|
|
|
@ -25,6 +25,8 @@ import cl_base
|
|
|
|
|
import cl_profile
|
|
|
|
|
# Для подсчета символов
|
|
|
|
|
import termios, fcntl, struct
|
|
|
|
|
# Ввод pwd
|
|
|
|
|
import getpass
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class iniLdapParser(cl_base.iniParser):
|
|
|
|
@ -65,6 +67,26 @@ class ldapFunction(cl_profile._error):
|
|
|
|
|
conLdap.simple_bind_s(dnUser, password)
|
|
|
|
|
return conLdap
|
|
|
|
|
|
|
|
|
|
def ldapSearch(self,baseDN, searchScope, searchFilter, retrieveAttributes):
|
|
|
|
|
try:
|
|
|
|
|
ldap_result_id = self.conLdap.search(baseDN, searchScope,
|
|
|
|
|
searchFilter,
|
|
|
|
|
retrieveAttributes)
|
|
|
|
|
result_set = []
|
|
|
|
|
while 1:
|
|
|
|
|
result_type, result_data = self.conLdap.result(ldap_result_id,
|
|
|
|
|
0)
|
|
|
|
|
if (result_data == []):
|
|
|
|
|
break
|
|
|
|
|
else:
|
|
|
|
|
if result_type == ldap.RES_SEARCH_ENTRY:
|
|
|
|
|
result_set.append(result_data)
|
|
|
|
|
except ldap.NO_SUCH_OBJECT:
|
|
|
|
|
return []
|
|
|
|
|
except:
|
|
|
|
|
return False
|
|
|
|
|
return result_set
|
|
|
|
|
|
|
|
|
|
def ldapAdd(self, strLdif):
|
|
|
|
|
"""Добавляем строку содержащую ldif в LDAP
|
|
|
|
|
|
|
|
|
@ -545,12 +567,14 @@ _("in the system") + ".\n"
|
|
|
|
|
ldifProfile = clProf.applyVarsProfile(ldifProfile)
|
|
|
|
|
return ldifProfile
|
|
|
|
|
|
|
|
|
|
def execProg(self, cmdStrProg):
|
|
|
|
|
def execProg(self, cmdStrProg, inStr=False):
|
|
|
|
|
"""Выполняет внешнюю программу
|
|
|
|
|
|
|
|
|
|
результат строка которую выведет внешняя программа
|
|
|
|
|
"""
|
|
|
|
|
fout, fin = popen2.popen2(cmdStrProg)
|
|
|
|
|
if inStr:
|
|
|
|
|
fin.write(inStr)
|
|
|
|
|
fin.close()
|
|
|
|
|
textLine = fout.readline()
|
|
|
|
|
fout.read()
|
|
|
|
@ -766,8 +790,8 @@ _("in the system") + ".\n"
|
|
|
|
|
clVars.flIniFile()
|
|
|
|
|
# прервать если была неудачная попытка установить новые параметры
|
|
|
|
|
# или были опция вывода на печать
|
|
|
|
|
if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
return ""
|
|
|
|
|
#if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
#return ""
|
|
|
|
|
# В случае если сервер установлен
|
|
|
|
|
if clVars.Get("soft_ldap_setup") == "yes" and\
|
|
|
|
|
not forceOptions:
|
|
|
|
@ -846,8 +870,8 @@ LDAP in backup directory")
|
|
|
|
|
clVars.flIniFile()
|
|
|
|
|
# прервать если была неудачная попытка установить новые параметры
|
|
|
|
|
# или были опция вывода на печать
|
|
|
|
|
if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
return ""
|
|
|
|
|
#if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
#return ""
|
|
|
|
|
if clVars.Get("soft_ldap_setup") != "yes":
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("LDAP server is not configured")+ ".")
|
|
|
|
@ -901,15 +925,16 @@ Samba in backup directory")
|
|
|
|
|
self.printOK(_("Samba service configured ..."))
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def addUserLdapServer(self, username, options):
|
|
|
|
|
def addUserLdapServer(self, username, options, clVars=False):
|
|
|
|
|
"""Добавляет LDAP пользователя в LDAP-сервер"""
|
|
|
|
|
clVars = cl_base.DataVars()
|
|
|
|
|
clVars.flServer()
|
|
|
|
|
clVars.flIniFile()
|
|
|
|
|
if not clVars:
|
|
|
|
|
clVars = cl_base.DataVars()
|
|
|
|
|
clVars.flServer()
|
|
|
|
|
clVars.flIniFile()
|
|
|
|
|
# прервать если была неудачная попытка установить новые параметры
|
|
|
|
|
# или были опция вывода на печать
|
|
|
|
|
if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
return ""
|
|
|
|
|
#if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
#return ""
|
|
|
|
|
userId = clVars.Get("soft_ldap_user_id")
|
|
|
|
|
if not userId:
|
|
|
|
|
clVars.Write("soft_ldap_user_id","1000")
|
|
|
|
@ -931,13 +956,23 @@ Samba in backup directory")
|
|
|
|
|
fullNameUser = options['c']
|
|
|
|
|
clVars.Set("soft_ldap_user_full_name",fullNameUser)
|
|
|
|
|
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
adminDn = ldapParser.getVar("admin","DN")
|
|
|
|
|
adminPw = ldapParser.getVar("admin","PASS")
|
|
|
|
|
ldapObj = ldapFunction(adminDn, adminPw)
|
|
|
|
|
|
|
|
|
|
userGid = userId
|
|
|
|
|
# Группа пользователя
|
|
|
|
|
if options.has_key('g'):
|
|
|
|
|
userGid = options['g']
|
|
|
|
|
if not self.searchLdapGroupId(userGid, ldapObj, clVars):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("not found in LDAP gid=" + userGid))
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
# Здесь доделать
|
|
|
|
|
self.addGroupLdapServer(username,{'g':userGid},clVars)
|
|
|
|
|
if not self.searchLdapGroupId(userGid, ldapObj, clVars):
|
|
|
|
|
self.addGroupLdapServer(username,{'g':userGid},clVars)
|
|
|
|
|
clVars.Set("soft_ldap_user_gid",userGid)
|
|
|
|
|
|
|
|
|
|
userShell = "/bin/bash"
|
|
|
|
@ -955,18 +990,16 @@ Samba in backup directory")
|
|
|
|
|
if userPwdHash:
|
|
|
|
|
userPwd = userPwdHash
|
|
|
|
|
else:
|
|
|
|
|
print _("ERROR") + ": " + _("create crypto password")
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("create crypto password"))
|
|
|
|
|
return False
|
|
|
|
|
clVars.Set("soft_ldap_user_pw_hash",userPwd)
|
|
|
|
|
|
|
|
|
|
ldifFile = "/usr/lib/calculate/calculate-server/ldif/ldap_user.ldif"
|
|
|
|
|
userLdif = self.createLdif(ldifFile, clVars)
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
adminDn = ldapParser.getVar("admin","DN")
|
|
|
|
|
adminPw = ldapParser.getVar("admin","PASS")
|
|
|
|
|
ldapObj = ldapFunction(adminDn, adminPw)
|
|
|
|
|
if not ldapObj.getError():
|
|
|
|
|
ldapObj.ldapAdd(userLdif)
|
|
|
|
|
# не переделывать на else
|
|
|
|
|
if ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
@ -984,8 +1017,8 @@ Samba in backup directory")
|
|
|
|
|
flagWriteGid = True
|
|
|
|
|
# прервать если была неудачная попытка установить новые параметры
|
|
|
|
|
# или были опция вывода на печать
|
|
|
|
|
if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
return ""
|
|
|
|
|
#if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
#return ""
|
|
|
|
|
clVars.Set("soft_ldap_group_name",groupname)
|
|
|
|
|
|
|
|
|
|
gid = clVars.Get("soft_ldap_group_id")
|
|
|
|
@ -1020,3 +1053,82 @@ Samba in backup directory")
|
|
|
|
|
if not options.has_key('g') or flagWriteGid:
|
|
|
|
|
clVars.Write("soft_ldap_group_id",str(int(gid)+1))
|
|
|
|
|
self.printOK(_("Add group ..."))
|
|
|
|
|
|
|
|
|
|
def searchLdapUser(self, username, ldapObj, clVars):
|
|
|
|
|
"""Находит пользователя сервиса LDAP"""
|
|
|
|
|
baseDN = "ou=Users,%s"\
|
|
|
|
|
% clVars.Get("soft_ldap_base")
|
|
|
|
|
#searchScope = ldap.SCOPE_SUBTREE
|
|
|
|
|
searchScope = ldap.SCOPE_ONELEVEL
|
|
|
|
|
searchFilter = "uid=%s" %(username)
|
|
|
|
|
retrieveAttributes = None
|
|
|
|
|
resSearch = ldapObj.ldapSearch(baseDN, searchScope,
|
|
|
|
|
searchFilter, retrieveAttributes)
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
|
def searchLdapGroupName(self, groupName, ldapObj, clVars):
|
|
|
|
|
"""Находит группу сервиса LDAP по её имени"""
|
|
|
|
|
baseDN = "ou=Groups,%s"\
|
|
|
|
|
% clVars.Get("soft_ldap_base")
|
|
|
|
|
#searchScope = ldap.SCOPE_SUBTREE
|
|
|
|
|
searchScope = ldap.SCOPE_ONELEVEL
|
|
|
|
|
searchFilter = "cn=%s" %(groupName)
|
|
|
|
|
retrieveAttributes = None
|
|
|
|
|
resSearch = ldapObj.ldapSearch(baseDN, searchScope,
|
|
|
|
|
searchFilter, retrieveAttributes)
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
|
def searchLdapGroupId(self, groupId, ldapObj, clVars):
|
|
|
|
|
"""Находит группу сервиса LDAP по ёе id"""
|
|
|
|
|
baseDN = "ou=Groups,%s"\
|
|
|
|
|
% clVars.Get("soft_ldap_base")
|
|
|
|
|
#searchScope = ldap.SCOPE_SUBTREE
|
|
|
|
|
searchScope = ldap.SCOPE_ONELEVEL
|
|
|
|
|
searchFilter = "gidNumber=%s" %(str(groupId))
|
|
|
|
|
retrieveAttributes = None
|
|
|
|
|
resSearch = ldapObj.ldapSearch(baseDN, searchScope,
|
|
|
|
|
searchFilter, retrieveAttributes)
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def addUserSambaServer(self, username, options):
|
|
|
|
|
"""Добавляет LDAP пользователя в LDAP-сервер"""
|
|
|
|
|
clVars = cl_base.DataVars()
|
|
|
|
|
clVars.flServer()
|
|
|
|
|
clVars.flIniFile()
|
|
|
|
|
# прервать если была неудачная попытка установить новые параметры
|
|
|
|
|
# или были опция вывода на печать
|
|
|
|
|
#if not options['s']:
|
|
|
|
|
#if not self.processOptionsForDatavars(options,clVars):
|
|
|
|
|
#return ""
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
adminDn = ldapParser.getVar("admin","DN")
|
|
|
|
|
adminPw = ldapParser.getVar("admin","PASS")
|
|
|
|
|
ldapObj = ldapFunction(adminDn, adminPw)
|
|
|
|
|
resSearch = self.searchLdapUser(username, ldapObj, clVars)
|
|
|
|
|
userPwd = ""
|
|
|
|
|
# пароль пользователя
|
|
|
|
|
if options.has_key('p'):
|
|
|
|
|
userPwd = options['p']
|
|
|
|
|
if userPwd:
|
|
|
|
|
if not resSearch:
|
|
|
|
|
self.addUserLdapServer(username, options, clVars)
|
|
|
|
|
textLine = self.execProg("smbpasswd -a -s %s" %(username),
|
|
|
|
|
"%s\n%s\n" %(userPwd,userPwd))
|
|
|
|
|
if "Added" in textLine:
|
|
|
|
|
self.printOK(_("Add user in samba service ..."))
|
|
|
|
|
else:
|
|
|
|
|
pwdA = getpass.getpass(_("New SMB password")+":")
|
|
|
|
|
pwdB = getpass.getpass(_("Retype new SMB password")+":")
|
|
|
|
|
if not (pwdA == pwdB):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("password incorrect")+ ": " + _("try again"))
|
|
|
|
|
return False
|
|
|
|
|
userPwd = pwdA
|
|
|
|
|
if not resSearch:
|
|
|
|
|
options['p'] = userPwd
|
|
|
|
|
self.addUserLdapServer(username, options, clVars)
|
|
|
|
|
textLine = self.execProg("smbpasswd -a -s %s" %(username),
|
|
|
|
|
"%s\n%s\n" %(userPwd,userPwd))
|
|
|
|
|
if "Added" in textLine:
|
|
|
|
|
self.printOK(_("Add user in samba service ..."))
|