|
|
|
@ -32,6 +32,7 @@ import getpass
|
|
|
|
|
# Статистика файла
|
|
|
|
|
import stat
|
|
|
|
|
import types
|
|
|
|
|
import time
|
|
|
|
|
|
|
|
|
|
Version = "calculate-server 0.0.1"
|
|
|
|
|
|
|
|
|
@ -186,6 +187,7 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_par, imp_cl_con):
|
|
|
|
|
'cl-usermod':5,
|
|
|
|
|
'cl-setup':6,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
self.data = [\
|
|
|
|
|
# Options
|
|
|
|
|
{'progAccess':(0,),
|
|
|
|
@ -361,6 +363,18 @@ class cl_ldap(imp_cl_err, imp_cl_xml, imp_cl_par, imp_cl_con):
|
|
|
|
|
'helpChapter':_("Options"),
|
|
|
|
|
'help':_("new login shell for the user account")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(5,),
|
|
|
|
|
'shortOption':"d",
|
|
|
|
|
'longOption':"userDisable",
|
|
|
|
|
'helpChapter':_("Options"),
|
|
|
|
|
'help':_("disable user")
|
|
|
|
|
},
|
|
|
|
|
{'progAccess':(5,),
|
|
|
|
|
'shortOption':"e",
|
|
|
|
|
'longOption':"userEnable",
|
|
|
|
|
'helpChapter':_("Options"),
|
|
|
|
|
'help':_("enable user")
|
|
|
|
|
},
|
|
|
|
|
#{'progAccess':(5,),
|
|
|
|
|
#'shortOption':"u",
|
|
|
|
|
#'longOption':"uid",
|
|
|
|
@ -954,8 +968,7 @@ Samba in backup directory")
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def delUserSambaServer(self, userName, options, clVars=False,
|
|
|
|
|
orgUnit="ou=Users,ou="):
|
|
|
|
|
def delUserSambaServer(self, userName, options, clVars=False):
|
|
|
|
|
"""Удаляем Samba пользователя"""
|
|
|
|
|
if options.has_key('r'):
|
|
|
|
|
self.printERROR (_("Options r not valid in service Samba"))
|
|
|
|
@ -971,7 +984,7 @@ Samba in backup directory")
|
|
|
|
|
# удаляемая машина
|
|
|
|
|
delUser = userName.replace('$','') + "$"
|
|
|
|
|
if not self.searchLdapUser(delUser, ldapObj, clVars,
|
|
|
|
|
orgUnit="ou=Computers,%s" %self.sambaRelDN):
|
|
|
|
|
"ou=Computers,%s" %self.sambaRelDN):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("Samba machine") + " " + str(delUser) + " " +\
|
|
|
|
|
_("not foung in LDAP"))
|
|
|
|
@ -980,7 +993,7 @@ Samba in backup directory")
|
|
|
|
|
# удаляемый пользователь
|
|
|
|
|
delUser = userName
|
|
|
|
|
if not self.searchLdapUser(delUser, ldapObj, clVars,
|
|
|
|
|
orgUnit="ou=Users,%s" %self.sambaRelDN):
|
|
|
|
|
"ou=Users,%s" %self.sambaRelDN):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("Samba user") + " " + str(delUser) + " " +\
|
|
|
|
|
_("not foung in LDAP"))
|
|
|
|
@ -1018,6 +1031,16 @@ Samba in backup directory")
|
|
|
|
|
ldapObj = self.getLdapObjInFile()
|
|
|
|
|
if not ldapObj:
|
|
|
|
|
return False
|
|
|
|
|
# Ищем пользователя в Samba
|
|
|
|
|
if self.searchLdapUser(userName, ldapObj, clVars,
|
|
|
|
|
"ou=Users,%s" %self.sambaRelDN):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("Samba user") + " " + str(userName) + " " +\
|
|
|
|
|
_("foung in LDAP"))
|
|
|
|
|
self.printWARNING(\
|
|
|
|
|
_("First remove user from the service Samba")
|
|
|
|
|
)
|
|
|
|
|
return False
|
|
|
|
|
# Ищем пользователя в LDAP
|
|
|
|
|
resLdap = self.searchLdapUser(userName, ldapObj, clVars)
|
|
|
|
|
if not resLdap:
|
|
|
|
@ -1235,6 +1258,9 @@ Samba in backup directory")
|
|
|
|
|
if ldapObj.getError():
|
|
|
|
|
print _("LDAP Error") + ": " + ldapObj.getError()
|
|
|
|
|
return False
|
|
|
|
|
# Изменим время последнего измения пароля пользователя
|
|
|
|
|
if not self.setShadowLastChange(userName, ldapObj, clVars):
|
|
|
|
|
return False
|
|
|
|
|
# Добавим домашнюю директорию
|
|
|
|
|
if options.has_key('m'):
|
|
|
|
|
if not os.path.exists(homeDir):
|
|
|
|
@ -1964,6 +1990,21 @@ Samba in backup directory")
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def setShadowLastChange(self, userName, ldapObj, clVars):
|
|
|
|
|
"""Изменим последнюю дату измениня пароля на текущую"""
|
|
|
|
|
# число дней от 1970 года
|
|
|
|
|
date = int(time.time()/86400)
|
|
|
|
|
modAttrs = [(ldap.MOD_REPLACE, 'shadowLastChange', str(date))]
|
|
|
|
|
try:
|
|
|
|
|
ldapObj.conLdap.modify_s("uid=%s,%s,%s"\
|
|
|
|
|
%(userName,"ou=Users",clVars.Get("soft_ldap_base")),
|
|
|
|
|
modAttrs)
|
|
|
|
|
except ldap.LDAPError, e:
|
|
|
|
|
self.printERROR(_("Not modify shadowLastChange attribute"))
|
|
|
|
|
self.printERROR(e[0]['desc'])
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def modGroupLdapServer(self, groupName, options, clVars=False):
|
|
|
|
|
"""Модифицирует настройки группы пользователей LDAP"""
|
|
|
|
|
if not clVars:
|
|
|
|
@ -2011,11 +2052,32 @@ Samba in backup directory")
|
|
|
|
|
ldapObj = self.getLdapObjInFile()
|
|
|
|
|
if not ldapObj:
|
|
|
|
|
return False
|
|
|
|
|
res = self.searchLdapUser(userName, ldapObj, clVars)
|
|
|
|
|
# Находим Samba пользователя
|
|
|
|
|
res = self.searchLdapUser(userName, ldapObj, clVars,
|
|
|
|
|
"ou=Users,%s" %self.sambaRelDN)
|
|
|
|
|
if not res:
|
|
|
|
|
self.printERROR(_("User") + " " + str(userName) + " " +\
|
|
|
|
|
self.printERROR(_("Samba user") + " " + str(userName) + " " +\
|
|
|
|
|
_("not found in LDAP") + " ...")
|
|
|
|
|
return False
|
|
|
|
|
# отключаем samba account
|
|
|
|
|
if options.has_key('d'):
|
|
|
|
|
textLine = self.execProg("smbpasswd -d %s" %(userName))
|
|
|
|
|
if "Disabled user %s" %userName in textLine:
|
|
|
|
|
self.printSUCCESS(_("Disabled samba user")+ " " +\
|
|
|
|
|
str(userName) + " ...")
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not disable samba user")+ " "+\
|
|
|
|
|
str(userName) + " ...")
|
|
|
|
|
# включаем samba account
|
|
|
|
|
if options.has_key('e'):
|
|
|
|
|
textLine = self.execProg("smbpasswd -e %s" %(userName))
|
|
|
|
|
if "Enabled user %s" %userName in textLine:
|
|
|
|
|
self.printSUCCESS(_("Enabled samba user")+ " " +\
|
|
|
|
|
str(userName) + " ...")
|
|
|
|
|
else:
|
|
|
|
|
self.printERROR(_("Not enable samba user")+ " "+\
|
|
|
|
|
str(userName) + " ...")
|
|
|
|
|
# модифицируем пароль
|
|
|
|
|
if options.has_key('P') or options.has_key('p'):
|
|
|
|
|
pwDialog = [_("New SMB password"),
|
|
|
|
|
_("Retype new SMB password")]
|
|
|
|
@ -2093,11 +2155,17 @@ Samba in backup directory")
|
|
|
|
|
" ...")
|
|
|
|
|
# Изменяемые аттрибуты пользователя
|
|
|
|
|
modAttrs = []
|
|
|
|
|
# Включаем пользователя
|
|
|
|
|
if options.has_key('e'):
|
|
|
|
|
modAttrs += [(ldap.MOD_REPLACE, 'shadowExpire', "-1")]
|
|
|
|
|
# Выключаем пользователя
|
|
|
|
|
if options.has_key('d'):
|
|
|
|
|
modAttrs += [(ldap.MOD_REPLACE, 'shadowExpire', "1")]
|
|
|
|
|
# Изменяем коментарий к пользователю
|
|
|
|
|
if options.has_key('c'):
|
|
|
|
|
comment = options['c']
|
|
|
|
|
if res[0][0][1].has_key('displayName'):
|
|
|
|
|
modAttr += [(ldap.MOD_REPLACE, 'displayName', comment),
|
|
|
|
|
modAttrs += [(ldap.MOD_REPLACE, 'displayName', comment),
|
|
|
|
|
(ldap.MOD_REPLACE, 'gecos', comment),
|
|
|
|
|
(ldap.MOD_REPLACE, 'cn', comment)]
|
|
|
|
|
else:
|
|
|
|
@ -2142,7 +2210,16 @@ Samba in backup directory")
|
|
|
|
|
if options.has_key('s'):
|
|
|
|
|
self.printSUCCESS(_("Modify shell") + " ...")
|
|
|
|
|
if options.has_key('P') or options.has_key('p'):
|
|
|
|
|
# Изменим время последнего измения пароля пользователя
|
|
|
|
|
if not self.setShadowLastChange(userName, ldapObj, clVars):
|
|
|
|
|
return False
|
|
|
|
|
self.printSUCCESS(_("Modify LDAP user password") + " ...")
|
|
|
|
|
if options.has_key('e'):
|
|
|
|
|
self.printSUCCESS(_("Enabled user") + " " + str(userName) +\
|
|
|
|
|
" ...")
|
|
|
|
|
if options.has_key('d'):
|
|
|
|
|
self.printSUCCESS(_("Disabled user") + " " + str(userName) +\
|
|
|
|
|
" ...")
|
|
|
|
|
if optOut and optOut =='passwd':
|
|
|
|
|
return userPwd
|
|
|
|
|
return True
|
|
|
|
|