2008-02-27 16:54:30 -06:00
|
|
|
#!/usr/bin/python
|
2008-02-27 16:56:26 -06:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
#
|
|
|
|
|
# Copyright © 2007-2008 Red Hat, Inc. All rights reserved.
|
|
|
|
|
#
|
|
|
|
|
# This copyrighted material is made available to anyone wishing to use, modify,
|
|
|
|
|
# copy, or redistribute it subject to the terms and conditions of the GNU
|
|
|
|
|
# General Public License v.2. This program is distributed in the hope that it
|
|
|
|
|
# will be useful, but WITHOUT ANY WARRANTY expressed or implied, including the
|
|
|
|
|
# implied warranties of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
|
|
|
|
|
# See the GNU General Public License for more details. You should have
|
|
|
|
|
# received a copy of the GNU General Public License along with this program;
|
|
|
|
|
# if not, write to the Free Software Foundation, Inc., 51 Franklin Street,
|
|
|
|
|
# Fifth Floor, Boston, MA 02110-1301, USA. Any Red Hat trademarks that are
|
|
|
|
|
# incorporated in the source code or documentation are not subject to the GNU
|
|
|
|
|
# General Public License and may only be used or replicated with the express
|
|
|
|
|
# permission of Red Hat, Inc.
|
|
|
|
|
#
|
|
|
|
|
# Red Hat Author(s): Mike McGrath <mmcgrath@redhat.com>
|
|
|
|
|
#
|
2008-02-28 14:07:14 -06:00
|
|
|
# TODO: put tmp files in a 700 tmp dir
|
2008-02-27 16:56:26 -06:00
|
|
|
|
2008-02-27 16:54:30 -06:00
|
|
|
import sys
|
|
|
|
|
import logging
|
2008-02-29 18:26:57 -06:00
|
|
|
import os
|
|
|
|
|
import tempfile
|
2008-02-27 16:54:30 -06:00
|
|
|
|
2008-02-28 11:21:24 -06:00
|
|
|
from fedora.tg.client import BaseClient, AuthError, ServerError
|
|
|
|
|
from optparse import OptionParser
|
2008-02-29 18:26:57 -06:00
|
|
|
from shutil import move, rmtree
|
2008-02-28 11:21:24 -06:00
|
|
|
from rhpl.translate import _
|
|
|
|
|
|
2008-03-02 19:39:57 -05:00
|
|
|
FAS_URL = 'http://localhost:8088/fas/'
|
2008-02-28 11:21:24 -06:00
|
|
|
|
|
|
|
|
|
|
|
|
|
parser = OptionParser()
|
|
|
|
|
|
2008-02-29 18:26:57 -06:00
|
|
|
parser.add_option('-i', '--install',
|
|
|
|
|
dest = 'install',
|
|
|
|
|
default = False,
|
|
|
|
|
action = 'store_true',
|
|
|
|
|
help = _('Download and sync most recent content'))
|
2008-02-28 11:21:24 -06:00
|
|
|
parser.add_option('--nogroup',
|
|
|
|
|
dest = 'no_group',
|
|
|
|
|
default = False,
|
|
|
|
|
action = 'store_true',
|
|
|
|
|
help = _('Do not sync group information'))
|
|
|
|
|
parser.add_option('--nopasswd',
|
|
|
|
|
dest = 'no_passwd',
|
|
|
|
|
default = False,
|
|
|
|
|
action = 'store_true',
|
|
|
|
|
help = _('Do not sync passwd information'))
|
|
|
|
|
parser.add_option('--noshadow',
|
|
|
|
|
dest = 'no_shadow',
|
|
|
|
|
default = False,
|
|
|
|
|
action = 'store_true',
|
|
|
|
|
help = _('Do not sync shadow information'))
|
|
|
|
|
parser.add_option('-s', '--server',
|
|
|
|
|
dest = 'FAS_URL',
|
|
|
|
|
default = FAS_URL,
|
|
|
|
|
metavar = 'FAS_URL',
|
|
|
|
|
help = _('Specify URL of fas server (default "%default")'))
|
2008-02-29 18:26:57 -06:00
|
|
|
parser.add_option('-e', '--enable',
|
|
|
|
|
dest = 'enable',
|
|
|
|
|
default = False,
|
|
|
|
|
action = 'store_true',
|
|
|
|
|
help = _('Enable FAS synced shell accounts'))
|
|
|
|
|
parser.add_option('-d', '--disable',
|
|
|
|
|
dest = 'disable',
|
|
|
|
|
default = False,
|
|
|
|
|
action = 'store_true',
|
|
|
|
|
help = _('Disable FAS synced shell accounts'))
|
2008-02-27 16:54:30 -06:00
|
|
|
|
|
|
|
|
|
2008-02-29 18:26:57 -06:00
|
|
|
(opts, args) = parser.parse_args()
|
|
|
|
|
|
2008-02-27 16:54:30 -06:00
|
|
|
class MakeShellAccounts(BaseClient):
|
2008-02-29 18:26:57 -06:00
|
|
|
temp = None
|
|
|
|
|
|
|
|
|
|
def mk_tempdir(self):
|
2008-03-02 19:39:57 -05:00
|
|
|
self.temp = tempfile.mkdtemp('-tmp', 'fas-', '/var/db')
|
2008-02-29 18:26:57 -06:00
|
|
|
|
|
|
|
|
def rm_tempdir(self):
|
|
|
|
|
rmtree(self.temp)
|
|
|
|
|
|
2008-02-28 11:21:24 -06:00
|
|
|
def shadow_text(self, people=None):
|
|
|
|
|
i = 0
|
2008-02-29 18:26:57 -06:00
|
|
|
file = open(self.temp + '/shadow.txt', 'w')
|
2008-03-02 22:16:34 -05:00
|
|
|
os.chmod(self.temp + '/shadow.txt', 00400)
|
2008-02-28 11:21:24 -06:00
|
|
|
if not people:
|
|
|
|
|
people = self.people_list()
|
|
|
|
|
for person in people:
|
|
|
|
|
uid = person['id']
|
|
|
|
|
username = person['username']
|
|
|
|
|
password = person['password']
|
|
|
|
|
file.write("=%i %s:%s:99999:0:99999:7:::\n" % (uid, username, password))
|
|
|
|
|
file.write("0%i %s:%s:99999:0:99999:7:::\n" % (i, username, password))
|
|
|
|
|
file.write(".%s %s:%s:99999:0:99999:7:::\n" % (username, username, password))
|
|
|
|
|
i = i + 1
|
|
|
|
|
file.close()
|
|
|
|
|
|
|
|
|
|
def passwd_text(self, people=None):
|
|
|
|
|
i = 0
|
2008-02-29 18:26:57 -06:00
|
|
|
file = open(self.temp + '/passwd.txt', 'w')
|
2008-02-28 11:21:24 -06:00
|
|
|
if not people:
|
|
|
|
|
people = self.people_list()
|
|
|
|
|
for person in people:
|
|
|
|
|
uid = person['id']
|
|
|
|
|
username = person['username']
|
|
|
|
|
human_name = person['human_name']
|
|
|
|
|
home_dir = "/home/fedora/%s" % username
|
|
|
|
|
shell = "/bin/bash"
|
|
|
|
|
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
|
|
|
|
|
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
|
|
|
|
|
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
|
|
|
|
|
i = i + 1
|
|
|
|
|
file.close()
|
2008-02-27 16:54:30 -06:00
|
|
|
|
|
|
|
|
def groups_text(self, groups=None, people=None):
|
|
|
|
|
i = 0
|
2008-02-29 18:26:57 -06:00
|
|
|
file = open(self.temp + '/group.txt', 'w')
|
2008-02-27 16:54:30 -06:00
|
|
|
if not groups:
|
|
|
|
|
groups = self.group_list()
|
|
|
|
|
if not people:
|
|
|
|
|
people = self.people_list()
|
|
|
|
|
|
|
|
|
|
''' First create all of our users/groups combo '''
|
2008-02-27 22:45:11 -06:00
|
|
|
usernames = {}
|
2008-02-27 16:54:30 -06:00
|
|
|
for person in people:
|
2008-02-27 22:45:11 -06:00
|
|
|
uid = person['id']
|
|
|
|
|
username = person['username']
|
2008-03-02 22:16:34 -05:00
|
|
|
usernames[uid] = username
|
2008-02-27 16:54:30 -06:00
|
|
|
file.write("=%i %s:x:%i:\n" % (uid, username, uid))
|
2008-03-02 22:16:34 -05:00
|
|
|
file.write("0%i %s:x:%i:\n" % (i, username, uid))
|
|
|
|
|
file.write(".%s %s:x:%i:\n" % (username, username, uid))
|
2008-02-27 16:54:30 -06:00
|
|
|
i = i + 1
|
|
|
|
|
|
2008-02-27 22:45:11 -06:00
|
|
|
for group in groups['groups']:
|
|
|
|
|
gid = group['id']
|
|
|
|
|
name = group['name']
|
|
|
|
|
memberships = ''
|
|
|
|
|
try:
|
|
|
|
|
''' Shoot me now I know this isn't right '''
|
|
|
|
|
members = []
|
2008-03-02 22:16:34 -05:00
|
|
|
for member in groups['memberships'][name]:
|
|
|
|
|
members.append(usernames[member['person_id']])
|
2008-02-27 22:45:11 -06:00
|
|
|
memberships = ','.join(members)
|
|
|
|
|
except KeyError:
|
|
|
|
|
''' No users exist in the group '''
|
|
|
|
|
pass
|
2008-03-02 22:16:34 -05:00
|
|
|
file.write("=%i %s:x:%i:%s\n" % (gid, name, gid, memberships))
|
2008-02-27 22:45:11 -06:00
|
|
|
file.write("0%i %s:x:%i:%s\n" % (i, name, gid, memberships))
|
|
|
|
|
file.write(".%s %s:x:%i:%s\n" % (name, name, gid, memberships))
|
2008-02-27 16:54:30 -06:00
|
|
|
i = i + 1
|
|
|
|
|
|
|
|
|
|
file.close()
|
2008-03-02 22:16:34 -05:00
|
|
|
|
|
|
|
|
def group_list(self, search='*'):
|
|
|
|
|
params = {'search' : search}
|
|
|
|
|
data = self.send_request('group/list', auth=True, input=params)
|
|
|
|
|
return data
|
2008-02-27 16:54:30 -06:00
|
|
|
|
|
|
|
|
def people_list(self, search='*'):
|
|
|
|
|
params = {'search' : search}
|
2008-02-29 10:24:40 -05:00
|
|
|
data = self.send_request('user/list', auth=True, input=params)
|
2008-02-27 22:45:11 -06:00
|
|
|
return data['people']
|
2008-02-27 16:54:30 -06:00
|
|
|
|
|
|
|
|
def make_group_db(self):
|
|
|
|
|
self.groups_text()
|
2008-02-29 18:26:57 -06:00
|
|
|
os.system('makedb -o %s/group.db %s/group.txt' % (self.temp, self.temp))
|
2008-02-28 11:21:24 -06:00
|
|
|
|
|
|
|
|
def make_passwd_db(self):
|
|
|
|
|
self.passwd_text()
|
2008-02-29 18:26:57 -06:00
|
|
|
os.system('makedb -o %s/passwd.db %s/passwd.txt' % (self.temp, self.temp))
|
2008-02-28 11:21:24 -06:00
|
|
|
|
|
|
|
|
def make_shadow_db(self):
|
|
|
|
|
self.shadow_text()
|
2008-02-29 18:26:57 -06:00
|
|
|
os.system('makedb -o %s/shadow.db %s/shadow.txt' % (self.temp, self.temp))
|
2008-02-29 18:34:28 -06:00
|
|
|
os.chmod(self.temp + '/shadow.db', 00400)
|
2008-02-28 11:21:24 -06:00
|
|
|
|
|
|
|
|
def install_passwd_db(self):
|
|
|
|
|
try:
|
2008-02-29 18:26:57 -06:00
|
|
|
move(self.temp + '/passwd.db', '/var/db/passwd.db')
|
2008-02-28 11:21:24 -06:00
|
|
|
except IOError, e:
|
|
|
|
|
print "ERROR: Could not write passwd db - %s" % e
|
|
|
|
|
|
|
|
|
|
def install_shadow_db(self):
|
|
|
|
|
try:
|
2008-02-29 18:26:57 -06:00
|
|
|
move(self.temp + '/shadow.db', '/var/db/shadow.db')
|
2008-02-28 11:21:24 -06:00
|
|
|
except IOError, e:
|
|
|
|
|
print "ERROR: Could not write shadow db - %s" % e
|
|
|
|
|
|
2008-02-27 22:45:11 -06:00
|
|
|
def install_group_db(self):
|
2008-02-28 11:21:24 -06:00
|
|
|
try:
|
2008-02-29 18:26:57 -06:00
|
|
|
move(self.temp + '/group.db', '/var/db/group.db')
|
2008-02-28 11:21:24 -06:00
|
|
|
except IOError, e:
|
|
|
|
|
print "ERROR: Could not write group db - %s" % e
|
2008-02-27 16:54:30 -06:00
|
|
|
|
2008-02-29 18:26:57 -06:00
|
|
|
def enable():
|
|
|
|
|
old = open('/etc/nsswitch.conf', 'r')
|
|
|
|
|
new = open('/tmp/.fas.nsswitch.conf', 'w')
|
|
|
|
|
for line in old:
|
|
|
|
|
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'):
|
|
|
|
|
parts = line.split()
|
|
|
|
|
if 'db' in parts:
|
|
|
|
|
print "%s already has db enabled" % parts[0].split(':')[0]
|
|
|
|
|
else:
|
2008-03-02 22:16:34 -05:00
|
|
|
line = line.strip('\n')
|
|
|
|
|
line += ' db\n'
|
|
|
|
|
new.write(line)
|
2008-02-29 18:26:57 -06:00
|
|
|
new.close()
|
2008-02-28 11:48:10 -06:00
|
|
|
try:
|
2008-02-29 18:26:57 -06:00
|
|
|
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf')
|
|
|
|
|
except IOError, e:
|
|
|
|
|
print "ERROR: Could not write nsswitch.conf - %s" % e
|
|
|
|
|
|
|
|
|
|
def disable():
|
|
|
|
|
old = open('/etc/nsswitch.conf', 'r')
|
|
|
|
|
new = open('/tmp/.fas.nsswitch.conf', 'w')
|
|
|
|
|
for line in old:
|
|
|
|
|
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'):
|
|
|
|
|
parts = line.split()
|
|
|
|
|
if 'db' in parts:
|
2008-03-02 22:16:34 -05:00
|
|
|
line = line.replace(' db', '')
|
2008-02-29 18:26:57 -06:00
|
|
|
else:
|
|
|
|
|
print "%s already has db disabled" % parts[0].split(':')[0]
|
2008-03-02 22:16:34 -05:00
|
|
|
new.write(line)
|
2008-02-29 18:26:57 -06:00
|
|
|
new.close()
|
|
|
|
|
try:
|
|
|
|
|
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf')
|
|
|
|
|
except IOError, e:
|
|
|
|
|
print "ERROR: Could not write nsswitch.conf - %s" % e
|
|
|
|
|
|
|
|
|
|
if __name__ == '__main__':
|
2008-03-02 22:16:34 -05:00
|
|
|
if opts.install:
|
2008-02-29 18:26:57 -06:00
|
|
|
try:
|
|
|
|
|
fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', False)
|
|
|
|
|
except AuthError, e:
|
|
|
|
|
print e
|
|
|
|
|
sys.exit(1)
|
|
|
|
|
fas.mk_tempdir()
|
|
|
|
|
fas.make_group_db()
|
|
|
|
|
fas.make_passwd_db()
|
|
|
|
|
fas.make_shadow_db()
|
|
|
|
|
if not opts.no_group:
|
|
|
|
|
fas.install_group_db()
|
|
|
|
|
if not opts.no_passwd:
|
|
|
|
|
fas.install_passwd_db()
|
|
|
|
|
if not opts.no_shadow:
|
|
|
|
|
fas.install_shadow_db()
|
|
|
|
|
fas.rm_tempdir()
|
2008-03-02 22:16:34 -05:00
|
|
|
if opts.enable:
|
|
|
|
|
enable()
|
|
|
|
|
if opts.disable:
|
|
|
|
|
disable()
|
|
|
|
|
if not (opts.install or opts.enable or opts.disable):
|
2008-02-29 18:26:57 -06:00
|
|
|
parser.print_help()
|
