Liderahenk/Ahenk
1
0
Fork 0
mirror of https://github.com/Pardus-LiderAhenk/ahenk synced 2024-11-09 18:52:16 +03:00
Code Issues Projects Releases Packages Wiki Activity

Merge branch 'master' of https://github.com/Pardus-LiderAhenk/ahenk

Browse source
This commit is contained in:
Edip YILDIZ 2020-07-23 16:35:38 +03:00
commit c63e9faede
12 changed files with 132 additions and 159 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
debian/ahenk.install vendored
View file

@ -108,7 +108,6 @@ usr/share/ahenk/base/scheduler/custom/scheduledb.py
usr/share/ahenk/base/scheduler/custom/custom_scheduler.py
usr/share/ahenk/base/scheduler/custom
usr/share/ahenk/base/scheduler
usr/share/ahenk/base/registration/test.py
usr/share/ahenk/base/registration/execute_cancel_sssd_ad_authentication.py
usr/share/ahenk/base/registration/config-files/ldap
usr/share/ahenk/base/registration/config-files/pam_script

36
debian/changelog vendored
View file

@ -1,3 +1,39 @@
ahenk (1.1.0-8) unstable; urgency=medium
[ Hasan Kara ]
* a boolean flag is added if a policy is executed
[ Edip YILDIZ ]
* directory server disabled and generic
[ Tuncay ÇOLAK ]
* Syncing /usr/share/ahenk to src and recreating ahenk.install
* Update changelog for 1.1.0-7 release
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Thu, 23 Jul 2020 14:39:02 +0300
ahenk (1.1.0-7) unstable; urgency=medium
[ Hasan Kara ]
* added extra parameters to login message for updating agent informations
[ Edip Yıldız ]
* add auto roster accept
[ Agah Öz ]
* register,unregister and AD swap modified
[ Hasan Kara ]
* a boolean flag is added if a policy is executed
[ Edip YILDIZ ]
* directory server disabled and generic
[ Tuncay ÇOLAK ]
* Syncing /usr/share/ahenk to src and recreating ahenk.install
-- Tuncay ÇOLAK <tuncay.colak@tubitak.gov.tr> Thu, 23 Jul 2020 14:36:49 +0300
ahenk (1.1.0-6) unstable; urgency=medium
[ Edip YILDIZ ]

10
usr/share/ahenk/ahenkd.py
View file

@ -162,7 +162,8 @@ class AhenkDaemon(BaseDaemon):
print("Registration attemp")
max_attempt_number -= 1
self.logger.debug('Ahenk is not registered. Attempting for registration')
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password,self.register_directory_server)
# registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password,self.register_directory_server)
registration.registration_request(self.register_hostname,self.register_user_name,self.register_user_password)
if max_attempt_number < 0:
self.logger.warning('Number of Attempting for registration is over')
Util.execute("/etc/init.d/ahenk stop")
@ -248,7 +249,7 @@ class AhenkDaemon(BaseDaemon):
self.register_hostname=hostName
self.register_user_name=username
self.register_user_password=password
self.register_directory_server = directoryServer
# self.register_directory_server = directoryServer
# if user_disabled is when ahenk service restarted TRUE disabled local users
def disable_local_users(self):
@ -385,8 +386,9 @@ if __name__ == '__main__':
hostName = sys.argv[2]
userName = sys.argv[3]
password = sys.argv[4]
directoryServer = sys.argv[5]
ahenk_daemon.set_register_user(hostName,userName,password,directoryServer)
# directoryServer = sys.argv[5]
# ahenk_daemon.set_register_user(hostName,userName,password,directoryServer)
ahenk_daemon.set_register_user(hostName,userName,password)
ahenk_daemon.run()
else:

61
usr/share/ahenk/base/agreement/ahenkmessage.py
View file

@ -18,28 +18,30 @@ class AskRegister():
self.title = title
self.host = host
self.master = tk.Tk()
self.text= tk.StringVar()
self.master.title(self.title)
if self.host != "":
pass
else:
tk.Label(self.master, text="Etki Alanı Sunucusu : ").grid(row=0)
self.e1 = tk.Entry(self.master)
self.e1.grid(row=0, column=1)
tk.Label(self.master, text="* Etki Alanı: ").grid(row=0)
self.e1 = tk.Entry(self.master)
self.e1.grid(row=0, column=1)
tk.Label(self.master, text="Yetkili Kullanıcı : ").grid(row=1)
tk.Label(self.master, text="Parola : ").grid(row=2)
# if self.host != "":
# pass
# else:
tk.Label(self.master, text="* Yetkili Kullanıcı : ").grid(row=1)
tk.Label(self.master, text="* Parola : ").grid(row=2)
tk.Label(self.master, textvariable= self.text, fg="red").grid(row=3,columnspan=2)
self.e2 = tk.Entry(self.master)
self.e3 = tk.Entry(show="*")
self.var1 = IntVar()
Checkbutton(self.master, text="Active Directory", variable=self.var1, command=self.check1).grid(row=3, column=0, stick=tk.W,
pady=4)
self.var2 = IntVar()
self.var2.set(1)
Checkbutton(self.master, text="OpenLDAP", variable=self.var2, command=self.check2).grid(row=3, column=1, stick=tk.W, pady=4)
# self.var1 = IntVar()
# Checkbutton(self.master, text="Active Directory", variable=self.var1, command=self.check1).grid(row=3, column=0, stick=tk.W,
# pady=4)
# self.var2 = IntVar()
# self.var2.set(1)
# Checkbutton(self.master, text="OpenLDAP", variable=self.var2, command=self.check2).grid(row=3, column=1, stick=tk.W, pady=4)
self.e2.grid(row=1, column=1)
self.e3.grid(row=2, column=1)
@ -49,20 +51,23 @@ class AskRegister():
tk.mainloop()
def show(self):
if(self.e1.get() =='' or self.e2.get()=='' or self.e3.get()==''):
self.text.set("Lütfen zorunlu alanları doldurunuz!")
else:
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get())
self.master.quit()
# if self.var2.get() == 1:
# if self.host != "":
# print(self.e2.get()+" "+self.e3.get()+" "+"LDAP")
# else:
# print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"LDAP")
#
# if self.var1.get() == 1:
# if self.host != "":
# print(self.e2.get()+" "+self.e3.get()+" "+"AD")
# else:
# print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"AD")
if self.var2.get() == 1:
if self.host != "":
print(self.e2.get()+" "+self.e3.get()+" "+"LDAP")
else:
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"LDAP")
if self.var1.get() == 1:
if self.host != "":
print(self.e2.get()+" "+self.e3.get()+" "+"AD")
else:
print(self.e1.get()+" "+self.e2.get()+" "+self.e3.get()+" "+"AD")
self.master.quit()
def check1(self):
self.var2.set(0)

2
usr/share/ahenk/base/command/command_manager.py
View file

@ -51,7 +51,7 @@ class Commander(object):
print('{0} logging out'.format(str(params[2])))
data['event'] = params[1]
data['username'] = params[2]
elif len(params) == 4 and params[1] == 'logout':
print('{0} logging out'.format(str(params[2])))
data['event'] = params[1]

2
usr/share/ahenk/base/execution/execution_manager.py
View file

@ -221,6 +221,7 @@ class ExecutionManager(object):
def execute_policy(self, arg):
try:
j = json.loads(str(arg))
self.policy_executed[j['username']] = True
for i in range(len(j['executePolicyList'])):
policy = self.json_to_PolicyBean(json.loads(json.dumps(j['executePolicyList'][i])))
self.logger.debug('Updating policies...')
@ -240,7 +241,6 @@ class ExecutionManager(object):
self.db_service.delete('policy', 'type = \'U\' and name = \'' + policy.get_username() + '\'' +
'and policy_id = ' + str(policy.get_policy_id()))
else:
self.policy_executed[policy.get_username()] = True
machine_uid = self.db_service.select_one_result('registration', 'jid', 'registered=1')
user_policy_version = self.db_service.select_one_result('policy', 'version',
'type = \'U\' and name = \'' + policy.get_username() + '\'' +

5
usr/share/ahenk/base/messaging/messaging.py
View file

@ -72,6 +72,11 @@ class Messaging(object):
data['ipAddresses'] = str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', '')
data['timestamp'] = Util.timestamp()
data['userIp'] = ip
data['osVersion'] = System.Os.version()
data['diskTotal'] = System.Hardware.Disk.total()
data['diskUsed'] = System.Hardware.Disk.used()
data['diskFree'] = System.Hardware.Disk.free()
data['memory'] = System.Hardware.Memory.total()
data['hostname'] = str(System.Os.hostname())
self.logger.debug('USER IP : '+ str(ip)+ ' IPADDRESSES : '+ str(System.Hardware.Network.ip_addresses()).replace('[', '').replace(']', ''))

1
usr/share/ahenk/base/messaging/messenger.py
View file

@ -50,6 +50,7 @@ class Messenger(ClientXMPP):
self.register_extensions()
self.add_listeners()
self.roster.auto_subscribe = True
def register_extensions(self):
try:

14
usr/share/ahenk/base/registration/execute_cancel_sssd_ad_authentication.py
View file

@ -15,10 +15,6 @@ class ExecuteCancelSSSDAdAuthentication:
def cancel(self):
try:
# Deleting packages require for AD entegration
self.util.execute(
"apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
self.util.execute("apt autoremove -y")
# Read information about AD
if self.util.is_exist(self.ad_info_path):
@ -31,11 +27,12 @@ class ExecuteCancelSSSDAdAuthentication:
else:
self.logger.error("ad_info file not found")
if self.util.is_exist("/etc/sssd"):
# self.util.delete_folder("/etc/sssd")
self.logger.info("SSSD is deleted")
# Leave old domain
(result_code, p_out, p_err) = self.util.execute("realm leave ")
if (result_code == 0):
self.logger.info("Realm Leave komutu başarılı")
else:
self.logger.info("SSSD is not exist")
self.logger.error("Realm Leave komutu başarısız : " + str(p_err))
# Re-Configure dhclient.conf deleting AD IP address
dhclient_conf_path = "/etc/dhcp/dhclient.conf"
@ -54,6 +51,7 @@ class ExecuteCancelSSSDAdAuthentication:
file_dhclient.write(file_data)
file_dhclient.close()
# Configure hosts for deleting AD "IP address" and "AD hostname"
hosts_conf_path = "/etc/hosts"
file_hosts = open(hosts_conf_path, 'r')

17
usr/share/ahenk/base/registration/execute_sssd_ad_authentication.py
View file

@ -13,6 +13,21 @@ class ExecuteSSSDAdAuthentication:
def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
try:
# Installation of required packages
(result_code, p_out, p_err) = self.util.execute(
"sudo apt-get -y install realmd")
if (result_code == 0):
self.logger.info("İndirmeler Başarılı")
else:
self.logger.error("İndirmeler Başarısız : " + str(p_err))
# Execute the commands that require for leave
(result_code, p_out, p_err) = self.util.execute("realm leave")
if (result_code == 0):
self.logger.info("Realm Leave komutu başarılı")
else:
self.logger.error("Realm Leave komutu başarısız : " + str(p_err))
# Create and Configure ad_info file
(result_code, p_out, p_err) = self.util.execute("touch /etc/ahenk/ad_info")
if (result_code == 0):
@ -102,7 +117,7 @@ class ExecuteSSSDAdAuthentication:
self.logger.error("Script başarısız oldu : " + str(p_err))
# Installation of required packages
(result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs")
(result_code, p_out, p_err) = self.util.execute("sudo apt-get -y install sssd sssd-tools adcli packagekit samba-common-bin samba-libs")
if (result_code == 0):
self.logger.info("İndirmeler Başarılı")
else:

51
usr/share/ahenk/base/registration/registration.py
View file

@ -50,7 +50,7 @@ class Registration:
else:
self.register(True)
def registration_request(self, hostname,username,password,directoryserver):
def registration_request(self, hostname,username,password):
self.logger.debug('Requesting registration')
# SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None))
@ -60,7 +60,7 @@ class Registration:
self.host = hostname
self.user_name = username
self.user_password= password
self.directory_server = directoryserver
# self.directory_server = directoryserver
self.showUserNotify = False;
if(username is None and password is None and self.host is None ):
@ -79,12 +79,12 @@ class Registration:
self.host = user_registration_info[0]
self.user_name = user_registration_info[1]
self.user_password = user_registration_info[2]
self.directory_server = user_registration_info[3]
# self.directory_server = user_registration_info[3]
else:
self.user_name = user_registration_info[0]
self.user_password = user_registration_info[1]
self.directory_server = user_registration_info[2]
# self.directory_server = user_registration_info[2]
#anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(user_name,user_password), self.host,self.servicename)
#anon_messenger.connect_to_server()
@ -99,9 +99,10 @@ class Registration:
self.messenger.send_Direct_message(self.message_manager.ldap_registration_msg())
def registration_success(self, reg_reply):
try:
self.local_user_disable = reg_reply['disableLocalUser']
self.directory_server = reg_reply['directoryServer']
if self.local_user_disable is True:
self.conf_manager.set('MACHINE', 'user_disabled', 'true')
else:
@ -154,19 +155,15 @@ class Registration:
new_line = stripped_line.replace("# disable-user-list=true", "disable-user-list=true")
new_file_content += new_line + "\n"
reading_file.close()
writing_file = open(pardus_gnome_path, "w")
writing_file.write(new_file_content)
writing_file.close()
self.logger.info("gdm.conf has been configured.")
# LDAP registration
if self.directory_server == "LDAP":
self.install_and_config_ldap(reg_reply)
# AD registration
else:
elif self.directory_server == "ACTIVE_DIRECTORY":
self.install_and_config_ad(reg_reply)
except Exception as e:
@ -333,24 +330,26 @@ class Registration:
Util.show_message(os.getlogin(),':0',"Lider MYS sistemine ulaşılamadı. Lütfen sunucu adresini kontrol ediniz....","HATA")
System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))
def purge_and_unregister(self):
def purge_and_unregister(self,directory_type):
try:
self.logger.info('Ahenk conf cleaned')
self.logger.info('Ahenk conf cleaning from db')
self.unregister()
directory_type = "LDAP"
if self.util.is_exist("/etc/ahenk/ad_info"):
directory_type = "AD"
if directory_type == "LDAP":
self.ldap_login_cancel.cancel()
else:
self.ad_login_cancel.cancel()
self.logger.info('Ahenk conf cleaned from db')
#directory_type = "LDAP"
#if self.util.is_exist("/etc/ahenk/ad_info"):
# directory_type = "AD"
self.logger.info('Cleaning ahenk conf..')
self.clean()
self.logger.info('Ahenk conf cleaned from db')
self.logger.info('Ahenk conf cleaned')
if directory_type == "LDAP":
self.logger.info('Ahenk cleaning LDAP config')
self.ldap_login_cancel.cancel()
self.logger.info('Ahenk cleaned LDAP config')
elif directory_type =="ACTIVE_DIRECTORY":
self.logger.info('Ahenk cleaning ACTIVE_DIRECTORY config')
self.ad_login_cancel.cancel()
self.logger.info('Ahenk cleaned ACTIVE_DIRECTORY config')
if self.conf_manager.has_section('MACHINE'):
user_disabled = self.conf_manager.get("MACHINE", "user_disabled")
@ -362,12 +361,16 @@ class Registration:
self.logger.info('Local users already enabled')
# İf desktop env is XFCE configured lightdm.service
if self.util.get_desktop_env() == "xfce":
self.logger.info('XFCE conf file deleting')
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.logger.info('XFCE conf file deleted')
if self.util.get_desktop_env() == "gnome":
self.logger.info('GNOME conf file deleting')
pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults"
if not self.util.is_exist(pardus_gnome_path):
self.logger.info("Gnome conf doesn't exist")
@ -386,7 +389,7 @@ class Registration:
writing_file.write(new_file_content)
writing_file.close()
self.logger.info("gdm.conf has been configured.")
self.logger.info('GNOME conf file deleted')
Util.shutdown()
except Exception as e:
self.logger.error("Error while running purge_and_unregister process.. Error Message " + str(e))

91
usr/share/ahenk/base/registration/test.py
View file

@ -1,91 +0,0 @@
#!/usr/bin/python3
# -*- coding: utf-8 -*-
# Author: Hasan Kara <h.kara27@gmail.com>
from base.scope import Scope
from base.util.util import Util
import re
class ExecuteCancelSSSDAuthentication:
def __init__(self):
scope = Scope().get_instance()
self.logger = scope.get_logger()
self.util = Util()
def cancel(self):
self.util.execute("apt purge libpam-sss sssd-common -y")
self.util.execute("apt autoremove -y")
if self.util.is_exist("/etc/sssd"):
self.util.delete_folder("/etc/sssd")
# pattern for clearing file data from spaces, tabs and newlines
pattern = re.compile(r'\s+')
# Configure nsswitch.conf
file_ns_switch = open("/etc/nsswitch.conf", 'r')
file_data = file_ns_switch.read()
# cleared file data from spaces, tabs and newlines
text = pattern.sub('', file_data)
did_configuration_change = False
if "passwd:compatsss" in text:
file_data = file_data.replace("passwd: compat sss", "passwd: compat")
did_configuration_change = True
if "group:compatsss" in text:
file_data = file_data.replace("group: compat sss", "group: compat")
did_configuration_change = True
if "shadow:compatsss" in text:
file_data = file_data.replace("shadow: compat sss", "shadow: compat")
did_configuration_change = True
if "services:dbfilessss" in text:
file_data = file_data.replace("services: db files sss", "services: db files")
did_configuration_change = True
if "netgroup:nissss" in text:
file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
did_configuration_change = True
if "sudoers:filessss" in text:
file_data = file_data.replace("sudoers: files sss", "")
did_configuration_change = True
if did_configuration_change:
self.logger.info("nsswitch.conf configuration has been configured")
else:
self.logger.info("nsswitch.conf has already been configured")
file_ns_switch.close()
file_ns_switch = open("/etc/nsswitch.conf", 'w')
file_ns_switch.write(file_data)
file_ns_switch.close()
common_session_conf_path = "/etc/pam.d/common-session"
# configure common-session for creating home directories for ldap users
file_common_session = open(common_session_conf_path, 'r')
file_data = file_common_session.read()
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" in file_data:
file_data = file_data.replace("session optional pam_mkhomedir.so skel=/etc/skel umask=077", "")
self.logger.info("common-session is configured")
file_common_session.close()
file_common_session = open(common_session_conf_path, 'w')
file_common_session.write(file_data)
file_common_session.close()
# Configure lightdm.service
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
if self.util.is_exist(pardus_xfce_path):
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
self.util.delete_file(pardus_xfce_path)
self.util.execute("systemctl restart nscd.service")
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")