parent
c9a37a563b
commit
a0e2eee1f5
@ -0,0 +1,38 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: $
|
||||
|
||||
EAPI="3"
|
||||
|
||||
SUPPORT_PYTHON_ABIS="1"
|
||||
PYTHON_DEPEND="2:2.7"
|
||||
RESTRICT_PYTHON_ABIS="2.4 2.5 2.6 3.*"
|
||||
|
||||
inherit distutils eutils
|
||||
|
||||
SRC_URI="ftp://ftp.calculate.ru/pub/calculate/calculate3/${PN}/${P}.tar.bz2"
|
||||
|
||||
DESCRIPTION="The program of the desktop configuration Calculate Linux"
|
||||
HOMEPAGE="http://www.calculate-linux.org/main/en/calculate2"
|
||||
LICENSE="Apache-2.0"
|
||||
SLOT="3"
|
||||
KEYWORDS="amd64 x86"
|
||||
IUSE=""
|
||||
|
||||
DEPEND="~sys-apps/calculate-core-3.1.6
|
||||
>=dev-python/python-ldap-2.0[ssl]
|
||||
media-gfx/feh
|
||||
x11-apps/xmessage
|
||||
!<sys-apps/calculate-desktop-3.1.0_alpha1
|
||||
sys-apps/keyutils
|
||||
sys-auth/pam_keystore
|
||||
sys-auth/pam_client
|
||||
dev-lang/swig"
|
||||
RDEPEND="${DEPEND}"
|
||||
src_unpack() {
|
||||
unpack "${A}"
|
||||
cd "${S}"
|
||||
|
||||
# apply revision changes
|
||||
epatch "${FILESDIR}/calculate-desktop-3.1.6-r3.patch"
|
||||
}
|
@ -0,0 +1,112 @@
|
||||
diff --git data/login.d/00init data/login.d/00init
|
||||
index 5cbebf4..08e6339 100644
|
||||
--- data/login.d/00init
|
||||
+++ data/login.d/00init
|
||||
@@ -26,6 +26,8 @@ else
|
||||
fi
|
||||
fi
|
||||
|
||||
+/sbin/modprobe ecryptfs
|
||||
+
|
||||
if [[ "`ps axeo command | grep 'xdm/xdm --logout' | grep -v grep | \
|
||||
sed -n -r 's/.* USER=([^ ]+) .*/\1/p'`" == "$USER" ]];
|
||||
then
|
||||
diff --git data/logout.d/98umount data/logout.d/98umount
|
||||
index bf3b074..f388464 100644
|
||||
--- data/logout.d/98umount
|
||||
+++ data/logout.d/98umount
|
||||
@@ -1,4 +1,5 @@
|
||||
#!/bin/bash
|
||||
|
||||
+keyctl unlink $( keyctl request user $USER )
|
||||
umount -l /home/$USER
|
||||
exit 0
|
||||
diff --git desktop/cl_desktop.py desktop/cl_desktop.py
|
||||
index 11ca1de..11bb4fb 100644
|
||||
--- desktop/cl_desktop.py
|
||||
+++ desktop/cl_desktop.py
|
||||
@@ -27,17 +27,20 @@ from datavars import DataVarsDesktop, DataVars, __version__,__app__
|
||||
|
||||
from calculate.lib.cl_template import (Template, ProgressTemplate,
|
||||
TemplatesError,templateFunction,iniParser)
|
||||
-from calculate.lib.utils.files import runOsCommand, isMount,process, \
|
||||
- getRunCommands,STDOUT
|
||||
-from calculate.lib.utils.common import getpathenv,appendProgramToEnvFile, \
|
||||
- removeProgramToEnvFile,mountEcryptfs, \
|
||||
- CommonError
|
||||
+from calculate.lib.utils.files import (runOsCommand, isMount,process,
|
||||
+ getRunCommands,STDOUT,childMounts)
|
||||
+from calculate.lib.utils.common import (getpathenv,appendProgramToEnvFile,
|
||||
+ removeProgramToEnvFile,mountEcryptfs,
|
||||
+ CommonError, isBootstrapDataOnly)
|
||||
from calculate.core.server.func import safetyWrapper
|
||||
|
||||
from calculate.lib.cl_lang import setLocalTranslate,getLazyLocalTranslate
|
||||
setLocalTranslate('cl_desktop3',sys.modules[__name__])
|
||||
__ = getLazyLocalTranslate(_)
|
||||
from itertools import ifilter
|
||||
+import tarfile
|
||||
+import tempfile
|
||||
+import shutil
|
||||
|
||||
class DesktopError(Exception):
|
||||
"""Desktop Error"""
|
||||
@@ -76,10 +79,45 @@ class Desktop:
|
||||
except CommonError as e:
|
||||
raise DesktopError(_("Failed to mount ecrypt")+": \"%s\""%str(e))
|
||||
else:
|
||||
- e = process('/usr/bin/ecryptfs-setup-private','-u',userName,'-b','-l',userPwd,stderr=STDOUT)
|
||||
- if e.failed():
|
||||
- raise DesktopError(e.read()+
|
||||
+ tf = None
|
||||
+ try:
|
||||
+ # если профиль содержит только данные от бутстрапа core
|
||||
+ if isBootstrapDataOnly(userDir):
|
||||
+ if childMounts(userDir):
|
||||
+ raise DesktopError(
|
||||
+ _("Failed to create encrypt user profile")+":"+
|
||||
+ _("User home directory contains mount points"))
|
||||
+ # поместить данные во временный tarfile
|
||||
+ calculateName = ".calculate"
|
||||
+ calculatePath = path.join(userDir,calculateName)
|
||||
+ tf = tempfile.TemporaryFile()
|
||||
+ with tarfile.open(fileobj=tf,mode='w:') as tarf:
|
||||
+ tarf.add(calculatePath,calculateName)
|
||||
+ tf.flush()
|
||||
+ tf.seek(0)
|
||||
+ # удалить эти данные
|
||||
+ shutil.rmtree(calculatePath)
|
||||
+
|
||||
+ # создать шифрованные данные
|
||||
+ e = process('/usr/bin/ecryptfs-setup-private','-u',userName,
|
||||
+ '-b','-l',userPwd,stderr=STDOUT)
|
||||
+ if e.failed():
|
||||
+ raise DesktopError(e.read())
|
||||
+ # если были данные от бутстрапа, то распаковать их
|
||||
+ if tf:
|
||||
+ with tarfile.open(fileobj=tf,mode='r:') as tarf:
|
||||
+ tarf.extractall(userDir)
|
||||
+ except Exception as e:
|
||||
+ if tf:
|
||||
+ tf.seek(0)
|
||||
+ bakArchName = path.join(userDir,".calculate.tar.bz2")
|
||||
+ with open(bakArchName,'w') as f:
|
||||
+ f.write(tf.read())
|
||||
+ raise DesktopError(str(e)+
|
||||
_("Failed to create encrypt user profile"))
|
||||
+ finally:
|
||||
+ if tf:
|
||||
+ tf.close()
|
||||
|
||||
def createUserDir(self, userName, uid, gid, userDir, mode=0700):
|
||||
"""
|
||||
@@ -200,7 +238,8 @@ class Desktop:
|
||||
self.startTask(_("Creating the home directory for %s")%self.homeDir)
|
||||
self.createUserDir(userName,uid,gid,self.homeDir)
|
||||
self.endTask()
|
||||
- if self.clVars.Get('ur_home_crypt_set') == 'on':
|
||||
+ if (self.clVars.Get('ur_home_crypt_set') == 'on' and
|
||||
+ self.clVars.Get('install.cl_autologin') != userName):
|
||||
self.createCryptDir(userName,uid,gid,self.homeDir)
|
||||
|
||||
domainUser = self.clVars.Get('ur_domain_set') == 'on'
|
@ -0,0 +1,43 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: $
|
||||
|
||||
EAPI="3"
|
||||
SUPPORT_PYTHON_ABIS="1"
|
||||
PYTHON_DEPEND="2:2.7"
|
||||
RESTRICT_PYTHON_ABIS="2.4 2.5 2.6 3.*"
|
||||
|
||||
inherit distutils eutils
|
||||
|
||||
SRC_URI="ftp://ftp.calculate.ru/pub/calculate/calculate3/${PN}/${P}.tar.bz2"
|
||||
|
||||
DESCRIPTION="The program of installation Calculate Linux"
|
||||
HOMEPAGE="http://www.calculate-linux.org/main/en/calculate2"
|
||||
LICENSE="Apache-2.0"
|
||||
SLOT="3"
|
||||
KEYWORDS="amd64 x86"
|
||||
IUSE="pxe minimal"
|
||||
|
||||
DEPEND="~sys-apps/calculate-core-3.1.6
|
||||
!<sys-apps/calculate-install-2.2.29
|
||||
app-portage/layman
|
||||
>=virtual/udev-197
|
||||
!app-misc/livecd-tools
|
||||
sys-apps/iproute2[-minimal]
|
||||
!minimal? ( sys-boot/grub
|
||||
sys-apps/gptfdisk
|
||||
>=sys-apps/util-linux-2.19.1
|
||||
sys-fs/dosfstools
|
||||
sys-fs/squashfs-tools
|
||||
sys-block/parted )
|
||||
pxe? ( sys-apps/calculate-server
|
||||
net-ftp/tftp-hpa
|
||||
net-misc/dhcp
|
||||
net-fs/nfs-utils )"
|
||||
src_unpack() {
|
||||
unpack "${A}"
|
||||
cd "${S}"
|
||||
|
||||
# apply revision changes
|
||||
epatch "${FILESDIR}/calculate-install-3.1.6-r2.patch"
|
||||
}
|
@ -0,0 +1,29 @@
|
||||
diff --git install/variables/system.py install/variables/system.py
|
||||
index b257227..608e5d5 100644
|
||||
--- install/variables/system.py
|
||||
+++ install/variables/system.py
|
||||
@@ -173,6 +173,15 @@ class VariableClInstallHomeCryptSet(UserHelper,Variable):
|
||||
self.help = _("crypt user profiles")
|
||||
self.label = _("Crypt user profiles")
|
||||
|
||||
+ def get(self):
|
||||
+ return ("off" if self.Get('cl_autologin')
|
||||
+ else self.Get('cl_home_crypt_set'))
|
||||
+
|
||||
+ def check(self,value):
|
||||
+ if value == "on" and self.Get('cl_autologin'):
|
||||
+ raise VariableError(
|
||||
+ _("Crypt user profile uncompatible with autologin"))
|
||||
+
|
||||
class VariableClMigrateData(UserHelper,TableVariable):
|
||||
"""
|
||||
User migrate data table
|
||||
@@ -682,7 +691,7 @@ class VariableOsAudioData(ReadonlyTableVariable):
|
||||
aplay = getProgPath('/usr/bin/aplay')
|
||||
if not aplay:
|
||||
return [[]]
|
||||
- entry = re.compile('^card (\d+): ([^,]+)')
|
||||
+ entry = re.compile('^card (\d+): ([^:]+)')
|
||||
return tuple(map(lambda x:x.groups(),
|
||||
filter(None,map(entry.search,
|
||||
process(aplay,'-l')))))
|
@ -0,0 +1,35 @@
|
||||
# Copyright 1999-2012 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: $
|
||||
|
||||
EAPI="3"
|
||||
SUPPORT_PYTHON_ABIS="1"
|
||||
PYTHON_DEPEND="2:2.7"
|
||||
RESTRICT_PYTHON_ABIS="2.4 2.5 2.6 3.*"
|
||||
|
||||
inherit distutils eutils
|
||||
|
||||
SRC_URI="ftp://ftp.calculate.ru/pub/calculate/calculate3/${PN}/${P}.tar.bz2"
|
||||
|
||||
DESCRIPTION="The library for Calculate 3"
|
||||
HOMEPAGE="http://www.calculate-linux.org/main/en/calculate2"
|
||||
LICENSE="Apache-2.0"
|
||||
SLOT="3"
|
||||
KEYWORDS="amd64 x86"
|
||||
IUSE="minimal"
|
||||
DEPEND="!minimal? ( dev-python/py-smbpasswd )
|
||||
>=dev-python/pyxml-0.8
|
||||
sys-apps/iproute2
|
||||
sys-apps/pciutils
|
||||
sys-fs/lvm2
|
||||
sys-fs/mdadm
|
||||
dev-python/pyinotify
|
||||
sys-apps/file[python]"
|
||||
RDEPEND="${DEPEND}"
|
||||
src_unpack() {
|
||||
unpack "${A}"
|
||||
cd "${S}"
|
||||
|
||||
# apply revision changes
|
||||
epatch "${FILESDIR}/calculate-lib-3.1.6-r2.patch"
|
||||
}
|
@ -0,0 +1,75 @@
|
||||
diff --git calculate/lib/utils/common.py calculate/lib/utils/common.py
|
||||
index 1799713..d9bb232 100644
|
||||
--- calculate/lib/utils/common.py
|
||||
+++ calculate/lib/utils/common.py
|
||||
@@ -439,7 +439,7 @@ def mountEcryptfs(userName,userPwd,userDir):
|
||||
else:
|
||||
raise Exception
|
||||
except:
|
||||
- raise CommonError("Failed to unwrap passphrase")
|
||||
+ raise CommonError(_("Failed to unwrap passphrase"))
|
||||
|
||||
# добавить passphrase в ключи ядра
|
||||
p = process('/usr/bin/ecryptfs-add-passphrase', '--fnek', '-',stderr=STDOUT)
|
||||
@@ -452,7 +452,7 @@ def mountEcryptfs(userName,userPwd,userDir):
|
||||
ecryptfs_sig, ecryptfs_fnek_sig = \
|
||||
readLinesFile(path.join(ecryptUserName,".ecryptfs/Private.sig"))
|
||||
except ValueError:
|
||||
- raise CommonError("Failed to parse Private.sig")
|
||||
+ raise CommonError(_("Failed to parse Private.sig"))
|
||||
|
||||
# подключить шифрованный раздел
|
||||
mountProcess = process('/sbin/mount.ecryptfs',
|
||||
@@ -471,3 +471,13 @@ def mountEcryptfs(userName,userPwd,userDir):
|
||||
# отправить пароль через stdin
|
||||
mountProcess.write("passphrase_passwd="+userPwd)
|
||||
return mountProcess.success()
|
||||
+
|
||||
+def isBootstrapDataOnly(directory):
|
||||
+ """
|
||||
+ Каталог содержит только сертификат, созданный командой cl-core
|
||||
+ """
|
||||
+ from calculate.lib.utils.files import (process,readLinesFile,STDOUT,
|
||||
+ isMount)
|
||||
+ userCalculate = path.join(directory,".calculate")
|
||||
+ return (set(listDirectory(directory)) == set([".calculate"]) and
|
||||
+ set(listDirectory(userCalculate)) == set(["client_cert"]))
|
||||
diff --git calculate/lib/utils/ip.py calculate/lib/utils/ip.py
|
||||
index b704c76..e488da0 100644
|
||||
--- calculate/lib/utils/ip.py
|
||||
+++ calculate/lib/utils/ip.py
|
||||
@@ -327,7 +327,10 @@ class Pinger:
|
||||
"""
|
||||
Send one ping to the given >destIP<.
|
||||
"""
|
||||
- destIP = socket.gethostbyname(destIP)
|
||||
+ try:
|
||||
+ destIP = socket.gethostbyname(destIP)
|
||||
+ except socket.gaierror as e:
|
||||
+ raise IPError(e.strerror)
|
||||
|
||||
# Header is type (8), code (8), checksum (16), id (16), sequence (16)
|
||||
myChecksum = 0
|
||||
diff --git calculate/lib/variables/user.py calculate/lib/variables/user.py
|
||||
index e8e378f..7b3596a 100644
|
||||
--- calculate/lib/variables/user.py
|
||||
+++ calculate/lib/variables/user.py
|
||||
@@ -21,7 +21,7 @@ import grp
|
||||
from os import environ,path
|
||||
from calculate.lib.datavars import Variable,VariableError,ReadonlyVariable
|
||||
from calculate.lib.cl_vars_share import varsShare
|
||||
-from calculate.lib.utils.common import getPasswdUsers
|
||||
+from calculate.lib.utils.common import getPasswdUsers,isBootstrapDataOnly
|
||||
from calculate.lib.utils.files import listDirectory
|
||||
import sys
|
||||
from calculate.lib.cl_lang import setLocalTranslate
|
||||
@@ -229,7 +229,8 @@ class VariableUrHomeCryptSet(ReadonlyVariable):
|
||||
# если пользовательского профиля нет, то шифровать ли профиль
|
||||
# узнаем на уровне системы
|
||||
homeDir = self.Get('ur_home_path')
|
||||
- if not path.exists(homeDir) or not listDirectory(homeDir):
|
||||
+ if (not path.exists(homeDir) or not listDirectory(homeDir) or
|
||||
+ isBootstrapDataOnly(homeDir)):
|
||||
return self.Get('cl_home_crypt_set')
|
||||
# профиль не шифрованный
|
||||
return "off"
|
@ -0,0 +1,26 @@
|
||||
# Copyright 1999-2011 Gentoo Foundation
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
# $Header: $
|
||||
|
||||
EAPI=4
|
||||
|
||||
DESCRIPTION="Calculate Utilities meta package"
|
||||
HOMEPAGE="http://www.calculate-linux.org/main/en/calculate2"
|
||||
SRC_URI=""
|
||||
|
||||
LICENSE="Apache-2.0"
|
||||
SLOT="3"
|
||||
KEYWORDS="amd64 x86"
|
||||
IUSE="cl_consolegui cl_client cl_desktop cl_console"
|
||||
|
||||
RDEPEND="${RDEPEND}
|
||||
=sys-apps/calculate-install-3.1.6-r2
|
||||
=sys-apps/calculate-i18n-3.1.6-r1
|
||||
=sys-apps/calculate-lib-3.1.6-r2
|
||||
=sys-apps/calculate-core-3.1.6
|
||||
=sys-apps/calculate-update-3.1.6
|
||||
cl_client? ( =sys-apps/calculate-client-3.1.6-r1 )
|
||||
cl_desktop? ( =sys-apps/calculate-desktop-3.1.6-r3 )
|
||||
cl_consolegui? ( =sys-apps/calculate-console-gui-3.1.6 )
|
||||
cl_console? ( =sys-apps/calculate-console-3.1.6 )
|
||||
"
|
Loading…
Reference in new issue