|
|
|
@ -38,6 +38,7 @@ from client.progressbar import ProgressBar
|
|
|
|
|
from cl_utils import runOsCommand, getpathenv, getModeFile, removeDir, isMount
|
|
|
|
|
from _cl_keys import getKey, clearKey
|
|
|
|
|
from convertenv import convertEnv
|
|
|
|
|
from encrypt import encrypt
|
|
|
|
|
|
|
|
|
|
lang().setLanguage(sys.modules[__name__])
|
|
|
|
|
|
|
|
|
@ -243,7 +244,73 @@ class ldapData(ldapUser):
|
|
|
|
|
return True
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
class client(share):
|
|
|
|
|
class commandServer(color_print):
|
|
|
|
|
"""Отправка команд на сервер (изменение пароля пользователя на сервере)"""
|
|
|
|
|
|
|
|
|
|
def setServerCommand(self, command, varsCommand, fileConfig,
|
|
|
|
|
uid=None, gid=None):
|
|
|
|
|
"""Установить команду для сервера"""
|
|
|
|
|
pathConfig = os.path.split(fileConfig)[0]
|
|
|
|
|
# Создаем директорию если ее нет
|
|
|
|
|
if not os.path.exists(pathConfig):
|
|
|
|
|
os.makedirs(pathConfig)
|
|
|
|
|
if not uid is None and not gid is None:
|
|
|
|
|
os.chown(pathConfig, uid, gid)
|
|
|
|
|
objConfig = iniParser(fileConfig)
|
|
|
|
|
varsRun = {"run":"on"}
|
|
|
|
|
varsRun.update(varsCommand)
|
|
|
|
|
if not objConfig.setVar(["command"]+command, varsRun):
|
|
|
|
|
self.printERROR(_("Can not write variables in file %s")\
|
|
|
|
|
%fileConfig)
|
|
|
|
|
return False
|
|
|
|
|
if not uid is None and not gid is None:
|
|
|
|
|
os.chown(fileConfig, uid, gid)
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def checkUserPwdLDAP(self, server, userDN, password):
|
|
|
|
|
"""Проверка пароля Unix пользователя на сервере"""
|
|
|
|
|
ldapInit = ldap.initialize("ldap://%s"%server)
|
|
|
|
|
errMessage = ""
|
|
|
|
|
try:
|
|
|
|
|
ldapInit.bind_s(userDN, password)
|
|
|
|
|
except ldap.INVALID_CREDENTIALS:
|
|
|
|
|
errMessage = _("Password incorrect")
|
|
|
|
|
return False, errMessage
|
|
|
|
|
except ldap.LDAPError, e:
|
|
|
|
|
errMessage = e[0]['desc']
|
|
|
|
|
return False, errMessage
|
|
|
|
|
return True, errMessage
|
|
|
|
|
|
|
|
|
|
def getUserPwd(self, options, optDialog, optStdIn, pwDialog=False):
|
|
|
|
|
"""Получить пароль у пользователя
|
|
|
|
|
|
|
|
|
|
options - полученные опции командной строки
|
|
|
|
|
optDialog - опция командной строки для вывода диалога для получения
|
|
|
|
|
пароля
|
|
|
|
|
optStdIn - опция командной строки для получения пароля из
|
|
|
|
|
стандартного ввода (stdin)
|
|
|
|
|
pwDialog - структура для вывода приглашения в режиме диалога
|
|
|
|
|
"""
|
|
|
|
|
userPwd = ""
|
|
|
|
|
if optStdIn and options.has_key(optStdIn):
|
|
|
|
|
pwdA = sys.stdin.readline().rstrip()
|
|
|
|
|
pwdB = sys.stdin.readline().rstrip()
|
|
|
|
|
elif optDialog and options.has_key(optDialog):
|
|
|
|
|
if not pwDialog:
|
|
|
|
|
pwDialog = [_("New password"),
|
|
|
|
|
_("Retype new password")]
|
|
|
|
|
pwdA = getpass.getpass(pwDialog[0]+":")
|
|
|
|
|
pwdB = getpass.getpass(pwDialog[1]+":")
|
|
|
|
|
if (optStdIn and options.has_key(optStdIn)) or\
|
|
|
|
|
(optDialog and options.has_key(optDialog)):
|
|
|
|
|
if not pwdA or not (pwdA == pwdB):
|
|
|
|
|
self.printERROR (_("ERROR") + ": " +\
|
|
|
|
|
_("passwords do not match"))
|
|
|
|
|
return False
|
|
|
|
|
userPwd = pwdA
|
|
|
|
|
return userPwd
|
|
|
|
|
|
|
|
|
|
class client(share, commandServer, encrypt):
|
|
|
|
|
"""Методы работы для подключения пользователя к серверу и синхронизации"""
|
|
|
|
|
# Объект для поиска пользовательских данных в LDAP
|
|
|
|
|
ldapDataObj = ldapData()
|
|
|
|
@ -627,26 +694,6 @@ class client(share):
|
|
|
|
|
return False
|
|
|
|
|
return varsConfig
|
|
|
|
|
|
|
|
|
|
def setServerCommand(self, command, varsCommand, fileConfig,
|
|
|
|
|
uid=None, gid=None):
|
|
|
|
|
"""Установить команду для сервера"""
|
|
|
|
|
pathConfig = os.path.split(fileConfig)[0]
|
|
|
|
|
# Создаем директорию если ее нет
|
|
|
|
|
if not os.path.exists(pathConfig):
|
|
|
|
|
os.makedirs(pathConfig)
|
|
|
|
|
if not uid is None and not gid is None:
|
|
|
|
|
os.chown(pathConfig, uid, gid)
|
|
|
|
|
objConfig = iniParser(fileConfig)
|
|
|
|
|
varsRun = {"run":"on"}
|
|
|
|
|
varsRun.update(varsCommand)
|
|
|
|
|
if not objConfig.setVar(["command"]+command, varsRun):
|
|
|
|
|
self.printERROR(_("Can not write variables in file %s")\
|
|
|
|
|
%fileConfig)
|
|
|
|
|
return False
|
|
|
|
|
if not uid is None and not gid is None:
|
|
|
|
|
os.chown(fileConfig, uid, gid)
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def foundArchFile(self,strCurrentTime,archPathProcess,
|
|
|
|
|
archPathSuccess, progress=False,
|
|
|
|
|
remoteServer=False):
|
|
|
|
@ -1859,3 +1906,50 @@ class client(share):
|
|
|
|
|
flagUpdate = True
|
|
|
|
|
return flagUpdate
|
|
|
|
|
|
|
|
|
|
def setUserPasswordToServer(self):
|
|
|
|
|
"""Установка пароля пользователя на сервере"""
|
|
|
|
|
# Проверяем на root
|
|
|
|
|
if self.isRoot(False):
|
|
|
|
|
self.printERROR(_("The user is root"))
|
|
|
|
|
self.printWARNING(\
|
|
|
|
|
_("The program can be executed from a non-root user only"))
|
|
|
|
|
return False
|
|
|
|
|
# DNS имя хоста
|
|
|
|
|
server = self.ldapDataObj.getHost()
|
|
|
|
|
# DN пользователей
|
|
|
|
|
usersDN = self.ldapDataObj.getUsersDN()
|
|
|
|
|
if not (server and usersDN):
|
|
|
|
|
self.printERROR(_("The computer is not in domain"))
|
|
|
|
|
self.printWARNING(_("Use passwd"))
|
|
|
|
|
return False
|
|
|
|
|
# Получаем старый пароль пользователя
|
|
|
|
|
curPassword = self.getUserPassword(_("Enter current password"))
|
|
|
|
|
if not curPassword:
|
|
|
|
|
self.printERROR(_("Current password is empty"))
|
|
|
|
|
return False
|
|
|
|
|
userDN = self.ldapDataObj.addDN("uid=%s"%os.environ["USER"], usersDN)
|
|
|
|
|
# Проверяем в LDAP сервере текущий пароль пользователя
|
|
|
|
|
ret, err = self.checkUserPwdLDAP(server, userDN, curPassword)
|
|
|
|
|
if not ret:
|
|
|
|
|
self.printERROR(err)
|
|
|
|
|
return False
|
|
|
|
|
password = self.getUserPwd({"p":""}, "p", False)
|
|
|
|
|
if password is False:
|
|
|
|
|
return False
|
|
|
|
|
# Переменные для записи в env файл
|
|
|
|
|
varsConfig = {"unix_hash":self.getHashPasswd(password,"ssha"),
|
|
|
|
|
"samba_lm_hash":self.getHashPasswd(password,"lm"),
|
|
|
|
|
"samba_nt_hash":self.getHashPasswd(password,"nt"),
|
|
|
|
|
"samba_nt_hash_old":self.getHashPasswd(curPassword,"nt")}
|
|
|
|
|
if filter(lambda x: not x, varsConfig.values()):
|
|
|
|
|
return False
|
|
|
|
|
# ~/.calculate/server.env
|
|
|
|
|
fileConfig = os.path.join(os.environ["HOME"], self.configFileServer)
|
|
|
|
|
if not self.setServerCommand(["passwd_samba"], varsConfig, fileConfig):
|
|
|
|
|
return False
|
|
|
|
|
self.printOK(_("Changed password of user %s")%os.environ["USER"] + \
|
|
|
|
|
" ...")
|
|
|
|
|
self.printWARNING(_("Password will be changed when you logout from the \
|
|
|
|
|
X session"))
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|