def dump(self):
fd = LDIFutils.ldif_outfile('RADIUS')
fd.write(LDIFutils.container_entry_string('RADIUS'))
noAuth = (None, None)
for account_id, vlan_vpn in self.id2vlan_vpn.iteritems():
info = self.auth[account_id]
uname = LDIFutils.iso2utf(str(info[0]))
auth = info[1]
ntAuth = self.md4_auth.get(account_id, noAuth)[1]
if account_id in self.quarantines:
qh = QuarantineHandler(self.db, self.quarantines[account_id])
if qh.should_skip():
continue
if qh.is_locked():
auth = ntAuth = None
dn = ','.join(('uid=' + uname, self.radius_dn))
entry = {
# Ikke endelig innhold
'objectClass': ['top', 'account', 'uiaRadiusAccount'],
'uid': (uname,),
'radiusTunnelType': ('VLAN',),
'radiusTunnelMediumType': ('IEEE-802',),
'radiusTunnelPrivateGroupId': (vlan_vpn[0],),
'radiusClass': (vlan_vpn[1],)}
if auth:
entry['objectClass'].append('simpleSecurityObject')
entry['userPassword'] = ('{crypt}' + auth,)
if ntAuth:
entry['ntPassword'] = (ntAuth,)
fd.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('RADIUS', fd)
def user_ldif(self, filename=None):
"""Generate posix-user."""
self.init_user()
f = LDIFutils.ldif_outfile('USER', filename, self.fd)
self.write_user_objects_head(f)
# Write the USER container object
f.write(LDIFutils.container_entry_string('USER'))
def generate_users():
for row in self.posuser.list_posix_users(
spread=self.spread_d['user'],
filter_expired=True):
account_id = row['account_id']
dn, entry = self.user_object(row)
if not dn:
logger.debug('no dn for account_id=%r', account_id)
continue
yield dn, entry
for dn, entry in sorted(generate_users(),
key=operator.itemgetter(0)):
try:
f.write(LDIFutils.entry_string(dn, entry, False))
except Exception:
logger.error('Got error on dn=%r', dn)
raise
LDIFutils.end_ldif_outfile('USER', f, self.fd)
def user_ldif(self, filename=None, auth_meth=None):
"""Generate posix-user."""
timer = make_timer(self.logger, 'Starting user_ldif...')
self.init_user(auth_meth)
f = LDIFutils.ldif_outfile('USER', filename, self.fd)
f.write(LDIFutils.container_entry_string('USER'))
for row in self.posuser.list_extended_posix_users(
self.user_auth,
spread=self.spread_d['user'],
include_quarantines=False):
dn, entry = self.user_object(row)
if dn:
f.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('USER', f, self.fd)
timer('... done user_ldif')
def user_ldif(self, filename=None, auth_meth=None):
"""Generate posix-user."""
timer = make_timer(self.logger, 'Starting user_ldif...')
self.init_user(auth_meth)
f = LDIFutils.ldif_outfile('USER', filename, self.fd)
f.write(LDIFutils.container_entry_string('USER'))
for row in self.posuser.list_extended_posix_users(
self.user_auth,
spread=self.spread_d['user'],
include_quarantines=False):
dn, entry = self.user_object(row)
if dn:
f.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('USER', f, self.fd)
timer('... done user_ldif')
def netgroup_ldif(self, filename=None):
"""Generate netgroup with only users."""
timer = make_timer(self.logger, 'Starting netgroup_ldif...')
if 'netgroup' not in self.spread_d:
self.logger.warn("No valid netgroup-spread in cereconf or arg!")
return
self.init_netgroup()
timer2 = make_timer(self.logger, 'Caching netgroups...')
for row in self.grp.search(spread=self.spread_d['netgroup'],
filter_expired=False):
group_id = row['group_id']
self.create_group_object(group_id, row['name'], row['description'])
self.create_netgroup_object(group_id)
timer2('... done caching filegroups')
self.cache_uncached_children()
timer2 = make_timer(self.logger, 'Adding users and groups...')
for group_id, entry in self.netgroupcache.iteritems():
users, groups = self.get_users_and_groups(group_id,
set(),
set(),
add_persons=True)
unames = self.userid2unames(users, group_id)
triple = []
for uname in unames:
if '_' in uname:
continue
triple.append('(,%s,)' % uname)
netgroup = []
for g in groups:
netgroup.append(self.netgroupcache[g]['cn'])
entry['nisNetgroupTriple'] = triple
entry['memberNisNetgroup'] = netgroup
timer2('... done adding users and groups')
timer2 = make_timer(self.logger, 'Writing group objects...')
f = LDIFutils.ldif_outfile('NETGROUP', filename, self.fd)
f.write(LDIFutils.container_entry_string('NETGROUP'))
for group_id, entry in self.netgroupcache.iteritems():
dn = ','.join(('cn=' + entry['cn'], self.ngrp_dn))
f.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('NETGROUP', f, self.fd)
timer2('... done writing group objects')
self.netgroupcache = None
timer('... done netgroup_ldif')
def netgroup_ldif(self, filename=None):
"""Generate netgroup with only users."""
timer = make_timer(self.logger, 'Starting netgroup_ldif...')
if 'netgroup' not in self.spread_d:
self.logger.warn("No valid netgroup-spread in cereconf or arg!")
return
self.init_netgroup()
timer2 = make_timer(self.logger, 'Caching netgroups...')
for row in self.grp.search(spread=self.spread_d['netgroup'],
filter_expired=False):
group_id = row['group_id']
self.create_group_object(group_id, row['name'],
row['description'])
self.create_netgroup_object(group_id)
timer2('... done caching filegroups')
self.cache_uncached_children()
timer2 = make_timer(self.logger, 'Adding users and groups...')
for group_id, entry in self.netgroupcache.iteritems():
users, groups = self.get_users_and_groups(group_id, set(), set(),
add_persons=True)
unames = self.userid2unames(users, group_id)
triple = []
for uname in unames:
if '_' in uname:
continue
triple.append('(,%s,)' % uname)
netgroup = []
for g in groups:
netgroup.append(self.netgroupcache[g]['cn'])
entry['nisNetgroupTriple'] = triple
entry['memberNisNetgroup'] = netgroup
timer2('... done adding users and groups')
timer2 = make_timer(self.logger, 'Writing group objects...')
f = LDIFutils.ldif_outfile('NETGROUP', filename, self.fd)
f.write(LDIFutils.container_entry_string('NETGROUP'))
for group_id, entry in self.netgroupcache.iteritems():
dn = ','.join(('cn=' + entry['cn'], self.ngrp_dn))
f.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('NETGROUP', f, self.fd)
timer2('... done writing group objects')
self.netgroupcache = None
timer('... done netgroup_ldif')
def filegroup_ldif(self, filename=None):
""" Generate filegroup.
Groups without group and expanded members from both external and
internal groups.
"""
timer = make_timer(self.logger, 'Starting filegroup_ldif...')
if 'filegroup' not in self.spread_d:
self.logger.warn("No spread is given for filegroup!")
return
self.init_filegroup()
timer2 = make_timer(self.logger, 'Caching filegroups...')
for row in self.grp.search(spread=self.spread_d['filegroup'],
filter_expired=False):
group_id = row['group_id']
if group_id not in self.group2gid:
self.logger.warn(
"Group id:{} has one of {} but no GID, skipping".format(
group_id,
getattr(cereconf,
'LDAP_FILEGROUP').get('spread'), []))
continue
self.create_group_object(group_id, row['name'],
row['description'])
self.create_filegroup_object(group_id)
self.update_filegroup_entry(group_id)
timer2('... done caching filegroups')
self.cache_uncached_children()
timer2 = make_timer(self.logger, 'Adding users and groups...')
for group_id, entry in self.filegroupcache.iteritems():
users = self.get_users(group_id, set())
unames = self.userid2unames(users, group_id)
entry['memberUid'] = unames
timer2('... done adding users')
timer2 = make_timer(self.logger, 'Writing group objects...')
f = LDIFutils.ldif_outfile('FILEGROUP', filename, self.fd)
f.write(LDIFutils.container_entry_string('FILEGROUP'))
for group_id, entry in self.filegroupcache.iteritems():
dn = ','.join(('cn=' + entry['cn'], self.fgrp_dn))
f.write(LDIFutils.entry_string(dn, entry, False))
timer2('... done writing group objects')
self.filegroupcache = None
LDIFutils.end_ldif_outfile('FILEGROUP', f, self.fd)
timer('... done filegroup_ldif')
def filegroup_ldif(self, filename=None):
""" Generate filegroup.
Groups without group and expanded members from both external and
internal groups.
"""
timer = make_timer(self.logger, 'Starting filegroup_ldif...')
if 'filegroup' not in self.spread_d:
self.logger.warn("No spread is given for filegroup!")
return
self.init_filegroup()
timer2 = make_timer(self.logger, 'Caching filegroups...')
for row in self.grp.search(spread=self.spread_d['filegroup'],
filter_expired=False):
group_id = row['group_id']
if group_id not in self.group2gid:
self.logger.warn(
"Group id:{} has one of {} but no GID, skipping".format(
group_id,
getattr(cereconf, 'LDAP_FILEGROUP').get('spread'), []))
continue
self.create_group_object(group_id, row['name'], row['description'])
self.create_filegroup_object(group_id)
self.update_filegroup_entry(group_id)
timer2('... done caching filegroups')
self.cache_uncached_children()
timer2 = make_timer(self.logger, 'Adding users and groups...')
for group_id, entry in self.filegroupcache.iteritems():
users = self.get_users(group_id, set())
unames = self.userid2unames(users, group_id)
entry['memberUid'] = unames
timer2('... done adding users')
timer2 = make_timer(self.logger, 'Writing group objects...')
f = LDIFutils.ldif_outfile('FILEGROUP', filename, self.fd)
f.write(LDIFutils.container_entry_string('FILEGROUP'))
for group_id, entry in self.filegroupcache.iteritems():
dn = ','.join(('cn=' + entry['cn'], self.fgrp_dn))
f.write(LDIFutils.entry_string(dn, entry, False))
timer2('... done writing group objects')
self.filegroupcache = None
LDIFutils.end_ldif_outfile('FILEGROUP', f, self.fd)
timer('... done filegroup_ldif')
def dump(self):
fd = LDIFutils.ldif_outfile('USER')
fd.write(LDIFutils.container_entry_string('USER'))
for row in self.account.search():
account_id = row['account_id']
info = self.auth[account_id]
uname = LDIFutils.iso2utf(str(info[0]))
auth = info[1]
if account_id in self.quarantines:
qh = QuarantineHandler(self.db, self.quarantines[account_id])
if qh.should_skip():
continue
if qh.is_locked():
auth = None
dn = ','.join(('uid=' + uname, self.user_dn))
entry = {
'objectClass': ['account'],
'uid': (uname,),}
if auth:
entry['objectClass'].append('simpleSecurityObject')
entry['userPassword'] = ('{crypt}' + auth,)
fd.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('USER', fd)
def dump(self):
fd = LDIFutils.ldif_outfile('USER')
fd.write(LDIFutils.container_entry_string('USER'))
for row in self.account.search():
account_id = row['account_id']
info = self.auth[account_id]
uname = LDIFutils.iso2utf(str(info[0]))
auth = info[1]
if account_id in self.quarantines:
qh = QuarantineHandler(self.db, self.quarantines[account_id])
if qh.should_skip():
continue
if qh.is_locked():
auth = None
dn = ','.join(('uid=' + uname, self.user_dn))
entry = {
'objectClass': ['account'],
'uid': (uname, ),
}
if auth:
entry['objectClass'].append('simpleSecurityObject')
entry['userPassword'] = ('{crypt}' + auth, )
fd.write(LDIFutils.entry_string(dn, entry, False))
LDIFutils.end_ldif_outfile('USER', fd)
