Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

use already existing methods for enabling db and pam_security

Browse source
This commit is contained in:
Michael McGrath 2008-03-03 14:34:29 -06:00
parent 58e23d41e1
commit 75105add68
2 changed files with 61 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

5
fas/client/fas.conf
View file

@ -1,6 +1,11 @@
[global] [global]
url = http://localhost:8088/fas/ url = http://localhost:8088/fas/
temp = /var/db temp = /var/db
login = admin
password = admin
[host]
groups = accounts,fedorabugs
[users] [users]
# default user info # default user info

101
fas/client/fasClient.py
View file

@ -95,12 +95,15 @@ FAS_URL = config.get('global', 'url')
class MakeShellAccounts(BaseClient): class MakeShellAccounts(BaseClient):
temp = None temp = None
groups = None
People = None
def mk_tempdir(self): def mk_tempdir(self):
self.temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp')) self.temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
def rm_tempdir(self): def rm_tempdir(self):
rmtree(self.temp) rmtree(self.temp)
def shadow_text(self, people=None): def shadow_text(self, people=None):
i = 0 i = 0
@ -121,18 +124,20 @@ class MakeShellAccounts(BaseClient):
def passwd_text(self, people=None): def passwd_text(self, people=None):
i = 0 i = 0
file = open(self.temp + '/passwd.txt', 'w') file = open(self.temp + '/passwd.txt', 'w')
if not people: if not self.people:
people = self.people_list() people = self.people_list()
for person in people: local_groups = config.get('host', 'groups')
uid = person['id'] for group in local_groups.split(','):
username = person['username'] for person in people:
human_name = person['human_name'] uid = person['id']
home_dir = "%s/%s" % (config.get('users', 'home'), username) username = person['username']
shell = config.get('users', 'shell') human_name = person['human_name']
file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell)) home_dir = "%s/%s" % (config.get('users', 'home'), username)
file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell)) shell = config.get('users', 'shell')
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell)) file.write("=%s %s:x:%i:%i:%s:%s:%s\n" % (uid, username, uid, uid, human_name, home_dir, shell))
i = i + 1 file.write("0%i %s:x:%i:%i:%s:%s:%s\n" % (i, username, uid, uid, human_name, home_dir, shell))
file.write(".%s %s:x:%i:%i:%s:%s:%s\n" % (username, username, uid, uid, human_name, home_dir, shell))
i = i + 1
file.close() file.close()
def groups_text(self, groups=None, people=None): def groups_text(self, groups=None, people=None):
@ -176,18 +181,18 @@ class MakeShellAccounts(BaseClient):
def group_list(self, search='*'): def group_list(self, search='*'):
params = {'search' : search} params = {'search' : search}
data = self.send_request('group/list', auth=True, input=params) self.groups = self.send_request('group/list', auth=True, input=params)
return data return self.groups
def people_list(self, search='*'): def people_list(self, search='*'):
params = {'search' : search} params = {'search' : search}
data = self.send_request('user/list', auth=True, input=params) self.people = self.send_request('user/list', auth=True, input=params)['people']
return data['people'] return self.people
def make_group_db(self): def make_group_db(self):
self.groups_text() self.groups_text()
os.system('makedb -o %s/group.db %s/group.txt' % (self.temp, self.temp)) os.system('makedb -o %s/group.db %s/group.txt' % (self.temp, self.temp))
def make_passwd_db(self): def make_passwd_db(self):
self.passwd_text() self.passwd_text()
os.system('makedb -o %s/passwd.db %s/passwd.txt' % (self.temp, self.temp)) os.system('makedb -o %s/passwd.db %s/passwd.txt' % (self.temp, self.temp))
@ -216,44 +221,54 @@ class MakeShellAccounts(BaseClient):
print "ERROR: Could not write group db - %s" % e print "ERROR: Could not write group db - %s" % e
def enable(): def enable():
old = open('/etc/nsswitch.conf', 'r') temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
new = open('/tmp/.fas.nsswitch.conf', 'w')
old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old: for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'): if line.startswith("USEDB"):
parts = line.split() new.write("USEDB=yes\n")
if 'db' in parts: else:
print "%s already has db enabled" % parts[0].split(':')[0] new.write(line)
else:
line = line.strip('\n')
line += ' db\n'
new.write(line)
new.close() new.close()
old.close()
try: try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf') move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e: except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --enablepamaccess --updateall')
rmtree(temp)
def disable(): def disable():
old = open('/etc/nsswitch.conf', 'r') temp = tempfile.mkdtemp('-tmp', 'fas-', config.get('global', 'temp'))
new = open('/tmp/.fas.nsswitch.conf', 'w') old = open('/etc/sysconfig/authconfig', 'r')
new = open(temp + '/authconfig', 'w')
for line in old: for line in old:
if line.startswith('passwd') or line.startswith('shadow') or line.startswith('group'): if line.startswith("USEDB"):
parts = line.split() new.write("USEDB=no\n")
if 'db' in parts: else:
line = line.replace(' db', '') new.write(line)
else: old.close()
print "%s already has db disabled" % parts[0].split(':')[0]
new.write(line)
new.close() new.close()
try: try:
move('/tmp/.fas.nsswitch.conf', '/etc/nsswitch.conf') move(temp + '/authconfig', '/etc/sysconfig/authconfig')
except IOError, e: except IOError, e:
print "ERROR: Could not write nsswitch.conf - %s" % e print "ERROR: Could not write /etc/sysconfig/authconfig - %s" % e
sys.exit(5)
os.system('/usr/sbin/authconfig --disablepamaccess --updateall')
rmtree(temp)
if __name__ == '__main__': if __name__ == '__main__':
if opts.enable:
enable()
if opts.disable:
disable()
if opts.install: if opts.install:
try: try:
fas = MakeShellAccounts(FAS_URL, 'admin', 'admin', False) fas = MakeShellAccounts(FAS_URL, config.get('global', 'login'), config.get('global', 'password'), False)
except AuthError, e: except AuthError, e:
print >> sys.stderr, e print >> sys.stderr, e
sys.exit(1) sys.exit(1)
@ -268,9 +283,5 @@ if __name__ == '__main__':
if not opts.no_shadow: if not opts.no_shadow:
fas.install_shadow_db() fas.install_shadow_db()
fas.rm_tempdir() fas.rm_tempdir()
if opts.enable:
enable()
if opts.disable:
disable()
if not (opts.install or opts.enable or opts.disable): if not (opts.install or opts.enable or opts.disable):
parser.print_help() parser.print_help()