|
|
|
@ -33,6 +33,8 @@ import stat
|
|
|
|
|
import subprocess
|
|
|
|
|
import time
|
|
|
|
|
|
|
|
|
|
from encrypt import encrypt
|
|
|
|
|
|
|
|
|
|
Version = "calculate-client 2.1.10"
|
|
|
|
|
|
|
|
|
|
tr = cl_base.lang()
|
|
|
|
@ -248,7 +250,7 @@ imp_cl_help = cl_utils2.cl_help
|
|
|
|
|
imp_cl_smcon = cl_utils2.cl_smartcon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class cl_client(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
class cl_client(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon, encrypt):
|
|
|
|
|
"""Основной класс для работы клиентских приложений"""
|
|
|
|
|
# Пути к профилям объединяемых с системными
|
|
|
|
|
# относительный путь при объединении '/'
|
|
|
|
@ -767,6 +769,37 @@ conjunction with the 'login' or 'logout'")
|
|
|
|
|
return False, errMessage
|
|
|
|
|
return True, errMessage
|
|
|
|
|
|
|
|
|
|
def getServerDataUser(self):
|
|
|
|
|
"""Получение имени LDAP сервера и DN пользователей под пользователем"""
|
|
|
|
|
fileName = "/etc/ldap.conf"
|
|
|
|
|
serverName = ""
|
|
|
|
|
usersDN = ""
|
|
|
|
|
strServer = ("host","HOST")
|
|
|
|
|
lenStrServer = len(strServer[0])
|
|
|
|
|
strDN = ("nss_base_passwd","NSS_BASE_PASSWD")
|
|
|
|
|
lenStrDN = len(strDN[0])
|
|
|
|
|
splList = (" ", "\t")
|
|
|
|
|
try:
|
|
|
|
|
for i in open(fileName):
|
|
|
|
|
if not serverName and\
|
|
|
|
|
filter(lambda x: i.startswith(x),strServer) and\
|
|
|
|
|
len(i)>lenStrServer:
|
|
|
|
|
spl = i[lenStrServer]
|
|
|
|
|
if spl in splList:
|
|
|
|
|
serverName = i.rpartition(spl)[2].strip()
|
|
|
|
|
if not usersDN and filter(lambda x: i.startswith(x), strDN) and\
|
|
|
|
|
len(i)>lenStrDN:
|
|
|
|
|
spl = i[lenStrDN]
|
|
|
|
|
if spl in splList:
|
|
|
|
|
usersDN = i.rpartition(spl)[2].partition('?')[0].strip()
|
|
|
|
|
if serverName and usersDN:
|
|
|
|
|
break
|
|
|
|
|
except:
|
|
|
|
|
self.printERROR(_("Can not open %s")%fileName)
|
|
|
|
|
return False
|
|
|
|
|
return (serverName, usersDN)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def setUserPasswordToServer(self, options):
|
|
|
|
|
"""Установка пароля пользователя на сервере"""
|
|
|
|
|
# Проверяем на root
|
|
|
|
@ -775,21 +808,19 @@ conjunction with the 'login' or 'logout'")
|
|
|
|
|
self.printWARNING(\
|
|
|
|
|
_("The program can be executed from a non-root user"))
|
|
|
|
|
return False
|
|
|
|
|
# Создаем объект переменных
|
|
|
|
|
self.createClVars()
|
|
|
|
|
# DNS имя хоста
|
|
|
|
|
server = self.clVars.Get("sr_samba_host")
|
|
|
|
|
if not server:
|
|
|
|
|
data = self.getServerDataUser()
|
|
|
|
|
if not data:
|
|
|
|
|
self.printERROR(_("The computer is not in domain"))
|
|
|
|
|
self.printWARNING(_("Use passwd"))
|
|
|
|
|
return False
|
|
|
|
|
server, usersDN = data
|
|
|
|
|
# Получаем старый пароль пользователя
|
|
|
|
|
curPassword = self.getUserPassword(_("Enter current password"))
|
|
|
|
|
if not curPassword:
|
|
|
|
|
self.printERROR(_("Current password is empty"))
|
|
|
|
|
return False
|
|
|
|
|
userDN = self.addDN("uid=%s"%os.environ["USER"],
|
|
|
|
|
self.relUsersDN,
|
|
|
|
|
self.clVars.Get("ld_base_dn"))
|
|
|
|
|
userDN = self.addDN("uid=%s"%os.environ["USER"], usersDN)
|
|
|
|
|
# Проверяем в LDAP сервере текущий пароль пользователя
|
|
|
|
|
ret, err = self.checkUserPwdLDAP(server, userDN, curPassword)
|
|
|
|
|
if not ret:
|
|
|
|
@ -801,18 +832,24 @@ conjunction with the 'login' or 'logout'")
|
|
|
|
|
password = self.getUserPwd(optPasswd, "p", False)
|
|
|
|
|
if password == False:
|
|
|
|
|
return False
|
|
|
|
|
# Записываем пароль пользователя в переменную
|
|
|
|
|
self.clVars.Set("ur_pw", password)
|
|
|
|
|
oldEnvPath = self.clVars.Get("cl_env_path")
|
|
|
|
|
fileEnvPath = os.path.join(os.environ["HOME"],".calculate.env")
|
|
|
|
|
newEnvPath = [fileEnvPath]*3
|
|
|
|
|
self.clVars.Set("cl_env_path",newEnvPath,True)
|
|
|
|
|
# ~/.calculate
|
|
|
|
|
pathConfig = os.path.join(os.environ["HOME"],".calculate")
|
|
|
|
|
# Создаем директорию
|
|
|
|
|
if not os.path.exists(pathConfig):
|
|
|
|
|
os.makedirs(pathConfig)
|
|
|
|
|
# Переменные для записи в env файл
|
|
|
|
|
namesVars = ["ur_unix_hash","ur_samba_lm_hash","ur_samba_nt_hash"]
|
|
|
|
|
data = map(lambda x: (x,self.clVars.Get(x)), namesVars)
|
|
|
|
|
for name, value in data:
|
|
|
|
|
self.clVars.Write(name, value, True, "default","server")
|
|
|
|
|
self.clVars.Set("cl_env_path",oldEnvPath,True)
|
|
|
|
|
varsConfig = {"unix_hash":self.getHashPasswd(password,"ssha"),
|
|
|
|
|
"samba_lm_hash":self.getHashPasswd(password,"lm"),
|
|
|
|
|
"samba_nt_hash":self.getHashPasswd(password,"nt")}
|
|
|
|
|
if filter(lambda x: not x, varsConfig.values()):
|
|
|
|
|
return False
|
|
|
|
|
# ~/.calculate/server.env
|
|
|
|
|
fileConfig = os.path.join(pathConfig,"server.env")
|
|
|
|
|
txtConfig = cl_base.iniParser(fileConfig)
|
|
|
|
|
if not txtConfig.setVar(["passwd","samba"], varsConfig):
|
|
|
|
|
self.printERROR(_("Can not write password variable in file %s")\
|
|
|
|
|
%fileConfig)
|
|
|
|
|
return False
|
|
|
|
|
self.printOK(_("Changed password of user %s")%os.environ["USER"] + \
|
|
|
|
|
" ...")
|
|
|
|
|
self.printWARNING(_("Password will be changed when you logout from the \
|
|
|
|
@ -1470,7 +1507,16 @@ or ld_bind_dn or ld_bind_pw")
|
|
|
|
|
def removePrivateFiles(self, userHome):
|
|
|
|
|
"""Удаление приватных файлов"""
|
|
|
|
|
privateFiles = ['.kde4/share/apps/kwallet/kdewallet.kwl',
|
|
|
|
|
'.calculate.env']
|
|
|
|
|
'.calculate/server.env']
|
|
|
|
|
# файлы в .ssh
|
|
|
|
|
sshHome = ".ssh"
|
|
|
|
|
sshPath = os.path.join(userHome,sshHome)
|
|
|
|
|
if os.path.isdir(sshPath):
|
|
|
|
|
# .ssh файлы относительно домашней директории пользователя
|
|
|
|
|
privateFiles += map(lambda x:os.path.join(sshHome,x),\
|
|
|
|
|
filter(lambda x:\
|
|
|
|
|
os.path.isfile(os.path.join(sshPath,x)),\
|
|
|
|
|
os.listdir(sshPath)))
|
|
|
|
|
for prFile in privateFiles:
|
|
|
|
|
rmFile = os.path.join(userHome, prFile)
|
|
|
|
|
if os.path.exists(rmFile):
|
|
|
|
@ -2349,7 +2395,6 @@ or ld_bind_dn or ld_bind_pw")
|
|
|
|
|
--exclude="/.local/share/mime/mime.cache" \
|
|
|
|
|
--exclude="/.kde4/share/apps/nepomuk/repository/main/data" \
|
|
|
|
|
--exclude="/.logout" \
|
|
|
|
|
--exclude="/.calculate.env" \
|
|
|
|
|
--exclude="/.Xauthority" \
|
|
|
|
|
--filter="P /.googleearth" --filter="P /Home" --filter="P /Disks" \
|
|
|
|
|
--filter="P /.local/share/akonadi/db_data" --filter="P /.VirtualBox" \
|
|
|
|
@ -2357,7 +2402,6 @@ or ld_bind_dn or ld_bind_pw")
|
|
|
|
|
--filter="P /.local/share/mime/mime.cache" \
|
|
|
|
|
--filter="P /.kde4/share/apps/nepomuk/repository/main/data" \
|
|
|
|
|
--filter="P /.logout" \
|
|
|
|
|
--filter="P /.calculate.env" \
|
|
|
|
|
--filter="P /.Xauthority" \
|
|
|
|
|
--filter="P /FTP" -a -x -v -v -v -v %s/ %s/' %(homeProfile,userHome)
|
|
|
|
|
elif sync == "logout":
|
|
|
|
|