calculate
/
calculate-utils-2.1-server
6
0
Fork 0
Code Issues 3 Pull Requests Releases 1 Wiki Activity

git-svn-id: http://svn.calculate.ru/calculate2/calculate-server/trunk@207 c91db197-33c1-4113-bf15-f8a5c547ca64

Browse Source
develop
asamoukin 16 years ago
parent dc738df6a5
commit 313f2af330
27 changed files with 811 additions and 245 deletions
Show Stats Download Patch File Download Diff File

22
ldif/jabber_base.ldif
Unescape View File

@ -0,0 +1,22 @@
# Jabber server
dn: #-soft_ldap_admin_jabber-#
objectClass: top
objectClass: organizationalUnit
ou: #-soft_ldap_admin_jabber_name-#
userPassword: #-soft_ldap_admin_jabberpw_hash-#
# Users
dn: ou=Users,#-soft_ldap_admin_jabber-#
objectClass: top
objectClass: organizationalUnit
ou: Users
# Groups
dn: ou=Groups,#-soft_ldap_admin_jabber-#
objectClass: top
objectClass: organizationalUnit
ou: Groups

5
ldif/jabber_group.ldif
Unescape View File

@ -0,0 +1,5 @@
# Jabber Group
dn: cn=#-soft_ldap_group_name-#,ou=Groups,#-soft_ldap_admin_jabber-#
objectClass: nisNetgroup
cn: #-soft_ldap_group_name-#
description: #-soft_ldap_group_desc-#

8
ldif/jabber_user.ldif
Unescape View File

@ -0,0 +1,8 @@
# Jabber user
dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_jabber-#
objectClass: inetOrgPerson
uid: #-soft_ldap_user_login-#
cn: #-soft_ldap_user_full_name-#
sn: #-soft_ldap_user_full_name-#
mail: #-soft_ldap_user_login-#@#-net_host-#.#-sys_domain-#
userPassword: #-soft_ldap_user_pw_hash-#

2
ldif/unix_user.ldif
Unescape View File

@ -1,7 +1,7 @@
# Add posix Account
dn: uid=#-soft_ldap_user_login-#,ou=Users,#-soft_ldap_admin_unix-#
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
cn: #-soft_ldap_user_full_name-#

1
profile/backup/etc/openldap/schema/qmail.schema → profile/backup/etc/openldap/schema/mail.schema
Unescape View File

@ -1,3 +1,4 @@
# Calculate chmod=0444 chown=root:root
#
# qmail-ldap (20030901) ldapv3 directory schema
#

7
profile/backup/etc/openldap/slapd.conf
Unescape View File

@ -1,11 +1,14 @@
# Calculate format=ldap
# Calculate format=ldap\
chmod=0640\
chown=root:ldap\
append=replace
include /etc/openldap/schema/core.schema
+include /etc/openldap/schema/cosine.schema
+include /etc/openldap/schema/nis.schema
+include /etc/openldap/schema/inetorgperson.schema
+include /etc/openldap/schema/misc.schema
+include /etc/openldap/schema/samba.schema
+include /etc/openldap/schema/qmail.schema
+include /etc/openldap/schema/mail.schema
schemacheck on

80
profile/mail/etc/dovecot/dovecot-ldap.conf
Unescape View File

@ -1,76 +1,26 @@
# Calculate format=dovecot
# This file is opened as root, so it should be owned by root and mode 0600.
#
# http://wiki.dovecot.org/AuthDatabase/LDAP
#
# Space separated list of LDAP hosts to use. host:port is allowed too.
# Calculate format=dovecot\
chmod=0600\
chown=root:root
# LDAP хост
hosts = #-net_host-#
# Distinguished Name - the username used to login to the LDAP server
# DN администратора
dn = #-soft_ldap_admin_mail-#
# Password for LDAP server
# Пароль администратора
dnpass = #-soft_ldap_admin_mailpw-#
# Включить аутенфикацию
auth_bind = yes
# Пользователь для аутенфикации
auth_bind_userdn = uid=%u,ou=Users,#-soft_ldap_admin_mail-#
# LDAP protocol version to use. Likely 2 or 3.
# Версия LDAP протокола
ldap_version = 2
# LDAP base. %variables can be used here.
#base = uid=someone, dc=foo, dc=bar, dc=org
# Базовый DN LDAP
base = ou=Users,#-soft_ldap_admin_mail-#
# Dereference: never, searching, finding, always
#deref = never
# Search scope: base, onelevel, subtree
# Тип поиска: base, onelevel, subtree
scope = subtree
# User attributes are given in LDAP-name=dovecot-internal-name list. The
# internal names are:
# uid - System UID
# gid - System GID
# home - Home directory
# mail - Mail location
#
# There are also other special fields which can be returned, see
# http://wiki.dovecot.org/UserDatabase/ExtraFields
#user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
# Filter for user lookup. Some variables can be used (see
# http://wiki.dovecot.org/Variables for full list):
# %u - username
# %n - user part in user@domain, same as %u if there's no domain
# %d - domain part in user@domain, empty if user there's no domain
#user_filter = (&(objectClass=posixAccount)(uid=%u))
# Фильтр для поиска пользователя
user_filter = (&(objectClass=qmailUser)(uid=%u))
# Password checking attributes:
# user: Virtual user name (user@domain), if you wish to change the
# user-given username to something else
# password: Password, may optionally start with {type}, eg. {crypt}
# There are also other special fields which can be returned, see
# http://wiki.dovecot.org/PasswordDatabase/ExtraFields
#pass_attrs = uid=user,userPassword=password
# If you wish to avoid two LDAP lookups (passdb + userdb), you can use
# userdb prefetch instead of userdb ldap in dovecot.conf. In that case you'll
# also have to include user_attrs in pass_attrs field prefixed with "userdb_"
# string. For example:
#pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,uidNumber=userdb_uid,gidNumber=userdb_gid
# Filter for password lookups
# Фильтр для поиска пароля
pass_filter = (&(objectClass=qmailUser)(uid=%u))
# Default password scheme. "{scheme}" before password overrides this.
# List of supported schemes is in: http://wiki.dovecot.org/Authentication
#default_pass_scheme = CRYPT
# Схема шифрования пароля
# Поддерживаемые схемы: http://wiki.dovecot.org/Authentication
default_pass_scheme = SSHA
# You can use same UID and GID for all user accounts if you really want to.
# If the UID/GID is still found from LDAP reply, it overrides these values.

96
profile/mail/etc/dovecot/dovecot.conf
Unescape View File

@ -1,95 +1,17 @@
# Calculate format=dovecot
## Dovecot configuration file
# IP or host address where to listen in for connections. It's not currently
# possible to specify multiple addresses. "*" listens in all IPv4 interfaces.
# "[::]" listens in all IPv6 interfaces, but may also listen in all IPv4
# interfaces depending on the operating system.
#
# If you want to specify ports for each service, you will need to configure
# these settings inside the protocol imap/pop3 { ... } section, so you can
# specify different ports for IMAP/POP3. For example:
# protocol imap {
# listen = *:10143
# ssl_listen = *:10943
# ..
# }
# protocol pop3 {
# listen = *:10100
# ..
# }
listen = [::]
# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert_file = /etc/ssl/dovecot/server.pem
ssl_key_file = /etc/ssl/dovecot/server.key
##
## Mailbox locations and namespaces
##
# Location for users' mailboxes. This is the same as the old default_mail_env
# setting. The default is empty, which means that Dovecot tries to find the
# mailboxes automatically. This won't work if the user doesn't have any mail
# yet, so you should explicitly tell Dovecot the full location.
#
# If you're using mbox, giving a path to the INBOX file (eg. /var/mail/%u)
# isn't enough. You'll also need to tell Dovecot where the other mailboxes are
# kept. This is called the "root mail directory", and it must be the first
# path given in the mail_location setting.
#
# There are a few special variables you can use, eg.:
#
# %u - username
# %n - user part in user@domain, same as %u if there's no domain
# %d - domain part in user@domain, empty if there's no domain
# %h - home directory
#
# See doc/wiki/Variables.txt for full list. Some examples:
#
# mail_location = maildir:~/Maildir
# mail_location = mbox:~/mail:INBOX=/var/mail/%u
# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
#
# <doc/wiki/MailLocation.txt>
#
#mail_location = maildir:~/.maildir
mail_location = maildir:/var/calculate/mail/%u
# Calculate format=dovecot\
chmod=0644\
chown=root:root
# Тип хранения почты и расположение почтовых папок
mail_location = maildir:#-soft_ldap_mail_path-#/%u
# Аутенфикация по умолчанию
auth default {
# Space separated list of wanted authentication mechanisms:
# plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
# NOTE: See also disable_plaintext_auth setting.
mechanisms = plain
# Удаляем аутенфикацию pam
!passdb pam {
args = "*"
}
# LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
# Аутенфикация LDAP
passdb ldap {
# Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
# Путь к конфигурационному файлу
args = /etc/dovecot/dovecot-ldap.conf
}
# LDAP database <doc/wiki/AuthDatabase.LDAP.txt>
#userdb ldap {
# # Path for LDAP configuration file, see doc/dovecot-ldap-example.conf
# args = /etc/dovecot/dovecot-ldap.conf
#}
# User to use for the process. This user needs access to only user and
# password databases, nothing else. Only shadow and pam authentication
# requires roots, so use something else if possible. Note that passwd
# authentication with BSDs internally accesses shadow files, which also
# requires roots. Note that this user is NOT used to access mails.
# That user is specified by userdb above.
user = root
}

137
profile/mail/etc/openldap/slapd.conf
Unescape View File

@ -1,2 +1,135 @@
# Calculate format=ldap
+include /etc/openldap/schema/qmail.schema
# Calculate format=ldap\
chmod=0640\
chown=root:ldap\
append=replace
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
include /etc/openldap/schema/samba.schema
#soft_samba_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
include /etc/openldap/schema/mail.schema
#soft_mail_setup#
schemacheck on
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.arg
# Уровень отладочных сообщений
loglevel 0
allow bind_v2
modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
by dn="#-soft_ldap_admin_samba-#" write
#soft_samba_setup#
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
by dn="#-soft_ldap_admin_unix-#" write
#soft_unix_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
by dn="#-soft_ldap_admin_mail-#" read
#soft_mail_setup#
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
by dn="#-soft_ldap_admin_jabber-#" read
#soft_jabber_setup#
by * auth
# Доступ к аттрибутам Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to attrs=sambaLMPassword,sambaNTPassword
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by * none
#soft_samba_setup#
# Доступ к пользователю только для просмотра
access to dn.base="#-soft_ldap_bind-#"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_bind-#" read
by * none
# Доступ к администратору сервера LDAP
access to dn.base="#-soft_ldap_admin-#"
by dn="#-soft_ldap_admin-#" write
by * none
# Доступ к ветке Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to dn.regex=".*#-soft_ldap_admin_samba-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
by * none
#soft_samba_setup#
# Доступ к ветке Unix
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
access to dn.regex=".*#-soft_ldap_admin_unix-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
by * none
#soft_unix_setup#
# Доступ к ветке Mail
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
access to dn.regex=".*#-soft_ldap_admin_mail-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_mail-#" read
by * none
#soft_mail_setup#
# Доступ к ветке Jabber
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
access to dn.regex=".*#-soft_ldap_admin_jabber-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_jabber-#" read
by * none
#soft_jabber_setup#
# Доступ к остальным веткам сервисов
access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$"
by dn="#-soft_ldap_admin-#" write
by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write
by * none
# Закрываем доступ к веткам
access to dn.regex=".*,#-soft_ldap_sevices_dn-#"
by dn="#-soft_ldap_admin-#" write
by * none
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index uidNumber eq
index gidNumber eq
index default sub

4
profile/mail/etc/postfix/ldap-aliases-gr.cf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=postfix
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_port = 389
bind = yes

4
profile/mail/etc/postfix/ldap-aliases.cf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=postfix
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_port = 389
bind = yes

4
profile/mail/etc/postfix/ldap-recipient-gr.cf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=postfix
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_port = 389
bind = yes

4
profile/mail/etc/postfix/ldap-recipient.cf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=postfix
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
server_host = #-net_host-#
server_port = 389
bind = yes

4
profile/mail/etc/postfix/main.cf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=postfix
# Calculate format=postfix\
chmod=0640\
chown=root:postfix
#Документация на русском:
#http://www.elantech.ru/docs/postfix-docs-ru/

8
profile/mail/etc/procmailrc
Unescape View File

@ -1,5 +1,7 @@
# Calculate format=procmail
# Use maildir-style mailbox in user's home directory
DEFAULT=/var/calculate/mail/$LOGNAME/
# Calculate format=procmail\
chmod=0644\
chown=root:root
# Директория хранения почты
DEFAULT=#-soft_ldap_mail_path-#/$LOGNAME/
MAILDIR=$DEFAULT

4
profile/samba/etc/ldap.conf
Unescape View File

@ -1,2 +1,4 @@
# Calculate format=ldap
# Calculate format=ldap\
chmod=0644\
chown=root:root
+nss_base_passwd ou=Computers,#-soft_ldap_admin_samba-#?one

136
profile/samba/etc/openldap/slapd.conf
Unescape View File

@ -1,7 +1,135 @@
# Calculate format=ldap
+include /etc/openldap/schema/samba.schema
# Calculate format=ldap\
chmod=0640\
chown=root:ldap\
append=replace
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/misc.schema
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
include /etc/openldap/schema/samba.schema
#soft_samba_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
include /etc/openldap/schema/mail.schema
#soft_mail_setup#
schemacheck on
pidfile /var/run/openldap/slapd.pid
argsfile /var/run/openldap/slapd.arg
# Уровень отладочных сообщений
loglevel 0
allow bind_v2
modulepath /usr/lib/openldap/modules
# Доступ к аттрибуту userPassword
access to attrs=userPassword
by self write
by dn="#-soft_ldap_admin-#" write
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
by dn="#-soft_ldap_admin_samba-#" write
#soft_samba_setup#
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
by dn="#-soft_ldap_admin_unix-#" write
#soft_unix_setup#
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
by dn="#-soft_ldap_admin_mail-#" read
#soft_mail_setup#
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
by dn="#-soft_ldap_admin_jabber-#" read
#soft_jabber_setup#
by * auth
# Доступ к аттрибутам Samba
+access to attrs=sambaLMPassword,sambaNTPassword
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to attrs=sambaLMPassword,sambaNTPassword
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by * none
by * none
#soft_samba_setup#
# Доступ к пользователю только для просмотра
access to dn.base="#-soft_ldap_bind-#"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_bind-#" read
by * none
# Доступ к администратору сервера LDAP
access to dn.base="#-soft_ldap_admin-#"
by dn="#-soft_ldap_admin-#" write
by * none
# Доступ к ветке Samba
#?soft_samba_setup==yes||soft_ldap_setup_name==samba#
access to dn.regex=".*#-soft_ldap_admin_samba-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
by * none
#soft_samba_setup#
# Доступ к ветке Unix
#?soft_unix_setup==yes||soft_ldap_setup_name==unix#
access to dn.regex=".*#-soft_ldap_admin_unix-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_samba-#" write
by dn="#-soft_ldap_admin_unix-#" write
by dn="#-soft_ldap_bind-#" read
by * none
#soft_unix_setup#
# Доступ к ветке Mail
#?soft_mail_setup==yes||soft_ldap_setup_name==mail#
access to dn.regex=".*#-soft_ldap_admin_mail-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_mail-#" read
by * none
#soft_mail_setup#
# Доступ к ветке Jabber
#?soft_jabber_setup==yes||soft_ldap_setup_name==jabber#
access to dn.regex=".*#-soft_ldap_admin_jabber-#$"
by dn="#-soft_ldap_admin-#" write
by dn="#-soft_ldap_admin_jabber-#" read
by * none
#soft_jabber_setup#
# Доступ к остальным веткам сервисов
access to dn.regex=".*ou=([^,]+),#-soft_ldap_sevices_dn-#$"
by dn="#-soft_ldap_admin-#" write
by dn.regex="ou=$1,#-soft_ldap_sevices_dn-#" write
by * none
# Закрываем доступ к веткам
access to dn.regex=".*,#-soft_ldap_sevices_dn-#"
by dn="#-soft_ldap_admin-#" write
by * none
# Доступ ко всем аттрибутам
access to *
by dn="#-soft_ldap_admin-#" write
by self write
by * read
# Доступ по умолчанию только для чтения
defaultaccess read
# Тип базы данных
database ldbm
suffix "#-soft_ldap_base-#"
checkpoint 1024 5
cachesize 10000
directory /var/lib/openldap-data
index objectClass eq
index cn pres,sub,eq
index sn pres,sub,eq
index uid pres,sub,eq
index uidNumber eq
index gidNumber eq
index default sub

12
profile/samba/etc/samba/smb.conf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=samba
# Calculate format=samba\
chmod=0644\
chown=root:root
[global]
# Имя сервера
# --------------------------------------------------------------------
@ -80,7 +82,7 @@
;time offset =
[homes]
path = /var/calculate/share
path = #-soft_ldap_samba_home_path-#
comment = Home Directories
valid users = %U
read only = No
@ -89,7 +91,7 @@
browseable = No
[profiles]
path = /var/calculate/winnt/profiles
path = #-soft_ldap_samba_profile_path-#
create mask = 0600
directory mask = 0700
browseable = No
@ -101,13 +103,13 @@
valid users = %U @"Domain Admins"
[netlogon]
path = /var/calculate/winnt/netlogon
path = #-soft_ldap_samba_netlogon_path-#
browseable = No
read only = yes
[share]
path = #-soft_ldap_samba_share_path-#
comment = Share Files
browseable = yes
writable = yes
path = /var/calculate/share
hide unreadable = yes

4
profile/unix/etc/ldap.conf
Unescape View File

@ -1,4 +1,6 @@
# Calculate format=ldap
# Calculate format=ldap\
chmod=0644\
chown=root:root
host localhost
base #-soft_ldap_sevices_dn-#
rootbinddn #-soft_ldap_admin_unix-#

5
profile/unix/etc/nsswitch.conf
Unescape View File

@ -1,4 +1,7 @@
# Calculate format=ldap insert=replace
# Calculate format=ldap\
insert=replace\
chmod=0644\
chown=root:root
passwd: files ldap
shadow: files ldap
group: files ldap

6
profile/unix/etc/pam.d/system-auth
Unescape View File

@ -1,5 +1,7 @@
# Calculate format=ldap insert=replace
# Calculate format=ldap\
insert=replace\
chmod=0644\
chown=root:root
auth required pam_env.so
auth sufficient pam_unix.so try_first_pass likeauth nullok
auth sufficient pam_ldap.so use_first_pass

385
pym/cl_ldap.py
Unescape View File

@ -36,8 +36,7 @@ import time
# Для ввода символа
import tty
import termios
# Для ldif
import base64
Version = "calculate-server 0.0.1"
@ -140,6 +139,9 @@ class ldapFunction(cl_profile._error):
except ldap.LDAPError, e:
self.setError(e[0]['desc'])
return False
except:
self.setError("Error in ldif file")
return False
return True
else:
self.setError(_("No connect to LDAP server"))
@ -231,8 +233,11 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
if os.path.isdir(os.path.join(profilePath, fileData)):
service.append(fileData)
if service:
# После добавления сервисов в класс необходимо удалить
# apache и jabber
service.remove('backup')
service.remove('apache')
service.remove('jabber')
return service
def applyProfilesFromService(self, service):
@ -281,6 +286,14 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
flagError = True
break
continue
elif service == "jabber":
if self.getRunService("jabber"):
textLine = self.execProg("/etc/init.d/ejabberd stop")
if not ("ok" in textLine):
self.printERROR( "Ejabberd" + " " +
_("service is not stopped"))
flagError = True
break
elif self.getRunService(service):
stopService = service
textLine = self.execProg("/etc/init.d/%s stop" %(stopService))
@ -351,8 +364,12 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
continue
addDirDict = {"slapd":("openldap","slapd.pid"),
"samba":("samba","smbd.pid"),
"dovecot":("dovecot","master.pid")}
pidDir = baseDir + "/" + addDirDict[daemon][0]
"dovecot":("dovecot","master.pid"),
"ejabberd":("/var/lib/init.d/daemons","ejabberd")}
if addDirDict[daemon][0][:1] == "/":
pidDir = addDirDict[daemon][0]
else:
pidDir = baseDir + "/" + addDirDict[daemon][0]
if os.access(pidDir, os.F_OK) and os.listdir(pidDir) and\
os.path.exists(os.path.join(pidDir,addDirDict[daemon][1])):
runDaemons[daemon] = True
@ -377,8 +394,11 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
elif nameService == "ldap":
if not self.getRunDaemons(['slapd'],printError):
flagError = True
elif nameService == "jabber":
if not self.getRunDaemons(['ejabberd'],printError):
flagError = True
else:
if not self.getRunDaemons([nameService],printError):
if not self.getRunDaemons([nameService],printError):
flagError = True
if flagError:
if printError:
@ -389,7 +409,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
def unicList(self, lst):
"""Список уникальных элементов из списка не уникальных"""
return list(set(lst)|set([]))
return list(set(lst))
def addDN(self, *arg):
"""Складывает текстовые элементы DN"""
@ -578,10 +598,18 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
ldapParser = iniLdapParser()
adminDn = ldapParser.getVar(part,"DN")
adminPw = ldapParser.getVar(part,"PASS")
if not (adminDn or adminPw):
if part == "admin":
service = "LDAP"
else:
service = part
self.printERROR(service.capitalize() + " " +\
_("not installed ..."))
return False
ldapObj = ldapFunction(adminDn, adminPw)
if ldapObj.getError():
self.printERROR (_("LDAP connect error") + ": " +\
ldapObj.getError())
ldapObj.getError().strip())
return False
# Устанавливаем у объекта соединение и объект LDAP функций
self.ldapObj = ldapObj
@ -990,7 +1018,7 @@ class servUnix(shareLdap):
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(groupLdif)
if self.ldapObj.getError():
print _("Unix Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
if options.has_key('p'):
sys.stdout.write(gid)
@ -1041,7 +1069,7 @@ class servUnix(shareLdap):
#Добавляем пользователя в LDAP
self.ldapObj.ldapAdd(userLdif)
if self.ldapObj.getError():
print _("Unix Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
#clVars.Write("soft_ldap_user_id",str(int(userId)+1))
self.printSUCCESS(_("Added machine") + "...")
@ -1186,7 +1214,7 @@ class servUnix(shareLdap):
self.addUsersGroupUnix([userName],group)
# не переделывать на else
if self.ldapObj.getError():
print _("Unix Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
# Изменим время последнего измения пароля пользователя
if not self.setShadowLastChange(userName):
@ -1799,9 +1827,8 @@ class servUnix(shareLdap):
# Запускаем LDAP сервер
if not self.runLdapServer():
return False
#Cоединение с Ldap (администратор)
shareLdap.getLdapObjInFile(self)
#self.setParamIniFile("setup_LDAP","no")
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","unix")
self.clVars.Write("soft_unix_setup","no")
# Для тестовых целей устанавливаем директорию инсталяции
#clVars.Set("setup_path_install","/tmp/test1/")
@ -1809,6 +1836,10 @@ class servUnix(shareLdap):
# файлов профилей
if not self.applyProfilesFromService('unix'):
return False
# Рестартуем LDAP
self.restartLdapServer()
#Cоединение с Ldap (администратор)
shareLdap.getLdapObjInFile(self)
# Удаляем предыдущую ветку сервиса Unix
servicesDN = self.relDN
resSearch = self.searchService()
@ -1828,7 +1859,7 @@ class servUnix(shareLdap):
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(baseLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
self.printOK(_("Added ldif file") +" ...")
# Записываем данные администратора сервиса Unix
@ -1872,8 +1903,7 @@ class servMail(shareLdap):
"/usr/lib/calculate/calculate-server/ldif/mail_group.ldif"
# Алгоритм шифрования пароля для Mail пользователя
self.userCrypt = "{SSHA}"
# Директория где хранятся письма
self.mailLocation = "/var/calculate/mail"
# Директория хранения писем
if unixObj:
# получаем объект сервиса Unix
self.servUnixObj = unixObj
@ -1936,7 +1966,8 @@ class servMail(shareLdap):
# Удаляем почтовую папку
if options.has_key('r'):
#почтовая директория пользователя
mailDir = os.path.join(self.mailLocation,userName)
mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"),
userName)
if self.servUnixObj.removeHomeDir(mailDir):
self.printSUCCESS(\
_("Mail user directory %s is removed")% str(mailDir) +\
@ -2315,7 +2346,7 @@ class servMail(shareLdap):
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(groupLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
#Добавляем альтернативные почтовые адреса
if options.has_key('e') and modAttrs:
@ -2373,9 +2404,11 @@ class servMail(shareLdap):
def createMailDir(self, userName, uid, gid):
"""Создание пользовательской директории для почты"""
mailDir = os.path.join(self.mailLocation,userName)
mailDir = os.path.join(self.clVars.Get("soft_ldap_mail_path"),
userName)
if not os.path.exists(mailDir):
os.makedirs(mailDir)
os.chmod(mailDir,0600)
os.chown(mailDir,uid,gid)
return True
@ -2551,7 +2584,7 @@ class servMail(shareLdap):
#ldapObj.ldapAdd(userLdif1)
# не переделывать на else
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
if resUnix:
uid = int(resUnix[0][0][1]['uidNumber'][0])
@ -2600,7 +2633,7 @@ class servMail(shareLdap):
# конфигурационные файлы сервиса Mail (программы Postfix и Dovecot)
self.printWARNING (_("WARNING") + ": " +
_("Executing of the program will change") + " " +
_("the configuration files of Mail service") +"("+
_("the configuration files of Mail service") +" ("+
_("programs Postfix and Dovecot") + ")." )
# если вы ранее использовали программу cl-setup то в дальнейшем
# можете использовать cl-backup для резервного копирования
@ -2625,6 +2658,8 @@ class servMail(shareLdap):
# Подключаемся к LDAP cерверу
if not shareLdap.getLdapObjInFile(self):
return False
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","mail")
self.clVars.Write("soft_mail_setup","no")
# Находим в LDAP Mail сервис
resSearch = self.searchService()
@ -2645,9 +2680,8 @@ class servMail(shareLdap):
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(baseLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
self.clVars.Write("soft_samba_setup","no")
# Cоздаем объект профиль устанавливая директорию samba для
# файлов профилей
if not self.applyProfilesFromService('mail'):
@ -2691,6 +2725,223 @@ class servMail(shareLdap):
return True
class servJabber(shareLdap):
"""Методы сервиса Jabber"""
def __init__(self, unixObj=False):
shareLdap.__init__(self)
self.relGrDN = 'ou=Groups'
self.relUsDN = 'ou=Users'
self.relServDN = 'ou=Jabber'
# DN сервиса
self.relDN = self.addDN(self.relServDN,self.ServicesDN)
# DN пользователей, относительно базового DN
self.relUsersDN = self.addDN(self.relUsDN, self.relDN)
# DN групп пользователей, относительно базового DN
self.relGroupsDN = self.addDN(self.relGrDN, self.relDN)
self.ldifFileBase =\
"/usr/lib/calculate/calculate-server/ldif/jabber_base.ldif"
self.ldifFileUser =\
"/usr/lib/calculate/calculate-server/ldif/jabber_user.ldif"
self.ldifFileGroup =\
"/usr/lib/calculate/calculate-server/ldif/jabber_group.ldif"
if unixObj:
# получаем объект сервиса Unix
self.servUnixObj = unixObj
else:
# создаем объект сервиса Unix
self.servUnixObj = servUnix()
def searchGroupName(self, groupName):
"""Находит группу сервиса Unix по её имени"""
resSearch = self.searchLdapDN(groupName, self.relGroupsDN, "cn")
return resSearch
def searchUserToMail(self, mail):
"""Находит пользователя по почтовому адресу в сервисе Jabber"""
resSearch = self.searchLdapDN(mail, self.relUsersDN, "mail")
return resSearch
@adminConnectLdap
def addGroupJabberServer(self, groupName, options):
"""Добавляет группу пользователей Jabber"""
# Если группа существует выходим без ошибки
if self.searchGroupName(groupName):
self.printERROR(\
_("group name %s is found in Jabber service") %\
str(groupName) + " ...")
return False
self.clVars.Set("soft_ldap_group_name",groupName)
# Коментарий к группе
gecos = self.servUnixObj.groupGecos
if options.has_key('c'):
gecos = options['c']
self.clVars.Set("soft_ldap_group_desc",gecos)
ldifFile = self.ldifFileGroup
groupLdif = self.createLdif(ldifFile)
if not groupLdif:
print self.getError()
return False
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(groupLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
self.printSUCCESS(_("Added group in Jabber service") + " ...")
return True
@adminConnectLdap
def addUserJabberServer(self, userName, options):
"""Добавляет jabber пользователя"""
#jabber id
mail = "%s@%s.%s" %(userName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
if self.searchUserToMail(mail):
self.printERROR(_("User exists in Jabber service"))
return False
# Пароль пользователя Jabber
userPwd = self.getUserPassword(options, "p", "P")
if userPwd == False:
return False
if not userPwd:
userPwd = "crypt{xxx}"
self.clVars.Set("soft_ldap_user_pw_hash",userPwd)
self.clVars.Set("soft_ldap_user_login", userName)
#Полное имя пользователя
fullNameUser = self.servUnixObj.fullNameUser
if options.has_key('c'):
fullNameUser = options['c']
self.clVars.Set("soft_ldap_user_full_name",fullNameUser)
ldifFile = self.ldifFileUser
userLdif = self.createLdif(ldifFile)
if not self.ldapObj.getError():
#Добавляем пользователя в LDAP
self.ldapObj.ldapAdd(userLdif)
#ldapObj.ldapAdd(userLdif1)
# не переделывать на else
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
self.printSUCCESS(_("Added user in Jabber service") + " ...")
return True
def setupJabberServer(self, options):
"""Начальная настройка Jabber сервиса"""
# Принудительная установка
forceOptions = False
if options.has_key("f"):
forceOptions = True
# Создаем объект переменных
self.createClVars()
#self.clVars.printVars()
#return True
if self.clVars.Get("soft_ldap_setup") != "yes":
self.printERROR (_("ERROR") + ": " +\
_("LDAP server is not configured")+ ".")
self.printWARNING(_("LDAP service is not setuped"))
self.printWARNING(_("Setup LDAP service"))
self.printWARNING(" cl-setup ldap")
return False
# В случае если сервер установлен
if self.clVars.Get("soft_jabber_setup") == "yes" and\
not forceOptions:
self.printWARNING (_("WARNING") + ": " +\
_("Jabber server is configured")+ ".")
return True
if not forceOptions:
# предупреждение при выполнении этой программы будут изменены
# конфигурационные файлы сервиса Mail (программы Postfix и Dovecot)
self.printWARNING (_("WARNING") + ": " +
_("Executing of the program will change") + " " +
_("the configuration files of Jabber service") +" ("+
_("program Ejabberd") + ")." )
# если вы ранее использовали программу cl-setup то в дальнейшем
# можете использовать cl-backup для резервного копирования
self.printWARNING (
_("If cl-setup program was used previously") + ", " +
_("you may execute cl-backup program for backup services"))
# если вы готовы продолжить работу программы нажмите Y если нет n
messDialog = \
_("If you are ready to continue executing the program") + ", "+\
_("press Y") +", "+ _("if not n")
if not self.dialogYesNo(messDialog):
return True
# Удаляем из автозапуска демона
if not self.delDaemonAutostart("ejabberd"):
return False
# останавливаем сервис Jabber
if not self.stopServices(["jabber"]):
return False
# Подключаемся к LDAP cерверу
if not shareLdap.getLdapObjInFile(self):
return False
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","jabber")
self.clVars.Write("soft_jabber_setup","no")
# Находим в LDAP Jabber сервис
resSearch = self.searchService()
ret = True
if resSearch:
delDN = self.relDN
ret = self.deleteDN(delDN)
if ret:
self.printOK(_("Remove Jabber DN from LDAP Database") +" ...")
else:
self.printERROR(\
_("Can not remove Jabber DN from LDAP Database")+\
" ...")
if not ret:
return False
ldifFile = self.ldifFileBase
baseLdif = self.createLdif(ldifFile)
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(baseLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
# Cоздаем объект профиль устанавливая директорию jabber для
# файлов профилей
if not self.applyProfilesFromService('jabber'):
return False
# Администратор сервиса
adminName = "admin"
adminFullName = "%s@%s.%s" %(adminName,
self.clVars.Get("net_host"),
self.clVars.Get("sys_domain"))
print _("Enter the %s password" % adminFullName)
if not self.addUserJabberServer(adminName,{'p':""}):
return False
# Записываем данные администратора сервиса Jabber
ldapParser = iniLdapParser()
ldapParser.setVar("jabber",
{"DN":self.clVars.Get("soft_ldap_admin_jabber"),
"PASS":self.clVars.Get("soft_ldap_admin_jabberpw")})
self.printOK(_("Added ldif file") +" ...")
# создаем сертификат если есть используем прежний
self.execProg("/bin/bash /etc/jabber/self-cert.sh")
if not os.path.exists("/etc/jabber/ssl.pem"):
self.printERROR(_("Can not create Jabber certificate") + " ...")
return False
textLine = self.execProg("/etc/init.d/ejabberd start")
if "ok" in textLine:
self.printOK(_("Starting") + " " + "Ejabberd" + " ...")
else:
self.printNotOK(_("Starting") + " " + "Ejabberd" + " ...")
return False
# Устанавливаем автозапуск демона
if not self.setDaemonAutostart("ejabberd"):
return False
self.clVars.Write("soft_jabber_setup","yes")
self.printOK(_("Jabber service configured") + " ...")
return True
class servSamba(shareLdap):
"""Методы севисa Samba"""
def __init__(self, unixObj=False):
@ -2762,7 +3013,7 @@ class servSamba(shareLdap):
return True
@adminConnectLdap
def addUserSambaServer(self, userName, options):
def addUserSambaServer(self, userName, options, pwDialog=False):
"""Добавляет LDAP пользователя в LDAP-сервер"""
# Добавление машины samba
if options.has_key('w'):
@ -2785,7 +3036,8 @@ class servSamba(shareLdap):
#пароль пользователя
userPwd = ""
#диалог ввода пароля
pwDialog = [_("New SMB password"),
if not pwDialog:
pwDialog = [_("New SMB password"),
_("Retype new SMB password")]
userPwd = self.getUserPassword(options, "p", "P", pwDialog)
if userPwd == False:
@ -2901,8 +3153,8 @@ class servSamba(shareLdap):
if not self.stopServices(["samba"]):
return False
# Установим права 777 на директории
dirs = ["/var/calculate/winnt/profiles",
"/var/calculate/share"]
dirs = [self.clVars.Get("soft_ldap_samba_profile_path"),
self.clVars.Get("soft_ldap_samba_share_path")]
for mDir in dirs:
if os.path.exists(mDir):
fd = os.open(mDir, os.O_RDONLY)
@ -2911,7 +3163,8 @@ class servSamba(shareLdap):
os.close(fd)
if not mode == 0777:
os.chmod(mDir, 0777)
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","samba")
self.clVars.Write("soft_samba_setup","no")
# Cоздаем объект профиль устанавливая директорию samba для
# файлов профилей
@ -2934,13 +3187,11 @@ class servSamba(shareLdap):
_("Can not add Samba admin password"))
return False
textLine = self.execProg("/etc/init.d/slapd restart")
#Cоединение с Ldap (администратор)
shareLdap.getLdapObjInFile(self)
if not "ok" in textLine:
self.printNotOK(_("LDAP restart") + " ...")
return False
#Cоединение с Ldap (администратор)
shareLdap.getLdapObjInFile(self)
resSearch = self.searchService()
ret = True
if resSearch:
@ -2958,7 +3209,7 @@ class servSamba(shareLdap):
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(baseLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
self.printOK(_("Added ldif file") +" ...")
textLine = self.execProg("/etc/init.d/samba start")
@ -2967,8 +3218,10 @@ class servSamba(shareLdap):
else:
self.printNotOK(_("Starting") + " Samba ...")
return False
print _("Enter the ROOT password")
if not self.addUserSambaServer('root',{'p':""}):
print _("Enter existing ROOT password")
pwDialog = [_("ROOT password"),
_("Retype ROOT password")]
if not self.addUserSambaServer('root',{'p':""},pwDialog):
return False
if not self.setDaemonAutostart("slapd"):
return False
@ -3355,7 +3608,7 @@ class servLdap(shareLdap):
# Добавляем в базу из ldif
self.ldapObj.ldapAdd(ldif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
# Останавливаем LDAP сервер
if not self.stopLdapServer():
@ -3473,6 +3726,8 @@ class servLdap(shareLdap):
# Удаляем ldap файл
if os.path.exists(ldapFile):
os.remove(ldapFile)
# Имя устанавливаемого сервиса
self.clVars.Set("soft_ldap_setup_name","ldap")
self.clVars.Write("soft_ldap_setup","no")
# Первый проход
self.clVars.Set("setup_pass_parser","1",True)
@ -3493,7 +3748,7 @@ class servLdap(shareLdap):
if not self.ldapObj.getError():
self.ldapObj.ldapAdd(baseLdif)
if self.ldapObj.getError():
print _("LDAP Error") + ": " + self.ldapObj.getError()
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
return False
self.printOK(_("Added ldif file") +" ...")
# Второй проход,
@ -3547,6 +3802,7 @@ class cl_ldap(shareLdap):
(_("Unix service options"),True,1,1,"options"),
(_("Samba service options"),True,1,1,"options"),
(_("Mail service options"),True,1,1,"options"),
(_("Jabber service options"),True,1,1,"options"),
(_("Services"),True,1,0,"")
]
@ -3571,6 +3827,8 @@ class cl_ldap(shareLdap):
_("Unix service options")],
"mail":[_("Common options"),
_("Mail service options")],
"jabber":[_("Common options"),
_("Jabber service options")],
}
# Cвязь длинных опций помощи и выводимых разделов помощи с опциями
self.relOptions = {"h":[_("Common options")],
@ -3580,13 +3838,16 @@ class cl_ldap(shareLdap):
_("Unix service options")],
"help-samba":[_("Common options"),
_("Samba service options")],
"help-mail":[_("Common options"),
"help-mail": [_("Common options"),
_("Mail service options")],
"help-jabber":[_("Common options"),
_("Jabber service options")],
"help-all":[_("Common options"),
_("Samba service options"),
_("LDAP service options"),
_("Unix service options"),
_("Mail service options")
_("Mail service options"),
_("Jabber service options")
]
}
@ -3625,6 +3886,10 @@ class cl_ldap(shareLdap):
'helpChapter':_("Common options"),
'help':_("display help for Mail service options")
},
{'longOption':"help-jabber",
'helpChapter':_("Common options"),
'help':_("display help for Jabber service options")
},
{'longOption':"help-all",
'helpChapter':_("Common options"),
'help':_("display help for all services options")
@ -3657,6 +3922,13 @@ class cl_ldap(shareLdap):
'helpChapter':_("Mail service options"),
'help':_("set the description field for the new group")
},
{'progAccess':(0,),
'shortOption':"c",
'longOption':"comment",
'optVal':"COMMENT",
'helpChapter':_("Jabber service options"),
'help':_("set the description field for the new group")
},
{'progAccess':(0,),
'shortOption':"p",
'helpChapter':_("Unix service options"),
@ -3730,7 +4002,14 @@ class cl_ldap(shareLdap):
'longOption':"comment",
'optVal':_("COMMENT"),
'helpChapter':_("Mail service options"),
'help':_("set the COMMENT field for the new unix account")
'help':_("set the COMMENT field for the new account")
},
{'progAccess':(3,),
'shortOption':"c",
'longOption':"comment",
'optVal':_("COMMENT"),
'helpChapter':_("Jabber service options"),
'help':_("set the COMMENT field for the new account")
},
{'progAccess':(3,),
'shortOption':"d",
@ -3831,6 +4110,19 @@ class cl_ldap(shareLdap):
'help':_("use password for the user account")+\
" (" + _("from standard input") + ")"
},
{'progAccess':(3,),
'shortOption':"p",
'longOption':"password",
'helpChapter':_("Jabber service options"),
'help':_("use password for the user account")+\
" (" + _("from dialog") + ")"
},
{'progAccess':(3,),
'shortOption':"P",
'helpChapter':_("Jabber service options"),
'help':_("use password for the user account")+\
" (" + _("from standard input") + ")"
},
{'progAccess':(3,),
'shortOption':"w",
'helpChapter':_("Samba service options"),
@ -4028,25 +4320,30 @@ class cl_ldap(shareLdap):
# Services
{'progAccess':(6,),
'helpChapter':_("Services"),
'help':pcs(" ldap", self.column_width,
'help':pcs(" ldap", self.column_width,
"ldap " + servName, self.consolewidth-self.column_width)
},
{'progAccess':(0,1,2,3,4,5,6,7,),
'helpChapter':_("Services"),
'help':pcs(" unix", self.column_width,
'help':pcs(" unix", self.column_width,
"unix " + servName, self.consolewidth-self.column_width)
},
{'progAccess':(3,4,5,6,7,),
'helpChapter':_("Services"),
'help':pcs(" samba", self.column_width,
'help':pcs(" samba", self.column_width,
"samba " + servName, self.consolewidth-self.column_width)
},
{'progAccess':(0,1,2,3,4,5,6,7,),
'helpChapter':_("Services"),
'help':pcs(" mail", self.column_width,
'help':pcs(" mail", self.column_width,
"mail " + servName, self.consolewidth-self.column_width)
},
{'progAccess':(0,3,6,),
'helpChapter':_("Services"),
'help':pcs(" jabber", self.column_width,
"jabber " + servName, self.consolewidth-self.column_width)
},
##{'helpChapter':_("Services"),
##'help':" mail \t\t\tmail " + servName + "\n"
##},

89
pym/cl_vars_server.py
Unescape View File

@ -91,22 +91,6 @@ class Data:
soft_samba_netbios= {'mode':"r",
'type':('param','soft'),
}
#Настроен или нет сервис LDAP
soft_ldap_setup= {'mode':"w",
'type':('param','soft'),
}
#Настроен или нет сервис Unix
soft_unix_setup= {'mode':"w",
'type':('param','soft'),
}
#Настроен или нет сервис Samba
soft_samba_setup= {'mode':"w",
'type':('param','soft'),
}
#Настроен или нет сервис Mail
soft_mail_setup= {'mode':"w",
'type':('param','soft'),
}
#Логин LDAP пользователя
soft_ldap_user_login= {'mode':"w",
'type':('param','soft'),
@ -176,7 +160,15 @@ class Data:
soft_ldap_sevices_dn= {'mode':"r",
'type':('param','soft'),
}
#Настроен или нет сервис LDAP
soft_ldap_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#имя устанавливаемого сервиса
soft_ldap_setup_name= {'mode':"w",
'type':('param','soft'),
}
#-----------------------------------------------------
#Сервис Unix
#-----------------------------------------------------
@ -196,6 +188,11 @@ class Data:
soft_ldap_admin_unixpw_hash= {'mode':"r",
'type':('param','soft'),
}
#Настроен или нет сервис Unix
soft_unix_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#-----------------------------------------------------
#Сервис Samba
#-----------------------------------------------------
@ -215,6 +212,31 @@ class Data:
soft_ldap_admin_sambapw_hash= {'mode':"r",
'type':('param','soft'),
}
# Директория профилей
soft_ldap_samba_profile_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/profiles'
}
# Домашняя директория
soft_ldap_samba_home_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/home'
}
# Директория netlogon
soft_ldap_samba_netlogon_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/netlogon'
}
# Директория share
soft_ldap_samba_share_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/samba/share'
}
#Настроен или нет сервис Samba
soft_samba_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#-----------------------------------------------------
#Сервис Mail
#-----------------------------------------------------
@ -240,6 +262,39 @@ class Data:
soft_ldap_mail_relay = {'mode':"r",
'type':('param','soft'),
'value':'' }
# Директория хранения писем
soft_ldap_mail_path = {'mode':"r",
'type':('param','soft'),
'value':'/var/calculate/services/mail'}
#Настроен или нет сервис Mail
soft_mail_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#-----------------------------------------------------
#Сервис Jabber
#-----------------------------------------------------
#DN админстратора сервиса Jabber (он, же DN сервиса)
soft_ldap_admin_jabber= {'mode':"r",
'type':('param','soft'),
}
#имя админстратора сервиса Jabber
soft_ldap_admin_jabber_name= {'mode':"r",
'type':('param','soft'),
}
#пароль админстратора сервиса Jabber
soft_ldap_admin_jabberpw= {'mode':"r",
'type':('param','soft'),
}
#hash пароля админстратора сервиса Jabber
soft_ldap_admin_jabberpw_hash= {'mode':"r",
'type':('param','soft'),
}
#Настроен или нет сервис Jabber
soft_jabber_setup= {'mode':"w",
'type':('param','soft'),
'value':'no'
}
#-----------------------------------------------------
#Служебные переменные
#-----------------------------------------------------

6
scripts/cl-groupadd
Unescape View File

@ -45,6 +45,12 @@ if __name__ == "__main__":
if obj.addGroupMailServer(optObj.params['group'],
optObj.opt):
flagError = False
elif optObj.params['service'] == "jabber":
obj = cl_ldap.servJabber()
# Добавляем группу для сервиса Mail
if obj.addGroupJabberServer(optObj.params['group'],
optObj.opt):
flagError = False
if flagError:
sys.exit(1)

5
scripts/cl-setup
Unescape View File

@ -50,6 +50,11 @@ if __name__ == "__main__":
obj = cl_ldap.servMail()
if obj.setupMailServer(optObj.opt):
flagError = False
# Настройка сервера jabber
elif optObj.params['service'] == "jabber":
obj = cl_ldap.servJabber()
if obj.setupJabberServer(optObj.opt):
flagError = False
if flagError:
sys.exit(1)
else:

5
scripts/cl-useradd
Unescape View File

@ -47,6 +47,11 @@ if __name__ == "__main__":
obj = cl_ldap.servMail()
if obj.addUserMailServer(optObj.params['user'], optObj.opt):
flagError = False
elif optObj.params['service'] == "jabber":
# Добавляем Samba пользователя
obj = cl_ldap.servJabber()
if obj.addUserJabberServer(optObj.params['user'], optObj.opt):
flagError = False
if flagError:
sys.exit(1)
else:

13
setup.py
Unescape View File

@ -26,10 +26,14 @@ data_files = []
var_data_files = [("/var/calculate/profile/server",[]),
("/var/calculate/remote/profile",[]),
# services
("/var/calculate/services",[]),
# samba
("/var/calculate/share",[]),
("/var/calculate/winnt/profiles",[]),
("/var/calculate/winnt/netlogon",[]),
("/var/calculate/services/samba",[]),
("/var/calculate/services/samba/home",[]),
("/var/calculate/services/samba/share",[]),
("/var/calculate/services/samba/profiles",[]),
("/var/calculate/services/samba/netlogon",[]),
]
data_dirs_local = ['profile','ldif']
@ -128,6 +132,5 @@ setup(
"./scripts/cl-groupdel",
"./scripts/cl-passwd",
"./scripts/cl-setup",
"./scripts/cl-backup",
],
"./scripts/cl-backup",],
)

Write Preview
Loading…
Cancel
Save