|
|
|
@ -70,9 +70,9 @@ class iniLdapParser(cl_base.iniParser):
|
|
|
|
|
cl_base.iniParser.__init__(self,nameIniFile)
|
|
|
|
|
# права создаваемого ini-файла
|
|
|
|
|
self.setMode(0600)
|
|
|
|
|
pathIniFile = os.path.split(nameIniFile)[0]
|
|
|
|
|
if not os.path.exists(pathIniFile):
|
|
|
|
|
os.makedirs(pathIniFile)
|
|
|
|
|
self.pathIniFile = os.path.split(nameIniFile)[0]
|
|
|
|
|
if not os.path.exists(self.pathIniFile):
|
|
|
|
|
os.makedirs(self.pathIniFile)
|
|
|
|
|
|
|
|
|
|
class addLdif(LDIFParser):
|
|
|
|
|
"""Класс необходимый для добавления записей в LDAP"""
|
|
|
|
@ -337,6 +337,8 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
def deleteDN(self, relDelDN):
|
|
|
|
|
"""Удаляет DN и все внутренние элементы"""
|
|
|
|
|
delDN = self.addDN(relDelDN, self.baseDN)
|
|
|
|
|
print "delDN", delDN
|
|
|
|
|
print self.conLdap
|
|
|
|
|
delListDN=[]
|
|
|
|
|
try:
|
|
|
|
|
dnList = self.conLdap.search_s(delDN,
|
|
|
|
@ -806,7 +808,7 @@ class servUnix(shareLdap):
|
|
|
|
|
if options.has_key('p'):
|
|
|
|
|
sys.stdout.write(gid)
|
|
|
|
|
else:
|
|
|
|
|
self.printSUCCESS(_("Add group ..."))
|
|
|
|
|
self.printSUCCESS(_("Add group in unix service") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
@ -1006,7 +1008,7 @@ class servUnix(shareLdap):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " + _("create HOME dir"))
|
|
|
|
|
return False
|
|
|
|
|
self.printSUCCESS(_("Create home dir")+ " " + homeDir + " ...")
|
|
|
|
|
self.printSUCCESS(_("Add user ..."))
|
|
|
|
|
self.printSUCCESS(_("Add user in unix service") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def addUserGroupUnix(self, users, groupName):
|
|
|
|
@ -1539,67 +1541,6 @@ class servUnix(shareLdap):
|
|
|
|
|
groupDN = self.addDN("cn="+groupName, self.relGroupsDN)
|
|
|
|
|
return self.modAttrsDN(groupDN, modAttrs)
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
def backupUnixServer(self, options):
|
|
|
|
|
ldifText = self.fullElementDNtoText(self.relDN)
|
|
|
|
|
if not ldifText:
|
|
|
|
|
self.printError("Not found or empty service Unix DN")
|
|
|
|
|
return False
|
|
|
|
|
tmpListFile = "/tmp/listUnixFiles.txt"
|
|
|
|
|
archLdifFile = "/tmp/unix.ldif"
|
|
|
|
|
tmpArchFile = "/tmp/archiv.tar.bz2"
|
|
|
|
|
backupDirectory = "/var/calculate/backup/CDS/unix"
|
|
|
|
|
backupFile = "archiv.tar.bz2"
|
|
|
|
|
if os.path.exists(tmpArchFile):
|
|
|
|
|
os.remove(tmpArchFile)
|
|
|
|
|
if os.path.exists(archLdifFile):
|
|
|
|
|
os.remove(archLdifFile)
|
|
|
|
|
if os.path.exists(tmpListFile):
|
|
|
|
|
os.remove(tmpListFile)
|
|
|
|
|
FD = open (archLdifFile, "w+")
|
|
|
|
|
FD.write(ldifText)
|
|
|
|
|
FD.close()
|
|
|
|
|
profilePath = self.clVars.Get("setup_path_profinstall")
|
|
|
|
|
servicePath = os.path.join(profilePath[0],'unix')
|
|
|
|
|
fileObj = cl_profile._file()
|
|
|
|
|
dirObjs = fileObj.scanDirs([servicePath])
|
|
|
|
|
dirObj = dirObjs[0]
|
|
|
|
|
tmpArchFiles = ""
|
|
|
|
|
for fileProfile in dirObj.files:
|
|
|
|
|
path = fileProfile.split(servicePath)[1]
|
|
|
|
|
tmpArchFiles += path + "\n"
|
|
|
|
|
tmpArchFiles += archLdifFile + "\n"
|
|
|
|
|
FDtmp = open (tmpListFile, "w+")
|
|
|
|
|
FDtmp.write(tmpArchFiles)
|
|
|
|
|
FDtmp.close()
|
|
|
|
|
self.execProg("tar --files-from=%s -cjf %s"\
|
|
|
|
|
%(tmpListFile,tmpArchFile))
|
|
|
|
|
if os.path.exists(tmpArchFile):
|
|
|
|
|
if not os.path.exists(backupDirectory):
|
|
|
|
|
try:
|
|
|
|
|
os.makedirs(backupDirectory)
|
|
|
|
|
except os.IOError:
|
|
|
|
|
self.printERROR(_("Not create directory:") + " " +\
|
|
|
|
|
str(backupDirectory))
|
|
|
|
|
return False
|
|
|
|
|
FDO = open (tmpArchFile, "r")
|
|
|
|
|
archData = FDO.read()
|
|
|
|
|
FDO.close()
|
|
|
|
|
bFile = os.path.join(backupDirectory, backupFile)
|
|
|
|
|
FDtmp = open (bFile, "w+")
|
|
|
|
|
FDtmp.write(archData)
|
|
|
|
|
FDtmp.close()
|
|
|
|
|
if os.path.exists(bFile):
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not move archive file:") + " " +\
|
|
|
|
|
str(tmpArchFile) + " " + str(bFile))
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not create archive file:") + " " +\
|
|
|
|
|
str(tmpArchFile))
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
def setupUnixServer(self, options):
|
|
|
|
@ -1746,7 +1687,13 @@ class servSamba(shareLdap):
|
|
|
|
|
return False
|
|
|
|
|
resSearch = self.servUnixObj.searchUnixUser(userName)
|
|
|
|
|
if not resSearch:
|
|
|
|
|
resSearch = self.servUnixObj.searchPasswdUser(userName)
|
|
|
|
|
# Cоздание пользователя Unix
|
|
|
|
|
if options.has_key('f'):
|
|
|
|
|
resSearch = self.servUnixObj.searchPasswdUser(userName)
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not found user") + " " + str(userName) +\
|
|
|
|
|
" " + _("in unix service" + " ..."))
|
|
|
|
|
return False
|
|
|
|
|
if self.searchSambaUser(userName):
|
|
|
|
|
self.printERROR(_("Samba user exists"))
|
|
|
|
|
return False
|
|
|
|
@ -1777,12 +1724,12 @@ class servSamba(shareLdap):
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def searchSambaUser(self, userName):
|
|
|
|
|
"""Находит пользователя сервиса Unix"""
|
|
|
|
|
"""Находит пользователя сервиса Samba"""
|
|
|
|
|
resSearch = self.searchLdapDN(userName, self.relUsersDN, "uid")
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
|
def searchSambaMachine(self, machineName):
|
|
|
|
|
"""Находит пользователя сервиса Unix"""
|
|
|
|
|
"""Находит машину (компьютер) сервиса Samba"""
|
|
|
|
|
resSearch = self.searchLdapDN(machineName, self.relComputersDN, "uid")
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
@ -2017,12 +1964,329 @@ class servLdap(shareLdap):
|
|
|
|
|
def __init__(self):
|
|
|
|
|
shareLdap.__init__(self)
|
|
|
|
|
self.ldifFileBase =\
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/ldap_base.ldif"
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/ldap_base.ldif"
|
|
|
|
|
# Для backup
|
|
|
|
|
# Директория куда будет сохранен архив
|
|
|
|
|
self.backupDirectory = "/var/calculate/backup/LDAP"
|
|
|
|
|
# ldif файл базы LDAP
|
|
|
|
|
self.archLdifFile = "/tmp/LDAP_DATABASE.ldif"
|
|
|
|
|
# приватная директория Samba
|
|
|
|
|
self.sambaPrivate = "/var/lib/samba/private"
|
|
|
|
|
# название файла где будет храниться список архивируемых файлов
|
|
|
|
|
self.tmpListFile = "/tmp/list_CDS_files.txt"
|
|
|
|
|
# Все сервисы ldap должен быть последним
|
|
|
|
|
self.allServices = ["samba","ldap"]
|
|
|
|
|
|
|
|
|
|
def savePrivateFile(self, fileName, data):
|
|
|
|
|
"""Записать файл с правами 0600"""
|
|
|
|
|
try:
|
|
|
|
|
FD = open (fileName, "w+")
|
|
|
|
|
FD.close()
|
|
|
|
|
os.chmod(fileName,0600)
|
|
|
|
|
FD = open (fileName, "w+")
|
|
|
|
|
FD.write(data)
|
|
|
|
|
FD.close()
|
|
|
|
|
except:
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def getServiceSetupPathProfiles(self):
|
|
|
|
|
"""находим пути к профилям установленных сервисов
|
|
|
|
|
|
|
|
|
|
Выдаем два списка ([пути к профилям сервисов],[установленные сервисы])
|
|
|
|
|
"""
|
|
|
|
|
servicePaths = []
|
|
|
|
|
servInstalled = []
|
|
|
|
|
# путь к директории профилей
|
|
|
|
|
profilePath = self.clVars.Get("setup_path_profinstall")[0]
|
|
|
|
|
if self.clVars.Get("soft_ldap_setup") == "yes":
|
|
|
|
|
serv = "ldap"
|
|
|
|
|
servicePaths.append(os.path.join(profilePath,serv))
|
|
|
|
|
servInstalled.append(serv)
|
|
|
|
|
if self.clVars.Get("soft_unix_setup") == "yes":
|
|
|
|
|
serv = "unix"
|
|
|
|
|
servicePaths.append(os.path.join(profilePath,serv))
|
|
|
|
|
servInstalled.append(serv)
|
|
|
|
|
if self.clVars.Get("soft_samba_setup") == "yes":
|
|
|
|
|
serv = "samba"
|
|
|
|
|
servicePaths.append(os.path.join(profilePath,serv))
|
|
|
|
|
servInstalled.append(serv)
|
|
|
|
|
return (servicePaths, servInstalled)
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
def backupServer(self):
|
|
|
|
|
"""Сохраняет настройки установленных сервисов и базу LDAP"""
|
|
|
|
|
# создаем директорию backup-а
|
|
|
|
|
if not os.path.exists(self.backupDirectory):
|
|
|
|
|
try:
|
|
|
|
|
os.makedirs(self.backupDirectory)
|
|
|
|
|
except os.IOError:
|
|
|
|
|
self.printERROR(_("Not create directory:") + " " +\
|
|
|
|
|
str(self.backupDirectory))
|
|
|
|
|
return False
|
|
|
|
|
# получаем ldif текст всей базы LDAP
|
|
|
|
|
ldifText = self.fullElementDNtoText("")
|
|
|
|
|
if not ldifText:
|
|
|
|
|
self.printError("Not found or empty service Unix DN")
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
# генерируем название файла архива
|
|
|
|
|
strData = time.strftime("%Y%m%d%H%M%S",time.localtime(time.time()))
|
|
|
|
|
backupFile = "%s.tar.bz2" %strData
|
|
|
|
|
# удаляем если существуют ldif файл базы LDAP и файл список
|
|
|
|
|
if os.path.exists(self.archLdifFile):
|
|
|
|
|
os.remove(self.archLdifFile)
|
|
|
|
|
if os.path.exists(self.tmpListFile):
|
|
|
|
|
os.remove(self.tmpListFile)
|
|
|
|
|
# находим пути к профилям установленных сервисов
|
|
|
|
|
servicePaths, servInstalled = self.getServiceSetupPathProfiles()
|
|
|
|
|
if not servicePaths:
|
|
|
|
|
self.printError("Services are not installed")
|
|
|
|
|
return False
|
|
|
|
|
# Все файлы которые нужно заархивировать
|
|
|
|
|
allArchFiles = []
|
|
|
|
|
fileObj = cl_profile._file()
|
|
|
|
|
dirObjs = fileObj.scanDirs(servicePaths)
|
|
|
|
|
i = 0
|
|
|
|
|
for dirObj in dirObjs:
|
|
|
|
|
for fileProfile in dirObj.files:
|
|
|
|
|
archFile = fileProfile.split(servicePaths[i])[1]
|
|
|
|
|
allArchFiles.append(archFile)
|
|
|
|
|
i += 1
|
|
|
|
|
scanPrivDirs = []
|
|
|
|
|
if "ldap" in servInstalled:
|
|
|
|
|
# Получаем путь к ini директории
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
iniPath = ldapParser.pathIniFile
|
|
|
|
|
scanPrivDirs.append(iniPath)
|
|
|
|
|
if "samba" in servInstalled:
|
|
|
|
|
scanPrivDirs.append(self.sambaPrivate)
|
|
|
|
|
if scanPrivDirs:
|
|
|
|
|
dirObjs = fileObj.scanDirs(scanPrivDirs)
|
|
|
|
|
for dirObj in dirObjs:
|
|
|
|
|
for archFile in dirObj.files:
|
|
|
|
|
allArchFiles.append(archFile)
|
|
|
|
|
allArchFiles.append(self.archLdifFile)
|
|
|
|
|
allArchFiles = self.unicList(allArchFiles)
|
|
|
|
|
# Сохраняем файл список архивируемых файлов
|
|
|
|
|
if not self.savePrivateFile (self.tmpListFile,
|
|
|
|
|
"\n".join(allArchFiles)):
|
|
|
|
|
self.printERROR(_("Not create list archive files") + ": " +\
|
|
|
|
|
str(self.tmpListFile))
|
|
|
|
|
return False
|
|
|
|
|
# Сохраняем ldif-файл базы LDAP
|
|
|
|
|
if not self.savePrivateFile(self.archLdifFile, ldifText):
|
|
|
|
|
self.printERROR(_("Not create ldif file") + ": " +\
|
|
|
|
|
str(self.archLdifFile))
|
|
|
|
|
return False
|
|
|
|
|
bFile = os.path.join(self.backupDirectory, backupFile)
|
|
|
|
|
self.execProg("tar --files-from=%s -cjf %s"\
|
|
|
|
|
%(self.tmpListFile, bFile))
|
|
|
|
|
if os.path.exists(self.archLdifFile):
|
|
|
|
|
os.remove(self.archLdifFile)
|
|
|
|
|
if os.path.exists(self.tmpListFile):
|
|
|
|
|
os.remove(self.tmpListFile)
|
|
|
|
|
if os.path.exists(bFile):
|
|
|
|
|
os.chmod(bFile,0600)
|
|
|
|
|
self.printSUCCESS(_("Create archive file:") + " " +\
|
|
|
|
|
str(bFile))
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not create archive file:") + " " +\
|
|
|
|
|
str(bFile))
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def backupLdapServer(self, options):
|
|
|
|
|
print self.fullElementDNtoText('')
|
|
|
|
|
# надо доделать
|
|
|
|
|
if not options or (options and options.has_key("b")):
|
|
|
|
|
return self.backupServer()
|
|
|
|
|
if options.has_key("r"):
|
|
|
|
|
return self.restoreServer()
|
|
|
|
|
|
|
|
|
|
def stopServices(self, servInstalled):
|
|
|
|
|
"""Останавливает все сервисы поданные на вход"""
|
|
|
|
|
flagError = False
|
|
|
|
|
flagLdap = False
|
|
|
|
|
for service in servInstalled:
|
|
|
|
|
if service == "unix" or service == "ldap":
|
|
|
|
|
flagLdap = True
|
|
|
|
|
continue
|
|
|
|
|
if self.getRunService(service):
|
|
|
|
|
stopService = service
|
|
|
|
|
textLine = self.execProg("/etc/init.d/%s stop" %(stopService))
|
|
|
|
|
if not ("ok" in textLine):
|
|
|
|
|
self.printERROR(_("Service") + " " + str(service) + " " +\
|
|
|
|
|
_("not stopped"))
|
|
|
|
|
flagError = True
|
|
|
|
|
if flagLdap:
|
|
|
|
|
if self.getRunService('ldap'):
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd stop")
|
|
|
|
|
if not ("ok" in textLine):
|
|
|
|
|
self.printERROR(_("Service") + " ldap " +\
|
|
|
|
|
_("not stopped"))
|
|
|
|
|
flagError = True
|
|
|
|
|
if flagError:
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def startAllSetupServices(self):
|
|
|
|
|
"""Запускаем все работающие установленные сервисы"""
|
|
|
|
|
# находим установленные сервисы
|
|
|
|
|
servicePaths, servInstalled = self.getServiceSetupPathProfiles()
|
|
|
|
|
flagError = False
|
|
|
|
|
if 'ldap' in servInstalled:
|
|
|
|
|
if not self.getRunService('ldap'):
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd start")
|
|
|
|
|
if not ("ok" in textLine):
|
|
|
|
|
self.printERROR(_("Service") + " ldap " +\
|
|
|
|
|
_("not started"))
|
|
|
|
|
flagError = True
|
|
|
|
|
for service in servInstalled:
|
|
|
|
|
if service == "unix" or service == "ldap":
|
|
|
|
|
continue
|
|
|
|
|
if not self.getRunService(service):
|
|
|
|
|
startService = service
|
|
|
|
|
textLine = self.execProg("/etc/init.d/%s start"\
|
|
|
|
|
%(startService))
|
|
|
|
|
if not ("ok" in textLine):
|
|
|
|
|
self.printERROR(_("Service") + " "+ str(service) + " " +\
|
|
|
|
|
_("not started"))
|
|
|
|
|
flagError = True
|
|
|
|
|
if flagError:
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def restoreServer(self):
|
|
|
|
|
"""Восстанавливает все установленные сервисы"""
|
|
|
|
|
if not os.path.exists(self.backupDirectory):
|
|
|
|
|
self.printERROR(_("Not found backup path") + ": " +\
|
|
|
|
|
str(self.backupDirectory))
|
|
|
|
|
return False
|
|
|
|
|
# Получаем номер архивного файла
|
|
|
|
|
archFiles = os.listdir(self.backupDirectory)
|
|
|
|
|
maxFileNumber = 0
|
|
|
|
|
for archFile in archFiles:
|
|
|
|
|
numbTxt = archFile.split(".")[0]
|
|
|
|
|
try:
|
|
|
|
|
numb = int(numbTxt)
|
|
|
|
|
except:
|
|
|
|
|
continue
|
|
|
|
|
if maxFileNumber<numb:
|
|
|
|
|
maxFileNumber = numb
|
|
|
|
|
if not maxFileNumber:
|
|
|
|
|
self.printERROR(_("Not found backup file") + " ...")
|
|
|
|
|
return False
|
|
|
|
|
archFile = str(maxFileNumber) + ".tar.bz2"
|
|
|
|
|
# Название файла с аривом
|
|
|
|
|
bFile = os.path.join(self.backupDirectory, archFile)
|
|
|
|
|
if not os.path.exists(bFile):
|
|
|
|
|
self.printERROR(_("Not found backup file") + ": " +\
|
|
|
|
|
str(bFile))
|
|
|
|
|
return False
|
|
|
|
|
# останавливаем сервисы
|
|
|
|
|
self.stopServices(self.allServices)
|
|
|
|
|
# Удаляем старую базу данных
|
|
|
|
|
self.removeLdapDatabase()
|
|
|
|
|
# Создаем объект переменных clVars
|
|
|
|
|
self.createClVars()
|
|
|
|
|
# Накладываем профили (берем из папки backup)
|
|
|
|
|
if not self.applyProfilesFromService("backup"):
|
|
|
|
|
self.printERROR(_("Not apply profiles: backup"))
|
|
|
|
|
return False
|
|
|
|
|
# Запускаем LDAP сервер
|
|
|
|
|
if not self.runLdapServer():
|
|
|
|
|
return False
|
|
|
|
|
# Соединяемся с LDAP временным пользователем
|
|
|
|
|
if not self.connectLdapServer():
|
|
|
|
|
return False
|
|
|
|
|
# Cписок разахивированных файлов (файл ldif)
|
|
|
|
|
allArchFiles = [self.archLdifFile[1:]]
|
|
|
|
|
if os.path.exists(self.tmpListFile):
|
|
|
|
|
os.remove(self.tmpListFile)
|
|
|
|
|
# Сохраняем файл - список извлекаемых файлов (файл ldif)
|
|
|
|
|
if not self.savePrivateFile (self.tmpListFile,
|
|
|
|
|
"\n".join(allArchFiles)):
|
|
|
|
|
self.printERROR(_("Not create list extract files") + ": " +\
|
|
|
|
|
str(self.tmpListFile))
|
|
|
|
|
return False
|
|
|
|
|
# Распаковываем ldif файл
|
|
|
|
|
if not (self.execProg("tar -C / --files-from=%s -xjf %s"\
|
|
|
|
|
%(self.tmpListFile, bFile)) == None):
|
|
|
|
|
self.printERROR(_("Not extract archive1") + ": " + str(bFile))
|
|
|
|
|
return False
|
|
|
|
|
if not os.path.exists(self.archLdifFile):
|
|
|
|
|
self.printERROR(_("Not found ldif file") + " :" +\
|
|
|
|
|
str(self.archLdifFile))
|
|
|
|
|
return False
|
|
|
|
|
# Читаем ldif файл
|
|
|
|
|
FD = open (self.archLdifFile, "r")
|
|
|
|
|
ldif = FD.read()
|
|
|
|
|
FD.close()
|
|
|
|
|
# Добавляем в базу из ldif
|
|
|
|
|
self.ldapObj.ldapAdd(ldif)
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
|
# Распаковываем целиком архив
|
|
|
|
|
if not (self.execProg("tar -C / -xjf %s"\
|
|
|
|
|
%(bFile)) == None):
|
|
|
|
|
self.printERROR(_("Not extract archive") + ": " + str(bFile))
|
|
|
|
|
return False
|
|
|
|
|
# Удаляем временные файлы
|
|
|
|
|
if os.path.exists(self.tmpListFile):
|
|
|
|
|
os.remove(self.tmpListFile)
|
|
|
|
|
if os.path.exists(self.archLdifFile):
|
|
|
|
|
os.remove(self.archLdifFile)
|
|
|
|
|
if not self.startAllSetupServices():
|
|
|
|
|
return False
|
|
|
|
|
self.printOK(_("Restore all installed services") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def applyProfilesFromService(self, service="ldap"):
|
|
|
|
|
"""Применяем профили для данного сервиса"""
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию
|
|
|
|
|
# service для файлов профилей
|
|
|
|
|
clProf = cl_profile.profile(self.clVars,service)
|
|
|
|
|
# Объединяем профили
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
if clProf.getError():
|
|
|
|
|
self.printERROR(clProf.getError())
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def removeLdapDatabase(self):
|
|
|
|
|
"""Удаляем предыдущую базу данных"""
|
|
|
|
|
self.execProg("rm -rf /var/lib/openldap-data/*")
|
|
|
|
|
self.printOK(_("Remove previons LDAP Database ..."))
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def runLdapServer(self, opt = "start"):
|
|
|
|
|
"""Запускает LDAP сервер"""
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd %s" %(opt))
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK(_("LDAP start ..."))
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK(_("LDAP start ..."))
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def connectLdapServer(self):
|
|
|
|
|
"""Соединяемся с LDAP сервером
|
|
|
|
|
|
|
|
|
|
используем DN и пароль временного админстратора
|
|
|
|
|
"""
|
|
|
|
|
self.ldapObj = ldapFunction(self.clVars.Get("soft_ldap_admin_tmp"),
|
|
|
|
|
self.clVars.Get("soft_ldap_adminpw_tmp"))
|
|
|
|
|
self.conLdap = self.ldapObj.conLdap
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
self.printERROR(_("Not connected in LDAP server") + " ...")
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def setupLdapServer(self, options):
|
|
|
|
|
"""Начальная настройка LDAP сервиса"""
|
|
|
|
@ -2046,50 +2310,45 @@ class servLdap(shareLdap):
|
|
|
|
|
LDAP in backup directory")
|
|
|
|
|
print "3. " + _("Restart the program")
|
|
|
|
|
return True
|
|
|
|
|
#self.setParamIniFile("setup_LDAP","no")
|
|
|
|
|
|
|
|
|
|
# Получем путь к ini файлу
|
|
|
|
|
iniFile = "/" + self.clVars.Get("sys_calculate_ini")
|
|
|
|
|
# Удаляем ini файл
|
|
|
|
|
if os.path.exists(iniFile):
|
|
|
|
|
os.remove(iniFile)
|
|
|
|
|
self.clVars.Write("soft_ldap_setup","no")
|
|
|
|
|
# Для тестовых целей устанавливаем директорию инсталяции
|
|
|
|
|
#clVars.Set("setup_path_install","/tmp/test1/")
|
|
|
|
|
# Устанавливаем переменную (говорит о том что первый проход)
|
|
|
|
|
# Первый проход
|
|
|
|
|
self.clVars.Set("setup_pass_parser","1",True)
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию ldap для
|
|
|
|
|
# файлов профилей
|
|
|
|
|
clProf = cl_profile.profile(self.clVars,"ldap")
|
|
|
|
|
# Объединяем профили
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
# Удаляем предыдущую базу данных
|
|
|
|
|
self.execProg("rm -rf /var/lib/openldap-data/*")
|
|
|
|
|
self.printOK(_("Remove previons LDAP Database ..."))
|
|
|
|
|
if not self.applyProfilesFromService():
|
|
|
|
|
self.printERROR(_("Not apply profiles: one pass"))
|
|
|
|
|
return False
|
|
|
|
|
# Удаляем старую базу данных
|
|
|
|
|
self.removeLdapDatabase()
|
|
|
|
|
# Запускаем LDAP сервер
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd start")
|
|
|
|
|
ldifFile = self.ldifFileBase
|
|
|
|
|
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK(_("LDAP start ..."))
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK(_("LDAP start ..."))
|
|
|
|
|
if not self.runLdapServer():
|
|
|
|
|
return False
|
|
|
|
|
baseLdif = self.createLdif(ldifFile)
|
|
|
|
|
#print baseLdif
|
|
|
|
|
#clVars.printVars()
|
|
|
|
|
self.ldapObj = ldapFunction(self.clVars.Get("soft_ldap_admin_tmp"),
|
|
|
|
|
self.clVars.Get("soft_ldap_adminpw_tmp"))
|
|
|
|
|
# Соединяемся с LDAP временным пользователем
|
|
|
|
|
if not self.connectLdapServer():
|
|
|
|
|
return False
|
|
|
|
|
# Получаем текст нужного ldif-a
|
|
|
|
|
baseLdif = self.createLdif(self.ldifFileBase)
|
|
|
|
|
# Если нет ошибок при соединении применяем ldif
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
|
self.ldapObj.ldapAdd(baseLdif)
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
|
self.printOK(_("Add ldif file ..."))
|
|
|
|
|
# Удаляем временного пользователя root из конфигурационного файла
|
|
|
|
|
# Второй проход,
|
|
|
|
|
# удаляем временного пользователя root из конфигурационного файла
|
|
|
|
|
self.clVars.Set("setup_pass_parser","2",True)
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
if not self.applyProfilesFromService():
|
|
|
|
|
self.printERROR(_("Not apply profiles: two pass"))
|
|
|
|
|
return False
|
|
|
|
|
# Перезапускаем LDAP сервер
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd restart")
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK(_("LDAP configure and restart ..."))
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK(_("LDAP configure and restart ..."))
|
|
|
|
|
if not self.runLdapServer("restart"):
|
|
|
|
|
return False
|
|
|
|
|
# Записываем данные администратора сервера
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
ldapParser.setVar("admin",
|
|
|
|
|
{"DN":self.clVars.Get("soft_ldap_admin"),
|
|
|
|
@ -2097,8 +2356,6 @@ LDAP in backup directory")
|
|
|
|
|
self.clVars.Write("soft_ldap_setup","yes")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class cl_ldap(shareLdap):
|
|
|
|
|
"""Основной класс для работы с LDAP"""
|
|
|
|
|
def __init__(self, cmdName):
|
|
|
|
@ -2106,26 +2363,7 @@ class cl_ldap(shareLdap):
|
|
|
|
|
|
|
|
|
|
# объект для форматированного вывода
|
|
|
|
|
imp_cl_help.__init__(self, cmdName)
|
|
|
|
|
# Базовый DN всех сервисов относительно базового DN
|
|
|
|
|
self.servicesRelDN = "ou=Services"
|
|
|
|
|
# Базовый DN Samba сервиса относительно DN сервисов
|
|
|
|
|
self.sambaDN = "ou=Samba"
|
|
|
|
|
# Базовый DN Unix сервиса относительно DN сервисов
|
|
|
|
|
self.unixDN = "ou=Unix"
|
|
|
|
|
# Базовый DN Samba сервиса относительно базового DN
|
|
|
|
|
self.sambaRelDN = "%s,%s" %(self.sambaDN, self.servicesRelDN)
|
|
|
|
|
# Базовый DN Samba сервиса относительно базового DN
|
|
|
|
|
self.unixRelDN = "%s,%s" %(self.unixDN, self.servicesRelDN)
|
|
|
|
|
# Основная группа пользователей LDAP
|
|
|
|
|
self.nameBaseGroup = "Services"
|
|
|
|
|
# Связь сервисов и отностельных DN
|
|
|
|
|
self.relServDn = {'unix':self.unixRelDN,
|
|
|
|
|
'samba':self.sambaRelDN}
|
|
|
|
|
# Алгоритм шифрования пароля для LDAP пользователя
|
|
|
|
|
self.userCrypt = "{SSHA}"
|
|
|
|
|
|
|
|
|
|
# ini файл
|
|
|
|
|
self.iniFile = "/etc/calculate2/calculate.ini"
|
|
|
|
|
servName = ""
|
|
|
|
|
if "user" in cmdName:
|
|
|
|
|
servName = _("user")
|
|
|
|
@ -2340,6 +2578,12 @@ group already exists")
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("use password for the user account (from standart input)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"f",
|
|
|
|
|
'longOption':"force",
|
|
|
|
|
'helpChapter':_("Service Samba options"),
|
|
|
|
|
'help':_("create unix user account and samba user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"p",
|
|
|
|
|
'longOption':"password",
|
|
|
|
@ -2482,6 +2726,19 @@ group already exists")
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("unlock the named account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(8,),
|
|
|
|
|
'shortOption':"b",
|
|
|
|
|
'longOption':"backup",
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("backup service configuration files and LDAP branch \
|
|
|
|
|
(default option)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(8,),
|
|
|
|
|
'shortOption':"r",
|
|
|
|
|
'longOption':"restore",
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("restore service configuration files and LDAP branch")
|
|
|
|
|
},
|
|
|
|
|
#{'progAccess':(0,1,2,4,5,6),
|
|
|
|
|
#'shortOption':"s",
|
|
|
|
|
#'longOption':"set",
|
|
|
|
@ -2496,16 +2753,18 @@ group already exists")
|
|
|
|
|
#'help':_("show enviroment values (filter for type, all - no filter)")
|
|
|
|
|
#},
|
|
|
|
|
# Services
|
|
|
|
|
{'progAccess':(6,8),
|
|
|
|
|
{'progAccess':(6,),
|
|
|
|
|
'helpChapter':_("Services"),
|
|
|
|
|
'help':pcs(" ldap", self.column_width,
|
|
|
|
|
"ldap " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
{'helpChapter':_("Services"),
|
|
|
|
|
|
|
|
|
|
{'progAccess':(0,1,2,3,4,5,6,7,),
|
|
|
|
|
'helpChapter':_("Services"),
|
|
|
|
|
'help':pcs(" unix", self.column_width,
|
|
|
|
|
"unix " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,4,5,6,7,8),
|
|
|
|
|
{'progAccess':(3,4,5,6,7,),
|
|
|
|
|
'helpChapter':_("Services"),
|
|
|
|
|
'help':pcs(" samba", self.column_width,
|
|
|
|
|
"samba " + servName, self.consolewidth-self.column_width)
|
|
|
|
@ -2544,58 +2803,35 @@ group already exists")
|
|
|
|
|
'help':Version
|
|
|
|
|
},
|
|
|
|
|
# Использование
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(0,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] " +\
|
|
|
|
|
_("group") + " " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(1,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " +_("group") + " " + _("service")
|
|
|
|
|
'help': cmdName + " " +_("group") + " " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(2,),
|
|
|
|
|
'progAccess':(0,2),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] " +\
|
|
|
|
|
'help': cmdName + " [" + _("options") + "] " +\
|
|
|
|
|
_("group") + " " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(3,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] " + _("user") +\
|
|
|
|
|
" " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(4,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] " + _("user") +\
|
|
|
|
|
" " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(5,),
|
|
|
|
|
'progAccess':(3,4,5,7),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] " + _("user") +\
|
|
|
|
|
'help': cmdName + " [" + _("options") + "] " + _("user") +\
|
|
|
|
|
" " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(6,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] "+\
|
|
|
|
|
" " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(7,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + " [" + _("options") + "] " + _("user") +\
|
|
|
|
|
'help': cmdName + " [" + _("options") + "] "+\
|
|
|
|
|
" " + _("service")
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(8,),
|
|
|
|
|
'helpChapter':_("Usage"),
|
|
|
|
|
'help': cmdName + " " + _("service")
|
|
|
|
|
'help': cmdName + " [" + _("options") + "]"
|
|
|
|
|
},
|
|
|
|
|
# Function
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(0,),
|
|
|
|
|
'helpChapter':"Function",
|
|
|
|
@ -2703,8 +2939,8 @@ group already exists")
|
|
|
|
|
{
|
|
|
|
|
'progAccess':(8,),
|
|
|
|
|
'helpChapter':_("Examples"),
|
|
|
|
|
'help':pcs(" cl-backup samba", self.column_width,
|
|
|
|
|
"# "+_("backup Samba service") + ".",
|
|
|
|
|
'help':pcs(" cl-backup -r", self.column_width,
|
|
|
|
|
"# "+_("restore all services") + ".",
|
|
|
|
|
self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
#{
|
|
|
|
@ -2816,8 +3052,9 @@ class tsOpt(cl_base.opt):
|
|
|
|
|
helpObj объект-справка содержащий необходимые опции
|
|
|
|
|
parBeforeService дополнительные необходимые параметры перед указанным
|
|
|
|
|
сервисом. (например "group" или "user")
|
|
|
|
|
optService проверять хвост командной строки на наличие сервиса
|
|
|
|
|
"""
|
|
|
|
|
def __init__(self, helpObj, parBeforeService):
|
|
|
|
|
def __init__(self, helpObj, parBeforeService, optService=True):
|
|
|
|
|
# последний параметр является сервисом
|
|
|
|
|
service = sys.argv[-1:][0].rstrip()
|
|
|
|
|
# от cl_help получаем короткие и длинные опции
|
|
|
|
@ -2841,12 +3078,15 @@ class tsOpt(cl_base.opt):
|
|
|
|
|
# опциональных разделов (метод пересечения множеств)
|
|
|
|
|
helpopt = \
|
|
|
|
|
tuple(set(self.opt.keys()).intersection(helpObj.relOptions.keys()))
|
|
|
|
|
#Если есть опции help
|
|
|
|
|
if len(helpopt) > 0:
|
|
|
|
|
print helpObj.getHelp(helpObj.relOptions[helpopt[0]])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
#Если нет хвостов
|
|
|
|
|
elif not self.params:
|
|
|
|
|
print helpObj.getHelp(helpObj.relOptions['h'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
if optService:
|
|
|
|
|
print helpObj.getHelp(helpObj.relOptions['h'])
|
|
|
|
|
self.flagHelp = True
|
|
|
|
|
else:
|
|
|
|
|
if self.params.has_key('service'):
|
|
|
|
|
if not (self.params['service'] in helpObj.allServ) or\
|
|
|
|
|