mirror of
https://github.com/Pardus-LiderAhenk/ahenk
synced 2024-12-01 00:12:30 +03:00
Merge branch 'develop' of https://github.com/Pardus-LiderAhenk/ahenk into develop
This commit is contained in:
commit
e487d48e15
2 changed files with 267 additions and 15 deletions
214
src/base/registration/execute_cancel_sssd_ad_authentication.py
Normal file
214
src/base/registration/execute_cancel_sssd_ad_authentication.py
Normal file
|
@ -0,0 +1,214 @@
|
|||
#!/usr/bin/python3
|
||||
# -*- coding: utf-8 -*-
|
||||
# Author: Agah Hulusi ÖZ <enghulusi@gmail.com>
|
||||
|
||||
from base.scope import Scope
|
||||
from base.util.util import Util
|
||||
import re
|
||||
|
||||
|
||||
class ExecuteCancelSSSDAdAuthentication:
|
||||
def __init__(self):
|
||||
scope = Scope().get_instance()
|
||||
self.logger = scope.get_logger()
|
||||
self.util = Util()
|
||||
|
||||
def cancel(self):
|
||||
|
||||
# Deleting packages require for AD entegration
|
||||
|
||||
self.util.execute("apt purge realmd sssd sssd-tools adcli krb5-user packagekit samba-common samba-common-bin samba-libs -y")
|
||||
self.util.execute("apt autoremove -y")
|
||||
|
||||
# Read information about AD
|
||||
|
||||
if self.util.is_exist("/etc/ahenk/ad_info"):
|
||||
file_data = open("/etc/ahenk/ad_info","r")
|
||||
ip_address = (file_data.readline())
|
||||
host_name = (file_data.readline())
|
||||
file_data.close()
|
||||
self.logger.info("ad_info dosyasından bilgiler başarılı bir şekilde alındı.")
|
||||
else:
|
||||
self.logger.error("ad_info dosyasına ulaşılamadı ")
|
||||
|
||||
|
||||
try:
|
||||
if self.util.is_exist("/etc/sssd"):
|
||||
self.util.delete_folder("/etc/sssd")
|
||||
self.logger.info("SSSD is deleted")
|
||||
else:
|
||||
self.logger.info("SSSD is not exist")
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error("Error while running /etc/SSSD.. Error Message " + str(e))
|
||||
|
||||
# Re-Configure dhclient.conf deleting AD IP address
|
||||
|
||||
|
||||
|
||||
try:
|
||||
dhclient_conf_path = "/etc/dhcp/dhclient.conf"
|
||||
file_dhclient = open(dhclient_conf_path, 'r')
|
||||
file_data = file_dhclient.read()
|
||||
|
||||
if "prepend domain-name-servers {};".format(ip_address) in file_data:
|
||||
file_data = file_data.replace(("prepend domain-name-servers {};".format(ip_address)),
|
||||
"#prepend domain-name-servers 127.0.0.1;")
|
||||
self.logger.info("dhclient is reconfigured")
|
||||
else:
|
||||
self.logger.error("dhclient is'not reconfigured")
|
||||
|
||||
file_dhclient.close()
|
||||
file_dhclient = open(dhclient_conf_path, 'w')
|
||||
file_dhclient.write(file_data)
|
||||
file_dhclient.close()
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error("Error while running /dhcp/dhclient.conf.. Error Message " + str(e))
|
||||
|
||||
|
||||
# Pattern for clearing file data from spaces, tabs and newlines
|
||||
|
||||
# pattern = re.compile(r'\s+')
|
||||
|
||||
# # Re-Configure nsswitch.conf
|
||||
# file_ns_switch = open("/etc/nsswitch.conf", 'r')
|
||||
# file_data = file_ns_switch.read()
|
||||
#
|
||||
# # Cleared file data from spaces, tabs and newlines
|
||||
# text = pattern.sub('', file_data)
|
||||
# #BİR BİR BİR BAKKKKKKKKK
|
||||
# did_configuration_change = False
|
||||
# if "passwd:" in text:
|
||||
# file_data = file_data.replace("passwd: files systemd sss", "passwd: compat")
|
||||
# did_configuration_change = True
|
||||
# self.logger.info("passwd:compatss BAŞARILI")
|
||||
#
|
||||
#
|
||||
# if "group:" in text:
|
||||
# file_data = file_data.replace("group: files systemd sss", "group: compat")
|
||||
# did_configuration_change = True
|
||||
# self.logger.info("group:compatss BAŞARILI")
|
||||
#
|
||||
#
|
||||
#
|
||||
# if "shadow:" in text:
|
||||
# file_data = file_data.replace("shadow: files sss", "shadow: compat")
|
||||
# did_configuration_change = True
|
||||
# self.logger.info("shadow:compatss BAŞARILI")
|
||||
#
|
||||
#
|
||||
# if "services:" in text:
|
||||
# file_data = file_data.replace("services: db files sss", "services: db files")
|
||||
# did_configuration_change = True
|
||||
# self.logger.info("services:compatss BAŞARILI")
|
||||
#
|
||||
#
|
||||
# if "netgroup:" in text:
|
||||
# file_data = file_data.replace("netgroup: nis sss", "netgroup: nis")
|
||||
# did_configuration_change = True
|
||||
# self.logger.info("netgroup:nissss BAŞARILI")
|
||||
#
|
||||
#
|
||||
# if "sudoers:" in text:
|
||||
# file_data = file_data.replace("sudoers: files sss", " ")
|
||||
# did_configuration_change = True
|
||||
# self.logger.info("sudoers:filessss BAŞARILI")
|
||||
#
|
||||
#
|
||||
# if did_configuration_change:
|
||||
# self.logger.info("nsswitch.conf configuration has been configured")
|
||||
# else:
|
||||
# self.logger.info("nsswitch.conf has already been configured")
|
||||
#
|
||||
# file_ns_switch.close()
|
||||
# file_ns_switch = open("/etc/nsswitch.conf", 'w')
|
||||
# file_ns_switch.write(file_data)
|
||||
# file_ns_switch.close()
|
||||
|
||||
# Configure hosts for deleting AD "IP address" and "AD hostname"
|
||||
try:
|
||||
hosts_conf_path = "/etc/hosts"
|
||||
file_hosts = open(hosts_conf_path, 'r')
|
||||
file_data = file_hosts.read()
|
||||
|
||||
if ("{0} {1}".format(ip_address, host_name)) in file_data:
|
||||
file_data = file_data.replace(("{0} {1}".format(ip_address, host_name)), " ")
|
||||
self.logger.info("hosts is configured")
|
||||
else:
|
||||
self.logger.error("hosts is not configured")
|
||||
file_hosts.close()
|
||||
file_hosts = open(hosts_conf_path, 'w')
|
||||
file_hosts.write(file_data)
|
||||
file_hosts.close()
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error("Error while running /etc/hosts.. Error Message " + str(e))
|
||||
|
||||
# Configure common-session for deleting home directories for AD users
|
||||
|
||||
|
||||
try:
|
||||
common_session_conf_path = "/etc/pam.d/common-session"
|
||||
|
||||
file_common_session = open(common_session_conf_path, 'r')
|
||||
file_data = file_common_session.read()
|
||||
|
||||
if "session optional pam_mkhomedir.so skel=/etc/skel umask=077" in file_data:
|
||||
file_data = file_data.replace("session optional pam_mkhomedir.so skel=/etc/skel umask=077", " ")
|
||||
self.logger.info("common-session is configured")
|
||||
else:
|
||||
self.logger.error("common session is not configured")
|
||||
|
||||
file_common_session.close()
|
||||
file_common_session = open(common_session_conf_path, 'w')
|
||||
file_common_session.write(file_data)
|
||||
file_common_session.close()
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error("Error while running /etc/pam.d/common-session.. Error Message " + str(e))
|
||||
|
||||
# Configure resolv.conf for deleting AD IP address
|
||||
|
||||
resolv_conf_path = "/etc/resolv.conf"
|
||||
|
||||
file_resolv = open(resolv_conf_path, 'r')
|
||||
file_data = file_resolv.read()
|
||||
|
||||
if ("nameserver {0}".format(ip_address)) in file_data:
|
||||
file_data = file_data.replace(("nameserver {0}".format(ip_address)), "")
|
||||
self.logger.info("resolv.conf is configured")
|
||||
else:
|
||||
self.logger.error("resolv is not configured")
|
||||
|
||||
file_resolv.close()
|
||||
file_resolv = open(resolv_conf_path, 'w')
|
||||
file_resolv.write(file_data)
|
||||
file_resolv.close()
|
||||
|
||||
# Deleting ad_info file
|
||||
|
||||
|
||||
try:
|
||||
if self.util.is_exist("/etc/ahenk/ad_info"):
|
||||
(result_code, p_out, p_err) = self.util.execute("rm -rf /etc/ahenk/ad_info")
|
||||
if (result_code == 0):
|
||||
self.logger.info("ad_info Başarılı bir şekilde silindi")
|
||||
else:
|
||||
self.logger.error("ad_info silinemedi : " + str(p_err))
|
||||
else:
|
||||
self.logger.error("ad_info dosyasına ulaşılamadı ")
|
||||
|
||||
except Exception as e:
|
||||
self.logger.error("Error while running /ad_infoyu SİLERKEN.. Error Message " + str(e))
|
||||
|
||||
|
||||
# Configure lightdm.service
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
|
||||
self.logger.info("LDAP Login iptal etme işlemi başarı ile sağlandı.")
|
||||
|
|
@ -19,6 +19,27 @@ class ExecuteSSSDAdAuthentication:
|
|||
|
||||
|
||||
def authenticate(self, domain_name, host_name, ip_address, password, ad_username):
|
||||
|
||||
# Create and Configure ad_info file
|
||||
(result_code, p_out, p_err) = self.util.create_file("/etc/ahenk/ad_info")
|
||||
if (result_code == 0):
|
||||
self.logger.info("AD INFO başarılı bir şekilde oluşturuldu")
|
||||
# Configure ad_info for deregisteration info
|
||||
default_ad_info_path = "/etc/ahenk/ad_info"
|
||||
file_default_ad_info = open(default_ad_info_path, 'r')
|
||||
file_data = file_default_ad_info.read()
|
||||
|
||||
file_data = file_data + ("{}".format(ip_address)) + "\n" + ("{}".format(host_name)) + "\n" + (
|
||||
"{}".format(domain_name)) + "\n" + ("{}".format(ad_username))
|
||||
self.logger.info("/etc/ahenk/ad_info bilgiler girildi.")
|
||||
file_default_ad_info.close()
|
||||
file_default_ad_info = open(default_ad_info_path, 'w')
|
||||
file_default_ad_info.write(file_data)
|
||||
file_default_ad_info.close()
|
||||
else:
|
||||
self.logger.error("ad_info oluşturma komutu başarısız : " + str(p_err))
|
||||
|
||||
self.logger.info("Authenticate starting....")
|
||||
# Configure /etc/dhcp/dhclient.conf
|
||||
dhclient_conf_path = "/etc/dhcp/dhclient.conf"
|
||||
dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r")
|
||||
|
@ -156,6 +177,10 @@ class ExecuteSSSDAdAuthentication:
|
|||
file_sssd.write(file_data)
|
||||
file_sssd.close()
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# Arrangement of chmod as 600 for sssd.conf
|
||||
(result_code, p_out, p_err) = self.util.execute("chmod 600 {}".format(sssd_config_file_path))
|
||||
if(result_code == 0):
|
||||
|
@ -185,18 +210,31 @@ class ExecuteSSSDAdAuthentication:
|
|||
file_default_sssd.write(file_data)
|
||||
file_default_sssd.close()
|
||||
|
||||
# # Configure krb5.conf template
|
||||
# krb5_config_file_path = "/etc/krb5.conf"
|
||||
# file_krb5 = open(krb5_config_file_path, 'r')
|
||||
# file_data = file_krb5.read()
|
||||
#
|
||||
# file_data = file_data.replace("###realm###", "{}".format(self.domain_name.upper()))
|
||||
# file_data = file_data.replace("###admin_server###", "admin_server = {}".format(self.host_name))
|
||||
# file_data = file_data.replace("###kdc###", "kdc = " + "{}".format(self.host_name))
|
||||
# file_data = file_data.replace("###own_domain_realm###", ".{0} = {1}".format(self.domain_name, domain_name.upper()))
|
||||
#
|
||||
# file_krb5.close()
|
||||
# file_krb5 = open(krb5_config_file_path, 'w')
|
||||
# file_krb5.write(file_data)
|
||||
# file_krb5.close()
|
||||
#
|
||||
pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
|
||||
if not self.util.is_exist(pardus_xfce_path):
|
||||
self.logger.info("99-pardus-xfce.conf does not exist.")
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]\n")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm has been configured.")
|
||||
else:
|
||||
self.logger.info("99-pardus-xfce.conf exists. Delete file and create new one.")
|
||||
self.util.delete_file(pardus_xfce_path)
|
||||
self.util.create_file(pardus_xfce_path)
|
||||
|
||||
file_lightdm = open(pardus_xfce_path, 'a')
|
||||
file_lightdm.write("[Seat:*]")
|
||||
file_lightdm.write("greeter-hide-users=true")
|
||||
file_lightdm.close()
|
||||
self.logger.info("lightdm.conf has been configured.")
|
||||
|
||||
self.util.execute("systemctl restart nscd.service")
|
||||
# self.util.execute("pam-auth-update --force")
|
||||
self.logger.info("AD Login operation has been completed.")
|
||||
|
||||
self.logger.info("AD Login işlemi başarı ile sağlandı.")
|
||||
return True
|
||||
|
||||
|
|
Loading…
Reference in a new issue