|
|
|
@ -41,9 +41,11 @@ tr.setLanguage(sys.modules[__name__])
|
|
|
|
|
|
|
|
|
|
pcs = cl_utils.prettyColumnStr
|
|
|
|
|
|
|
|
|
|
# Декоратор соединения с LDAP и получения Vars
|
|
|
|
|
def foundConnect(fun):
|
|
|
|
|
"""Проверка установки необходимых переменных (декоратор)"""
|
|
|
|
|
def adminConnectLdap(fun):
|
|
|
|
|
"""Cоединение с LDAP администратором сервиса (декоратор)
|
|
|
|
|
|
|
|
|
|
соединение с LDAP и проверка установки необходимых переменных
|
|
|
|
|
"""
|
|
|
|
|
def ret (self, *arg, **argv):
|
|
|
|
|
flagError = False
|
|
|
|
|
if not self.clVars:
|
|
|
|
@ -162,6 +164,20 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
# DN сервисов относительно базового
|
|
|
|
|
self.ServicesDN = "ou=Services"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def applyProfilesFromService(self, service):
|
|
|
|
|
"""Применяем профили для данного сервиса"""
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию
|
|
|
|
|
# service для файлов профилей
|
|
|
|
|
clProf = cl_profile.profile(self.clVars,service)
|
|
|
|
|
# Объединяем профили
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
if clProf.getError():
|
|
|
|
|
self.printERROR(clProf.getError())
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def searchService(self):
|
|
|
|
|
"""Поиск DN сервиса"""
|
|
|
|
|
name, value = self.relServDN.split('=')
|
|
|
|
@ -200,26 +216,28 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
def getRunService(self, nameService):
|
|
|
|
|
"""Проверка, запущен ли сервис с данным именем"""
|
|
|
|
|
baseDir = "/var/run"
|
|
|
|
|
addDirDict = {"ldap":"openldap",
|
|
|
|
|
"samba":"samba"}
|
|
|
|
|
pidDir = baseDir + "/" + addDirDict[nameService]
|
|
|
|
|
if os.access(pidDir, os.F_OK) and os.listdir(pidDir):
|
|
|
|
|
# Проверка на запуск сервиса mail
|
|
|
|
|
if nameService == 'mail':
|
|
|
|
|
listProcess = self.execProg("ps ax",False,False)
|
|
|
|
|
flagRun = False
|
|
|
|
|
for process in listProcess:
|
|
|
|
|
if "postfix/master" in process:
|
|
|
|
|
flagRun = True
|
|
|
|
|
break
|
|
|
|
|
return flagRun
|
|
|
|
|
addDirDict = {"ldap":("openldap","slapd.pid"),
|
|
|
|
|
"samba":("samba","smbd.pid"),
|
|
|
|
|
"dovecot":("dovecot","master.pid")}
|
|
|
|
|
pidDir = baseDir + "/" + addDirDict[nameService][0]
|
|
|
|
|
if os.access(pidDir, os.F_OK) and os.listdir(pidDir) and\
|
|
|
|
|
os.path.exists(os.path.join(pidDir,addDirDict[nameService][1])):
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def unicList(self, lst):
|
|
|
|
|
"""Список уникальных элементов из списка не уникальных"""
|
|
|
|
|
if len(lst) > 1:
|
|
|
|
|
lst.sort()
|
|
|
|
|
outLst = []
|
|
|
|
|
prVal = False
|
|
|
|
|
for val in lst:
|
|
|
|
|
if prVal != val:
|
|
|
|
|
outLst.append(val)
|
|
|
|
|
prVal = val
|
|
|
|
|
return outLst
|
|
|
|
|
return lst
|
|
|
|
|
return list(set(lst)|set([]))
|
|
|
|
|
|
|
|
|
|
def addDN(self, *arg):
|
|
|
|
|
"""Складывает текстовые элементы DN"""
|
|
|
|
@ -249,7 +267,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
os.lchown(linkCh[1], uid, gid)
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def modAttrsDN(self, relDN, modAttrs):
|
|
|
|
|
"""Модифицирует аттрибуты DN"""
|
|
|
|
|
DN = self.addDN(relDN,self.baseDN)
|
|
|
|
@ -261,7 +279,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def modifyElemDN(self, relDN, newFirstDn):
|
|
|
|
|
"""Изменяет основной элемент DN (uid, cn и др.)"""
|
|
|
|
|
DN = self.addDN(relDN,self.baseDN)
|
|
|
|
@ -272,7 +290,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def delDN(self, relDN):
|
|
|
|
|
DN = self.addDN(relDN,self.baseDN)
|
|
|
|
|
try:
|
|
|
|
@ -297,7 +315,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
return max(lst)
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def fullElementDNtoText(self, relDN):
|
|
|
|
|
"""Выводит все внутренние элементы DN виде текста"""
|
|
|
|
|
DN = self.addDN(relDN, self.baseDN)
|
|
|
|
@ -333,12 +351,10 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
outText += "\n"
|
|
|
|
|
return outText
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def deleteDN(self, relDelDN):
|
|
|
|
|
"""Удаляет DN и все внутренние элементы"""
|
|
|
|
|
delDN = self.addDN(relDelDN, self.baseDN)
|
|
|
|
|
print "delDN", delDN
|
|
|
|
|
print self.conLdap
|
|
|
|
|
delListDN=[]
|
|
|
|
|
try:
|
|
|
|
|
dnList = self.conLdap.search_s(delDN,
|
|
|
|
@ -419,14 +435,14 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
return max(lst)
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def getLdapObjInFile(self):
|
|
|
|
|
def getLdapObjInFile(self, part="admin"):
|
|
|
|
|
"""Получаем объект ldapFunction из ini файла
|
|
|
|
|
|
|
|
|
|
В выходном объекте есть соединение с LDAP сервером: self.conLdap
|
|
|
|
|
"""
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
adminDn = ldapParser.getVar("admin","DN")
|
|
|
|
|
adminPw = ldapParser.getVar("admin","PASS")
|
|
|
|
|
adminDn = ldapParser.getVar(part,"DN")
|
|
|
|
|
adminPw = ldapParser.getVar(part,"PASS")
|
|
|
|
|
ldapObj = ldapFunction(adminDn, adminPw)
|
|
|
|
|
if ldapObj.getError():
|
|
|
|
|
self.printERROR (_("LDAP connect error") + ": " +\
|
|
|
|
@ -447,7 +463,7 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
self.clVars = clVars
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def searchLdapDN(self, name, relDN, attr, retAttr=None):
|
|
|
|
|
"""Находит DN в LDAP"""
|
|
|
|
|
DN = self.addDN(relDN,self.baseDN)
|
|
|
|
@ -513,6 +529,10 @@ class servUnix(shareLdap):
|
|
|
|
|
# DN, компьютеров относительно базового DN
|
|
|
|
|
self.relComputersDN = self.servSambaObj.relComputersDN
|
|
|
|
|
|
|
|
|
|
def getLdapObjInFile(self):
|
|
|
|
|
"""Cоединение с LDAP администратором Samba сервиса"""
|
|
|
|
|
return shareLdap.getLdapObjInFile(self, "unix")
|
|
|
|
|
|
|
|
|
|
def createHomeDir(self, userName, homeDir, skelDir):
|
|
|
|
|
"""Создаем домашнюю директорию пользователя
|
|
|
|
|
|
|
|
|
@ -747,7 +767,7 @@ class servUnix(shareLdap):
|
|
|
|
|
findUsers.append(userName)
|
|
|
|
|
return findUsers
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addGroupUnixServer(self, groupName, options):
|
|
|
|
|
"""Добавляет группу пользователей LDAP"""
|
|
|
|
|
# Если группа существует выходим без ошибки
|
|
|
|
@ -811,7 +831,7 @@ class servUnix(shareLdap):
|
|
|
|
|
self.printSUCCESS(_("Add group in unix service") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addMachineLdapServer(self, machineName, options):
|
|
|
|
|
"""Добавляет LDAP машину в LDAP-сервер"""
|
|
|
|
|
machineLogin = machineName.replace('$','') + "$"
|
|
|
|
@ -859,7 +879,7 @@ class servUnix(shareLdap):
|
|
|
|
|
self.printSUCCESS(_("Add machine ..."))
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addUserUnixServer(self,userName,options):
|
|
|
|
|
"""Добавляет LDAP пользователя в LDAP-сервер"""
|
|
|
|
|
# id нового пользователя
|
|
|
|
@ -1542,11 +1562,13 @@ class servUnix(shareLdap):
|
|
|
|
|
return self.modAttrsDN(groupDN, modAttrs)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
|
|
|
|
|
def setupUnixServer(self, options):
|
|
|
|
|
"""Начальная настройка LDAP сервиса"""
|
|
|
|
|
# Принудительная установка
|
|
|
|
|
forceOptions = False
|
|
|
|
|
# Cоздаем объект переменные
|
|
|
|
|
self.createClVars()
|
|
|
|
|
if options.has_key("f"):
|
|
|
|
|
forceOptions = True
|
|
|
|
|
# В случае если сервер установлен
|
|
|
|
@ -1565,15 +1587,16 @@ class servUnix(shareLdap):
|
|
|
|
|
print "1. " +_("Start the LDAP service")
|
|
|
|
|
print " /etc/init.d/slapd start"
|
|
|
|
|
return True
|
|
|
|
|
#Cоединение с Ldap (администратор)
|
|
|
|
|
shareLdap.getLdapObjInFile(self)
|
|
|
|
|
#self.setParamIniFile("setup_LDAP","no")
|
|
|
|
|
self.clVars.Write("soft_unix_setup","no")
|
|
|
|
|
# Для тестовых целей устанавливаем директорию инсталяции
|
|
|
|
|
#clVars.Set("setup_path_install","/tmp/test1/")
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию ldap для
|
|
|
|
|
# файлов профилей
|
|
|
|
|
clProf = cl_profile.profile(self.clVars,"unix")
|
|
|
|
|
# Объединяем профили
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
if not self.applyProfilesFromService('unix'):
|
|
|
|
|
return False
|
|
|
|
|
# Удаляем предыдущую ветку сервиса Unix
|
|
|
|
|
servicesDN = self.relDN
|
|
|
|
|
resSearch = self.searchService()
|
|
|
|
@ -1595,8 +1618,13 @@ class servUnix(shareLdap):
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
|
self.printOK(_("Add ldif file ..."))
|
|
|
|
|
self.clVars.Write("soft_unix_setup","yes")
|
|
|
|
|
# Записываем данные администратора сервиса Unix
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
ldapParser.setVar("unix",
|
|
|
|
|
{"DN":self.clVars.Get("soft_ldap_admin_unix"),
|
|
|
|
|
"PASS":self.clVars.Get("soft_ldap_admin_unixpw")})
|
|
|
|
|
self.printOK(_("Unix service configured ..."))
|
|
|
|
|
self.clVars.Write("soft_unix_setup","yes")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def setShadowLastChange(self, userName):
|
|
|
|
@ -1610,6 +1638,220 @@ class servUnix(shareLdap):
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
class servMail(shareLdap):
|
|
|
|
|
"""Методы сервиса Mail"""
|
|
|
|
|
def __init__(self, unixObj=False):
|
|
|
|
|
shareLdap.__init__(self)
|
|
|
|
|
self.relGrDN = 'ou=Groups'
|
|
|
|
|
self.relUsDN = 'ou=Users'
|
|
|
|
|
self.relServDN = 'ou=Mail'
|
|
|
|
|
# DN сервиса
|
|
|
|
|
self.relDN = self.addDN(self.relServDN,self.ServicesDN)
|
|
|
|
|
# DN пользователей, относительно базового DN
|
|
|
|
|
self.relUsersDN = self.addDN(self.relUsDN, self.relDN)
|
|
|
|
|
# DN групп пользователей, относительно базового DN
|
|
|
|
|
self.relGroupsDN = self.addDN(self.relGrDN, self.relDN)
|
|
|
|
|
self.ldifFileBase =\
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/mail_base.ldif"
|
|
|
|
|
self.ldifFileUser =\
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/mail_user.ldif"
|
|
|
|
|
# Алгоритм шифрования пароля для Mail пользователя
|
|
|
|
|
self.userCrypt = "{SSHA}"
|
|
|
|
|
# Директория где хранятся письма
|
|
|
|
|
self.mailLocation = "/var/calculate/mail"
|
|
|
|
|
if unixObj:
|
|
|
|
|
# получаем объект сервиса Unix
|
|
|
|
|
self.servUnixObj = unixObj
|
|
|
|
|
else:
|
|
|
|
|
# создаем объект сервиса Unix
|
|
|
|
|
self.servUnixObj = servUnix()
|
|
|
|
|
|
|
|
|
|
def createMailDir(self, userName, uid, gid):
|
|
|
|
|
"""Создание пользовательской директории для почты"""
|
|
|
|
|
mailDir = os.path.join(self.mailLocation,userName)
|
|
|
|
|
if not os.path.exists(mailDir):
|
|
|
|
|
os.makedirs(mailDir)
|
|
|
|
|
os.chown(mailDir,uid,gid)
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def searchMailUser(self, userName):
|
|
|
|
|
"""Находит пользователя сервиса Unix"""
|
|
|
|
|
resSearch = self.searchLdapDN(userName, self.relUsersDN, "uid")
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addUserMailServer(self, userName, options):
|
|
|
|
|
"""Добавляет почтового пользователя в LDAP-сервер"""
|
|
|
|
|
resUnix = self.servUnixObj.searchUnixUser(userName)
|
|
|
|
|
resPwd = self.servUnixObj.searchPasswdUser(userName)
|
|
|
|
|
if not (resUnix or resPwd):
|
|
|
|
|
if options.has_key('f'):
|
|
|
|
|
# Добавим пользователя LDAP
|
|
|
|
|
optUnix = {}
|
|
|
|
|
# Группа пользователя
|
|
|
|
|
if options.has_key('g'):
|
|
|
|
|
optUnix['g'] = options['g']
|
|
|
|
|
# Полное имя пользователя
|
|
|
|
|
if options.has_key('c'):
|
|
|
|
|
optUnix['с'] = options['c']
|
|
|
|
|
if not self.servUnixObj.addUserUnixServer(userName, optUnix):
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not found user") + " " + str(userName) +\
|
|
|
|
|
" " + _("in unix service" + " ..."))
|
|
|
|
|
return False
|
|
|
|
|
if self.searchMailUser(userName):
|
|
|
|
|
self.printERROR(_("User exists in LDAP"))
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Set("soft_ldap_user_login", userName)
|
|
|
|
|
#Полное имя пользователя
|
|
|
|
|
fullNameUser = self.servUnixObj.fullNameUser
|
|
|
|
|
if options.has_key('c'):
|
|
|
|
|
fullNameUser = options['c']
|
|
|
|
|
else:
|
|
|
|
|
resUnix = self.servUnixObj.searchUnixUser(userName)
|
|
|
|
|
if resUnix and resUnix[0][0][1].has_key('gecos'):
|
|
|
|
|
fullNameUser = resUnix[0][0][1]['gecos'][0]
|
|
|
|
|
self.clVars.Set("soft_ldap_user_full_name",fullNameUser)
|
|
|
|
|
userPwd = self.getUserPassword(options, "p", "P")
|
|
|
|
|
if userPwd == False:
|
|
|
|
|
return False
|
|
|
|
|
if not userPwd:
|
|
|
|
|
userPwdHash = "crypt{xxx}"
|
|
|
|
|
else:
|
|
|
|
|
userPwdHash =\
|
|
|
|
|
self.execProg("slappasswd -s %s -h %s" %(userPwd,self.userCrypt))
|
|
|
|
|
if not userPwdHash:
|
|
|
|
|
self.printERROR(_("ERROR") + ": " +\
|
|
|
|
|
_("create crypto password"))
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Set("soft_ldap_user_pw_hash",userPwdHash)
|
|
|
|
|
ldifFile = self.ldifFileUser
|
|
|
|
|
userLdif = self.createLdif(ldifFile)
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
|
#Добавляем пользователя в LDAP
|
|
|
|
|
self.ldapObj.ldapAdd(userLdif)
|
|
|
|
|
#ldapObj.ldapAdd(userLdif1)
|
|
|
|
|
# не переделывать на else
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
|
if resUnix:
|
|
|
|
|
uid = int(resUnix[0][0][1]['uidNumber'][0])
|
|
|
|
|
gid = int(resUnix[0][0][1]['gidNumber'][0])
|
|
|
|
|
elif resPwd:
|
|
|
|
|
uid = int(resPwd.split(":")[2])
|
|
|
|
|
gid = int(resPwd.split(":")[3])
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not found uid and gid user"))
|
|
|
|
|
return False
|
|
|
|
|
self.createMailDir(userName, uid, gid)
|
|
|
|
|
print "OK"
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def setupMailServer(self, options):
|
|
|
|
|
"""Начальная настройка Mail сервиса"""
|
|
|
|
|
# Принудительная установка
|
|
|
|
|
forceOptions = False
|
|
|
|
|
if options.has_key("f"):
|
|
|
|
|
forceOptions = True
|
|
|
|
|
# Создаем объект переменных
|
|
|
|
|
self.createClVars()
|
|
|
|
|
#self.clVars.printVars()
|
|
|
|
|
#return True
|
|
|
|
|
if self.clVars.Get("soft_unix_setup") != "yes":
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("LDAP server is not configured")+ ".")
|
|
|
|
|
self.printWARNING(_("Not setup service Unix"))
|
|
|
|
|
return False
|
|
|
|
|
# В случае если сервер установлен
|
|
|
|
|
if self.clVars.Get("soft_mail_setup") == "yes" and\
|
|
|
|
|
not forceOptions:
|
|
|
|
|
self.printWARNING (_("WARNING") + ": " +\
|
|
|
|
|
_("Mail server is configured")+ ".")
|
|
|
|
|
return True
|
|
|
|
|
# Проверим запущен ли сервис Mail
|
|
|
|
|
if self.getRunService("mail"):
|
|
|
|
|
self.printWARNING (_("WARNING") + ": " +\
|
|
|
|
|
_("The Mail service is running") + ".")
|
|
|
|
|
print "1. " +_("Stop the Mail service")
|
|
|
|
|
print " /etc/init.d/postfix stop"
|
|
|
|
|
print "2. " + _("You can save configuration files \
|
|
|
|
|
Postfix in backup directory")
|
|
|
|
|
print "3. " + _("Restart the program")
|
|
|
|
|
return True
|
|
|
|
|
# Проверим запущен ли сервис Dovecot
|
|
|
|
|
if self.getRunService("dovecot"):
|
|
|
|
|
self.printWARNING (_("WARNING") + ": " +\
|
|
|
|
|
_("The Dovecot is running") + ".")
|
|
|
|
|
print "1. " +_("Stop the Dovecot")
|
|
|
|
|
print " /etc/init.d/dovecot stop"
|
|
|
|
|
print "2. " + _("You can save configuration files \
|
|
|
|
|
Dovecot in backup directory")
|
|
|
|
|
print "3. " + _("Restart the program")
|
|
|
|
|
return True
|
|
|
|
|
# Подключаемся к LDAP cерверу
|
|
|
|
|
if not shareLdap.getLdapObjInFile(self):
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Write("soft_mail_setup","no")
|
|
|
|
|
# Находим в LDAP Mail сервис
|
|
|
|
|
resSearch = self.searchService()
|
|
|
|
|
ret = True
|
|
|
|
|
if resSearch:
|
|
|
|
|
delDN = self.relDN
|
|
|
|
|
ret = self.deleteDN(delDN)
|
|
|
|
|
if ret:
|
|
|
|
|
self.printOK(_("Remove Mail DN in LDAP Database ..."))
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not remove Mail DN in LDAP Database ..."))
|
|
|
|
|
if not ret:
|
|
|
|
|
return False
|
|
|
|
|
ldifFile = self.ldifFileBase
|
|
|
|
|
baseLdif = self.createLdif(ldifFile)
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
|
self.ldapObj.ldapAdd(baseLdif)
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Write("soft_samba_setup","no")
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию samba для
|
|
|
|
|
# файлов профилей
|
|
|
|
|
if not self.applyProfilesFromService('mail'):
|
|
|
|
|
return False
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd restart")
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK("LDAP" + " " + _("restart")+ " ...")
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK("LDAP" + " " + _("restart")+ " ...")
|
|
|
|
|
return False
|
|
|
|
|
# Записываем данные администратора сервиса Mail
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
ldapParser.setVar("mail",
|
|
|
|
|
{"DN":self.clVars.Get("soft_ldap_admin_mail"),
|
|
|
|
|
"PASS":self.clVars.Get("soft_ldap_admin_mailpw")})
|
|
|
|
|
self.printOK(_("Add ldif file ..."))
|
|
|
|
|
textLine = self.execProg("newaliases")
|
|
|
|
|
if not (textLine == None):
|
|
|
|
|
self.printERROR(_("Not create Postfix aliases") + " ...")
|
|
|
|
|
return False
|
|
|
|
|
textLine = self.execProg("/etc/init.d/postfix start")
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK("Postfix" + " " + _("start")+ " ...")
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK("Postfix" + " " + _("start")+ " ...")
|
|
|
|
|
return False
|
|
|
|
|
textLine = self.execProg("/etc/init.d/dovecot start")
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK("Dovecot" + " " + _("start")+ " ...")
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK("Dovecot" + " " + _("start")+ " ...")
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Write("soft_mail_setup","yes")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class servSamba(shareLdap):
|
|
|
|
|
"""Методы севисa Samba"""
|
|
|
|
|
def __init__(self, unixObj=False):
|
|
|
|
@ -1634,6 +1876,10 @@ class servSamba(shareLdap):
|
|
|
|
|
# создаем объект сервиса Unix
|
|
|
|
|
self.servUnixObj = servUnix(self)
|
|
|
|
|
|
|
|
|
|
def getLdapObjInFile(self):
|
|
|
|
|
"""Cоединение с LDAP администратором Samba сервиса"""
|
|
|
|
|
return shareLdap.getLdapObjInFile(self, "samba")
|
|
|
|
|
|
|
|
|
|
def delUserSambaServer(self, userName, options):
|
|
|
|
|
"""Удаляем Samba пользователя"""
|
|
|
|
|
if options.has_key('r'):
|
|
|
|
@ -1676,7 +1922,7 @@ class servSamba(shareLdap):
|
|
|
|
|
str(delUser) + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addUserSambaServer(self, userName, options):
|
|
|
|
|
"""Добавляет LDAP пользователя в LDAP-сервер"""
|
|
|
|
|
# Добавление машины samba
|
|
|
|
@ -1687,10 +1933,9 @@ class servSamba(shareLdap):
|
|
|
|
|
return False
|
|
|
|
|
resSearch = self.servUnixObj.searchUnixUser(userName)
|
|
|
|
|
if not resSearch:
|
|
|
|
|
# Cоздание пользователя Unix
|
|
|
|
|
if options.has_key('f'):
|
|
|
|
|
resSearch = self.servUnixObj.searchPasswdUser(userName)
|
|
|
|
|
else:
|
|
|
|
|
resSearch = self.servUnixObj.searchPasswdUser(userName)
|
|
|
|
|
# создание пользователя Unix опция f
|
|
|
|
|
if not resSearch and not options.has_key('f'):
|
|
|
|
|
self.printERROR(_("Not found user") + " " + str(userName) +\
|
|
|
|
|
" " + _("in unix service" + " ..."))
|
|
|
|
|
return False
|
|
|
|
@ -1708,9 +1953,14 @@ class servSamba(shareLdap):
|
|
|
|
|
if not resSearch:
|
|
|
|
|
# Добавим пользователя LDAP
|
|
|
|
|
optUnix = {}
|
|
|
|
|
# Группа пользователя
|
|
|
|
|
if options.has_key('g'):
|
|
|
|
|
optUnix['g'] = options['g']
|
|
|
|
|
self.servUnixObj.addUserUnixServer(userName, optUnix)
|
|
|
|
|
# Полное имя пользователя
|
|
|
|
|
if options.has_key('c'):
|
|
|
|
|
optUnix['с'] = options['c']
|
|
|
|
|
if not self.servUnixObj.addUserUnixServer(userName, optUnix):
|
|
|
|
|
return False
|
|
|
|
|
if userPwd:
|
|
|
|
|
textLine = self.execProg("smbpasswd -a -s %s" %(userName),
|
|
|
|
|
"%s\n%s\n" %(userPwd,userPwd))
|
|
|
|
@ -1764,11 +2014,13 @@ class servSamba(shareLdap):
|
|
|
|
|
self.printERROR(_("Not add machine ..."))
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
|
|
|
|
|
def setupSambaServer(self, options):
|
|
|
|
|
"""Начальная настройка Samba сервиса"""
|
|
|
|
|
# Принудительная установка
|
|
|
|
|
forceOptions = False
|
|
|
|
|
# Cоздаем объект переменные
|
|
|
|
|
self.createClVars()
|
|
|
|
|
if options.has_key("f"):
|
|
|
|
|
forceOptions = True
|
|
|
|
|
if self.clVars.Get("soft_unix_setup") != "yes":
|
|
|
|
@ -1809,15 +2061,18 @@ Samba in backup directory")
|
|
|
|
|
self.clVars.Write("soft_samba_setup","no")
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию samba для
|
|
|
|
|
# файлов профилей
|
|
|
|
|
clProf = cl_profile.profile(self.clVars,"samba")
|
|
|
|
|
# Объединяем профили
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
|
|
|
|
|
if not self.applyProfilesFromService('samba'):
|
|
|
|
|
return False
|
|
|
|
|
# Записываем данные администратора сервиса Samba
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
ldapParser.setVar("samba",
|
|
|
|
|
{"DN":self.clVars.Get("soft_ldap_admin_samba"),
|
|
|
|
|
"PASS":self.clVars.Get("soft_ldap_admin_sambapw")})
|
|
|
|
|
ldapParser = iniLdapParser()
|
|
|
|
|
pswd = ldapParser.getVar("admin","PASS")
|
|
|
|
|
pswd = ldapParser.getVar("samba","PASS")
|
|
|
|
|
if not pswd:
|
|
|
|
|
self.printERROR(_("ERROR") + ": " +\
|
|
|
|
|
_("Not find Ldap admin password"))
|
|
|
|
|
_("Not find Ldap Samba admin password"))
|
|
|
|
|
return False
|
|
|
|
|
textLine = self.execProg("smbpasswd -w %s" %(pswd))
|
|
|
|
|
if not "stored" in textLine:
|
|
|
|
@ -1825,8 +2080,9 @@ Samba in backup directory")
|
|
|
|
|
_("Add Ldap admin password"))
|
|
|
|
|
return False
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd restart")
|
|
|
|
|
# Обнуляем LDAP cоединение
|
|
|
|
|
self.ldapObj = False
|
|
|
|
|
|
|
|
|
|
#Cоединение с Ldap (администратор)
|
|
|
|
|
shareLdap.getLdapObjInFile(self)
|
|
|
|
|
|
|
|
|
|
if not "ok" in textLine:
|
|
|
|
|
self.printNotOK(_("LDAP restart ..."))
|
|
|
|
@ -1842,7 +2098,6 @@ Samba in backup directory")
|
|
|
|
|
self.printERROR(_("Not remove Samba DN in LDAP Database ..."))
|
|
|
|
|
if not ret:
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
ldifFile = self.ldifFileBase
|
|
|
|
|
baseLdif = self.createLdif(ldifFile)
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
@ -2013,7 +2268,7 @@ class servLdap(shareLdap):
|
|
|
|
|
servInstalled.append(serv)
|
|
|
|
|
return (servicePaths, servInstalled)
|
|
|
|
|
|
|
|
|
|
@foundConnect
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def backupServer(self):
|
|
|
|
|
"""Сохраняет настройки установленных сервисов и базу LDAP"""
|
|
|
|
|
# создаем директорию backup-а
|
|
|
|
@ -2103,7 +2358,10 @@ class servLdap(shareLdap):
|
|
|
|
|
return self.restoreServer()
|
|
|
|
|
|
|
|
|
|
def stopServices(self, servInstalled):
|
|
|
|
|
"""Останавливает все сервисы поданные на вход"""
|
|
|
|
|
"""Останавливает все сервисы поданные на вход этому методу
|
|
|
|
|
|
|
|
|
|
Входные даннные - список
|
|
|
|
|
"""
|
|
|
|
|
flagError = False
|
|
|
|
|
flagLdap = False
|
|
|
|
|
for service in servInstalled:
|
|
|
|
@ -2142,6 +2400,8 @@ class servLdap(shareLdap):
|
|
|
|
|
self.printERROR(_("Service") + " ldap " +\
|
|
|
|
|
_("not started"))
|
|
|
|
|
flagError = True
|
|
|
|
|
else:
|
|
|
|
|
self.printOK(_("LDAP" + " " + _("start")+ " ..."))
|
|
|
|
|
for service in servInstalled:
|
|
|
|
|
if service == "unix" or service == "ldap":
|
|
|
|
|
continue
|
|
|
|
@ -2153,13 +2413,19 @@ class servLdap(shareLdap):
|
|
|
|
|
self.printERROR(_("Service") + " "+ str(service) + " " +\
|
|
|
|
|
_("not started"))
|
|
|
|
|
flagError = True
|
|
|
|
|
else:
|
|
|
|
|
self.printOK(service.capitalize() + " " +\
|
|
|
|
|
_("start")+ " ...")
|
|
|
|
|
if flagError:
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def restoreServer(self):
|
|
|
|
|
"""Восстанавливает все установленные сервисы"""
|
|
|
|
|
"""Восстанавливает из архива все установленные сервисы
|
|
|
|
|
|
|
|
|
|
Восстановленные сервисы будут запущены
|
|
|
|
|
"""
|
|
|
|
|
if not os.path.exists(self.backupDirectory):
|
|
|
|
|
self.printERROR(_("Not found backup path") + ": " +\
|
|
|
|
|
str(self.backupDirectory))
|
|
|
|
@ -2244,20 +2510,6 @@ class servLdap(shareLdap):
|
|
|
|
|
self.printOK(_("Restore all installed services") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def applyProfilesFromService(self, service="ldap"):
|
|
|
|
|
"""Применяем профили для данного сервиса"""
|
|
|
|
|
# Cоздаем объект профиль устанавливая директорию
|
|
|
|
|
# service для файлов профилей
|
|
|
|
|
clProf = cl_profile.profile(self.clVars,service)
|
|
|
|
|
# Объединяем профили
|
|
|
|
|
clProf.applyProfiles()
|
|
|
|
|
if clProf.getError():
|
|
|
|
|
self.printERROR(clProf.getError())
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def removeLdapDatabase(self):
|
|
|
|
|
"""Удаляем предыдущую базу данных"""
|
|
|
|
|
self.execProg("rm -rf /var/lib/openldap-data/*")
|
|
|
|
@ -2268,10 +2520,10 @@ class servLdap(shareLdap):
|
|
|
|
|
"""Запускает LDAP сервер"""
|
|
|
|
|
textLine = self.execProg("/etc/init.d/slapd %s" %(opt))
|
|
|
|
|
if "ok" in textLine:
|
|
|
|
|
self.printOK(_("LDAP start ..."))
|
|
|
|
|
self.printOK("LDAP" + " " + _("start")+ " ...")
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
self.printNotOK(_("LDAP start ..."))
|
|
|
|
|
self.printNotOK("LDAP" + " " + _("start")+ " ...")
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def connectLdapServer(self):
|
|
|
|
@ -2319,7 +2571,7 @@ LDAP in backup directory")
|
|
|
|
|
self.clVars.Write("soft_ldap_setup","no")
|
|
|
|
|
# Первый проход
|
|
|
|
|
self.clVars.Set("setup_pass_parser","1",True)
|
|
|
|
|
if not self.applyProfilesFromService():
|
|
|
|
|
if not self.applyProfilesFromService('ldap'):
|
|
|
|
|
self.printERROR(_("Not apply profiles: one pass"))
|
|
|
|
|
return False
|
|
|
|
|
# Удаляем старую базу данных
|
|
|
|
@ -2342,7 +2594,7 @@ LDAP in backup directory")
|
|
|
|
|
# Второй проход,
|
|
|
|
|
# удаляем временного пользователя root из конфигурационного файла
|
|
|
|
|
self.clVars.Set("setup_pass_parser","2",True)
|
|
|
|
|
if not self.applyProfilesFromService():
|
|
|
|
|
if not self.applyProfilesFromService('ldap'):
|
|
|
|
|
self.printERROR(_("Not apply profiles: two pass"))
|
|
|
|
|
return False
|
|
|
|
|
# Перезапускаем LDAP сервер
|
|
|
|
@ -2385,6 +2637,7 @@ class cl_ldap(shareLdap):
|
|
|
|
|
(_("Service LDAP options"),True,1,1,"options"),
|
|
|
|
|
(_("Service Unix options"),True,1,1,"options"),
|
|
|
|
|
(_("Service Samba options"),True,1,1,"options"),
|
|
|
|
|
(_("Service Mail options"),True,1,1,"options"),
|
|
|
|
|
(_("Services"),True,1,0,"")
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
@ -2407,6 +2660,8 @@ class cl_ldap(shareLdap):
|
|
|
|
|
_("Service LDAP options")],
|
|
|
|
|
"unix":[_("Common options"),
|
|
|
|
|
_("Service Unix options")],
|
|
|
|
|
"mail":[_("Common options"),
|
|
|
|
|
_("Service Mail options")],
|
|
|
|
|
}
|
|
|
|
|
# Cвязь длинных опций помощи и выводимых разделов помощи с опциями
|
|
|
|
|
self.relOptions = {"h":[_("Common options")],
|
|
|
|
@ -2416,10 +2671,13 @@ class cl_ldap(shareLdap):
|
|
|
|
|
_("Service Unix options")],
|
|
|
|
|
"help-samba":[_("Common options"),
|
|
|
|
|
_("Service Samba options")],
|
|
|
|
|
"help-mail":[_("Common options"),
|
|
|
|
|
_("Service Mail options")],
|
|
|
|
|
"help-all":[_("Common options"),
|
|
|
|
|
_("Service Samba options"),
|
|
|
|
|
_("Service LDAP options"),
|
|
|
|
|
_("Service Unix options")
|
|
|
|
|
_("Service Unix options"),
|
|
|
|
|
_("Service Mail options")
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
@ -2454,6 +2712,10 @@ class cl_ldap(shareLdap):
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("display help options service Samba")
|
|
|
|
|
},
|
|
|
|
|
{'longOption':"help-mail",
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("display help options service Mail")
|
|
|
|
|
},
|
|
|
|
|
{'longOption':"help-all",
|
|
|
|
|
'helpChapter':_("Common options"),
|
|
|
|
|
'help':_("display help options all services")
|
|
|
|
@ -2526,6 +2788,20 @@ group already exists")
|
|
|
|
|
'helpChapter':_("Service Unix options"),
|
|
|
|
|
'help':_("set the GECOS field for the new user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"c",
|
|
|
|
|
'longOption':"comment",
|
|
|
|
|
'optVal':"COMMENT",
|
|
|
|
|
'helpChapter':_("Service Samba options"),
|
|
|
|
|
'help':_("set the GECOS field for the new unix account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"c",
|
|
|
|
|
'longOption':"comment",
|
|
|
|
|
'optVal':"COMMENT",
|
|
|
|
|
'helpChapter':_("Service Mail options"),
|
|
|
|
|
'help':_("set the GECOS field for the new unix account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"d",
|
|
|
|
|
'longOption':"home-dir",
|
|
|
|
@ -2540,6 +2816,13 @@ group already exists")
|
|
|
|
|
'helpChapter':_("Service Samba options"),
|
|
|
|
|
'help':_("force use GROUP for the new user Unix service account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"g",
|
|
|
|
|
'longOption':"gid",
|
|
|
|
|
'optVal':"GROUP",
|
|
|
|
|
'helpChapter':_("Service Mail options"),
|
|
|
|
|
'help':_("force use GROUP for the new user Unix service account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"g",
|
|
|
|
|
'longOption':"gid",
|
|
|
|
@ -2584,6 +2867,12 @@ group already exists")
|
|
|
|
|
'helpChapter':_("Service Samba options"),
|
|
|
|
|
'help':_("create unix user account and samba user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"f",
|
|
|
|
|
'longOption':"force",
|
|
|
|
|
'helpChapter':_("Service Mail options"),
|
|
|
|
|
'help':_("create unix user account and mail user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"p",
|
|
|
|
|
'longOption':"password",
|
|
|
|
@ -2595,6 +2884,17 @@ group already exists")
|
|
|
|
|
'helpChapter':_("Service Samba options"),
|
|
|
|
|
'help':_("use password for the user account (from standart input)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"p",
|
|
|
|
|
'longOption':"password",
|
|
|
|
|
'helpChapter':_("Service Mail options"),
|
|
|
|
|
'help':_("use password for the user account (from dialog)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"P",
|
|
|
|
|
'helpChapter':_("Service Mail options"),
|
|
|
|
|
'help':_("use password for the user account (from standart input)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,),
|
|
|
|
|
'shortOption':"w",
|
|
|
|
|
'helpChapter':_("Service Samba options"),
|
|
|
|
@ -2769,6 +3069,11 @@ group already exists")
|
|
|
|
|
'help':pcs(" samba", self.column_width,
|
|
|
|
|
"samba " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(3,6,),
|
|
|
|
|
'helpChapter':_("Services"),
|
|
|
|
|
'help':pcs(" mail", self.column_width,
|
|
|
|
|
"mail " + servName, self.consolewidth-self.column_width)
|
|
|
|
|
},
|
|
|
|
|
##{'helpChapter':_("Services"),
|
|
|
|
|
##'help':" mail \t\t\tmail " + servName + "\n"
|
|
|
|
|
##},
|
|
|
|
|