calculate
/
calculate-utils-2.1-server
6
0
Fork 0
Code Issues 3 Pull Requests Releases 1 Wiki Activity

Добавил опцию --host для сервисов mail, jabber

Browse Source 
Добавил проверку пароля пользователя root при установке сервиса samba
Добавил загрузку изображений в разных форматах
При установке сервисов jabber и mail в /var/calculate/calculate.env записываются переменные sr_jabber_host,sr_mail_host в секцию [server]


git-svn-id: http://svn.calculate.ru/calculate2/calculate-server/trunk@595 c91db197-33c1-4113-bf15-f8a5c547ca64
develop
asamoukin 16 years ago
parent 1f48f1404c
commit 8728461d6d
1 changed files with 132 additions and 21 deletions
Show Stats Download Patch File Download Diff File

153
pym/cl_ldap.py
Unescape View File

@ -140,6 +140,89 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
# DN сервисов относительно базового
self.ServicesDN = "ou=Services"
def verifyPasswordInFile(self, userName, userPassword):
"""проверяет пароль пользователя
Данные из /etc/shadow
"""
def searchShadowUser(userName):
"""Ищет пользователей в /etc/shadow"""
fileShadow = "/etc/shadow"
return self.searchLineInFile(userName, fileShadow)
import md5
def md5crypt(password, salt, magic='$1$'):
"""Функция криптования"""
m = md5.new()
m.update(password + magic + salt)
mixin = md5.md5(password + salt + password).digest()
for i in range(0, len(password)):
m.update(mixin[i % 16])
i = len(password)
while i:
if i & 1:
m.update('\x00')
else:
m.update(password[0])
i >>= 1
final = m.digest()
for i in range(1000):
m2 = md5.md5()
if i & 1:
m2.update(password)
else:
m2.update(final)
if i % 3:
m2.update(salt)
if i % 7:
m2.update(password)
if i & 1:
m2.update(final)
else:
m2.update(password)
final = m2.digest()
itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqr\
stuvwxyz'
rearranged = ''
for a, b, c in ((0, 6, 12), (1, 7, 13), (2, 8, 14), (3, 9, 15),
(4, 10, 5)):
v = ord(final[a]) << 16 | ord(final[b]) << 8 | ord(final[c])
for i in range(4):
rearranged += itoa64[v & 0x3f]; v >>= 6
v = ord(final[11])
for i in range(2):
rearranged += itoa64[v & 0x3f]; v >>= 6
return magic + salt + '$' + rearranged
def test(clear_password, the_hash):
"""Сравнение пароля и хеша из файла"""
magic, salt = the_hash[1:].split('$')[:2]
magic = '$' + magic + '$'
return md5crypt(clear_password, salt, magic) == the_hash
searchUserSahdow = searchShadowUser(userName)
if not searchUserSahdow:
return False
userHash = searchUserSahdow.split(':')[1]
if userHash=='*' or userHash=='!':
return False
return test(userPassword, userHash)
def restorePathDelUser(self,userName,destDir,relDir,message,unixObj=False):
"""Восстанавливает директорию удаленного пользователя"""
removeDir = False
@ -572,6 +655,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
def setJpegPhotoUser(self, userName, photoPath, attr="uid"):
"""Добавляем jpeg фотографию пользователя в LDAP"""
import popen2
try:
FD = open(photoPath)
photoData = FD.read()
@ -586,9 +670,23 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
return False
modAttrs = []
if not self.stringIsJpeg(photoData):
self.printERROR(_("File") + " " + str(photoPath) + " " +\
_("is not jpeg"))
return False
flagError = False
fOut, fIn, fErr = popen2.popen3("convert %s jpg:-" %photoPath)
fIn.close()
if fErr.read():
self.printERROR(_("Can not convert file '%s' in jpeg format")\
%photoPath)
flagError = True
fErr.close()
if not flagError:
photoData = fOut.read()
if not self.stringIsJpeg(photoData):
self.printERROR(\
_("Can not convert file '%s' in jpeg format") %photoPath)
flagError = True
fOut.close()
if flagError:
return False
if searchUser[0][0][1].has_key('jpegPhoto'):
modAttrs.append((ldap.MOD_REPLACE, 'jpegPhoto', photoData))
else:
@ -3254,8 +3352,8 @@ in Unix service ...") %str(primaryMail))
self.clVars.Set("cl_pass_service","mail")
self.clVars.Write("sr_mail_set","off")
# Почтовый ност
if options.has_key("mail-host"):
fullHostName = options['mail-host']
if options.has_key("host"):
fullHostName = options['host']
else:
fullHostName = "%s.%s"%(self.clVars.Get('os_net_hostname'),
self.clVars.Get('os_net_domain'))
@ -3896,8 +3994,8 @@ class servJabber(shareLdap):
# Имя устанавливаемого сервиса
self.clVars.Set("cl_pass_service","jabber")
self.clVars.Write("sr_jabber_set","off")
if options.has_key("jabber-host"):
fullHostName = options['jabber-host']
if options.has_key("host"):
fullHostName = options['host']
else:
fullHostName = "%s.%s"%(self.clVars.Get('os_net_hostname'),
self.clVars.Get('os_net_domain'))
@ -4099,7 +4197,7 @@ class servSamba(shareLdap):
@adminConnectLdap
def addUserSambaServer(self,userName,options,pwDialog=False,
checkSetup=True):
checkSetup=True,pwd=False):
"""Добавляет LDAP пользователя в LDAP-сервер"""
# Проверим установлен ли сервис samba
if checkSetup and not self.isServiceSetup("samba"):
@ -4127,11 +4225,14 @@ class servSamba(shareLdap):
return False
#пароль пользователя
userPwd = ""
#диалог ввода пароля
if not pwDialog:
pwDialog = [_("New SMB password"),
_("Retype new SMB password")]
userPwd = self.getUserPassword(options, "p", "P", pwDialog)
if pwd:
userPwd = pwd
else:
#диалог ввода пароля
if not pwDialog:
pwDialog = [_("New SMB password"),
_("Retype new SMB password")]
userPwd = self.getUserPassword(options, "p", "P", pwDialog)
if userPwd == False:
return False
flagCreateUnixUser = False
@ -4272,7 +4373,6 @@ class servSamba(shareLdap):
%netbios
fileDirectory = os.path.join(createDirLogon,
"start.cmd")
print "FILE =", fileDirectory
if not self.createUserFile(fileDirectory,
fileTxt, uid, gid):
flagError = True
@ -4483,9 +4583,20 @@ class servSamba(shareLdap):
self.printNotOK(_("Starting") + " Samba ...")
return False
print _("Enter existing ROOT password")
pwDialog = [_("ROOT password"),
_("Retype ROOT password")]
if not self.addUserSambaServer('root',{'p':""},pwDialog,False):
pwDialog = "ROOT password"
rootPwdOK = False
for i in range(3):
rootPwd = getpass.getpass(pwDialog+":")
if self.verifyPasswordInFile('root', rootPwd):
rootPwdOK = True
break
elif i<2:
self.printERROR(_("incorrect root password, try again"))
if not rootPwdOK:
self.printERROR(_("Incorrect root password") + " ...")
self.printERROR(_("Samba service can not configured") + " ...")
return False
if not self.addUserSambaServer('root',{},False,False,rootPwd):
return False
clientName = 'client'
clientGroup = 'client'
@ -5764,15 +5875,15 @@ preferences and data (for users with uid<1000)")
},
{'progAccess':(6,),
'optVal':"HOST",
'longOption':"mail-host",
'longOption':"host",
'helpChapter':_("Mail service options"),
'help':_("mail-host, default - hostname")
'help':_("mail host, default - hostname")
},
{'progAccess':(6,),
'optVal':"HOST",
'longOption':"jabber-host",
'longOption':"host",
'helpChapter':_("Jabber service options"),
'help':_("jabber-host, default - hostname")
'help':_("jabber host, default - hostname")
},
# Опции cl-passwd
# LDAP пользователь

Write Preview
Loading…
Cancel
Save