#!/usr/bin/python3 # -*- coding: utf-8 -*- # Author:Mine DOGAN # Author:Tuncay ÇOLAK import subprocess from base.plugin.abstract_plugin import AbstractPlugin from pathlib import Path class AddUser(AbstractPlugin): def __init__(self, task, context): super(AddUser, self).__init__() self.task = task self.context = context self.logger = self.get_logger() self.message_code = self.get_message_code() self.username = self.task['username'] self.password = self.task['password'] self.home = self.task['home'] self.active = self.task['active'] self.groups = self.task['groups'] self.desktop_write_permission = self.task['desktop_write_permission'] self.kiosk_mode = self.task['kiosk_mode'] self.script = '/bin/bash ' + self.Ahenk.plugins_path() + 'local-user/scripts/{0}' self.add_user = 'useradd -d {0} {1}' self.check_home_owner = 'stat -c \'%U\' {}' self.enable_user = 'passwd -u {}' self.disable_user = 'passwd -l {}' self.add_user_to_groups = 'usermod -a -G {0} {1}' self.create_shadow_password = 'mkpasswd -m sha-512 {}' self.change_password = 'usermod -p {0} {1}' self.change_shell = 'usermod -s /bin/bash {}' self.change_owner = 'chown {0}.{0} {1}' self.change_permission = 'chmod 700 {}' self.desktop_path = '' self.xfce4_session = "/usr/bin/xfce4-session" self.gnome_session = "/usr/bin/gnome-session" self.desktop_env = None self.logger.debug('Parameters were initialized.') def handle_task(self): try: self.desktop_env = self.get_desktop_env() self.logger.info("Get desktop environment is {0}".format(self.desktop_env)) if not self.is_exist(self.home): self.create_directory(self.home) self.execute(self.add_user.format(self.home, self.username)) self.logger.debug('Added new user: {0}, home: {1}'.format(self.username, self.home)) self.execute(self.change_owner.format(self.username, self.home)) self.execute(self.change_permission.format(self.home)) self.logger.debug('Changed owner and permission for home directory.') if self.groups != "": self.execute(self.add_user_to_groups.format(self.groups, self.username)) self.logger.debug('Added user to these groups: {}'.format(self.groups)) if str(self.password).strip() != "": result_code, p_out, p_err = self.execute_command(self.create_shadow_password.format(self.password)) shadow_password = p_out.strip() # shadow_password = crypt.crypt(self.password) self.execute_command(self.change_password.format('\'{}\''.format(shadow_password), self.username)) self.logger.debug('Changed password.') self.execute(self.change_shell.format(self.username)) self.logger.debug('Changed user shell to /bin/bash') if self.active == "true": self.execute(self.enable_user.format(self.username)) self.logger.debug('The user has been enabled.') elif self.active == "false": self.execute(self.disable_user.format(self.username)) self.logger.debug('The user has been disabled.') agent_language = self.get_language() if agent_language == "tr_TR": desktop_name = "Masaüstü" else: desktop_name = "Desktop" self.execute("mkdir " + self.home + "/" + desktop_name) self.desktop_path = self.home + "/" + desktop_name self.execute(self.change_owner.format(self.username, self.desktop_path)) self.logger.debug('owner is changed for user {0} directory'.format(desktop_name)) if self.desktop_write_permission == "true": self.set_permission(self.desktop_path, 775) self.logger.debug('Desktop write permission is true') elif self.desktop_write_permission == "false": self.set_permission(self.desktop_path, 575) self.logger.debug('Desktop write permission is false') # # Handle kiosk mode # if self.desktop_env == "xfce": result_code, p_out, p_err = self.execute(self.script.format('find_locked_users.sh'), result=True) if result_code != 0: self.logger.error( 'Error occurred while managing kiosk mode.') self.context.create_response(code=self.message_code.TASK_ERROR.value, message='Masaüstü kilidi ayarlanırken hata oluştu.') return locked_users = [] if p_out: self.logger.debug('pout {0}'.format(str(p_out))) locked_users = p_out.strip().split(';') if self.kiosk_mode == "true": self.logger.debug('Kiosk mode is active {0}'.format(str(locked_users))) if self.username not in locked_users: self.logger.debug('Adding user {0} to locked users'.format(self.username)) locked_users.append(self.username) locked_users_str = ";".join(locked_users) self.logger.debug('Users: {0}'.format(locked_users_str)) comm = "sed -i 's/^.*" + '' + "/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml" result_code1, p_out1, p_err1 = self.execute(comm) elif self.kiosk_mode == "false": self.logger.debug('Kiok mode is NOT active') if self.username in locked_users: self.logger.debug('Removing user {0} from locked users'.format(self.username)) locked_users.remove(self.username) if locked_users: locked_users_str = ";".join(locked_users) # if xfce4-panel.xml doesn not exist copy it from ~/.config/xfce4/xfconf/xfce-perchannel-xml/ comm = "sed -i 's/^.*" + '' + "/' /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-panel.xml" result_code1, p_out1, p_err1 = self.execute(comm) else: self.execute(self.script.format('remove_locked_users.sh ')) else: self.logger.info("Desktop environ is GNOME. Kiosk mode not setting") self.logger.info('User has been added successfully.') self.context.create_response(code=self.message_code.TASK_PROCESSED.value, message='Kullanıcı başarıyla eklendi.') except Exception as e: self.logger.error('A problem occurred while handling Local-User task: {0}'.format(str(e))) self.context.create_response(code=self.message_code.TASK_ERROR.value, message='Local-User görevi çalıştırılırken bir hata oluştu.') ## this methode is only for local-user password plugin def execute_command(self, command, stdin=None, env=None, cwd=None, shell=True, result=True): try: process = subprocess.Popen(command, stdin=stdin, env=env, cwd=cwd, stderr=subprocess.PIPE, stdout=subprocess.PIPE, shell=shell) if result is True: result_code = process.wait() p_out = process.stdout.read().decode("unicode_escape") p_err = process.stderr.read().decode("unicode_escape") return result_code, p_out, p_err else: return None, None, None except Exception as e: return 1, 'Could not execute command. Error Message: {0}'.format(str(e)), '' def handle_task(task, context): add_user = AddUser(task, context) add_user.handle_task()