def _force_target_directory(self, directory):
makedirs(directory)
chown(directory, "root", "mpxadmin", ignore_errors=1)
keywords = {}
keywords.update(self.keywords)
keywords[CommandKeywords.FATAL_KEY] = 0
os.system("chmod 0770 %s" % (directory, ), **keywords)
return
def _force_target_directory(self, directory):
makedirs(directory)
chown(directory, "root", "mpxadmin", ignore_errors=1)
keywords = {}
keywords.update(self.keywords)
keywords[CommandKeywords.FATAL_KEY] = 0
os.system("chmod 0770 %s" % (directory,), **keywords)
return
def install(self):
#
# Note: Unfortunately the following two import statements have
# the side-effect of trying to create a directory under
# /var/mpx. This isn't necessary when just trying to
# query this install script and in fact fails in some
# cases, so the imports were moved from the top of this
# script to here.
#
from moab.linux.lib.servicemgr import InittabManager
from moab.linux.lib.servicemgr import InittabGroup
chown(ROOT, MPX_UID, MPX_GID, recurse=1, ignore_errors=1)
keywords = {}
keywords.update(self.keywords)
keywords.update({'ROOT':DUP_DIR})
keywords[CommandKeywords.FATAL_KEY] = 1
# Duplicate the config service so it will work after /usr/lib/broadway
# is nuked.
makedirs(DUP_DIR)
os.system("cp *.pyc %s" % DUP_DIR, **keywords)
chown(DUP_DIR, MPX_UID, MPX_GID, recurse=1, ignore_errors=1)
os.system("chmod -R %o %s/*" % (0664, DUP_DIR), **keywords)
# Create the config_service's custom launcher.
create_pyscript(CONFIG_SCRIPT, CONFIG_PYC, **keywords)
# Update inittab to include the new config service.
inittab = InittabManager(**keywords)
gname = 'MEDIATOR_CONFIGURATION_SERVICE'
# Remove any existing mpx_igmp entry.
for group in inittab.group_list:
lines = group.text.split('\n')
found = 0
for i in range(0, len(lines)):
line = lines[i]
if line and line[0] != '#' and line.find('mpx_igmp') != -1:
lines[i] = "# %s # - %s" % (line, gname)
found = 1
if found:
text = lines.pop(0)
for line in lines:
text = "%s\n%s" % (text, line)
group.text = text
# Add the Mediator Configuration Service.
mcs = inittab.findgroup(gname)
text = 'MCS:2345:respawn:%s' % CONFIG_SCRIPT
if mcs is None:
inittab.addgroup(InittabGroup(gname, text))
else:
mcs.text = text
inittab.commit()
return 0
def _validate_var_run(self):
makedirs(VAR_RUN, 0755)
makedirs(VAR_RUN_BROADWAY, 0775)
chown(VAR_RUN_BROADWAY, "root", "mpxadmin", recurse=1, ignore_errors=1)
return
def _update_mpxadmin_user(self):
#
# Ensure the mpxadmin group exists.
#
passwd = PasswdFile()
passwd.load()
group = GroupFile()
group.load()
self.options.normal_message("Checking for mpxadmin group.")
if "mpxadmin" not in group:
self.options.normal_message("No mpxadmin group, adding.")
mpxadmin = GroupEntry()
mpxadmin.group("mpxadmin")
mpxadmin.crypt("*")
mpxadmin.gid(int(MPX_GID))
mpxadmin.user_list((mpxadmin.group(), ))
group[mpxadmin.group()] = mpxadmin
group.save()
self.options.normal_message("Added mpxadmin group(%d) in %s.",
mpxadmin.gid(), group._file)
else:
self.options.normal_message("mpxadmin group already exists.")
if int(MPX_GID):
# Installing as regular user, presumably in penvironment.d, add
# the required "root" group.
self.options.normal_message("Checking for root group.")
if "root" not in group:
self.options.normal_message("No root group, adding.")
root = GroupEntry()
root.group("root")
root.crypt("*")
root.gid(int(MPX_GID))
root.user_list((root.group(), ))
group[root.group()] = root
group.save()
self.options.normal_message("Added root group(%d) in %s.",
root.gid(), group._file)
else:
self.options.normal_message("root group already exists.")
#
# Ensure the mpxadmin user exists.
#
self.options.normal_message("Checking for mpxadmin user.")
#if "mpxadmin" not in passwd:
# if there is no mpxadmin type user, create a default
if len(filter(lambda pw: pw.user_type() == 'mpxadmin', passwd)) == 0:
self.options.normal_message(
"No mpxadmin user, checking for mpxadmin group.")
gid = group["mpxadmin"].gid()
# @fixme This is not pretty, but it will work for now.
# A new UID would be uid = passwd.new_uid(gid-1)
uid = int(MPX_UID) # Hijacking root for superuser privelidges...
mpxadmin = PasswdEntry()
mpxadmin.user("mpxadmin")
mpxadmin.directory(passwd.default_home(mpxadmin.user()))
mpxadmin.crypt(_crypted_password("mpxadmin", "mpxadmin"))
mpxadmin.uid(uid)
mpxadmin.gid(gid)
# @fixme Formalize the Mediator concept of meta-data associated
# with users. Also consider moving the meta-data out of
# /etc/passwd and into a PDO...
# META-DATA:
# AKA: Allows us to track renames of key users (pppuser,
# mpxadmin, webdev, ...)
# CSIK: Configuration Service Initial Key (used to calculate
# "classic" Configuration Service Security Keys.
mpxadmin.gecos("AKA=mpxadmin,CSIK=%s,ROLE=administrator" %
(_csiked_password("mpxadmin"), ))
mpxadmin.shell("/bin/bash")
passwd[mpxadmin.user()] = mpxadmin
passwd.save()
self.options.normal_message("Added mpxadmin user(%d.%d) in %s.",
mpxadmin.uid(), mpxadmin.gid(),
passwd._file)
# Create and update the mpxadmin user.
self._force_target_directory(mpxadmin.directory())
self.cwd.pushd(mpxadmin.directory())
passwd = PasswdFile()
passwd.load()
group = GroupFile()
group.load()
os.system("chmod -R ug+Xrw .", **self._fatal_keywords())
chown(".", "mpxadmin", "mpxadmin", recurse=1, ignore_errors=1)
self.cwd.popd()
else:
self.options.normal_message("mpxadmin user already exists.")
#
# Ensure mpxadmin is a member of the root group.
#
group = GroupFile()
group.load()
root = group["root"]
user_list = root.user_list()
if "mpxadmin" not in user_list:
self.options.normal_message(
"Adding mpxadmin user to the root group.")
user_list.append("mpxadmin")
root.user_list(user_list)
group["root"] = root
group.save()
return
def _update_webdev_home(self):
self.cwd.pushd(properties.WWW_ROOT)
chown(".", "webdev", "webdev", recurse=1, ignore_errors=1, followslinks=0)
os.system("chmod -R ug+Xrw . *", **self.keywords)
self.cwd.popd()
return
def _validate_var_run(self):
makedirs(VAR_RUN, 0755)
makedirs(VAR_RUN_BROADWAY, 0775)
chown(VAR_RUN_BROADWAY, "root", "mpxadmin", recurse=1, ignore_errors=1)
return
def _update_mpxadmin_user(self):
#
# Ensure the mpxadmin group exists.
#
passwd = PasswdFile()
passwd.load()
group = GroupFile()
group.load()
self.options.normal_message("Checking for mpxadmin group.")
if "mpxadmin" not in group:
self.options.normal_message("No mpxadmin group, adding.")
mpxadmin = GroupEntry()
mpxadmin.group("mpxadmin")
mpxadmin.crypt("*")
mpxadmin.gid(int(MPX_GID))
mpxadmin.user_list((mpxadmin.group(),))
group[mpxadmin.group()] = mpxadmin
group.save()
self.options.normal_message("Added mpxadmin group(%d) in %s.", mpxadmin.gid(), group._file)
else:
self.options.normal_message("mpxadmin group already exists.")
if int(MPX_GID):
# Installing as regular user, presumably in penvironment.d, add
# the required "root" group.
self.options.normal_message("Checking for root group.")
if "root" not in group:
self.options.normal_message("No root group, adding.")
root = GroupEntry()
root.group("root")
root.crypt("*")
root.gid(int(MPX_GID))
root.user_list((root.group(),))
group[root.group()] = root
group.save()
self.options.normal_message("Added root group(%d) in %s.", root.gid(), group._file)
else:
self.options.normal_message("root group already exists.")
#
# Ensure the mpxadmin user exists.
#
self.options.normal_message("Checking for mpxadmin user.")
# if "mpxadmin" not in passwd:
# if there is no mpxadmin type user, create a default
if len(filter(lambda pw: pw.user_type() == "mpxadmin", passwd)) == 0:
self.options.normal_message("No mpxadmin user, checking for mpxadmin group.")
gid = group["mpxadmin"].gid()
# @fixme This is not pretty, but it will work for now.
# A new UID would be uid = passwd.new_uid(gid-1)
uid = int(MPX_UID) # Hijacking root for superuser privelidges...
mpxadmin = PasswdEntry()
mpxadmin.user("mpxadmin")
mpxadmin.directory(passwd.default_home(mpxadmin.user()))
mpxadmin.crypt(_crypted_password("mpxadmin", "mpxadmin"))
mpxadmin.uid(uid)
mpxadmin.gid(gid)
# @fixme Formalize the Mediator concept of meta-data associated
# with users. Also consider moving the meta-data out of
# /etc/passwd and into a PDO...
# META-DATA:
# AKA: Allows us to track renames of key users (pppuser,
# mpxadmin, webdev, ...)
# CSIK: Configuration Service Initial Key (used to calculate
# "classic" Configuration Service Security Keys.
mpxadmin.gecos("AKA=mpxadmin,CSIK=%s,ROLE=administrator" % (_csiked_password("mpxadmin"),))
mpxadmin.shell("/bin/bash")
passwd[mpxadmin.user()] = mpxadmin
passwd.save()
self.options.normal_message(
"Added mpxadmin user(%d.%d) in %s.", mpxadmin.uid(), mpxadmin.gid(), passwd._file
)
# Create and update the mpxadmin user.
self._force_target_directory(mpxadmin.directory())
self.cwd.pushd(mpxadmin.directory())
passwd = PasswdFile()
passwd.load()
group = GroupFile()
group.load()
os.system("chmod -R ug+Xrw .", **self._fatal_keywords())
chown(".", "mpxadmin", "mpxadmin", recurse=1, ignore_errors=1)
self.cwd.popd()
else:
self.options.normal_message("mpxadmin user already exists.")
#
# Ensure mpxadmin is a member of the root group.
#
group = GroupFile()
group.load()
root = group["root"]
user_list = root.user_list()
if "mpxadmin" not in user_list:
self.options.normal_message("Adding mpxadmin user to the root group.")
user_list.append("mpxadmin")
root.user_list(user_list)
group["root"] = root
group.save()
return
