|
|
|
@ -852,6 +852,8 @@ class shareLdap(imp_cl_err, imp_cl_xml, imp_cl_help, imp_cl_smcon):
|
|
|
|
|
#Запишем переменные в клиентскую секцию
|
|
|
|
|
for name,value in dictVar.items():
|
|
|
|
|
value = str(value)
|
|
|
|
|
if not value.strip():
|
|
|
|
|
self.clVars.Delete(name)
|
|
|
|
|
if not self.clVars.Write(name,value,True,"remote","client"):
|
|
|
|
|
self.printERROR(_("Error writing variable %s")%name)
|
|
|
|
|
flagError = True
|
|
|
|
@ -2605,7 +2607,7 @@ class servMail(shareLdap):
|
|
|
|
|
backup = False
|
|
|
|
|
# Делаем сохранение данных удаляемого пользователя
|
|
|
|
|
if backup and os.path.exists(mailDir) and os.listdir(mailDir):
|
|
|
|
|
if not self.backupDelUser(userName, 'mail/imap', mailDir):
|
|
|
|
|
if not self.backupDelUser(userName, 'mail', mailDir):
|
|
|
|
|
return False
|
|
|
|
|
#удаляем почту из Unix сервиса
|
|
|
|
|
if not self.servUnixObj.deleteUserMail(userName):
|
|
|
|
@ -3416,6 +3418,29 @@ in Unix service ...") %str(primaryMail))
|
|
|
|
|
if options.has_key("host"):
|
|
|
|
|
fullHostName = options['host']
|
|
|
|
|
self.clVars.Set("sr_mail_host",fullHostName,True)
|
|
|
|
|
mailType = "imap"
|
|
|
|
|
if options.has_key("t"):
|
|
|
|
|
mailType = options['t']
|
|
|
|
|
if mailType:
|
|
|
|
|
if not set(mailType.split(",")) <= set(["imap","pop3"]):
|
|
|
|
|
self.printERROR(\
|
|
|
|
|
_("Мail type not 'imap' or 'pop3' or 'pop3,imap'"))
|
|
|
|
|
return False
|
|
|
|
|
if len(mailType.split(",")) == 2:
|
|
|
|
|
mailType = "all"
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Мail type incorrect"))
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Set("sr_mail_type", mailType)
|
|
|
|
|
mailCrypt = "tls"
|
|
|
|
|
if options.has_key("c"):
|
|
|
|
|
mailCrypt = options['c']
|
|
|
|
|
if not mailCrypt in ["none", "tls"]:
|
|
|
|
|
self.printERROR(_("Мail encryption not 'none' or 'tls'"))
|
|
|
|
|
return False
|
|
|
|
|
if mailCrypt == "none":
|
|
|
|
|
mailCrypt = ""
|
|
|
|
|
self.clVars.Set("sr_mail_crypt", mailCrypt, True)
|
|
|
|
|
if not self.applyProfilesFromService('mail'):
|
|
|
|
|
return False
|
|
|
|
|
# Проверим запущен ли ldap
|
|
|
|
@ -3481,7 +3506,15 @@ in Unix service ...") %str(primaryMail))
|
|
|
|
|
#запишем переменные для сервера
|
|
|
|
|
mailHost = self.clVars.Get("sr_mail_host")
|
|
|
|
|
self.clVars.Write("sr_mail_host",mailHost,True,"local")
|
|
|
|
|
self.clVars.Write("sr_mail_type",
|
|
|
|
|
self.clVars.Get("sr_mail_type"),True,"local")
|
|
|
|
|
|
|
|
|
|
self.clVars.Delete("sr_mail_send_crypt","",True)
|
|
|
|
|
self.clVars.Write("sr_mail_crypt",
|
|
|
|
|
self.clVars.Get("sr_mail_crypt"),True,"local")
|
|
|
|
|
#запишем переменные для клиента
|
|
|
|
|
if mailType == "all":
|
|
|
|
|
self.clVars.Set("sr_mail_type","imap")
|
|
|
|
|
self.clVars.Set("sr_mail_send_host",mailHost)
|
|
|
|
|
clientVars = ["sr_mail_host","sr_mail_crypt", "sr_mail_port",
|
|
|
|
|
"sr_mail_type","sr_mail_send_crypt","sr_mail_send_port",
|
|
|
|
@ -4904,6 +4937,8 @@ class servLdap(shareLdap):
|
|
|
|
|
self.sslDirsMail = ["/etc/ssl/dovecot","/etc/ssl/postfix"]
|
|
|
|
|
# Файл сертификата сервиса jabber
|
|
|
|
|
self.sslJabberFile = "/etc/jabber/ssl.pem"
|
|
|
|
|
# Объект для работы с репликацией
|
|
|
|
|
self.servReplObj = servRepl()
|
|
|
|
|
|
|
|
|
|
def savePrivateFile(self, fileName, data):
|
|
|
|
|
"""Записать файл с правами 0600"""
|
|
|
|
@ -5123,6 +5158,7 @@ outdated. If the backup is obsolete, use cl-backup."))
|
|
|
|
|
# находим пути к профилям установленных сервисов
|
|
|
|
|
servicePaths, servInstalled = self.getServiceSetupPathProfiles()
|
|
|
|
|
if not servicePaths:
|
|
|
|
|
self.printERROR("unable to create a backup")
|
|
|
|
|
self.printERROR("Services are not installed")
|
|
|
|
|
return False
|
|
|
|
|
# Все файлы которые нужно заархивировать
|
|
|
|
@ -5380,7 +5416,6 @@ outdated. If the backup is obsolete, use cl-backup."))
|
|
|
|
|
self.createClVars()
|
|
|
|
|
if options.has_key("f"):
|
|
|
|
|
forceOptions = True
|
|
|
|
|
|
|
|
|
|
if self.clVars.Get("sr_ldap_set") == "on" and\
|
|
|
|
|
not forceOptions:
|
|
|
|
|
self.printWARNING (_("WARNING") + ": " +\
|
|
|
|
@ -5474,8 +5509,24 @@ outdated. If the backup is obsolete, use cl-backup."))
|
|
|
|
|
clientVars = ["ur_organization", "ur_signature"]
|
|
|
|
|
if not self.saveVarsClient(clientVars):
|
|
|
|
|
return False
|
|
|
|
|
self.clVars.Set("sr_ldap_set","on")
|
|
|
|
|
# Установка репликации
|
|
|
|
|
if options.has_key("r"):
|
|
|
|
|
if options['r'] == "on":
|
|
|
|
|
# Устанавливаем объект для хранения переменных
|
|
|
|
|
self.servReplObj.clVars = self.clVars
|
|
|
|
|
if not self.servReplObj.setupReplServer({}):
|
|
|
|
|
return False
|
|
|
|
|
ldapParser.setVar("replication",
|
|
|
|
|
{"DN":self.clVars.Get("ld_repl_dn"),
|
|
|
|
|
"PASS":self.clVars.Get("ld_repl_pw")})
|
|
|
|
|
self.clVars.Write("ld_repl_set", "on")
|
|
|
|
|
else:
|
|
|
|
|
self.clVars.Write("ld_repl_set", "off")
|
|
|
|
|
#if not self.servReplObj.addReplWorkedUser("alex74"):
|
|
|
|
|
#return False
|
|
|
|
|
self.clVars.Write("sr_ldap_set","on")
|
|
|
|
|
self.printOK(_("LDAP service configured") +" ...")
|
|
|
|
|
self.printOK(_("LDAP service configured") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
class cl_ldap(shareLdap):
|
|
|
|
@ -6214,6 +6265,20 @@ the password will be changed only for Samba account")
|
|
|
|
|
'helpChapter':_("Mail service options"),
|
|
|
|
|
'help':_("mail host, default - hostname")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(6,),
|
|
|
|
|
'shortOption':"t",
|
|
|
|
|
'optVal':"TYPE",
|
|
|
|
|
'longOption':"type",
|
|
|
|
|
'helpChapter':_("Mail service options"),
|
|
|
|
|
'help':_("mail type - 'imap', 'pop3', 'pop3,imap' (default - imap)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(6,),
|
|
|
|
|
'shortOption':"c",
|
|
|
|
|
'optVal':"CRYPT",
|
|
|
|
|
'longOption':"crypt",
|
|
|
|
|
'helpChapter':_("Mail service options"),
|
|
|
|
|
'help':_("encryption type - 'none', 'tls' (default - tls)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(6,),
|
|
|
|
|
'optVal':"HOST",
|
|
|
|
|
'longOption':"host",
|
|
|
|
@ -6225,6 +6290,14 @@ the password will be changed only for Samba account")
|
|
|
|
|
'longOption':"history",
|
|
|
|
|
'helpChapter':_("Jabber service options"),
|
|
|
|
|
'help':_("enabled or disabled jabber history logging, default disable.\
|
|
|
|
|
(on/off)")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(6,),
|
|
|
|
|
'shortOption':"r",
|
|
|
|
|
'optVal':"CONDITION",
|
|
|
|
|
'longOption':"repl",
|
|
|
|
|
'helpChapter':_("LDAP service options"),
|
|
|
|
|
'help':_("enabled or disabled replication, default disable.\
|
|
|
|
|
(on/off)")
|
|
|
|
|
},
|
|
|
|
|
# Опции cl-passwd
|
|
|
|
@ -6680,7 +6753,7 @@ the password will be changed only for Samba account")
|
|
|
|
|
|
|
|
|
|
class servFtp(shareLdap):
|
|
|
|
|
"""Методы севисa Ftp"""
|
|
|
|
|
def __init__(self, smbObj=False):
|
|
|
|
|
def __init__(self):
|
|
|
|
|
shareLdap.__init__(self)
|
|
|
|
|
self.relUsDN = 'ou=Users'
|
|
|
|
|
self.relServDN = 'ou=Ftp'
|
|
|
|
@ -7081,6 +7154,143 @@ class servFtp(shareLdap):
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class servRepl(shareLdap):
|
|
|
|
|
"""Методы для работы с репликацией"""
|
|
|
|
|
def __init__(self):
|
|
|
|
|
shareLdap.__init__(self)
|
|
|
|
|
# Используемые ldif файлы
|
|
|
|
|
# Cлужебная ветка: LDAP
|
|
|
|
|
self.ldifFileBase =\
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/ldap_base.ldif"
|
|
|
|
|
# Ветки репликации: Access, Worked
|
|
|
|
|
self.ldifFileRepl =\
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/ldap_repl.ldif"
|
|
|
|
|
# Имя пользователя, машина на которой хостимся
|
|
|
|
|
self.ldifFileWorkedUser =\
|
|
|
|
|
"/usr/lib/calculate/calculate-server/ldif/ldap_repl_worked_user.ldif"
|
|
|
|
|
self.servSambaObj = servSamba()
|
|
|
|
|
# DN ветки Worked
|
|
|
|
|
self.relWorkedDN = False
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def isSysDNExists(self):
|
|
|
|
|
"""Существует ли служебная ветка LDAP"""
|
|
|
|
|
sysLogin = self.clVars.Get("ld_ldap_login")
|
|
|
|
|
searchDN = self.searchLdapDN(sysLogin, self.ServicesDN, 'ou')
|
|
|
|
|
if searchDN:
|
|
|
|
|
return True
|
|
|
|
|
else:
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def isReplDNExists(self):
|
|
|
|
|
"""Существуют ли ветка репликации LDAP"""
|
|
|
|
|
if not self.isSysDNExists():
|
|
|
|
|
return False
|
|
|
|
|
sysLogin = self.clVars.Get("ld_ldap_login")
|
|
|
|
|
replLogin = self.clVars.Get("ld_repl_login")
|
|
|
|
|
relSysDn = "ou=%s,%s"%(sysLogin,self.ServicesDN)
|
|
|
|
|
searchReplDN = self.searchLdapDN(replLogin, relSysDn, 'ou')
|
|
|
|
|
if not searchReplDN:
|
|
|
|
|
return False
|
|
|
|
|
else:
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addSysDN(self):
|
|
|
|
|
"""Добавляет служебную ветку в LDAP если она не существует"""
|
|
|
|
|
if not self.isSysDNExists():
|
|
|
|
|
ldifFile = self.ldifFileBase
|
|
|
|
|
baseLdif = self.createLdif(ldifFile)
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
|
self.ldapObj.ldapAdd(baseLdif)
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addReplDN(self):
|
|
|
|
|
"""Добавляет ветки репликации в LDAP"""
|
|
|
|
|
#Добавляем служебную ветку
|
|
|
|
|
if not self.addSysDN():
|
|
|
|
|
return False
|
|
|
|
|
#Если ветка репликации не существует добавляем её
|
|
|
|
|
if not self.isReplDNExists():
|
|
|
|
|
ldifFile = self.ldifFileRepl
|
|
|
|
|
baseLdif = self.createLdif(ldifFile)
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
|
self.ldapObj.ldapAdd(baseLdif)
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def getRelWorkedDN(self):
|
|
|
|
|
"""Получаем относительный DN ветки Worked"""
|
|
|
|
|
if not self.relWorkedDN:
|
|
|
|
|
sysLogin = self.clVars.Get("ld_ldap_login")
|
|
|
|
|
replLogin = self.clVars.Get("ld_repl_login")
|
|
|
|
|
repWorkedlLogin = self.clVars.Get("ld_repl_worked_login")
|
|
|
|
|
self.relWorkedDN = "ou=%s,ou=%s,ou=%s,%s" %(repWorkedlLogin,\
|
|
|
|
|
replLogin,sysLogin,self.ServicesDN)
|
|
|
|
|
return self.relWorkedDN
|
|
|
|
|
|
|
|
|
|
def searchWorkedUser(self,userName):
|
|
|
|
|
"""Находит пользователя в ветке Worked"""
|
|
|
|
|
relWorkedDN = self.getRelWorkedDN()
|
|
|
|
|
resSearch = self.searchLdapDN(userName, relWorkedDN, "uid")
|
|
|
|
|
return resSearch
|
|
|
|
|
|
|
|
|
|
@adminConnectLdap
|
|
|
|
|
def addReplWorkedUser(self, userName):
|
|
|
|
|
"""Добавляем запись в Worked ветку (id, имя сервера)"""
|
|
|
|
|
rez = self.searchWorkedUser(userName)
|
|
|
|
|
if not rez:
|
|
|
|
|
ldifFile = self.ldifFileWorkedUser
|
|
|
|
|
self.clVars.Set("ur_name", userName)
|
|
|
|
|
baseLdif = self.createLdif(ldifFile)
|
|
|
|
|
if not self.ldapObj.getError():
|
|
|
|
|
self.ldapObj.ldapAdd(baseLdif)
|
|
|
|
|
if self.ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + self.ldapObj.getError().strip()
|
|
|
|
|
return False
|
|
|
|
|
rez = self.searchWorkedUser(userName)
|
|
|
|
|
replHost = self.clVars.Get("ld_repl_host")
|
|
|
|
|
if not replHost:
|
|
|
|
|
print _("Variable Error: not set a variable ld_repl_host")
|
|
|
|
|
return False
|
|
|
|
|
# Изменяемые аттрибуты
|
|
|
|
|
modAttrs = [(ldap.MOD_REPLACE, 'host', replHost)]
|
|
|
|
|
relWorkedDN = self.getRelWorkedDN()
|
|
|
|
|
DN = self.addDN("uid="+userName, relWorkedDN)
|
|
|
|
|
if not self.modAttrsDN(DN, modAttrs):
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def setupReplServer(self, options):
|
|
|
|
|
"""Начальная настройка репликации"""
|
|
|
|
|
# Cоздаем объект переменные
|
|
|
|
|
if not self.clVars:
|
|
|
|
|
self.createClVars()
|
|
|
|
|
# В случае если сервер установлен
|
|
|
|
|
if self.clVars.Get("sr_ldap_set") != "on":
|
|
|
|
|
self.printERROR(\
|
|
|
|
|
_("Set Replication error, LDAP service not setuped") + " ...")
|
|
|
|
|
return False
|
|
|
|
|
# Проверим запущен ли ldap
|
|
|
|
|
if not self.getRunService("ldap"):
|
|
|
|
|
# Запускаем LDAP сервер
|
|
|
|
|
if not self.runLdapServer():
|
|
|
|
|
return False
|
|
|
|
|
#Cоединение с Ldap (администратор)
|
|
|
|
|
shareLdap.getLdapObjInFile(self)
|
|
|
|
|
if not self.addReplDN():
|
|
|
|
|
return False
|
|
|
|
|
self.printOK(_("Replication setuped") + " ...")
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
class tsOpt(cl_base.opt):
|
|
|
|
|
"""Класс для обработки параметров и вывода help
|
|
|
|
|
|
|
|
|
|