Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

use already existing methods for enabling db and pam_security

Browse source
This commit is contained in:
Michael McGrath 2008-03-03 14:34:29 -06:00
parent 58e23d41e1
commit 75105add68
2 changed files with 61 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

5
fas/client/fas.conf
View file

@ -1,6 +1,11 @@
[global]
url = http://localhost:8088/fas/
temp = /var/db
login = admin
password = admin
[host]
groups = accounts,fedorabugs
[users]
# default user info

101
fas/client/fasClient.py
View file

@ -95,12 +95,15 @@ FAS_URL = config.get('global', 'url')
class MakeShellAccounts(BaseClient):
temp = None
groups = None
People = None
def mk_tempdir(self):
self.temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
def rm_tempdir(self):
rmtree(self.temp)
def shadow_text(self, people=None):
i = 0
@ -121,18 +124,20 @@ class MakeShellAccounts(BaseClient):
def passwd_text(self, people=None):
i = 0
file = open(self.temp + '/passwd.txt', 'w')
if not people:
if not self.people:
people = self.people_list()
for person in people:
uid = person['id']
username = person['username']
human_name = person['human_name']
home_dir = "%s/%s" % (config.get('users', 'home'), username)
shell = config.get('users', 'shell')
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
i = i + 1
local_groups = config.get('host', 'groups')
for group in local_groups.split(','):
for person in people:
uid = person['id']
username = person['username']
human_name = person['human_name']
home_dir = "%s/%s" % (config.get('users', 'home'), username)
shell = config.get('users', 'shell')
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
i = i + 1
file.close()
def groups_text(self, groups=None, people=None):
@ -176,18 +181,18 @@ class MakeShellAccounts(BaseClient):
def group_list(self, search='*'):
params = {'search' : search}
data = self.send_request('group/list', auth=True, input=params)
return data
self.groups = self.send_request('group/list', auth=True, input=params)
return self.groups
def people_list(self, search='*'):
params = {'search' : search}
data = self.send_request('user/list', auth=True, input=params)
return data['people']
self.people = self.send_request('user/list', auth=True, input=params)['people']
return self.people
def make_group_db(self):
self.groups_text()
os.system('makedb -o %s/group.db %s/group.txt' % (self.temp, self.temp))
def make_passwd_db(self):
self.passwd_text()
os.system('makedb -o %s/passwd.db %s/passwd.txt' % (self.temp, self.temp))
@ -216,44 +221,54 @@ class MakeShellAccounts(BaseClient):
print "ERROR: Could not write group db - %s" % e
def enable():
old = open('/etc/nsswitch.conf', 'r')
new = open('/tmp/.fas.nsswitch.conf', 'w')
temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'):
parts = line.split()
if 'db' in parts:
print "%s already has db enabled" % parts[0].split(':')[0]
else:
line = line.strip('\n')
line += ' db\n'
new.write(line)
if line.startswith("USEDB"):
new.write("USEDB=yes\n")
else:
new.write(line)
new.close()
old.close()
try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf')
move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e
print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --enablepamaccess --updateall')
rmtree(temp)
def disable():
old = open('/etc/nsswitch.conf', 'r')
new = open('/tmp/.fas.nsswitch.conf', 'w')
temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'):
parts = line.split()
if 'db' in parts:
line = line.replace(' db', '')
else:
print "%s already has db disabled" % parts[0].split(':')[0]
new.write(line)
if line.startswith("USEDB"):
new.write("USEDB=no\n")
else:
new.write(line)
old.close()
new.close()
try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf')
move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e
print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --disablepamaccess --updateall')
rmtree(temp)
if __name__ == '__main__':
if opts.enable:
enable()
if opts.disable:
disable()
if opts.install:
try:
fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', False)
fas = MakeShellAccounts(FAS_URL, config.get('global', 'login'), config.get('global', 'password'), False)
except AuthError, e:
print >> sys.stderr, e
sys.exit(1)
@ -268,9 +283,5 @@ if __name__ == '__main__':
if not opts.no_shadow:
fas.install_shadow_db()
fas.rm_tempdir()
if opts.enable:
enable()
if opts.disable:
disable()
if not (opts.install or opts.enable or opts.disable):
parser.print_help()