def setConfigValue(self, variable_name, values_list) :
		dnsmasq_editor = tools.editors.PlainEditor(spaces_list = [], quotes_list = [])
		dnsmasq_editor.open(config.value(SERVICE_NAME, "dnsmasq_conf"),
			config.value(SERVICE_NAME, "dnsmasq_conf_sample"))
		dnsmasq_editor.setValue(variable_name, values_list)
		dnsmasq_editor.save()
		dnsmasq_editor.close()
Beispiel #2
0
 def setServers(self, servers_list):
     ntp_editor = tools.editors.PlainEditor(delimiter="", quotes_list=[])
     ntp_editor.open(config.value(SERVICE_NAME, "ntp_conf"),
                     config.value(SERVICE_NAME, "ntp_conf_sample"))
     ntp_editor.setValue("server", servers_list)
     ntp_editor.save()
     ntp_editor.close()
	def addStaticHost(self, mac, ip, name) :
		static_host = "%s,%s" % (validators.network.validMacAddress(mac)[0], validators.network.validIpv4Address(ip)[0])
		static_host += ( ",%s" % (name) if len(name) != 0 else "" )

		dnsmasq_editor = tools.editors.PlainEditor(spaces_list = [], quotes_list = [])
		dnsmasq_editor.open(config.value(SERVICE_NAME, "dnsmasq_conf"),
			config.value(SERVICE_NAME, "dnsmasq_conf_sample"))
		dnsmasq_editor.setValue("dhcp-host", dnsmasq_editor.value("dhcp_host") + [static_host])
		dnsmasq_editor.save()
		dnsmasq_editor.close()
 def unameOption(self, option):
     try:
         proc_args_list = [config.value(SERVICE_NAME, "uname_bin"), option]
         return tools.process.execProcess(proc_args_list)[0].strip()
     except FileNotFoundError:
         logger.error("Directory /usr/bin/lsb_release does not exist")
         return "Error: /usr/bin/lsb_release doesn\'t exist"
Beispiel #5
0
    def nssRoles(self):
        rid_regexp = re.compile(r"(^\d+):")

        try:
            role_config_file = open(config.value(SERVICE_NAME, "role_conf"))
        except:
            logger.attachException()
            return []

        role_names_list = []
        for role_record in role_config_file.read().split("\n"):
            rid_regexp_match = rid_regexp.match(role_record)
            if rid_regexp_match != None:
                try:
                    role_names_list.append(
                        grp.getgrgid(int(rid_regexp_match.group(1))).gr_name)
                except:
                    logger.error("{mod}: Cannot resolve group name by gid")
                    logger.attachException()

        try:
            role_config_file.close()
        except:
            pass

        return role_names_list
Beispiel #6
0
	def attributes(self) :
		proc_args_list = [config.value(SERVICE_NAME, "smartctl_bin"), "-A", self.__device_file_path]

		attrs_list = []
		attrs_found_flag = False
		for attrs_list_item in tools.process.execProcess(proc_args_list)[0].split("\n") :
			attrs_list_item = attrs_list_item.strip()

			if attrs_found_flag :
				attrs_records_list = re.split(r"\s+", attrs_list_item)
				if len(attrs_records_list) == 10 and attrs_records_list[0] != "ID#" :
					attrs_list.append([int(attrs_records_list[0]),
						attrs_records_list[1],
						int(attrs_records_list[2], 16),
						int(attrs_records_list[3]),
						int(attrs_records_list[4]),
						int(attrs_records_list[5]),
						attrs_records_list[6],
						attrs_records_list[7],
						attrs_records_list[8],
						attrs_records_list[9]])

			if attrs_list_item == "=== START OF READ SMART DATA SECTION ===" :
				attrs_found_flag = True
		return attrs_list
Beispiel #7
0
 def setUtcTime(self, month, monthday, hour, minute, year, second):
     proc_args_list = [
         config.value(SERVICE_NAME, "date_bin"), "-u",
         "%02d%02d%02d%02d%04d.%02d" %
         (month, monthday, hour, minute, year, second)
     ]
     return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #8
0
    def addRole(self, role_name, group_names_list):
        role_name = validators.os.validGroupName(role_name)
        group_names_list = [
            validators.os.validGroupName(item) for item in group_names_list
        ]

        rid = grp.getgrnam(role_name).gr_gid

        if len(gids) == 0:
            logger.verbose(
                "{mod}: Ignored an attempt to create an empty NSS role \"%s\" (rid=%d)"
                % (role_name, rid))
            return 1

        logger.verbose(
            "{mod}: Request to add NSS role \"%s\" (rid=%d) with groups \"%s\""
            % (role_name, rid, str(group_names_list)))

        editor = tools.editors.PlainEditor(delimiter=":",
                                           spaces_list=[],
                                           quotes_list=[])
        editor.open(config.value(SERVICE_NAME, "role_conf"))
        editor.setValue(
            str(rid),
            ",".join([grp.getgrnam(item).gr_gid for item in group_names_list]))
        editor.save()
        editor.close()

        return 0
    def initService(self):
        shared.Functions.addShared(LOCAL_USERS_SHARED_NAME)
        shared.Functions.addSharedObject(LOCAL_USERS_OBJECT_NAME,
                                         self.__local_users)

        logger.verbose("{mod}: First local users request...")
        local_users_shared = shared.Functions.shared(LOCAL_USERS_SHARED_NAME)
        user_count = 0
        for user_name in self.localUsers():
            dbus_user_name = re.sub(r"[^\w\d_]", "_", user_name)
            local_users_shared.addSharedObject(
                dbus_user_name,
                LocalUser(user_name,
                          tools.dbus.joinPath(SERVICE_NAME, dbus_user_name),
                          self))
            user_count += 1
        logger.verbose("{mod}: Added %d local users" % (user_count))

        passwd_config_subdir_path = os.path.dirname(
            config.value(SERVICE_NAME, "passwd_conf"))
        self.__watch_manager.add_watch(
            passwd_config_subdir_path,
            pyinotify.IN_DELETE | pyinotify.IN_CREATE | pyinotify.IN_MOVED_TO,
            rec=True)
        self.start()
        logger.verbose("{mod}: Start polling inotify events for \"%s\"" %
                       (passwd_config_subdir_path))
Beispiel #10
0
    def initService(self):
        shared.Functions.addShared(NSS_ROLES_SHARED_NAME)
        shared.Functions.addSharedObject(NSS_ROLES_OBJECT_NAME,
                                         self.__nss_roles)

        logger.verbose("{mod}: First NSS roles request...")
        nss_roles_shared = shared.Functions.shared(NSS_ROLES_SHARED_NAME)
        role_count = 0
        for role_name in self.nssRoles():
            dbus_role_name = re.sub(r"[^\w\d_]", "_", role_name)
            nss_roles_shared.addSharedObject(
                dbus_role_name,
                NssRole(role_name,
                        tools.dbus.joinPath(SERVICE_NAME, dbus_role_name),
                        self))
            role_count += 1
        logger.verbose("{mod}: Added %d NSS roles" % (role_count))

        role_config_subdir_path = os.path.dirname(
            config.value(SERVICE_NAME, "role_conf"))
        self.__watch_manager.add_watch(
            role_config_subdir_path,
            pyinotify.IN_DELETE | pyinotify.IN_CREATE | pyinotify.IN_MOVED_TO,
            rec=True)
        self.start()
        logger.verbose("{mod}: Start polling inotify events for \"%s\"" %
                       (role_config_subdir_path))
Beispiel #11
0
    def removeGroup(self, group_name):
        group_name = validators.os.validGroupName(group_name)
        gid = grp.getgrnam(group_name).gr_gid
        rid = grp.getgrnam(self.__role_name).gr_gid

        logger.verbose(
            "{mod}: Request to remove group \"%s\" from NSS role \"%s\"" %
            (group_name, self.__role_name))

        editor = tools.editors.PlainEditor(delimiter=":",
                                           spaces_list=[],
                                           quotes_list=[])
        editor.open(config.value(SERVICE_NAME, "role_conf"))

        role_gids_list = editor.value(str(rid))
        if len(role_gids_list) > 0 and len(role_gids_list[-1]) > 0:
            gids_list = role_gids_list[-1].split(",")
            if str(gid) in gids_list:
                gids_list.remove(str(gid))
                editor.setValue(str(rid), ",".join(gids_list))
                editor.save()
                editor.close()
                return 0
            else:
                logger.verbose(
                    "{mod}: Group \"%s\" is not included in role \"%s\"" %
                    (group_name, self.__role_name))
                editor.close()
                return 1

        editor.close()
        return 1
Beispiel #12
0
	def _apply(self, is_machine, who, session_id) :
		op = "apply"
		target_name = str(who)
		target_type = "machine" if is_machine else "user"
		logger.verbose("{mod}: Apply %s`s GPOs for %s" % (target_type, target_name))
		proc_args_list = [config.value(SERVICE_NAME, "gpoa"), op, target_type, target_name]
		mk_long_run("apply_{target}_{id}".format(target='machine' if is_machine else 'user', id=who), session_id, proc_args_list)
		return 0
Beispiel #13
0
 def closeService(self):
     role_config_subdir_path = os.path.dirname(
         config.value(SERVICE_NAME, "role_conf"))
     self.__watch_manager.rm_watch(
         self.__watch_manager.get_wd(role_config_subdir_path))
     self.stop()
     logger.verbose("{mod}: Stop polling inotify events for \"%s\"" %
                    (role_config_subdir_path))
Beispiel #14
0
    def currentLevel(self):
        level_pairs_list = tools.process.execProcess(
            config.value(SERVICE_NAME, "runlevel_bin"))[0].strip().split(" ")
        if len(level_pairs_list) != 2 or not level_pairs_list[1] in "0123456":
            raise tools.process.SubprocessFailure(
                "Error while execute \"%s\"\nStdout: %s\nStderr: %s\nReturn code: %d"
                % (proc_args, proc_stdout.strip(), proc_stderr.strip(),
                   proc_returncode))

        return int(level_pairs_list[1])
Beispiel #15
0
    def setPasswd(self, passwd):
        logger.verbose(
            "{mod}: Request to change password for local user \"%s\"" %
            (self.__user_name))

        return tools.process.execProcess(
            config.value(SERVICE_NAME, "chpasswd_bin"),
            proc_input="%s:%s\n" % (self.__user_name, passwd),
            fatal_flag=False,
            confidential_input_flag=True)[2]
Beispiel #16
0
    def addUser(self, user_name):
        user_name = validators.os.validUserName(user_name)

        logger.verbose("{mod}: Request to add user \"%s\" to NSS role \"%s\"" %
                       (user_name, self.__role_name))

        proc_args_list = [
            config.value(SERVICE_NAME, "usermod_bin"), "-a", "-G",
            self.__role_name, user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #17
0
    def setLock(self, lock_flag):
        (lock_arg, lock_str) = (("-L", "lock") if lock_flag else
                                ("-U", "unlock"))

        logger.verbose("{mod}: Request to %s local user \"%s\"" %
                       (lock_str, self.__user_name))

        proc_args_list = [
            config.value(SERVICE_NAME, "usermod_bin"), lock_arg,
            self.__user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #18
0
    def __init__(self, *args):
        # setting up constants
        global CERTS_DIR, PEMFILE, KEYFILE, CERTFILE, CSRFILE, CAFILE, CAKEY
        CERTS_DIR = config.value(SERVICE_NAME, "cert_dir")
        PEMFILE = path.join(CERTS_DIR, CERT_NAME + '.pem')
        KEYFILE = path.join(CERTS_DIR, CERT_NAME + '.key')
        CERTFILE = path.join(CERTS_DIR, CERT_NAME + '.crt')
        CSRFILE = path.join(CERTS_DIR, CERT_NAME + '.csr')
        CAFILE = path.join(CERTS_DIR, 'ca.crt')
        CAKEY = path.join(CERTS_DIR, 'ca.key')

        super().__init__(*args)
Beispiel #19
0
    def setGid(self, gid):
        if gid < 0:
            raise validators.ValidatorError("Incorrect GID %d" % (gid))

        logger.verbose(
            "{mod}: Request to change gid for local user \"%s\", new gid=%d" %
            (self.__user_name, gid))

        proc_args_list = [
            config.value(SERVICE_NAME, "usermod_bin"), "-g",
            str(gid), self.__user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #20
0
    def inotifyEvent(self, event):
        if event.dir or not event.pathname in (
                config.value(SERVICE_NAME, "passwd_conf"),
                config.value(SERVICE_NAME, "shadow_conf"),
                config.value(SERVICE_NAME, "login_defs_conf")):

            return

        user_names_list = self.localUsers()
        dbus_user_names_list = [
            re.sub(r"[^\w\d_]", "_", item) for item in user_names_list
        ]

        local_users_shared = shared.Functions.shared(LOCAL_USERS_SHARED_NAME)

        for count in xrange(len(user_names_list)):
            if not local_users_shared.hasSharedObject(
                    dbus_user_names_list[count]):
                local_users_shared.addSharedObject(
                    dbus_user_names_list[count],
                    LocalUser(
                        user_names_list[count],
                        tools.dbus.joinPath(SERVICE_NAME,
                                            dbus_user_names_list[count]),
                        self))
                logger.verbose("{mod}: Added local user \"%s\"" %
                               (user_names_list[count]))

        for dbus_user_name in local_users_shared.sharedObjects().keys():
            if not dbus_user_name in dbus_user_names_list:
                user_name = local_users_shared.sharedObject(
                    dbus_user_name).realName()
                local_users_shared.sharedObject(
                    dbus_user_name).removeFromConnection()
                local_users_shared.removeSharedObject(dbus_user_name)
                logger.verbose("{mod}: Removed local user \"%s\"" %
                               (user_name))

        self.__local_users.usersChanged()
Beispiel #21
0
    def setComment(self, text):
        if re.match(r"^[@<>./\w\d \t]*$", text) == None:
            raise validators.ValidatorError(
                "Incorrect symbols in string \"%s\"" % (text))

        logger.verbose(
            "{mod}: Request to change comment for local user \"%s\", new comment=\"%s\""
            % (self.__user_name, text))

        proc_args_list = [
            config.value(SERVICE_NAME, "usermod_bin"), "-c", text,
            self.__user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #22
0
    def addUser(self, user_name, uid, gid):
        user_name = validators.os.validUserName(user_name)
        (uid_args_list, uid_str) = ((["-u", str(uid)],
                                     str(uid)) if uid >= 0 else ([], "auto"))
        (gid_args_list, gid_str) = ((["-g", str(gid)],
                                     str(gid)) if gid >= 0 else ([], "auto"))

        logger.verbose(
            "{mod}: Request to add local user \"%s\" with uid=%s and gid=%s" %
            (user_name, uid_str, gid_str))

        proc_args_list = [config.value(SERVICE_NAME, "useradd_bin")
                          ] + uid_args_list + gid_args_list + [user_name]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #23
0
    def removeUser(self, user_name, remove_data_flag):
        user_name = validators.os.validUserName(user_name)
        (remove_data_arg,
         remove_data_str) = (("-r", " and its data") if remove_data_flag else
                             ("", ""))

        logger.verbose("{mod}: Request to remove local user \"%s\"%s" %
                       (user_name, remove_data_str))

        proc_args_list = [
            config.value(SERVICE_NAME, "userdel_bin"), remove_data_arg,
            user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #24
0
    def setHomePath(self, path):
        if re.match(r"^[./\w\d]*$", path) == None:
            raise validators.ValidatorError(
                "Incorrect symbols in string \"%s\"" % (path))

        logger.verbose(
            "{mod}: Request to change home for local user \"%s\", new home=\"%s\""
            % (self.__user_name, path))

        proc_args_list = [
            config.value(SERVICE_NAME, "usermod_bin"), "-d", path,
            self.__user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #25
0
    def inotifyEvent(self, event):
        if event.dir or not event.pathname in (config.value(
                SERVICE_NAME,
                "role_conf"), config.value(SERVICE_NAME, "group_conf")):

            return

        role_names_list = self.nssRoles()
        dbus_role_names_list = [
            re.sub(r"[^\w\d_]", "_", item) for item in role_names_list
        ]

        nss_roles_shared = shared.Functions.shared(NSS_ROLES_SHARED_NAME)

        for count in xrange(len(roles_names_list)):
            if not nss_roles_shared.hasSharedObject(
                    dbus_role_names_list[count]):
                nss_roles_shared.addSharedObject(
                    dbus_role_names_list[count],
                    NssRole(
                        role_names_list[count],
                        tools.dbus.joinPath(SERVICE_NAME,
                                            dbus_role_names_list[count]),
                        self))
                logger.verbose("{mod}: Added NSS role \"%s\"" %
                               (role_names_list[count]))

        for dbus_role_name in nss_roles_shared.sharedObjects().keys():
            if not dbus_role_name in dbus_role_names_list:
                role_name = nss_roles_shared.sharedObject(
                    dbus_role_name).realName()
                nss_roles_shared.sharedObject(
                    dbus_role_name).removeFromConnection()
                nss_roles_shared.removeSharedObject(dbus_role_name)
                logger.verbose("{mod}: Removed NSS role \"%s\"" % (role_name))

        self.__nss_roles.rolesChanged()
Beispiel #26
0
	def health(self) :
		proc_args_list = [config.value(SERVICE_NAME, "smartctl_bin"), "-H", self.__device_file_path]

		disk_health_flag = False
		health_found_flag = False
		for health_list_item in tools.process.execProcess(proc_args_list)[0].split("\n") :
			health_list_item = health_list_item.strip()

			if health_found_flag :
				disk_health_flag = ( health_list_item.split()[-1] == "PASSED" )
				break

			if health_list_item == "=== START OF READ SMART DATA SECTION ===" :
				health_found_flag = True
		return disk_health_flag
Beispiel #27
0
    def removeUser(self, user_name):
        user_name = validators.os.validUserName(user_name)

        users_list = grp.getgrnam(self.__role_name).gr_mem
        users_list.remove(self.__role_name)
        users = ",".join(users_list)

        logger.verbose(
            "{mod}: Request to remove user \"%s\" from NSS role \"%s\"" %
            (user_name, self.__role_name))

        proc_args_list = [
            config.value(SERVICE_NAME, "usermod_bin"), "-G", users, user_name
        ]
        return tools.process.execProcess(proc_args_list, fatal_flag=False)[2]
Beispiel #28
0
 def groups(self):
     editor = tools.editors.PlainEditor(delimiter=":",
                                        spaces_list=[],
                                        quotes_list=[])
     editor.open(config.value(SERVICE_NAME, "role_conf"))
     role_gids_list = editor.value(
         str(grp.getgrnam(self.__role_name).gr_gid))
     editor.close()
     if len(role_gids_list) > 0:
         return [
             grp.getgrgid(item).gr_name
             for item in role_gids_list[-1].split(",")
         ]
     else:
         return []
Beispiel #29
0
    def removeRole(self, role_name):
        role_name = validators.os.validGroupName(role_name)

        rid = grp.getgrnam(role_name).gr_gid

        logger.verbose("{mod}: Request to remove NSS role \"%s\" (rid=%d)" %
                       (role_name, rid))

        editor = tools.editors.PlainEditor(delimiter=":",
                                           spaces_list=[],
                                           quotes_list=[])
        editor.open(config.value(SERVICE_NAME, "role_conf"))
        editor.setValue(str(rid), None)
        editor.save()
        editor.close()

        return 0
Beispiel #30
0
	def initService(self) :
		shared.Functions.addShared(DISKS_SMART_SHARED_NAME)
		shared.Functions.addSharedObject(DISKS_SMART_SHARED_NAME, self.__disks_smart)

		logger.verbose("{mod}: First devices request...")
		disks_smart_shared = shared.Functions.shared(DISKS_SMART_SHARED_NAME)
		disks_filter_regexp = re.compile(config.value(SERVICE_NAME, "disks_filter"))
		devices_count = 0
		for device in self.__udev_client.query_by_subsystem("block") :
			device_name = device.get_name()
			device_file_path = device.get_device_file()
			if disks_filter_regexp.match(device_name) and self.smartAvailable(device_file_path) :
				disks_smart_shared.addSharedObject(device_name, Disk(device_file_path,
					tools.dbus.joinPath(DISKS_SMART_SHARED_NAME, device_name), self))
				devices_count += 1
		logger.verbose("{mod}: Added %d devices" % (devices_count))

		self.__udev_client.connect("uevent", self.udevEvent)
		logger.verbose("{mod}: Start polling udev events for \"block\"")