('Mozilla configuration file is created for {0}'.format(firefox_installation_path))
|
||||
# mozilla.cfg file must start with command
|
||||
is_command_line_added = False
|
||||
for pref in preferences:
|
||||
if pref['value'].isdigit() or str(pref['value']) == 'false' or str(pref['value']) == 'true':
|
||||
value = pref['value']
|
||||
else:
|
||||
value = '\"' + pref['value'] + '\"'
|
||||
line = 'lockPref("' + str(pref['preferenceName']) + '",' + value + ');\n'
|
||||
if not is_command_line_added:
|
||||
mozilla_cfg.write("//mozilla.cfg must start with command.\n")
|
||||
is_command_line_added = True
|
||||
mozilla_cfg.write(line)
|
||||
mozilla_cfg.close()
|
||||
self.logger.debug('Preferences were wrote to Mozilla configuration file for {0}'.format(firefox_installation_path))
|
||||
|
||||
local_settings_path = str(firefox_installation_path) + self.local_settings_JS_path
|
||||
if not self.is_exist(local_settings_path):
|
||||
self.logger.debug('Firefox local setting path not found, it will be created')
|
||||
self.create_directory(local_settings_path)
|
||||
local_settings_js = open(local_settings_path + self.local_settings_JS_file, 'w')
|
||||
local_settings_js.write(
|
||||
'pref("general.config.obscure_value", 0);\npref("general.config.filename", "mozilla.cfg");\n')
|
||||
local_settings_js.close()
|
||||
self.logger.debug('Firefox local settings were configured {}'.format(firefox_installation_path))
|
||||
|
||||
|
||||
def silent_remove(self, filename):
|
||||
try:
|
||||
if self.is_exist(filename):
|
||||
self.delete_file(filename)
|
||||
self.logger.debug('{0} removed successfully'.format(filename))
|
||||
else:
|
||||
self.logger.warning('{0} was tried to delete but not found.'.format(filename))
|
||||
except Exception as e:
|
||||
self.logger.error('Problem occurred while removing file {0}. Exception Message is: {1}'.format(filename, str(e)))
|
||||
|
||||
def find_user_preference_paths(self, user_name):
|
||||
|
||||
paths = []
|
||||
firefox_path = '/home/' + user_name + '/.mozilla/firefox/'
|
||||
if self.is_exist(firefox_path + 'profiles.ini'):
|
||||
profile_ini_file = open(firefox_path + 'profiles.ini', 'r')
|
||||
profile_ini_file_lines = profile_ini_file.readlines()
|
||||
for line in profile_ini_file_lines:
|
||||
if 'Path' in line:
|
||||
paths.append(firefox_path + str(line.split('=')[1]).strip())
|
||||
if len(paths) > 0:
|
||||
self.logger.debug('User preferences path found successfully')
|
||||
return paths
|
||||
else:
|
||||
self.logger.error('User preferences path not found')
|
||||
|
||||
def find_firefox_installation_path(self):
|
||||
|
||||
installation_path_list = []
|
||||
if self.is_exist("/usr/lib/firefox-esr/"):
|
||||
installation_path_list.append("/usr/lib/firefox-esr/")
|
||||
|
||||
if self.is_exist('/opt/firefox-esr/'):
|
||||
installation_path_list.append('/opt/firefox-esr/')
|
||||
|
||||
if self.is_exist('/usr/lib/iceweasel/'):
|
||||
installation_path_list.append('/usr/lib/iceweasel/')
|
||||
|
||||
if self.is_exist('/opt/firefox/'):
|
||||
installation_path_list.append('/opt/firefox/')
|
||||
|
||||
if installation_path_list:
|
||||
self.logger.info("Firefox installation paths list: "+str(installation_path_list))
|
||||
return installation_path_list
|
||||
|
||||
else:
|
||||
self.logger.error('Firefox installation path not found')
|
||||
return None
|
||||
|
||||
|
||||
def handle_policy(profile_data, context):
|
||||
browser = Browser(profile_data, context)
|
||||
browser.handle_policy()
|
27
src/plugins/conky/ask.py
Normal file
27
src/plugins/conky/ask.py
Normal file
|
@ -0,0 +1,27 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
|
||||
# Author: Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
import sys
|
||||
import easygui
|
||||
|
||||
|
||||
def ask(content, title):
|
||||
choice = easygui.buttonbox(msg=title, title=content, choices=['TAMAM'])
|
||||
#choice = easygui.textbox(msg=title, text=content)
|
||||
if choice:
|
||||
print('Y')
|
||||
else:
|
||||
print('N')
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
||||
if len(sys.argv) == 3:
|
||||
try:
|
||||
ask(sys.argv[1], sys.argv[2])
|
||||
except Exception as e:
|
||||
print(str(e))
|
||||
else:
|
||||
print('Argument fault. Check your parameters or content of parameters. Parameters: ' + str(sys.argv))
|
146
src/plugins/conky/execute_conky.py
Normal file
146
src/plugins/conky/execute_conky.py
Normal file
|
@ -0,0 +1,146 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Edip YILDIZ
|
||||
|
||||
|
||||
from base.model.enum.content_type import ContentType
|
||||
import json
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class RunConkyCommand(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.conky_config_file_dir = '/etc/conky'
|
||||
self.conky_config_global_autorun_file = '/etc/xdg/autostart/conky.desktop'
|
||||
self.conky_config_file_path = self.conky_config_file_dir + '/conky.conf'
|
||||
self.logger.debug('[Conky] Parameters were initialized.')
|
||||
self.conky_autorun_content = '[Desktop Entry] \n' \
|
||||
'Comment[tr]= \n' \
|
||||
'Comment= \n' \
|
||||
'Exec=conky_wp \n' \
|
||||
'GenericName[tr]= \n' \
|
||||
'GenericName= \n' \
|
||||
'Icon=system-run \n' \
|
||||
'MimeType= \n' \
|
||||
'Name[tr]= \n' \
|
||||
'Name= \n' \
|
||||
'Path= \n' \
|
||||
'StartupNotify=true \n' \
|
||||
'Terminal=false \n' \
|
||||
'TerminalOptions= \n' \
|
||||
'Type=Application \n' \
|
||||
'X-DBUS-ServiceName= \n' \
|
||||
'X-DBUS-StartupType= \n' \
|
||||
'X-KDE-SubstituteUID=false \n' \
|
||||
'X-KDE-Username= \n'
|
||||
|
||||
self.conky_wrapper_file= '/usr/bin/conky_wp'
|
||||
|
||||
self.conky_wrapper_content = '#!/bin/bash \n' \
|
||||
' killall conky \n' \
|
||||
' sleep 5 \n' \
|
||||
' /usr/bin/conky -q \n'
|
||||
|
||||
def remove_conky_message(self):
|
||||
self.execute("killall conky")
|
||||
if self.is_exist(self.conky_config_global_autorun_file) == True:
|
||||
self.delete_file(self.conky_config_global_autorun_file)
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Conky measajları kaldırıldı',
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def execute_conky(self, conky_message):
|
||||
self.logger.debug("[CONKY] Executing conky.")
|
||||
try:
|
||||
if self.is_installed('conky') is False:
|
||||
self.logger.info('[Conky] Could not found Conky. It will be installed')
|
||||
self.logger.debug('[Conky] Conky installing with using apt-get')
|
||||
self.install_with_apt_get('conky')
|
||||
self.logger.info('[Conky] Could installed')
|
||||
|
||||
self.logger.debug('[Conky] Some processes found which names are conky. They will be killed.')
|
||||
self.execute('killall conky')
|
||||
|
||||
except:
|
||||
self.logger.error('[Conky] Conky install-kill problem.')
|
||||
raise
|
||||
|
||||
if self.is_exist(self.conky_config_file_dir) == False:
|
||||
self.logger.debug('[Conky] Creating directory for conky config at ' + self.conky_config_file_dir)
|
||||
self.create_directory(self.conky_config_file_dir)
|
||||
|
||||
if self.is_exist(self.conky_config_file_path) == True:
|
||||
self.logger.debug('[Conky] Old config file will be renamed.')
|
||||
self.rename_file(self.conky_config_file_path, self.conky_config_file_path + '_old')
|
||||
self.logger.debug('[Conky] Old config file will be renamed to ' + (self.conky_config_file_path + 'old'))
|
||||
|
||||
self.create_file(self.conky_config_file_path)
|
||||
self.write_file(self.conky_config_file_path, conky_message)
|
||||
self.logger.debug('[Conky] Config file was filled by context.')
|
||||
|
||||
|
||||
# creating wrapper file if is not exist. wrapper for using conky command..its need for ETA
|
||||
if self.is_exist(self.conky_wrapper_file) == False:
|
||||
self.logger.debug('[Conky] Creating directory for conky wrapper file at ' + self.conky_wrapper_file)
|
||||
self.create_file(self.conky_wrapper_file)
|
||||
self.write_file(self.conky_wrapper_file,self.conky_wrapper_content)
|
||||
|
||||
if self.is_exist(self.conky_wrapper_file) == True:
|
||||
self.execute('chmod +x ' + self.conky_wrapper_file)
|
||||
|
||||
# creating autorun file if is not exist
|
||||
if self.is_exist(self.conky_config_global_autorun_file) == False:
|
||||
self.logger.debug('[Conky] Creating directory for conky autorun file at ' + self.conky_config_global_autorun_file)
|
||||
self.create_file(self.conky_config_global_autorun_file)
|
||||
self.write_file(self.conky_config_global_autorun_file, self.conky_autorun_content)
|
||||
|
||||
users=self.Sessions.user_name()
|
||||
|
||||
for user in users:
|
||||
user_display = self.Sessions.display(user)
|
||||
if user_display is None:
|
||||
self.logger.debug('[Conky] executing for display none for user '+ str(user))
|
||||
self.execute('conky -q', result=False)
|
||||
else :
|
||||
self.logger.debug('[Conky] user display ' + str(user_display) +' user '+ str(user))
|
||||
conky_cmd= 'su ' + str(user) + ' -c ' + ' "conky --display=' + str(user_display) + ' " '
|
||||
self.logger.debug('[Conky] executing command: ' + str(conky_cmd))
|
||||
self.execute(conky_cmd, result=False)
|
||||
|
||||
|
||||
#self.execute('conky ', result=False)
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Conky başarıyla oluşturuldu.',
|
||||
data=json.dumps({'Result': conky_message}),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
conky_message = self.data['conkyMessage']
|
||||
remove_conky_message = self.data['removeConkyMessage']
|
||||
|
||||
if remove_conky_message:
|
||||
self.remove_conky_message()
|
||||
|
||||
else:
|
||||
self.execute_conky(conky_message)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(" error on handle conky task. Error: " + str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Conky mesajı olusturulurken hata oluştu:' + str(e),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
cls = RunConkyCommand(task, context)
|
||||
cls.handle_task()
|
135
src/plugins/conky/execute_xmessage.py
Normal file
135
src/plugins/conky/execute_xmessage.py
Normal file
|
@ -0,0 +1,135 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Edip YILDIZ
|
||||
# Author: Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
from base.model.enum.content_type import ContentType
|
||||
import json
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
import threading
|
||||
|
||||
|
||||
class RunXMessageCommand(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
# self.xmessage_command= "su {0} -c 'export DISPLAY={1} && export XAUTHORITY=~{2}/.Xauthority && xmessage \"{3}\" ' "
|
||||
|
||||
self.custom_message_command = "su {0} -c 'export DISPLAY={1} && export XAUTHORITY=~{2}/.Xauthority && python3 /usr/share/ahenk/plugins/conky/ask.py \"LİDER AHENK BİLDİRİ\" \"{3}\" ' "
|
||||
|
||||
# command for ltsp
|
||||
self.custom_message_command_ltsp = "su {0} -c 'export DISPLAY={1} && export XAUTHORITY=~{2}/.Xauthority && python3 /usr/share/ahenk/plugins/conky/ask.py \"LİDER AHENK\\\ BİLDİRİ \" \"{3}\" ' "
|
||||
|
||||
def execute_xmessage(self, message):
|
||||
|
||||
users = self.Sessions.user_name();
|
||||
self.logger.debug('[XMessage] users : ' + str(users))
|
||||
|
||||
for user in users:
|
||||
user_display = self.Sessions.display(user)
|
||||
user_ip = self.Sessions.userip(user)
|
||||
|
||||
if user_display is None:
|
||||
self.logger.debug('[XMessage] executing for display none for user ' + str(user))
|
||||
|
||||
else:
|
||||
self.logger.debug('[XMessage] user display ' + str(user_display) + ' user ' + str(user))
|
||||
|
||||
if user_ip is None:
|
||||
t = threading.Thread(
|
||||
target=self.execute(self.custom_message_command.format(user, user_display, user, message)))
|
||||
t.start()
|
||||
|
||||
else:
|
||||
# message format for ltsp
|
||||
self.logger.debug('user_ip: ' + str(user_ip) + ' user_display: ' + str(user_display))
|
||||
message_list = []
|
||||
message_parser = message.split(" ")
|
||||
self.logger.debug('running parser:--->> ' + str(message_parser))
|
||||
for msg in message_parser:
|
||||
message = '\\\ ' + str(msg)
|
||||
message_list.append(message)
|
||||
self.logger.debug('message_list:--->> ' + str(message_list))
|
||||
message = ''.join(str(x) for x in message_list)
|
||||
self.logger.debug('message: ' + str(message))
|
||||
t = threading.Thread(
|
||||
target=self.execute(self.custom_message_command_ltsp.format(user, user_display, user, message),
|
||||
ip=user_ip))
|
||||
t.start()
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='İşlem başarıyla gerçekleştirildi.',
|
||||
data=json.dumps({'Result': message}),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
def execute_user_message(self, selected_user, message):
|
||||
|
||||
users = self.Sessions.user_name();
|
||||
self.logger.debug('[XMessage] users : ' + str(users))
|
||||
|
||||
for user in users:
|
||||
if selected_user in user:
|
||||
user_display = self.Sessions.display(user)
|
||||
user_ip = self.Sessions.userip(user)
|
||||
|
||||
if user_display is None:
|
||||
self.logger.debug('[XMessage] executing for display none for user ' + str(user))
|
||||
|
||||
else:
|
||||
self.logger.debug('[XMessage] user display ' + str(user_display) + ' user ' + str(user))
|
||||
|
||||
if user_ip is None:
|
||||
t = threading.Thread(target=self.execute(
|
||||
self.custom_message_command.format(user, user_display, user, message)))
|
||||
t.start()
|
||||
|
||||
#message format for ltsp
|
||||
else:
|
||||
self.logger.debug('user_ip: ' + str(user_ip) + ' user_display: ' + str(user_display))
|
||||
message_list = []
|
||||
message_parser = message.split(" ")
|
||||
self.logger.debug('running parser:--->> ' + str(message_parser))
|
||||
for msg in message_parser:
|
||||
message = '\\\ ' + str(msg)
|
||||
message_list.append(message)
|
||||
self.logger.debug('message_list:--->> ' + str(message_list))
|
||||
message = ''.join(str(x) for x in message_list)
|
||||
self.logger.debug('message: ' + str(message))
|
||||
t = threading.Thread(target=self.execute(
|
||||
self.custom_message_command_ltsp.format(user, user_display, user, message), ip=user_ip))
|
||||
t.start()
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='İşlem başarıyla gerçekleştirildi.',
|
||||
data=json.dumps({'Result': message}),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
message = self.data['message']
|
||||
self.logger.debug('[XMessage]: get message from lider: ' + str(message))
|
||||
selected_user = None
|
||||
|
||||
if 'selected_user' in self.data:
|
||||
selected_user = str(self.data['selected_user'])
|
||||
self.logger.debug('[XMessage]: selected User: ' + str(selected_user))
|
||||
self.execute_user_message(selected_user, message)
|
||||
|
||||
else:
|
||||
self.execute_xmessage(message)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(" error on handle xmessage task. Error: " + str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='XMessage mesajı olusturulurken hata oluştu:' + str(e),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
cls = RunXMessageCommand(task, context)
|
||||
cls.handle_task()
|
16
src/plugins/conky/main.py
Normal file
16
src/plugins/conky/main.py
Normal file
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'conky'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = ''
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = True
|
||||
inf['machine_oriented'] = True
|
||||
inf['developer'] = 'bm.volkansahin@gmail.com'
|
||||
|
||||
return inf
|
155
src/plugins/conky/policy.py
Normal file
155
src/plugins/conky/policy.py
Normal file
|
@ -0,0 +1,155 @@
|
|||
# !/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
|
||||
|
||||
import json
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Conky(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(Conky, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.machine_profile = True
|
||||
self.conky_config_file_dir = '/etc/conky/'
|
||||
self.conky_config_file_path = '/etc/conky/conky.conf'
|
||||
self.command_autorun_conky = 'sleep 3;conky -d {0} -c {1}'
|
||||
self.username = None
|
||||
self.autostart_dir_path = '{0}.config/autostart/'
|
||||
self.autorun_file_path = '{0}conky.desktop'
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_policy(self):
|
||||
try:
|
||||
|
||||
# Checking dependecies
|
||||
if self.check_dependencies(['conky', 'conky-all']) is True:
|
||||
self.logger.debug('Dependencies checked.')
|
||||
else:
|
||||
return
|
||||
|
||||
# Killing conky processes
|
||||
self.logger.debug('Conky named processes will be killed.')
|
||||
self.execute('killall -9 conky')
|
||||
|
||||
# Is user profile
|
||||
if 'username' in self.context.data and self.context.get('username') is not None:
|
||||
self.logger.debug('This is user profile, parameters reinitializing.')
|
||||
self.username = self.context.get('username')
|
||||
self.conky_config_file_dir = '{0}.conky/'.format(self.Sessions.user_home_path(self.username))
|
||||
self.conky_config_file_path = '{0}conky.conf'.format(self.conky_config_file_dir)
|
||||
self.machine_profile = False
|
||||
|
||||
# Creating/checking conky file dir and conky conf file
|
||||
self.logger.debug('Conky file directory and configuration file is creating/checking')
|
||||
if self.is_exist(self.conky_config_file_dir):
|
||||
self.logger.debug('Old config file will be deleted.')
|
||||
self.delete_file(self.conky_config_file_path)
|
||||
else:
|
||||
self.logger.debug(
|
||||
'Creating directory for conky config at {0}'.format(self.conky_config_file_dir))
|
||||
self.create_directory(self.conky_config_file_dir)
|
||||
|
||||
if self.create_file(self.conky_config_file_path):
|
||||
self.logger.debug('Config file was created.')
|
||||
self.write_file(self.conky_config_file_path, json.loads(self.data)['message'])
|
||||
self.logger.debug('Config file was filled by context.')
|
||||
else:
|
||||
self.logger.error('A problen occurred while creating Conky configuration file.')
|
||||
raise Exception('File {0} could not created.'.format(self.conky_config_file_path))
|
||||
|
||||
# Creating autorun
|
||||
self.logger.debug('Creating autorun file...')
|
||||
self.initialize_auto_run()
|
||||
|
||||
if self.machine_profile is False:
|
||||
self.execute(
|
||||
self.command_autorun_conky.format('--display=' + self.Sessions.display(self.username),
|
||||
self.conky_config_file_path),
|
||||
as_user=self.username, result=False)
|
||||
|
||||
self.execute('chown -hR ' + self.username + ':' + self.username + ' ' + self.conky_config_file_dir)
|
||||
self.logger.debug('Owner of Conky config file was changed.')
|
||||
else:
|
||||
self.execute(self.command_autorun_conky.format('', self.conky_config_file_path), result=False)
|
||||
|
||||
self.logger.debug('Autorun command executed successfully')
|
||||
self.context.create_response(code=self.get_message_code().POLICY_PROCESSED.value,
|
||||
message='Conky politikası başarıyla çalıştırıldı.')
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(
|
||||
'A problem occurred while handling Conky policy. Error Message: {}'.format(str(e)))
|
||||
self.context.create_response(code=self.get_message_code().POLICY_ERROR.value,
|
||||
message='Conky politikası uygulanırken bir hata oluştu.')
|
||||
|
||||
def check_dependencies(self, packages):
|
||||
|
||||
self.logger.debug('Checking dependencies')
|
||||
for package in packages:
|
||||
if self.is_installed(package) is False:
|
||||
self.logger.debug('Could not found {0}. It will be installed'.format(package))
|
||||
result_code, p_out, p_err = self.install_with_apt_get(package)
|
||||
if result_code == 0:
|
||||
self.logger.debug('{0} installed successfully'.format(package))
|
||||
else:
|
||||
self.logger.error(
|
||||
'A problem occurred while installing {0} package. Error Message: {1}'.format(package,
|
||||
str(
|
||||
p_err)))
|
||||
self.context.create_response(code=self.get_message_code().POLICY_ERROR.value,
|
||||
message='Bağımlılıklardan {0} paketi kurulurken hata oluştu.')
|
||||
return False
|
||||
|
||||
return True
|
||||
|
||||
def initialize_auto_run(self):
|
||||
|
||||
if self.machine_profile is True:
|
||||
self.logger.debug('All users conky configuration files will be removed because of machine profile')
|
||||
if self.Sessions.user_name() is not None and len(self.Sessions.user_name()) > 0:
|
||||
for username in self.Sessions.user_name():
|
||||
self.logger.debug(
|
||||
'Removing conf file of user {0}'.format(username))
|
||||
self.delete_file(
|
||||
self.autorun_file_path.format(
|
||||
self.autostart_dir_path.format(self.Sessions.user_home_path(username))))
|
||||
else:
|
||||
self.logger.debug(
|
||||
'There are no user')
|
||||
|
||||
else:
|
||||
home_path = self.Sessions.user_home_path(self.username)
|
||||
self.logger.debug(
|
||||
'Creating autorun file for user {0}'.format(self.username))
|
||||
self.create_autorun_file(self.autostart_dir_path.format(home_path),
|
||||
self.conky_config_file_path,
|
||||
self.autorun_file_path.format(self.autostart_dir_path.format(home_path)))
|
||||
self.logger.debug(
|
||||
'Autorun created')
|
||||
|
||||
def create_autorun_file(self, autostart_path, conky_config_file_path, autorun_file_path):
|
||||
if not self.is_exist(autostart_path):
|
||||
self.logger.debug(
|
||||
'Creating file: {0}'.format(autostart_path))
|
||||
self.create_directory(autostart_path)
|
||||
|
||||
file_content = '[Desktop Entry]\n' \
|
||||
'Encoding=UTF-8 \n' \
|
||||
'Type=Application \n' \
|
||||
'Name=Conky \n' \
|
||||
'Comment=Conky Monitor \n' \
|
||||
'Exec=conky -d -c ' + conky_config_file_path + '\n' \
|
||||
'StartupNotify=false \n' \
|
||||
'Terminal=false \n'
|
||||
self.logger.debug(
|
||||
'Writing content to autorun file.')
|
||||
self.write_file(autorun_file_path, file_content, 'w')
|
||||
|
||||
|
||||
def handle_policy(profile_data, context):
|
||||
plugin = Conky(profile_data, context)
|
||||
plugin.handle_policy()
|
119
src/plugins/disk-quota/api/disk_quota.py
Normal file
119
src/plugins/disk-quota/api/disk_quota.py
Normal file
|
@ -0,0 +1,119 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__))))
|
||||
|
||||
from fstab import Fstab
|
||||
|
||||
|
||||
class DiskQuota(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.username = self.context.get('username')
|
||||
|
||||
self.mount = 'mount -o remount /home'
|
||||
self.quotacheck = 'quotacheck -cfmvF vfsv0 /home'
|
||||
self.quotaon_all = 'quotaon --all'
|
||||
self.quotaon_avug = 'quotaon -avug'
|
||||
self.set_quota = 'setquota -u {0} {1} {2} 0 0 /home'
|
||||
self.get_quota = 'quota -u {0} | awk \'{{print $4}}\' | tail -1'
|
||||
|
||||
self.parameters = json.loads(self.data)
|
||||
|
||||
self.soft_quota = str(int(self.parameters['soft-quota']) * 1024)
|
||||
self.hard_quota = str(int(self.parameters['hard-quota']) * 1024)
|
||||
self.default_quota = str(int(self.parameters['default-quota']) * 1024)
|
||||
|
||||
self.old_quota = None
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_policy(self):
|
||||
self.logger.debug('Policy handling...')
|
||||
try:
|
||||
|
||||
if 'username' in self.context.data and self.context.get('username') is not None:
|
||||
self.logger.debug('This is user profile, parameters reinitializing.')
|
||||
self.username = self.context.get('username')
|
||||
|
||||
self.old_quota = self.execute(self.get_quota.format(self.username))[1]
|
||||
# Check fstab & append 'usrquota' option if not exists
|
||||
# fs = Fstab()
|
||||
# fs.read('/etc/fstab')
|
||||
# fstab_entries = []
|
||||
# fslines = fs.lines
|
||||
# for line in fslines:
|
||||
# if line.has_filesystem() and 'usrquota' not in line.options:
|
||||
# if line.dict['directory'] == '/' or line.dict['directory'] == '/home/':
|
||||
# self.logger.debug('Appending \'usrquota\' option to {}'.format(line.dict['directory']))
|
||||
# line.options += ['usrquota']
|
||||
# fstab_entries.append(line.dict['directory'])
|
||||
# fs.write('/etc/fstab')
|
||||
|
||||
# Re-mount necessary fstab entries
|
||||
# for entry in fstab_entries:
|
||||
# self.execute(self.mount.format(entry))
|
||||
# self.logger.debug('Remounting fstab entry {}'.format(entry))
|
||||
self.execute(self.quotacheck)
|
||||
self.logger.debug('{}'.format(self.quotacheck))
|
||||
|
||||
self.execute(self.quotaon_all)
|
||||
self.logger.debug('{}'.format(self.quotaon_all))
|
||||
|
||||
self.execute(self.quotaon_avug)
|
||||
self.logger.debug('{}'.format(self.quotaon_avug))
|
||||
|
||||
self.execute(self.set_quota.format(self.username, self.soft_quota, self.hard_quota))
|
||||
self.logger.debug(
|
||||
'Set soft and hard quota. Username: {0}, Soft Quota: {1}, Hard Quota: {2}'.format(self.username,
|
||||
self.soft_quota,
|
||||
self.hard_quota))
|
||||
|
||||
self.create_default_quota_file()
|
||||
|
||||
result = dict()
|
||||
if self.context.is_mail_send():
|
||||
mail_content = self.context.get_mail_content()
|
||||
if mail_content.__contains__('{ahenk-ip}'):
|
||||
mail_content = str(mail_content).replace('{ahenk-ip}', ' {0} IP\'li Ahenk\'teki yeni'.format(
|
||||
str(self.Hardware.ip_addresses())))
|
||||
if mail_content.__contains__('{old-quota}'):
|
||||
mail_content = str(mail_content).replace('{old-quota}',
|
||||
' Eski kota değeri {0} MB olan'.format(
|
||||
str(int(self.old_quota) / 1024)))
|
||||
if mail_content.__contains__('{soft-quota}'):
|
||||
mail_content = str(mail_content).replace('{soft-quota}', str(int(self.soft_quota) / 1024) + ' MB')
|
||||
if mail_content.__contains__('{hard-quota}'):
|
||||
mail_content = str(mail_content).replace('{hard-quota}', str(int(self.hard_quota) / 1024) + ' MB')
|
||||
if mail_content.__contains__('{default-quota}'):
|
||||
mail_content = str(mail_content).replace('{default-quota}',
|
||||
str(int(self.default_quota)/1024) + ' MB')
|
||||
|
||||
self.context.set_mail_content(mail_content)
|
||||
result['mail_content'] = str(self.context.get_mail_content())
|
||||
result['mail_subject'] = str(self.context.get_mail_subject())
|
||||
result['mail_send'] = self.context.is_mail_send()
|
||||
|
||||
self.context.create_response(code=self.get_message_code().POLICY_PROCESSED.value,
|
||||
data=json.dumps(result),
|
||||
message='Kotalar başarıyla güncellendi.',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('[DiskQuota] A problem occurred while handling browser profile: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.get_message_code().POLICY_ERROR.value,
|
||||
message='Disk Quota profili uygulanırken bir hata oluştu.')
|
||||
|
||||
def create_default_quota_file(self):
|
||||
self.write_file('default_quota', self.default_quota)
|
91
src/plugins/disk-quota/api/disk_quota_ltsp.py
Normal file
91
src/plugins/disk-quota/api/disk_quota_ltsp.py
Normal file
|
@ -0,0 +1,91 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__))))
|
||||
|
||||
|
||||
|
||||
class DiskQuota(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
self.username = self.context.get('username')
|
||||
|
||||
self.mount = 'mount -o remount {}'
|
||||
self.quotaon_all = 'quotaon --all'
|
||||
self.quotaon_avug = 'quotaon -avug'
|
||||
#self.set_quota = 'setquota --always-resolve -u {0} {1} {2} 0 0 --all'
|
||||
self.set_quota = 'quotatool -u {0} -b -q {1} -l {2} /home'
|
||||
#self.get_quota = 'quota -u {0} | awk \'{{print $4}}\' | tail -1'
|
||||
self.get_quota = 'repquota /home | grep {0} | awk \'{{print $5}}\''
|
||||
|
||||
self.parameters = json.loads(self.data)
|
||||
|
||||
self.soft_quota = str(int(self.parameters['soft-quota']) * 1024)
|
||||
self.hard_quota = str(int(self.parameters['hard-quota']) * 1024)
|
||||
self.default_quota = str(int(self.parameters['default-quota']) * 1024)
|
||||
|
||||
self.old_quota = None
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_policy(self):
|
||||
self.logger.debug('Policy handling...')
|
||||
try:
|
||||
self.username = self.context.get('username')
|
||||
|
||||
|
||||
self.old_quota = self.execute(self.get_quota.format(self.username))[1]
|
||||
|
||||
self.execute(self.set_quota.format(self.username, self.soft_quota, self.hard_quota))
|
||||
self.logger.debug(
|
||||
'Set soft and hard quota. Username: {0}, Soft Quota: {1}, Hard Quota: {2}'.format(self.username,
|
||||
self.soft_quota,
|
||||
self.hard_quota))
|
||||
|
||||
self.create_default_quota_file()
|
||||
|
||||
result = dict()
|
||||
if self.context.is_mail_send():
|
||||
mail_content = self.context.get_mail_content()
|
||||
if mail_content.__contains__('{ahenk-ip}'):
|
||||
mail_content = str(mail_content).replace('{ahenk-ip}', ' {0} IP\'li Ahenk\'teki yeni'.format(
|
||||
str(self.Hardware.ip_addresses())))
|
||||
if mail_content.__contains__('{old-quota}'):
|
||||
mail_content = str(mail_content).replace('{old-quota}',
|
||||
' Mevcut kota değeri {0} MB olan'.format(str(int(self.old_quota)/1024)))
|
||||
if mail_content.__contains__('{soft-quota}'):
|
||||
mail_content = str(mail_content).replace('{soft-quota}',str(int(self.soft_quota)/1024)+' MB')
|
||||
if mail_content.__contains__('{hard-quota}'):
|
||||
mail_content = str(mail_content).replace('{hard-quota}', str(int(self.hard_quota)/1024)+' MB')
|
||||
if mail_content.__contains__('{default-quota}'):
|
||||
mail_content = str(mail_content).replace('{default-quota}', str(int(self.default_quota)/1024)+' MB')
|
||||
|
||||
self.context.set_mail_content(mail_content)
|
||||
result['mail_content'] = str(self.context.get_mail_content())
|
||||
result['mail_subject'] = str(self.context.get_mail_subject())
|
||||
result['mail_send'] = self.context.is_mail_send()
|
||||
|
||||
self.context.create_response(code=self.get_message_code().POLICY_PROCESSED.value,
|
||||
data=json.dumps(result),
|
||||
message='Kotalar başarıyla güncellendi.',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('[DiskQuota] A problem occurred while handling browser profile: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.get_message_code().POLICY_ERROR.value,
|
||||
message='Disk Quota profili uygulanırken bir hata oluştu.')
|
||||
|
||||
def create_default_quota_file(self):
|
||||
self.write_file('default_quota', self.default_quota)
|
86
src/plugins/disk-quota/fstab.py
Normal file
86
src/plugins/disk-quota/fstab.py
Normal file
|
@ -0,0 +1,86 @@
|
|||
import os
|
||||
import sys
|
||||
import tempfile
|
||||
|
||||
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__))))
|
||||
|
||||
from line import Line
|
||||
|
||||
|
||||
class Fstab(object):
|
||||
"""An /etc/fstab file."""
|
||||
|
||||
def __init__(self):
|
||||
self.lines = []
|
||||
|
||||
def open_file(self, filespec, mode):
|
||||
if isinstance(filespec, str):
|
||||
return open(filespec, mode=mode)
|
||||
else:
|
||||
return filespec
|
||||
|
||||
def close_file(self, f, filespec):
|
||||
if isinstance(filespec, str):
|
||||
f.close()
|
||||
|
||||
def get_perms(self, filename):
|
||||
return os.stat(filename).st_mode # pragma: no cover
|
||||
|
||||
def chmod_file(self, filename, mode):
|
||||
os.chmod(filename, mode) # pragma: no cover
|
||||
|
||||
def link_file(self, oldname, newname):
|
||||
if os.path.exists(newname):
|
||||
os.remove(newname)
|
||||
os.link(oldname, newname)
|
||||
|
||||
def rename_file(self, oldname, newname):
|
||||
os.rename(oldname, newname) # pragma: no cover
|
||||
|
||||
def read(self, filespec):
|
||||
"""Read in a new file.
|
||||
|
||||
If filespec is a string, it is used as a filename. Otherwise
|
||||
it is used as an open file.
|
||||
|
||||
The existing content is replaced.
|
||||
|
||||
"""
|
||||
|
||||
f = self.open_file(filespec, "r")
|
||||
lines = []
|
||||
for line in f:
|
||||
lines.append(Line(line))
|
||||
self.lines = lines
|
||||
self.close_file(filespec, f)
|
||||
|
||||
def write(self, filespec):
|
||||
"""Write out a new file.
|
||||
|
||||
If filespec is a string, it is used as a filename. Otherwise
|
||||
it is used as an open file.
|
||||
|
||||
"""
|
||||
|
||||
if isinstance(filespec, str):
|
||||
# We create the temporary file in the directory (/etc) that the
|
||||
# file exists in. This is so that we can do an atomic rename
|
||||
# later, and that only works inside one filesystem. Some systems
|
||||
# have /tmp and /etc on different filesystems, for good reasons,
|
||||
# and we need to support that.
|
||||
dirname = os.path.dirname(filespec)
|
||||
prefix = os.path.basename(filespec) + "."
|
||||
fd, tempname = tempfile.mkstemp(dir=dirname, prefix=prefix)
|
||||
os.close(fd)
|
||||
else:
|
||||
tempname = filespec
|
||||
|
||||
f = self.open_file(tempname, "w")
|
||||
for line in self.lines:
|
||||
f.write(line.raw)
|
||||
self.close_file(filespec, f)
|
||||
|
||||
if isinstance(filespec, str):
|
||||
self.chmod_file(tempname, self.get_perms(filespec))
|
||||
self.link_file(filespec, filespec + ".bak")
|
||||
self.rename_file(tempname, filespec)
|
57
src/plugins/disk-quota/get_quota.py
Normal file
57
src/plugins/disk-quota/get_quota.py
Normal file
|
@ -0,0 +1,57 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
import json
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class GetQuota(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
self.get_quota = 'repquota /home | tail -n +6 | awk \'{print $1,$4,$5,$3}\''
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
|
||||
result_code, p_out, p_err = self.execute(self.get_quota)
|
||||
|
||||
user_list = []
|
||||
lines = str(p_out).split('\n')
|
||||
|
||||
for line in lines:
|
||||
detail = line.split(' ')
|
||||
|
||||
if str(detail[0]).strip() is not None and str(detail[0]).strip() != '':
|
||||
user = {'user': str(detail[0]).strip(), 'soft_quota': str(detail[1]).strip(),
|
||||
'hard_quota': str(detail[2]).strip(), 'disk_usage': str(detail[3]).strip()}
|
||||
user_list.append(user)
|
||||
|
||||
self.logger.debug(
|
||||
'user: {0}, soft_quota: {1}, hard_quota: {2}, disk_usage: {3}'
|
||||
.format(str(detail[0]).strip(), str(detail[1]).strip(), str(detail[2]).strip(),
|
||||
str(detail[3]).strip()))
|
||||
|
||||
self.logger.info('DISK-QUOTA task is handled successfully')
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Kota bilgileri başarıyla alındı.',
|
||||
data=json.dumps({'users': user_list}),
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occured while handling DISK-QUOTA task: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='DISK-QUOTA görevi uygulanırken bir hata oluştu.')
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
gq = GetQuota(task, context)
|
||||
gq.handle_task()
|
24
src/plugins/disk-quota/init.py
Normal file
24
src/plugins/disk-quota/init.py
Normal file
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Init(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Init, self).__init__()
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_init_mode(self):
|
||||
if self.is_installed('quota') is False:
|
||||
self.logger.debug('Installing quota with apt-get...')
|
||||
self.install_with_apt_get('quota')
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
init = Init(context)
|
||||
init.handle_init_mode()
|
104
src/plugins/disk-quota/line.py
Normal file
104
src/plugins/disk-quota/line.py
Normal file
|
@ -0,0 +1,104 @@
|
|||
import re
|
||||
|
||||
|
||||
class Line(object):
|
||||
"""A line in an /etc/fstab line.
|
||||
|
||||
Lines may or may not have a filesystem specification in them. The
|
||||
has_filesystem method tells the user whether they do or not; if they
|
||||
do, the attributes device, directory, fstype, options, dump, and
|
||||
fsck contain the values of the corresponding fields, as instances of
|
||||
the sub-classes of the LinePart class. For non-filesystem lines,
|
||||
the attributes have the None value.
|
||||
|
||||
Lines may or may not be syntactically correct. If they are not,
|
||||
they are treated as as non-filesystem lines.
|
||||
|
||||
"""
|
||||
|
||||
# Lines split this way to shut up coverage.py.
|
||||
attrs = ("ws1", "device", "ws2", "directory", "ws3", "fstype")
|
||||
attrs += ("ws4", "options", "ws5", "dump", "ws6", "fsck", "ws7")
|
||||
|
||||
def __init__(self, raw):
|
||||
self.dict = {}
|
||||
self.raw = raw
|
||||
|
||||
def __getattr__(self, name):
|
||||
if name in self.dict:
|
||||
return self.dict[name]
|
||||
else:
|
||||
raise AttributeError(name)
|
||||
|
||||
def __setattr__(self, name, value):
|
||||
forbidden = ("dict", "dump", "fsck", "options")
|
||||
if name not in forbidden and name in self.dict:
|
||||
if self.dict[name] is None:
|
||||
raise Exception("Cannot set attribute %s when line dies not "
|
||||
"contain filesystem specification" % name)
|
||||
self.dict[name] = value
|
||||
else:
|
||||
object.__setattr__(self, name, value)
|
||||
|
||||
def get_dump(self):
|
||||
return int(self.dict["dump"])
|
||||
|
||||
def set_dump(self, value):
|
||||
self.dict["dump"] = str(value)
|
||||
|
||||
dump = property(get_dump, set_dump)
|
||||
|
||||
def get_fsck(self):
|
||||
return int(self.dict["fsck"])
|
||||
|
||||
def set_fsck(self, value):
|
||||
self.dict["fsck"] = str(value)
|
||||
|
||||
fsck = property(get_fsck, set_fsck)
|
||||
|
||||
def get_options(self):
|
||||
return self.dict["options"].split(",")
|
||||
|
||||
def set_options(self, list):
|
||||
self.dict["options"] = ",".join(list)
|
||||
|
||||
options = property(get_options, set_options)
|
||||
|
||||
def set_raw(self, raw):
|
||||
match = False
|
||||
|
||||
if raw.strip() != "" and not raw.strip().startswith("#"):
|
||||
pat = r"^(?P<ws1>\s*)"
|
||||
pat += r"(?P<device>\S*)"
|
||||
pat += r"(?P<ws2>\s+)"
|
||||
pat += r"(?P<directory>\S+)"
|
||||
pat += r"(?P<ws3>\s+)"
|
||||
pat += r"(?P<fstype>\S+)"
|
||||
pat += r"(?P<ws4>\s+)"
|
||||
pat += r"(?P<options>\S+)"
|
||||
pat += r"(?P<ws5>\s+)"
|
||||
pat += r"(?P<dump>\d+)"
|
||||
pat += r"(?P<ws6>\s+)"
|
||||
pat += r"(?P<fsck>\d+)"
|
||||
pat += r"(?P<ws7>\s*)$"
|
||||
|
||||
match = re.match(pat, raw)
|
||||
if match:
|
||||
self.dict.update((attr, match.group(attr)) for attr in self.attrs)
|
||||
|
||||
if not match:
|
||||
self.dict.update((attr, None) for attr in self.attrs)
|
||||
|
||||
self.dict["raw"] = raw
|
||||
|
||||
def get_raw(self):
|
||||
if self.has_filesystem():
|
||||
return "".join(self.dict[attr] for attr in self.attrs)
|
||||
else:
|
||||
return self.dict["raw"]
|
||||
|
||||
raw = property(get_raw, set_raw)
|
||||
|
||||
def has_filesystem(self):
|
||||
"""Does this line have a filesystem specification?"""
|
||||
return self.device is not None
|
16
src/plugins/disk-quota/main.py
Normal file
16
src/plugins/disk-quota/main.py
Normal file
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'disk-quota'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = 'Disk-Quota plugin provides to get current soft - hard quota and changing them.'
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = True
|
||||
inf['machine_oriented'] = False
|
||||
inf['developer'] = 'mine.dogan@agem.com.tr'
|
||||
|
||||
return inf
|
18
src/plugins/disk-quota/policy.py
Normal file
18
src/plugins/disk-quota/policy.py
Normal file
|
@ -0,0 +1,18 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__))))
|
||||
|
||||
from fstab import Fstab
|
||||
from api.disk_quota import DiskQuota
|
||||
|
||||
def handle_policy(profile_data, context):
|
||||
dq = DiskQuota(profile_data, context)
|
||||
dq.handle_policy()
|
68
src/plugins/disk-quota/safe.py
Normal file
68
src/plugins/disk-quota/safe.py
Normal file
|
@ -0,0 +1,68 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
import os
|
||||
import sys
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__))))
|
||||
|
||||
from fstab import Fstab
|
||||
|
||||
|
||||
class Safe(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Safe, self).__init__()
|
||||
self.context = context
|
||||
self.username = str(context.get_username())
|
||||
self.mount = 'mount -o remount /home'
|
||||
self.quotacheck = 'quotacheck -cfmvF vfsv0 /home'
|
||||
self.quotaon_all = 'quotaon --all'
|
||||
self.quotaon_avug = 'quotaon -avug'
|
||||
self.set_quota = 'setquota -u {0} {1} {2} 0 0 /home'
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_safe_mode(self):
|
||||
if self.is_exist('default_quota'):
|
||||
quota_size = self.read_file('default_quota')
|
||||
|
||||
try:
|
||||
# Check fstab & append 'usrquota' option if not exists
|
||||
#fs = Fstab()
|
||||
#fs.read('/etc/fstab')
|
||||
#fstab_entries = []
|
||||
#fslines = fs.lines
|
||||
#for line in fslines:'
|
||||
# if line.has_filesystem() and 'usrquota' not in line.options:
|
||||
# if line.dict['directory'] == '/' or line.dict['directory'] == '/home/':
|
||||
# self.logger.debug('Appending \'usrquota\' option to {}'.format(line.dict['directory']))
|
||||
# line.options += ['usrquota']
|
||||
# fstab_entries.append(line.dict['directory'])
|
||||
#fs.write('/etc/fstab')#
|
||||
|
||||
# Re-mount necessary fstab entries
|
||||
#for entry in fstab_entries:
|
||||
# self.execute(self.mount.format(entry))
|
||||
# self.logger.debug('Remounting fstab entry {}'.format(entry))
|
||||
|
||||
self.execute(self.quotacheck)
|
||||
self.logger.debug('{}'.format(self.quotacheck))
|
||||
|
||||
self.execute(self.quotaon_all)
|
||||
self.logger.debug('{}'.format(self.quotaon_all))
|
||||
|
||||
self.execute(self.quotaon_avug)
|
||||
self.logger.debug('{}'.format(self.quotaon_avug))
|
||||
|
||||
self.execute(self.set_quota.format(self.username, quota_size, quota_size))
|
||||
self.logger.debug(
|
||||
'Set soft and hard quota. Username: {0}, Soft Quota: {1}, Hard Quota: {2}'.format(self.username,quota_size,quota_size))
|
||||
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('[DiskQuota] A problem occurred while handling browser profile: {0}'.format(str(e)))
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
safe = Safe(context)
|
||||
safe.handle_safe_mode()
|
43
src/plugins/file-management/get_file_content.py
Normal file
43
src/plugins/file-management/get_file_content.py
Normal file
|
@ -0,0 +1,43 @@
|
|||
#!/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <hasan.kara@pardus.org.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
import json
|
||||
|
||||
|
||||
class GetFileContent(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
file_path = self.data['file-path']
|
||||
file_content = ""
|
||||
is_file_exists = False
|
||||
|
||||
if self.is_exist(file_path):
|
||||
self.logger.info("File exists: " + file_path)
|
||||
is_file_exists = True
|
||||
file_content = self.read_file(file_path)
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Dosya içeriği başarıyla alındı..',
|
||||
data=json.dumps({'file_exists': is_file_exists, 'file_content': file_content}),
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
else:
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Dosya bulunamadı..',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Dosya içeriği alınırken hata oluştu: {0}'.format(str(e)))
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
plugin = GetFileContent(task, context)
|
||||
plugin.handle_task()
|
16
src/plugins/file-management/main.py
Normal file
16
src/plugins/file-management/main.py
Normal file
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'file-management'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = ''
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = False
|
||||
inf['machine_oriented'] = False
|
||||
inf['developer'] = ''
|
||||
|
||||
return inf
|
46
src/plugins/file-management/write_to_file.py
Normal file
46
src/plugins/file-management/write_to_file.py
Normal file
|
@ -0,0 +1,46 @@
|
|||
#!/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <hasan.kara@pardus.org.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
class WriteToFile(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
file_path = self.data['file-path']
|
||||
file_content = self.data['file-content']
|
||||
|
||||
if self.is_exist(file_path):
|
||||
self.write_file(file_path, file_content)
|
||||
else:
|
||||
path_str = ""
|
||||
for idx, folder in enumerate(file_path.split("/")):
|
||||
if idx != len(file_path.split("/")) - 1:
|
||||
path_str += folder + "/"
|
||||
(result_code, p_out, p_err) = self.execute("mkdir -p /" + path_str)
|
||||
|
||||
if result_code == 0:
|
||||
self.logger.error('Folders are created')
|
||||
else:
|
||||
self.logger.error('Error occured while creating folders.')
|
||||
self.write_file(file_path, file_content)
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='İçerik dosyaya başarıyla yazıldı..',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='İçerik dosyaya yazılırken hata oluştu: {0}'.format(str(e)))
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
plugin = WriteToFile(task, context)
|
||||
plugin.handle_task()
|
70
src/plugins/ldap-login/execute_ad_login.py
Normal file
70
src/plugins/ldap-login/execute_ad_login.py
Normal file
|
@ -0,0 +1,70 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Tuncay ÇOLAK<tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
# Active Directory authentication task
|
||||
|
||||
import configparser
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
from base.registration.execute_sssd_ad_authentication import ExecuteSSSDAdAuthentication
|
||||
from base.registration.registration import Registration
|
||||
|
||||
class ADLogin(AbstractPlugin):
|
||||
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.ad_authentication = ExecuteSSSDAdAuthentication()
|
||||
self.registration = Registration()
|
||||
self.config = configparser.ConfigParser()
|
||||
self.ahenk_conf_path = "/etc/ahenk/ahenk.conf"
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
domain_name = self.data['domain_name']
|
||||
hostname = self.data['hostname']
|
||||
ip_address = self.data['ip_address']
|
||||
ad_username = self.data['ad_username']
|
||||
admin_password = self.data['admin_password']
|
||||
ad_port = self.data['ad_port']
|
||||
disabled_local_user = self.data['disableLocalUser']
|
||||
|
||||
execution_result = self.ad_authentication.authenticate(domain_name, hostname, ip_address, admin_password, ad_username)
|
||||
if execution_result is False:
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Active Directory kullanıcısı ile oturum açma ayarlanırken hata oluştu.: Gerekli Paketleri indirilemedi.',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
else:
|
||||
# if get disabled_local_user TRUE set user_disabled in ahenk.conf. disabled local users then client reboot
|
||||
self.config.read(self.ahenk_conf_path)
|
||||
if disabled_local_user is True:
|
||||
# self.registration.disable_local_users()
|
||||
config = configparser.ConfigParser()
|
||||
config.read(self.ahenk_conf_path)
|
||||
config.set('MACHINE', 'user_disabled', 'true')
|
||||
|
||||
with open(self.ahenk_conf_path, 'w') as configfile:
|
||||
self.logger.info('Opening config file ')
|
||||
config.write(configfile)
|
||||
configfile.close()
|
||||
self.logger.info('User disabled value Disabled')
|
||||
|
||||
else:
|
||||
self.logger.info("local users will not be disabled because local_user parameter is FALSE")
|
||||
self.shutdown()
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Active Directory kullanıcısı ile oturum açma başarı ile sağlandı ve istemci yeniden başlatılıyor.',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Active Directory kullanıcısı ile oturum açma ayarlanırken hata oluştu.: {0}'.format(str(e)))
|
||||
|
||||
def handle_task(task, context):
|
||||
plugin = ADLogin(task, context)
|
||||
plugin.handle_task()
|
67
src/plugins/ldap-login/execute_cancel_ldap_login.py
Normal file
67
src/plugins/ldap-login/execute_cancel_ldap_login.py
Normal file
|
@ -0,0 +1,67 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
# Author: Tuncay ÇOLAK<tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
# Cancel AD or OpenLDAP authentication task
|
||||
|
||||
import configparser
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
from base.registration.execute_cancel_ldap_login import ExecuteCancelLDAPLogin
|
||||
from base.registration.execute_cancel_sssd_authentication import ExecuteCancelSSSDAuthentication
|
||||
from base.registration.execute_cancel_sssd_ad_authentication import ExecuteCancelSSSDAdAuthentication
|
||||
from base.registration.registration import Registration
|
||||
|
||||
class CancelLDAPLogin(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.ldap_login = ExecuteCancelLDAPLogin()
|
||||
self.sssd_authentication = ExecuteCancelSSSDAuthentication()
|
||||
self.ad_authentication = ExecuteCancelSSSDAdAuthentication()
|
||||
self.registration = Registration()
|
||||
self.config = configparser.ConfigParser()
|
||||
self.ahenk_conf_path = "/etc/ahenk/ahenk.conf"
|
||||
|
||||
def handle_task(self):
|
||||
directory_type = "LDAP"
|
||||
try:
|
||||
if self.is_exist("/etc/ahenk/ad_info"):
|
||||
directory_type = "AD"
|
||||
if directory_type == "LDAP":
|
||||
self.sssd_authentication.cancel()
|
||||
else:
|
||||
self.ad_authentication.cancel()
|
||||
|
||||
self.config.read(self.ahenk_conf_path)
|
||||
if self.config.has_section('MACHINE'):
|
||||
user_disabled = self.config.get("MACHINE", "user_disabled")
|
||||
self.logger.info('User disabled value:' + str(user_disabled))
|
||||
if user_disabled != 'false':
|
||||
self.logger.info('Enable Users')
|
||||
|
||||
self.registration.enable_local_users()
|
||||
self.config.set('MACHINE', 'user_disabled', 'false')
|
||||
|
||||
with open(self.ahenk_conf_path, 'w') as configfile:
|
||||
self.logger.info('Opening config file ')
|
||||
self.config.write(configfile)
|
||||
self.logger.info('User disabled value FALSE')
|
||||
configfile.close()
|
||||
else:
|
||||
self.logger.info('Local users already enabled')
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='{0} kullanıcısı ile oturum açabilme başarıyla iptal edildi.'.format(directory_type),
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='{0} kullanıcısı ile oturum açabilme iptal edilirken hata oluştu.: {1}'.format(directory_type, str(e)))
|
||||
|
||||
def handle_task(task, context):
|
||||
plugin = CancelLDAPLogin(task, context)
|
||||
plugin.handle_task()
|
69
src/plugins/ldap-login/execute_ldap_login.py
Normal file
69
src/plugins/ldap-login/execute_ldap_login.py
Normal file
|
@ -0,0 +1,69 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Hasan Kara <h.kara27@gmail.com>
|
||||
|
||||
import configparser
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
from base.registration.execute_ldap_login import ExecuteLDAPLogin
|
||||
from base.registration.execute_sssd_authentication import ExecuteSSSDAuthentication
|
||||
from base.registration.registration import Registration
|
||||
|
||||
class LDAPLogin(AbstractPlugin):
|
||||
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.ldap_login = ExecuteLDAPLogin()
|
||||
self.sssd_authentication = ExecuteSSSDAuthentication()
|
||||
self.config = configparser.ConfigParser()
|
||||
self.registration = Registration()
|
||||
self.ahenk_conf_path = "/etc/ahenk/ahenk.conf"
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
server_address = self.data['server-address']
|
||||
dn = self.data['dn']
|
||||
# version = self.data['version']
|
||||
admin_dn = self.data['admin-dn']
|
||||
admin_password = self.data['admin-password']
|
||||
disabled_local_user = self.data['disableLocalUser']
|
||||
|
||||
execution_result = self.sssd_authentication.authenticate(server_address, dn, admin_dn, admin_password)
|
||||
if execution_result is False:
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='LDAP kullanıcısı ile oturum açma ayarlanırken hata oluştu.: SSSD Paketleri indirilemedi.',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
else:
|
||||
# if get disabled_local_user TRUE set user_disabled in ahenk.conf. disabled local users then client reboot
|
||||
self.config.read(self.ahenk_conf_path)
|
||||
if disabled_local_user is True:
|
||||
# self.registration.disable_local_users()
|
||||
config = configparser.ConfigParser()
|
||||
config.read(self.ahenk_conf_path)
|
||||
config.set('MACHINE', 'user_disabled', 'true')
|
||||
|
||||
with open(self.ahenk_conf_path, 'w') as configfile:
|
||||
self.logger.info('Opening config file ')
|
||||
config.write(configfile)
|
||||
configfile.close()
|
||||
|
||||
self.logger.info('User disabled value Disabled')
|
||||
else:
|
||||
self.logger.info("local users will not be disabled because local_user parameter is FALSE")
|
||||
self.shutdown()
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='LDAP kullanıcısı ile oturum açma başarı ile sağlandı ve istemci yeniden başlatılıyor.',
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='LDAP kullanıcısı ile oturum açma ayarlanırken hata oluştu.: {0}'.format(str(e)))
|
||||
|
||||
def handle_task(task, context):
|
||||
plugin = LDAPLogin(task, context)
|
||||
plugin.handle_task()
|
20
src/plugins/ldap-login/init.py
Normal file
20
src/plugins/ldap-login/init.py
Normal file
|
@ -0,0 +1,20 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Init(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Init, self).__init__()
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_mode(self):
|
||||
# TODO Do what do you want to do!
|
||||
pass
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
init = Init(context)
|
||||
init.handle_mode()
|
15
src/plugins/ldap-login/main.py
Normal file
15
src/plugins/ldap-login/main.py
Normal file
|
@ -0,0 +1,15 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'ldap-login'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = 'LDAP user authentication '
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = False
|
||||
inf['machine_oriented'] = False
|
||||
inf['developer'] = 'h.kara27@gmail.com'
|
||||
|
||||
return inf
|
66
src/plugins/ldap/delete_agent.py
Normal file
66
src/plugins/ldap/delete_agent.py
Normal file
|
@ -0,0 +1,66 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Edip YILDIZ
|
||||
# Author: Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
|
||||
from base.model.enum.content_type import ContentType
|
||||
import json, threading
|
||||
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
import threading
|
||||
|
||||
|
||||
class MoveAgent(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
|
||||
|
||||
def update_dn(self, jid, newDn):
|
||||
cols = ['dn'];
|
||||
values = [newDn]
|
||||
return self.db_service.update('registration', cols, values, 'jid=\''+jid+'\'')
|
||||
|
||||
|
||||
|
||||
def getCnFromDn(self,dn):
|
||||
if dn !=None and str(dn) !="":
|
||||
dnStrArr = str(dn).split(",")
|
||||
if len(dnStrArr)>0:
|
||||
return dnStrArr[0]
|
||||
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
dn = self.data['dn']
|
||||
newParentDn = self.data['newParentDn']
|
||||
|
||||
jid= self.db_service.select_one_result('registration','jid','registered = 1')
|
||||
|
||||
newDn=str(dn).replace(dn, self.getCnFromDn(dn)+ str(newParentDn))
|
||||
|
||||
self.update_dn(jid,newDn)
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Ahenk başarı ile taşındı.',
|
||||
data=json.dumps({'Dn': newDn}),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(" error on handle xmessage task. Error: " + str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Ahenk taşınırken hata olustu' + str(e),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
cls = MoveAgent(task, context)
|
||||
cls.handle_task()
|
20
src/plugins/ldap/init.py
Normal file
20
src/plugins/ldap/init.py
Normal file
|
@ -0,0 +1,20 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Init(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Init, self).__init__()
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_mode(self):
|
||||
# TODO Do what do you want to do!
|
||||
pass
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
init = Init(context)
|
||||
init.handle_mode()
|
21
src/plugins/ldap/login.py
Normal file
21
src/plugins/ldap/login.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Login(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Login, self).__init__()
|
||||
self.context = context
|
||||
self.username = str(context.get_username())
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_mode(self):
|
||||
# TODO Do what do you want to do!
|
||||
pass
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
login = Login(context)
|
||||
login.handle_mode()
|
21
src/plugins/ldap/logout.py
Normal file
21
src/plugins/ldap/logout.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Logout(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Logout, self).__init__()
|
||||
self.context = context
|
||||
self.username = str(context.get_username())
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_mode(self):
|
||||
# TODO Do what do you want to do!
|
||||
pass
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
logout = Logout(context)
|
||||
logout.handle_mode()
|
16
src/plugins/ldap/main.py
Normal file
16
src/plugins/ldap/main.py
Normal file
|
@ -0,0 +1,16 @@
|
|||
#!/usr/bin/env python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'ldap'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = 'Ldap management'
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = True
|
||||
inf['machine_oriented'] = True
|
||||
inf['developer'] = 'muhammededip.yildiz@tubitak.gov.tr'
|
||||
|
||||
return inf
|
66
src/plugins/ldap/move_agent.py
Normal file
66
src/plugins/ldap/move_agent.py
Normal file
|
@ -0,0 +1,66 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Edip YILDIZ
|
||||
# Author: Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
|
||||
from base.model.enum.content_type import ContentType
|
||||
import json, threading
|
||||
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
import threading
|
||||
|
||||
|
||||
class MoveAgent(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
|
||||
|
||||
def update_dn(self, jid, newDn):
|
||||
cols = ['dn'];
|
||||
values = [newDn]
|
||||
return self.db_service.update('registration', cols, values, 'jid=\''+jid+'\'')
|
||||
|
||||
|
||||
|
||||
def getCnFromDn(self,dn):
|
||||
if dn !=None and str(dn) !="":
|
||||
dnStrArr = str(dn).split(",")
|
||||
if len(dnStrArr)>0:
|
||||
return dnStrArr[0]
|
||||
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
dn = self.data['dn']
|
||||
newParentDn = self.data['newParentDn']
|
||||
|
||||
jid= self.db_service.select_one_result('registration','jid','registered = 1')
|
||||
|
||||
newDn=str(dn).replace(dn, self.getCnFromDn(dn)+ str(newParentDn))
|
||||
|
||||
self.update_dn(jid,newDn)
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Ahenk başarı ile taşındı.',
|
||||
data=json.dumps({'Dn': newDn}),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(" error on handle xmessage task. Error: " + str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Ahenk taşınırken hata olustu' + str(e),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
cls = MoveAgent(task, context)
|
||||
cls.handle_task()
|
155
src/plugins/ldap/policy.py
Normal file
155
src/plugins/ldap/policy.py
Normal file
|
@ -0,0 +1,155 @@
|
|||
# !/usr/bin/python
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Volkan Şahin <volkansah.in> <bm.volkansahin@gmail.com>
|
||||
|
||||
import json
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Conky(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(Conky, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.machine_profile = True
|
||||
self.conky_config_file_dir = '/etc/conky/'
|
||||
self.conky_config_file_path = '/etc/conky/conky.conf'
|
||||
self.command_autorun_conky = 'sleep 3;conky -d {0} -c {1}'
|
||||
self.username = None
|
||||
self.autostart_dir_path = '{0}.config/autostart/'
|
||||
self.autorun_file_path = '{0}conky.desktop'
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_policy(self):
|
||||
try:
|
||||
|
||||
# Checking dependecies
|
||||
if self.check_dependencies(['conky', 'conky-all']) is True:
|
||||
self.logger.debug('Dependencies checked.')
|
||||
else:
|
||||
return
|
||||
|
||||
# Killing conky processes
|
||||
self.logger.debug('Conky named processes will be killed.')
|
||||
self.execute('killall -9 conky')
|
||||
|
||||
# Is user profile
|
||||
if 'username' in self.context.data and self.context.get('username') is not None:
|
||||
self.logger.debug('This is user profile, parameters reinitializing.')
|
||||
self.username = self.context.get('username')
|
||||
self.conky_config_file_dir = '{0}.conky/'.format(self.Sessions.user_home_path(self.username))
|
||||
self.conky_config_file_path = '{0}conky.conf'.format(self.conky_config_file_dir)
|
||||
self.machine_profile = False
|
||||
|
||||
# Creating/checking conky file dir and conky conf file
|
||||
self.logger.debug('Conky file directory and configuration file is creating/checking')
|
||||
if self.is_exist(self.conky_config_file_dir):
|
||||
self.logger.debug('Old config file will be deleted.')
|
||||
self.delete_file(self.conky_config_file_path)
|
||||
else:
|
||||
self.logger.debug(
|
||||
'Creating directory for conky config at {0}'.format(self.conky_config_file_dir))
|
||||
self.create_directory(self.conky_config_file_dir)
|
||||
|
||||
if self.create_file(self.conky_config_file_path):
|
||||
self.logger.debug('Config file was created.')
|
||||
self.write_file(self.conky_config_file_path, json.loads(self.data)['message'])
|
||||
self.logger.debug('Config file was filled by context.')
|
||||
else:
|
||||
self.logger.error('A problen occurred while creating Conky configuration file.')
|
||||
raise Exception('File {0} could not created.'.format(self.conky_config_file_path))
|
||||
|
||||
# Creating autorun
|
||||
self.logger.debug('Creating autorun file...')
|
||||
self.initialize_auto_run()
|
||||
|
||||
if self.machine_profile is False:
|
||||
self.execute(
|
||||
self.command_autorun_conky.format('--display=' + self.Sessions.display(self.username),
|
||||
self.conky_config_file_path),
|
||||
as_user=self.username, result=False)
|
||||
|
||||
self.execute('chown -hR ' + self.username + ':' + self.username + ' ' + self.conky_config_file_dir)
|
||||
self.logger.debug('Owner of Conky config file was changed.')
|
||||
else:
|
||||
self.execute(self.command_autorun_conky.format('', self.conky_config_file_path), result=False)
|
||||
|
||||
self.logger.debug('Autorun command executed successfully')
|
||||
self.context.create_response(code=self.get_message_code().POLICY_PROCESSED.value,
|
||||
message='Conky politikası başarıyla çalıştırıldı.')
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(
|
||||
'A problem occurred while handling Conky policy. Error Message: {}'.format(str(e)))
|
||||
self.context.create_response(code=self.get_message_code().POLICY_ERROR.value,
|
||||
message='Conky politikası uygulanırken bir hata oluştu.')
|
||||
|
||||
def check_dependencies(self, packages):
|
||||
|
||||
self.logger.debug('Checking dependencies')
|
||||
for package in packages:
|
||||
if self.is_installed(package) is False:
|
||||
self.logger.debug('Could not found {0}. It will be installed'.format(package))
|
||||
result_code, p_out, p_err = self.install_with_apt_get(package)
|
||||
if result_code == 0:
|
||||
self.logger.debug('{0} installed successfully'.format(package))
|
||||
else:
|
||||
self.logger.error(
|
||||
'A problem occurred while installing {0} package. Error Message: {1}'.format(package,
|
||||
str(
|
||||
p_err)))
|
||||
self.context.create_response(code=self.get_message_code().POLICY_ERROR.value,
|
||||
message='Bağımlılıklardan {0} paketi kurulurken hata oluştu.')
|
||||
return False
|
||||
|
||||
return True
|
||||
|
||||
def initialize_auto_run(self):
|
||||
|
||||
if self.machine_profile is True:
|
||||
self.logger.debug('All users conky configuration files will be removed because of machine profile')
|
||||
if self.Sessions.user_name() is not None and len(self.Sessions.user_name()) > 0:
|
||||
for username in self.Sessions.user_name():
|
||||
self.logger.debug(
|
||||
'Removing conf file of user {0}'.format(username))
|
||||
self.delete_file(
|
||||
self.autorun_file_path.format(
|
||||
self.autostart_dir_path.format(self.Sessions.user_home_path(username))))
|
||||
else:
|
||||
self.logger.debug(
|
||||
'There are no user')
|
||||
|
||||
else:
|
||||
home_path = self.Sessions.user_home_path(self.username)
|
||||
self.logger.debug(
|
||||
'Creating autorun file for user {0}'.format(self.username))
|
||||
self.create_autorun_file(self.autostart_dir_path.format(home_path),
|
||||
self.conky_config_file_path,
|
||||
self.autorun_file_path.format(self.autostart_dir_path.format(home_path)))
|
||||
self.logger.debug(
|
||||
'Autorun created')
|
||||
|
||||
def create_autorun_file(self, autostart_path, conky_config_file_path, autorun_file_path):
|
||||
if not self.is_exist(autostart_path):
|
||||
self.logger.debug(
|
||||
'Creating file: {0}'.format(autostart_path))
|
||||
self.create_directory(autostart_path)
|
||||
|
||||
file_content = '[Desktop Entry]\n' \
|
||||
'Encoding=UTF-8 \n' \
|
||||
'Type=Application \n' \
|
||||
'Name=Conky \n' \
|
||||
'Comment=Conky Monitor \n' \
|
||||
'Exec=conky -d -c ' + conky_config_file_path + '\n' \
|
||||
'StartupNotify=false \n' \
|
||||
'Terminal=false \n'
|
||||
self.logger.debug(
|
||||
'Writing content to autorun file.')
|
||||
self.write_file(autorun_file_path, file_content, 'w')
|
||||
|
||||
|
||||
def handle_policy(profile_data, context):
|
||||
plugin = Conky(profile_data, context)
|
||||
plugin.handle_policy()
|
59
src/plugins/ldap/rename_entry.py
Normal file
59
src/plugins/ldap/rename_entry.py
Normal file
|
@ -0,0 +1,59 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Edip YILDIZ
|
||||
# Author: Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
|
||||
from base.model.enum.content_type import ContentType
|
||||
import json, threading
|
||||
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
import threading
|
||||
|
||||
|
||||
class UpdateEntry(AbstractPlugin):
|
||||
def __init__(self, data, context):
|
||||
super(AbstractPlugin, self).__init__()
|
||||
self.data = data
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
|
||||
|
||||
def update_dn(self, jid, newDn):
|
||||
cols = ['dn'];
|
||||
values = [newDn]
|
||||
return self.db_service.update('registration', cols, values, 'jid=\''+jid+'\'')
|
||||
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
dn = self.data['dn']
|
||||
jid= self.db_service.select_one_result('registration','jid','registered = 1')
|
||||
|
||||
cn = self.data['oldCn']
|
||||
newCn = self.data['newCn']
|
||||
|
||||
newDn=str(dn).replace(cn,newCn)
|
||||
|
||||
self.update_dn(jid,newDn)
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Ahenk adı başarı ile değiştirildi.',
|
||||
data=json.dumps({'Dn': newDn}),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(" error on handle xmessage task. Error: " + str(e))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Ahenk adı değiştirilirken hata olustu' + str(e),
|
||||
content_type=ContentType.APPLICATION_JSON.value)
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
cls = UpdateEntry(task, context)
|
||||
cls.handle_task()
|
21
src/plugins/ldap/safe.py
Normal file
21
src/plugins/ldap/safe.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Safe(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Safe, self).__init__()
|
||||
self.context = context
|
||||
self.username = str(context.get_username())
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_safe_mode(self):
|
||||
# TODO Do what do you want to do!
|
||||
pass
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
safe = Safe(context)
|
||||
safe.handle_safe_mode()
|
20
src/plugins/ldap/shutdown.py
Normal file
20
src/plugins/ldap/shutdown.py
Normal file
|
@ -0,0 +1,20 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Shutdown(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Shutdown, self).__init__()
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_mode(self):
|
||||
# TODO Do what do you want to do!
|
||||
pass
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
shutdown = Shutdown(context)
|
||||
shutdown.handle_mode()
|
23
src/plugins/ldap/task_command_id.py
Normal file
23
src/plugins/ldap/task_command_id.py
Normal file
|
@ -0,0 +1,23 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Sample(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(Sample, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
|
||||
def handle_task(self):
|
||||
# TODO Do what do you want to do!
|
||||
# TODO Don't Forget returning response with <self.context.create_response(..)>
|
||||
pass
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
print('Sample Plugin Task')
|
||||
sample = Sample(task, context)
|
||||
sample.handle_task()
|
149
src/plugins/local-user/add_user.py
Normal file
149
src/plugins/local-user/add_user.py
Normal file
|
@ -0,0 +1,149 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
# Author:Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
from pathlib import Path
|
||||
|
||||
class AddUser(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(AddUser, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
self.username = self.task['username']
|
||||
self.password = self.task['password']
|
||||
self.home = self.task['home']
|
||||
self.active = self.task['active']
|
||||
self.groups = self.task['groups']
|
||||
self.desktop_write_permission = self.task['desktop_write_permission']
|
||||
self.kiosk_mode = self.task['kiosk_mode']
|
||||
|
||||
self.script = '/bin/bash ' + self.Ahenk.plugins_path() + 'local-user/scripts/{0}'
|
||||
|
||||
self.add_user = 'useradd -d {0} {1}'
|
||||
self.check_home_owner = 'stat -c \'%U\' {}'
|
||||
self.enable_user = 'passwd -u {}'
|
||||
self.disable_user = 'passwd -l {}'
|
||||
self.add_user_to_groups = 'usermod -a -G {0} {1}'
|
||||
self.create_shadow_password = 'mkpasswd -m sha-512 {}'
|
||||
self.change_password = 'usermod -p {0} {1}'
|
||||
self.change_shell = 'usermod -s /bin/bash {}'
|
||||
self.change_owner = 'chown {0}.{0} {1}'
|
||||
self.change_permission = 'chmod 755 {}'
|
||||
|
||||
self.desktop_path = ''
|
||||
self.xfce4_session = "/usr/bin/xfce4-session"
|
||||
self.gnome_session = "/usr/bin/gnome-session"
|
||||
self.desktop_env = None
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
self.desktop_env = self.get_desktop_env()
|
||||
self.logger.info("Get desktop environment is {0}".format(self.desktop_env))
|
||||
|
||||
if not self.is_exist(self.home):
|
||||
self.create_directory(self.home)
|
||||
self.execute(self.add_user.format(self.home, self.username))
|
||||
self.logger.debug('Added new user: {0}, home: {1}'.format(self.username, self.home))
|
||||
|
||||
self.execute(self.change_owner.format(self.username, self.home))
|
||||
self.execute(self.change_permission.format(self.home))
|
||||
self.logger.debug('Changed owner and permission for home directory.')
|
||||
|
||||
if self.groups != "":
|
||||
self.execute(self.add_user_to_groups.format(self.groups, self.username))
|
||||
self.logger.debug('Added user to these groups: {}'.format(self.groups))
|
||||
|
||||
if str(self.password).strip() != "":
|
||||
result_code, p_out, p_err = self.execute(self.create_shadow_password.format(self.password))
|
||||
shadow_password = p_out.strip()
|
||||
# shadow_password = crypt.crypt(self.password)
|
||||
self.execute(self.change_password.format('\'{}\''.format(shadow_password), self.username))
|
||||
self.logger.debug('Changed password.')
|
||||
|
||||
self.execute(self.change_shell.format(self.username))
|
||||
self.logger.debug('Changed user shell to /bin/bash')
|
||||
|
||||
if self.active == "true":
|
||||
self.execute(self.enable_user.format(self.username))
|
||||
self.logger.debug('The user has been enabled.')
|
||||
elif self.active == "false":
|
||||
self.execute(self.disable_user.format(self.username))
|
||||
self.logger.debug('The user has been disabled.')
|
||||
|
||||
agent_language = self.get_language()
|
||||
if agent_language == "tr_TR":
|
||||
desktop_name = "Masaüstü"
|
||||
else:
|
||||
desktop_name = "Desktop"
|
||||
|
||||
self.execute("mkdir " + self.home + "/" + desktop_name)
|
||||
self.desktop_path = self.home + "/" + desktop_name
|
||||
self.execute(self.change_owner.format(self.username, self.desktop_path))
|
||||
self.logger.debug('owner is changed for user {0} directory'.format(desktop_name))
|
||||
|
||||
if self.desktop_write_permission == "true":
|
||||
self.set_permission(self.desktop_path, 775)
|
||||
self.logger.debug('Desktop write permission is true')
|
||||
|
||||
elif self.desktop_write_permission == "false":
|
||||
self.set_permission(self.desktop_path, 575)
|
||||
self.logger.debug('Desktop write permission is false')
|
||||
#
|
||||
# Handle kiosk mode
|
||||
#
|
||||
if self.desktop_env == "xfce":
|
||||
result_code, p_out, p_err = self.execute(self.script.format('find_locked_users.sh'), result=True)
|
||||
if result_code != 0:
|
||||
self.logger.error(
|
||||
'Error occurred while managing kiosk mode.')
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Masaüstü kilidi ayarlanırken hata oluştu.')
|
||||
return
|
||||
locked_users = []
|
||||
if p_out:
|
||||
self.logger.debug('pout {0}'.format(str(p_out)))
|
||||
locked_users = p_out.strip().split(';')
|
||||
|
||||
if self.kiosk_mode == "true":
|
||||
self.logger.debug('Kiosk mode is active {0}'.format(str(locked_users)))
|
||||
if self.username not in locked_users:
|
||||
self.logger.debug('Adding user {0} to locked users'.format(self.username))
|
||||
locked_users.append(self.username)
|
||||
locked_users_str = ";".join(locked_users)
|
||||
self.logger.debug('Users: {0}'.format(locked_users_str))
|
||||
comm = "sed -i 's/^.*" + '<channel name="xfce4-panel"' + ".*$/" + '<channel name="xfce4-panel" version="1.0" locked="' + locked_users_str + '">' + "/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml"
|
||||
result_code1, p_out1, p_err1 = self.execute(comm)
|
||||
elif self.kiosk_mode == "false":
|
||||
self.logger.debug('Kiok mode is NOT active')
|
||||
if self.username in locked_users:
|
||||
self.logger.debug('Removing user {0} from locked users'.format(self.username))
|
||||
locked_users.remove(self.username)
|
||||
if locked_users:
|
||||
locked_users_str = ";".join(locked_users)
|
||||
# if xfce4-panel.xml doesn not exist copy it from ~/.config/xfce4/xfconf/xfce-perchannel-xml/
|
||||
comm = "sed -i 's/^.*" + '<channel name="xfce4-panel"' + ".*$/" + '<channel name="xfce4-panel" version="1.0" locked="' + locked_users_str + '">' + "/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml"
|
||||
result_code1, p_out1, p_err1 = self.execute(comm)
|
||||
else:
|
||||
self.execute(self.script.format('remove_locked_users.sh '))
|
||||
else:
|
||||
self.logger.info("Desktop environ is GNOME. Kiosk mode not setting")
|
||||
self.logger.info('User has been added successfully.')
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Kullanıcı başarıyla eklendi.')
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occurred while handling Local-User task: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Local-User görevi çalıştırılırken bir hata oluştu.')
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
add_user = AddUser(task, context)
|
||||
add_user.handle_task()
|
53
src/plugins/local-user/delete_user.py
Normal file
53
src/plugins/local-user/delete_user.py
Normal file
|
@ -0,0 +1,53 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
class DeleteUser(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(DeleteUser, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
self.username = self.task['username']
|
||||
self.home = self.task['home']
|
||||
self.delete_home = self.task['delete_home']
|
||||
|
||||
self.delete_user_home = 'rm -r {}'
|
||||
self.delete_user = 'userdel {}'
|
||||
self.logout_user = 'pkill -u {}'
|
||||
self.kill_all_process = 'killall -KILL -u {}'
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
self.execute(self.logout_user.format(self.username))
|
||||
self.execute(self.kill_all_process.format(self.username))
|
||||
self.logger.debug('Killed all processes for {}'.format(self.username))
|
||||
|
||||
if self.delete_home is True:
|
||||
self.execute(self.delete_user.format(self.username))
|
||||
self.execute(self.delete_user_home.format(self.home))
|
||||
self.logger.debug('Deleted user with home: {}'.format(self.username))
|
||||
elif self.delete_home is False:
|
||||
self.execute(self.delete_user.format(self.username))
|
||||
self.logger.debug('Deleted user: {}'.format(self.username))
|
||||
|
||||
self.logger.info('User has been deleted successfully.')
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Kullanıcı başarıyla silindi.')
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error(
|
||||
'A problem occured while handling Local-User task: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Local-User görevi çalıştırılırken bir hata oluştu.')
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
delete_user = DeleteUser(task, context)
|
||||
delete_user.handle_task()
|
160
src/plugins/local-user/edit_user.py
Normal file
160
src/plugins/local-user/edit_user.py
Normal file
|
@ -0,0 +1,160 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
# Author:Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
from pathlib import Path
|
||||
|
||||
class EditUser(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(EditUser, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
self.username = self.task['username']
|
||||
self.new_username = self.task['new_username']
|
||||
self.password = self.task['password']
|
||||
self.home = self.task['home']
|
||||
self.active = self.task['active']
|
||||
self.groups = self.task['groups']
|
||||
self.desktop_write_permission = self.task['desktop_write_permission']
|
||||
self.kiosk_mode = self.task['kiosk_mode']
|
||||
self.current_home = self.execute('eval echo ~{0}'.format(self.username))[1]
|
||||
|
||||
self.script = '/bin/bash ' + self.Ahenk.plugins_path() + 'local-user/scripts/{0}'
|
||||
|
||||
self.kill_processes = 'pkill -u {}'
|
||||
self.change_username = 'usermod -l {0} {1}'
|
||||
self.create_shadow_password = 'mkpasswd -m sha-512 {}'
|
||||
self.change_password = 'usermod -p {0} {1}'
|
||||
self.change_home = 'usermod -m -d {0} {1}'
|
||||
self.enable_user = 'passwd -u {}'
|
||||
self.disable_user = 'passwd -l {}'
|
||||
self.change_groups = 'usermod -G {0} {1}'
|
||||
self.remove_all_groups = 'usermod -G "" {}'
|
||||
self.change_owner = 'chown {0}.{0} {1}'
|
||||
self.change_permission = 'chmod 755 {}'
|
||||
self.logout_user = 'pkill -u {}'
|
||||
self.kill_all_process = 'killall -KILL -u {}'
|
||||
|
||||
self.message = ''
|
||||
self.message_code_level = 1
|
||||
|
||||
self.xfce4_session = "/usr/bin/xfce4-session"
|
||||
self.gnome_session = "/usr/bin/gnome-session"
|
||||
self.desktop_env = None
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_task(self):
|
||||
try:
|
||||
self.desktop_env = self.get_desktop_env()
|
||||
self.logger.info("Get desktop environment is {0}".format(self.desktop_env))
|
||||
|
||||
self.execute(self.logout_user.format(self.username))
|
||||
self.execute(self.kill_all_process.format(self.username))
|
||||
self.logger.debug('Killed all processes for {}'.format(self.username))
|
||||
|
||||
if str(self.new_username).strip() != "":
|
||||
self.execute(self.kill_processes.format(self.username))
|
||||
self.execute(self.change_username.format(self.new_username, self.username))
|
||||
self.logger.debug('Changed username {0} to {1}'.format(self.username, self.new_username))
|
||||
self.username = self.new_username
|
||||
|
||||
if str(self.password).strip() != "":
|
||||
result_code, p_out, p_err = self.execute(self.create_shadow_password.format(self.password))
|
||||
shadow_password = p_out.strip()
|
||||
self.execute(self.change_password.format('\'{}\''.format(shadow_password), self.username))
|
||||
self.logger.debug('Changed password.')
|
||||
|
||||
if self.current_home != self.home:
|
||||
self.execute(self.kill_processes.format(self.username))
|
||||
self.execute(self.change_home.format(self.home, self.username))
|
||||
self.logger.debug('Changed home directory to: {}'.format(self.home))
|
||||
|
||||
self.execute(self.change_owner.format(self.username, self.home))
|
||||
self.execute(self.change_permission.format(self.home))
|
||||
self.logger.debug('Changed owner and permission for home directory.')
|
||||
|
||||
if self.active == "true":
|
||||
self.execute(self.enable_user.format(self.username))
|
||||
self.logger.debug('The user has been enabled.')
|
||||
elif self.active == "false":
|
||||
self.execute(self.disable_user.format(self.username))
|
||||
self.logger.debug('The user has been disabled.')
|
||||
|
||||
if self.groups != "":
|
||||
self.execute(self.change_groups.format(self.groups, self.username))
|
||||
self.logger.debug('Added user to these groups: {}'.format(self.groups))
|
||||
else:
|
||||
self.execute(self.remove_all_groups.format(self.username))
|
||||
self.logger.debug('Removed all groups for user: {}'.format(self.username))
|
||||
|
||||
agent_language = self.get_language()
|
||||
if agent_language == "tr_TR":
|
||||
desktop_name = "Masaüstü"
|
||||
else:
|
||||
desktop_name = "Desktop"
|
||||
if self.desktop_write_permission == "true":
|
||||
self.set_permission(self.current_home.strip() + "/" + desktop_name, 775)
|
||||
self.logger.debug('Desktop write permission is true')
|
||||
|
||||
elif self.desktop_write_permission == "false":
|
||||
self.set_permission(self.current_home.strip() + "/" + desktop_name, 575)
|
||||
self.logger.debug('Desktop write permission is false')
|
||||
#
|
||||
# Handle kiosk mode
|
||||
#
|
||||
if self.desktop_env == "xfce":
|
||||
result_code, p_out, p_err = self.execute(self.script.format('find_locked_users.sh'), result=True)
|
||||
if result_code != 0:
|
||||
self.logger.error('Error occurred while managing kiosk mode.')
|
||||
self.message_code_level += 1
|
||||
self.message = 'Masaüstü kilidi ayarlanırken hata oluştu.'
|
||||
locked_users = []
|
||||
if p_out:
|
||||
self.logger.debug('pout {0}'.format(str(p_out)))
|
||||
locked_users = p_out.strip().split(';')
|
||||
|
||||
if self.kiosk_mode == "true":
|
||||
self.logger.debug('Kiosk mode is active {0}'.format(str(locked_users)))
|
||||
if self.username not in locked_users:
|
||||
self.logger.debug('Adding user {0} to locked users'.format(self.username))
|
||||
locked_users.append(self.username)
|
||||
locked_users_str = ";".join(locked_users)
|
||||
self.logger.debug('Users: {0}'.format(locked_users_str))
|
||||
comm = "sed -i 's/^.*" + '<channel name="xfce4-panel"' + ".*$/" + '<channel name="xfce4-panel" version="1.0" locked="' + locked_users_str + '">' + "/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml"
|
||||
result_code1, p_out1, p_err1 = self.execute(comm)
|
||||
elif self.kiosk_mode == "false":
|
||||
self.logger.debug('Kiok mode is NOT active')
|
||||
if self.username in locked_users:
|
||||
self.logger.debug('Removing user {0} from locked users'.format(self.username))
|
||||
locked_users.remove(self.username)
|
||||
if locked_users:
|
||||
locked_users_str = ";".join(locked_users)
|
||||
comm = "sed -i 's/^.*" + '<channel name="xfce4-panel"' + ".*$/" + '<channel name="xfce4-panel" version="1.0" locked="' + locked_users_str + '">' + "/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml"
|
||||
result_code1, p_out1, p_err1 = self.execute(comm)
|
||||
else:
|
||||
self.execute(self.script.format('remove_locked_users.sh '))
|
||||
else:
|
||||
self.logger.info("Desktop environ is GNOME. Kiosk mode not setting")
|
||||
self.logger.info('User has been edited successfully.')
|
||||
|
||||
if self.message_code_level == 1:
|
||||
response_code = self.message_code.TASK_PROCESSED.value
|
||||
response_message = 'Kullanıcı başarıyla düzenlendi.'
|
||||
else:
|
||||
response_code = self.message_code.TASK_WARNING.value
|
||||
response_message = 'Kullanıcı düzenlendi; fakat {0}'.format(self.message)
|
||||
self.context.create_response(code=response_code, message=response_message)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occurred while handling Local-User task: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Local-User görevi çalıştırılırken bir hata oluştu.')
|
||||
|
||||
def handle_task(task, context):
|
||||
edit_user = EditUser(task, context)
|
||||
edit_user.handle_task()
|
42
src/plugins/local-user/get_groups.py
Normal file
42
src/plugins/local-user/get_groups.py
Normal file
|
@ -0,0 +1,42 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
import json
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
class GetGroups(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(GetGroups, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
|
||||
self.command_get_groups = 'cut -d: -f1 /etc/group'
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_task(self):
|
||||
|
||||
try:
|
||||
result_code, p_out, p_err = self.execute(self.command_get_groups)
|
||||
groups = p_out.split('\n')
|
||||
groups.pop()
|
||||
|
||||
self.logger.debug('groups: {0}'.format(groups))
|
||||
|
||||
self.logger.info('Local User \'get_groups\' task is handled successfully')
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Grup listesi başarıyla getirildi.',
|
||||
data=json.dumps({'groups': groups}),
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occurred while handling Local-User \'get_groups\' task: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Local-User \'get_groups\' görevi çalıştırılırken bir hata oluştu.')
|
||||
|
||||
def handle_task(task, context):
|
||||
get_groups = GetGroups(task, context)
|
||||
get_groups.handle_task()
|
130
src/plugins/local-user/get_users.py
Normal file
130
src/plugins/local-user/get_users.py
Normal file
|
@ -0,0 +1,130 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
# Author:Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr>
|
||||
|
||||
import json
|
||||
from pathlib import Path
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
class GetUsers(AbstractPlugin):
|
||||
def __init__(self, task, context):
|
||||
super(GetUsers, self).__init__()
|
||||
self.task = task
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
self.message_code = self.get_message_code()
|
||||
self.script = '/bin/bash ' + self.Ahenk.plugins_path() + 'local-user/scripts/{0}'
|
||||
|
||||
self.command_users = 'awk -F: \'{print $1 ":" $6 ":" $7}\' /etc/passwd | grep /bin/bash'
|
||||
self.command_user_groups = 'groups {}'
|
||||
self.command_not_active = 'egrep \':\!\' /etc/shadow |awk -F: \'{print $1}\''
|
||||
self.command_get_groups = 'cut -d: -f1 /etc/group'
|
||||
self.xfce4_session = "/usr/bin/xfce4-session"
|
||||
self.gnome_session = "/usr/bin/gnome-session"
|
||||
self.desktop_env = None
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_task(self):
|
||||
|
||||
try:
|
||||
user_list = []
|
||||
result_code, p_out, p_err = self.execute(self.command_users)
|
||||
lines = p_out.split('\n')
|
||||
lines.pop()
|
||||
|
||||
self.desktop_env = self.get_desktop_env()
|
||||
self.logger.info("Get desktop environment is {0}".format(self.desktop_env))
|
||||
|
||||
for line in lines:
|
||||
detail = line.split(':')
|
||||
|
||||
result_code, p_out, p_err = self.execute(self.command_user_groups.format(str(detail[0]).strip()))
|
||||
groups = p_out.split(':')
|
||||
groups[1] = str(groups[1]).strip()
|
||||
groups[1] = groups[1].replace("'", "").replace(" ", ", ")
|
||||
is_active = 'true'
|
||||
result_code, p_out, p_err = self.execute(self.command_not_active)
|
||||
users = p_out.split('\n')
|
||||
|
||||
if str(detail[0]).strip() in users:
|
||||
is_active = 'false'
|
||||
|
||||
self.desktop_path = ''
|
||||
if self.is_exist("{0}/Masaüstü/".format(str(detail[1]).strip())):
|
||||
self.desktop_path = "{0}/Masaüstü/".format(str(detail[1]).strip())
|
||||
self.logger.debug("Desktop path for user '{0}' : {1}".format(str(detail[0]).strip(), self.desktop_path))
|
||||
elif self.is_exist("{0}/Desktop/".format(str(detail[1]).strip())):
|
||||
self.desktop_path = "{0}/Desktop/".format(str(detail[1]).strip())
|
||||
self.logger.debug("Desktop path for user '{0}' : {1}".format(str(detail[0]).strip(), self.desktop_path))
|
||||
else:
|
||||
self.logger.debug(
|
||||
'Desktop write permission could not get. Desktop path not found for user "{0}"'.format(
|
||||
str(detail[0]).strip()))
|
||||
|
||||
result_code, p_out, p_err = self.execute(' stat -c "%a %n" ' + self.desktop_path)
|
||||
self.logger.debug('sudo stat -c "%a %n" ' + self.desktop_path)
|
||||
is_desktop_write_permission_exists = 'false'
|
||||
if result_code == 0:
|
||||
permission_codes = p_out.split()
|
||||
self.logger.debug("permission codes : " + str(permission_codes))
|
||||
if len(permission_codes) > 0:
|
||||
permission_code = permission_codes[0].strip()
|
||||
self.logger.debug("permission code is : " + permission_code)
|
||||
if permission_code == "775":
|
||||
is_desktop_write_permission_exists = 'true'
|
||||
|
||||
if self.desktop_env == "xfce":
|
||||
is_kiosk_mode_on = 'false'
|
||||
self.logger.debug('Kiosk mode info will be taken')
|
||||
file_xfce4_panel = Path("/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml")
|
||||
if not file_xfce4_panel.exists():
|
||||
self.logger.error(
|
||||
'PANEL XML NOT FOUND COPY')
|
||||
source_path = "{0}local-user/panelconf/xfce4-panel.xml".format(self.Ahenk.plugins_path())
|
||||
self.logger.info("----->>>>" + source_path)
|
||||
self.copy_file(source_path, "/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml")
|
||||
self.logger.error(
|
||||
'FILE IS COPIED')
|
||||
result_code, p_out, p_err = self.execute(self.script.format('find_locked_users.sh'), result=True)
|
||||
if result_code != 0:
|
||||
self.logger.error(
|
||||
'Error occurred while finding locked users.')
|
||||
if p_out:
|
||||
self.logger.debug('locked users are {0}'.format(str(p_out)))
|
||||
locked_users = p_out.strip().split(';')
|
||||
# self.logger.debug("user is " + str(detail[0]).strip())
|
||||
# self.logger.debug("locked users are " + str(locked_users))
|
||||
if str(detail[0]).strip() in locked_users:
|
||||
is_kiosk_mode_on = 'true'
|
||||
self.logger.debug('Desktop environ is XFCE. Kiosk mode info is taken')
|
||||
else:
|
||||
is_kiosk_mode_on = "true"
|
||||
self.logger.info("Desktop environ is GNOME. Return kiok mode TRUE")
|
||||
|
||||
user = {'user': str(detail[0]).strip(), 'groups': groups[1], 'home': detail[1], 'is_active': is_active, 'is_desktop_write_permission_exists': is_desktop_write_permission_exists, 'is_kiosk_mode_on': is_kiosk_mode_on}
|
||||
user_list.append(user)
|
||||
self.logger.debug('user: {0}, groups: {1}, home: {2}, is_active: {3}'.format(str(detail[0]).strip(), groups[1], detail[1], is_active))
|
||||
self.logger.info('Local User task is handled successfully')
|
||||
#
|
||||
# get all groups
|
||||
#
|
||||
result_code, p_out, p_err = self.execute(self.command_get_groups)
|
||||
all_groups = p_out.split('\n')
|
||||
all_groups.pop()
|
||||
|
||||
self.context.create_response(code=self.message_code.TASK_PROCESSED.value,
|
||||
message='Kullanıcı listesi başarıyla getirildi.',
|
||||
data=json.dumps({'users': user_list, 'all_groups': all_groups}),
|
||||
content_type=self.get_content_type().APPLICATION_JSON.value)
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error('A problem occurred while handling Local-User task: {0}'.format(str(e)))
|
||||
self.context.create_response(code=self.message_code.TASK_ERROR.value,
|
||||
message='Local-User görevi çalıştırılırken bir hata oluştu.')
|
||||
|
||||
|
||||
def handle_task(task, context):
|
||||
get_users = GetUsers(task, context)
|
||||
get_users.handle_task()
|
24
src/plugins/local-user/init.py
Normal file
24
src/plugins/local-user/init.py
Normal file
|
@ -0,0 +1,24 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author:Mine DOGAN <mine.dogan@agem.com.tr>
|
||||
|
||||
from base.plugin.abstract_plugin import AbstractPlugin
|
||||
|
||||
|
||||
class Init(AbstractPlugin):
|
||||
def __init__(self, context):
|
||||
super(Init, self).__init__()
|
||||
self.context = context
|
||||
self.logger = self.get_logger()
|
||||
|
||||
self.logger.debug('Parameters were initialized.')
|
||||
|
||||
def handle_mode(self):
|
||||
if self.is_installed('whois') is False:
|
||||
self.install_with_apt_get('whois')
|
||||
self.logger.debug('whois has been installed with apt-get.')
|
||||
|
||||
|
||||
def handle_mode(context):
|
||||
init = Init(context)
|
||||
init.handle_mode()
|
15
src/plugins/local-user/main.py
Normal file
15
src/plugins/local-user/main.py
Normal file
|
@ -0,0 +1,15 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
def info():
|
||||
inf = dict()
|
||||
inf['name'] = 'local-user'
|
||||
inf['version'] = '1.0.0'
|
||||
inf['support'] = 'debian'
|
||||
inf['description'] = 'Local-User plugin provides to listing users and adding, editing, deleting a local user.'
|
||||
inf['task'] = True
|
||||
inf['user_oriented'] = False
|
||||
inf['machine_oriented'] = False
|
||||
inf['developer'] = 'tuncay.colak@tubitak.gov.tr'
|
||||
|
||||
return inf
|
43
src/plugins/local-user/panelconf/xfce4-panel.xml
Normal file
43
src/plugins/local-user/panelconf/xfce4-panel.xml
Normal file
|
@ -0,0 +1,43 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<channel name="xfce4-panel" version="1.0">
|
||||
<property name="configver" type="empty"/>
|
||||
<property name="panels" type="empty">
|
||||
<property name="panel-1" type="empty">
|
||||
<property name="position" type="empty"/>
|
||||
<property name="position-locked" type="empty"/>
|
||||
<property name="size" type="empty"/>
|
||||
<property name="length" type="empty"/>
|
||||
<property name="plugin-ids" type="empty"/>
|
||||
</property>
|
||||
</property>
|
||||
<property name="plugins" type="empty">
|
||||
<property name="plugin-1" type="empty">
|
||||
<property name="names-visible" type="array">
|
||||
<value type="string" value="networkmanager applet"/>
|
||||
<value type="string" value="xfce4-power-manager"/>
|
||||
<value type="string" value="google-chrome-stable"/>
|
||||
<value type="string" value="software updates"/>
|
||||
<value type="string" value="thunar"/>
|
||||
</property>
|
||||
<property name="show-frame" type="empty"/>
|
||||
<property name="size-max" type="empty"/>
|
||||
</property>
|
||||
<property name="plugin-3" type="empty"/>
|
||||
<property name="plugin-4" type="empty">
|
||||
<property name="appearance" type="empty"/>
|
||||
<property name="items" type="empty"/>
|
||||
<property name="ask-confirmation" type="empty"/>
|
||||
</property>
|
||||
<property name="plugin-7" type="empty">
|
||||
<property name="expand" type="empty"/>
|
||||
<property name="style" type="empty"/>
|
||||
</property>
|
||||
<property name="plugin-8" type="empty"/>
|
||||
<property name="plugin-5" type="empty">
|
||||
<property name="enable-keyboard-shortcuts" type="empty"/>
|
||||
</property>
|
||||
<property name="plugin-2" type="empty"/>
|
||||
<property name="plugin-13" type="empty"/>
|
||||
</property>
|
||||
</channel>
|
3
src/plugins/local-user/scripts/find_locked_users.sh
Normal file
3
src/plugins/local-user/scripts/find_locked_users.sh
Normal file
|
@ -0,0 +1,3 @@
|
|||
#!/bin/bash
|
||||
sed -n 's/^.*locked="\([A-Za-z0-9; ]*\)".*$/\1/p' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
|
||||
#sed -n 's/^.*locked="\([A-Za-z0-9; ]*\)".*$/\1/p' ~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
|
4
src/plugins/local-user/scripts/remove_locked_users.sh
Normal file
4
src/plugins/local-user/scripts/remove_locked_users.sh
Normal file
|
@ -0,0 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
sed -i 's/\(^.*\)\(locked="[A-Za-z; ]*"\)\(.*$\)/\1\3/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
|
||||
#sed -i 's/\(^.*\)\(locked="[A-Za-z; ]*"\)\(.*$\)/\1\3/' ~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue