def process_user(user_rows):
row = user_rows[0]
uname = row['entity_name']
tmp = posix_user.illegal_name(uname)
if tmp:
raise BadUsername, "Bad username %s" % tmp
if len(uname) > 8:
raise BadUsername, "Bad username %s" % uname
passwd = row['auth_data']
if passwd is None:
passwd = '*'
posix_group.posix_gid = row['posix_gid']
gecos = row['gecos']
if gecos is None:
gecos = row['name']
if gecos is None:
gecos = "GECOS NOT SET"
gecos = latin1_to_iso646_60(gecos)
shell = shells[int(row['shell'])]
if row['quarantine_type'] is not None:
now = mx.DateTime.now()
quarantines = []
for qrow in user_rows:
if (qrow['start_date'] <= now
and (qrow['end_date'] is None or qrow['end_date'] >= now)
and (qrow['disable_until'] is None
or qrow['disable_until'] < now)):
# The quarantine found in this row is currently
# active.
quarantines.append(qrow['quarantine_type'])
qh = QuarantineHandler.QuarantineHandler(db, quarantines)
if qh.should_skip():
raise UserSkipQuarantine
if qh.is_locked():
passwd = '*locked'
qshell = qh.get_shell()
if qshell is not None:
shell = qshell
home=posix_user.resolve_homedir(account_name=uname,
home=row['disk_id'],
disk_path=diskid2path[int(row['disk_id'])])
if home is None:
# TBD: Is this good enough?
home = '/'
if shadow_file:
s.write("%s:%s:::\n" % (uname, passwd))
if not passwd[0] == '*':
passwd = "!!"
line = ':'.join((uname, passwd, str(row['posix_uid']),
str(posix_group.posix_gid), gecos,
str(home), shell))
if debug:
logger.debug(line)
f.write(line+"\n")
def create_netgroup_object(self, group_id):
assert group_id not in self.netgroupcache
cache = self.groupcache[group_id]
entry = {'objectClass': ('top', 'nisNetGroup'),
'cn': LDIFutils.iso2utf(cache['name'],)
}
if 'description' in cache:
entry['description'] = \
latin1_to_iso646_60(cache['description']).rstrip(),
self.netgroupcache[group_id] = entry
def create_netgroup_object(self, group_id):
assert group_id not in self.netgroupcache
cache = self.groupcache[group_id]
entry = {
'objectClass': ('top', 'nisNetGroup'),
'cn': LDIFutils.iso2utf(cache['name'], )
}
if 'description' in cache:
entry['description'] = \
latin1_to_iso646_60(cache['description']).rstrip(),
self.netgroupcache[group_id] = entry
def process_user(self, user_rows):
row = user_rows[0]
uname = row['entity_name']
if posix_user.illegal_name(uname):
raise BadUsername, "Bad username %s" % uname
passwd = row['auth_data']
if passwd is None:
passwd = '*'
posix_group.posix_gid = row['posix_gid']
gecos = row['gecos']
if gecos is None:
gecos = row['name']
if gecos is None:
gecos = uname
gecos = latin1_to_iso646_60(gecos)
shell = self.shells[int(row['shell'])]
if row['quarantine_type'] is not None:
now = mx.DateTime.now()
quarantines = []
for qrow in user_rows:
if (qrow['start_date'] <= now and
(qrow['end_date'] is None or qrow['end_date'] >= now)
and (qrow['disable_until'] is None
or qrow['disable_until'] < now)):
# The quarantine found in this row is currently
# active.
quarantines.append(qrow['quarantine_type'])
qh = QuarantineHandler.QuarantineHandler(db, quarantines)
if qh.should_skip():
raise UserSkipQuarantine
if qh.is_locked():
passwd = '*locked'
qshell = qh.get_shell()
if qshell is not None:
shell = qshell
if row['disk_id']:
disk_path = self.diskid2path[int(row['disk_id'])]
else:
disk_path = None
home = posix_user.resolve_homedir(account_name=uname,
home=row['home'],
disk_path=disk_path)
if home is None:
# TBD: Is this good enough?
home = '/'
return [
uname, passwd,
str(row['posix_uid']),
str(posix_group.posix_gid), gecos,
str(home), shell
]
def ldif_netgroup(self, is_hostg, group_id, group_members, direct_members):
"""Create the group-entry attributes"""
groups = self.type2groups[is_hostg] # TODO: Can we combine these?
name = groups[group_id]
entry = {'objectClass': ('top', 'nisNetGroup'),
'cn': (name,),
'nisNetgroupTriple': direct_members,
'memberNisNetgroup': group_members}
desc = self.group2desc(group_id)
if desc:
entry['description'] = (latin1_to_iso646_60(desc),)
return ','.join(('cn=' + name, self.ngrp_dn)), entry
def process_user(self, user_rows):
row = user_rows[0]
uname = row['entity_name']
if posix_user.illegal_name(uname):
raise BadUsername, "Bad username %s" % uname
passwd = row['auth_data']
if passwd is None:
passwd = '*'
posix_group.posix_gid = row['posix_gid']
gecos = row['gecos']
if gecos is None:
gecos = row['name']
if gecos is None:
gecos = uname
gecos = latin1_to_iso646_60(gecos)
shell = self.shells[int(row['shell'])]
if row['quarantine_type'] is not None:
now = mx.DateTime.now()
quarantines = []
for qrow in user_rows:
if (qrow['start_date'] <= now
and (qrow['end_date'] is None or qrow['end_date'] >= now)
and (qrow['disable_until'] is None
or qrow['disable_until'] < now)):
# The quarantine found in this row is currently
# active.
quarantines.append(qrow['quarantine_type'])
qh = QuarantineHandler.QuarantineHandler(db, quarantines)
if qh.should_skip():
raise UserSkipQuarantine
if qh.is_locked():
passwd = '*locked'
qshell = qh.get_shell()
if qshell is not None:
shell = qshell
if row['disk_id']:
disk_path = self.diskid2path[int(row['disk_id'])]
else:
disk_path = None
home = posix_user.resolve_homedir(account_name=uname,
home=row['home'],
disk_path=disk_path)
if home is None:
# TBD: Is this good enough?
home = '/'
return [uname, passwd, str(row['posix_uid']),
str(posix_group.posix_gid), gecos,
str(home), shell]
def ldif_netgroup(self, is_hostg, group_id, group_members, direct_members):
"""Create the group-entry attributes"""
groups = self.type2groups[is_hostg] # TODO: Can we combine these?
name = groups[group_id]
entry = {
'objectClass': ('top', 'nisNetGroup'),
'cn': (name, ),
'nisNetgroupTriple': direct_members,
'memberNisNetgroup': group_members
}
desc = self.group2desc(group_id)
if desc:
entry['description'] = (latin1_to_iso646_60(desc), )
return ','.join(('cn=' + name, self.ngrp_dn)), entry
def gather_user_data(self, row):
data = PosixData()
data.account_id = int(row['account_id'])
data.uname = self.e_id2name[data.account_id]
data.uid = str(row['posix_uid'])
data.gid = str(self.g_id2gid[row['gid']])
if not row['shell']:
self.logger.warn("User %s has no posix-shell!" % data.uname)
return None
data.shell = self.shell_tab[int(row['shell'])]
data.quarantined, data.passwd = False, None
if data.account_id in self.quarantines:
qh = QuarantineHandler(self.db, self.quarantines[data.account_id])
if qh.should_skip():
return None
if qh.is_locked():
data.quarantined, data.passwd = True, '*Locked'
qshell = qh.get_shell()
if qshell is not None:
data.shell = qshell
try:
home = self.a_id2home[data.account_id]
data.home = self.posix_user.resolve_homedir(
account_name=data.uname,
home=home[3],
disk_path=self.disk_tab[home[1]])
except:
self.logger.warn("User %s has no home-directory!" % data.uname)
return None
cn = gecos = row['gecos']
if data.account_id in self.a_id2owner:
cn = self.p_id2name.get(self.a_id2owner[data.account_id], gecos)
data.cn = cn or data.uname
data.gecos = latin1_to_iso646_60(gecos or data.cn)
return data
def gather_user_data(self, row):
data = PosixData()
data.account_id = int(row['account_id'])
data.uname = self.e_id2name[data.account_id]
data.uid = str(row['posix_uid'])
data.gid = str(self.g_id2gid[row['gid']])
if not row['shell']:
self.logger.warn("User %s has no posix-shell!" % data.uname)
return None
data.shell = self.shell_tab[int(row['shell'])]
data.quarantined, data.passwd = False, None
if data.account_id in self.quarantines:
qh = QuarantineHandler(self.db, self.quarantines[data.account_id])
if qh.should_skip():
return None
if qh.is_locked():
data.quarantined, data.passwd = True, '*Locked'
qshell = qh.get_shell()
if qshell is not None:
data.shell = qshell
try:
home = self.a_id2home[data.account_id]
data.home = self.posix_user.resolve_homedir(
account_name=data.uname,
home=home[3], disk_path=self.disk_tab[home[1]])
except:
self.logger.warn("User %s has no home-directory!" % data.uname)
return None
cn = gecos = row['gecos']
if data.account_id in self.a_id2owner:
cn = self.p_id2name.get(self.a_id2owner[data.account_id], gecos)
data.cn = cn or data.uname
data.gecos = latin1_to_iso646_60(gecos or data.cn)
return data
def user_object(self, row):
account_id = int(row['account_id'])
uname = row['entity_name']
passwd = '{crypt}*Invalid'
if row['auth_data']:
if self.auth_format[self.user_auth]['format']:
passwd = self.auth_format[self.user_auth]['format'] % \
row['auth_data']
else:
passwd = row['auth_data']
else:
for uauth in [x for x in self.a_meth if x in self.auth_format]:
try:
if self.auth_format[uauth]['format']:
passwd = self.auth_format[uauth]['format'] % \
self.auth_data[account_id][uauth]
else:
passwd = self.auth_data[account_id][uauth]
except KeyError:
pass
if not row['shell']:
self.logger.warn("User %s have no posix-shell!" % uname)
return None, None
else:
shell = self.shell_tab[int(row['shell'])]
if account_id in self.quarantines:
self.qh.quarantines = self.quarantines[account_id]
if self.qh.should_skip():
return None, None
if self.qh.is_locked():
passwd = '{crypt}' + '*Locked'
qshell = self.qh.get_shell()
if qshell is not None:
shell = qshell
try:
if row['disk_id']:
disk_path = self.disk_tab[int(row['disk_id'])]
else:
disk_path = None
home = self.posuser.resolve_homedir(account_name=uname,
home=row['home'],
disk_path=disk_path)
# 22.07.2013: Jira, CRB-98
# Quick fix, treat empty "home" as an error, to make
# generate_posix_ldif complete
if not home:
# This event should be treated the same way as a disk_id
# NotFoundError -- it means that a PosixUser has no home
# directory set.
raise Exception()
except (Errors.NotFoundError, Exception):
self.logger.warn("User %s has no home-directory!" % uname)
return None, None
cn = row['name'] or row['gecos'] or uname
gecos = latin1_to_iso646_60(row['gecos'] or cn)
entry = {
'objectClass': ['top', 'account', 'posixAccount'],
'cn': (LDIFutils.iso2utf(cn), ),
'uid': (uname, ),
'uidNumber': (str(int(row['posix_uid'])), ),
'gidNumber': (str(int(row['posix_gid'])), ),
'homeDirectory': (home, ),
'userPassword': (passwd, ),
'loginShell': (shell, ),
'gecos': (gecos, )
}
self.update_user_entry(account_id, entry, row)
if not account_id in self.id2uname:
self.id2uname[account_id] = uname
else:
self.logger.warn('Duplicate user-entry: (%s,%s)!', account_id,
uname)
return None, None
dn = ','.join((('uid=' + uname), self.user_dn))
return dn, entry
def user_object(self, row):
account_id = int(row['account_id'])
uname = row['entity_name']
passwd = '{crypt}*Invalid'
if row['auth_data']:
if self.auth_format[self.user_auth]['format']:
passwd = self.auth_format[self.user_auth]['format'] % \
row['auth_data']
else:
passwd = row['auth_data']
else:
for uauth in [x for x in self.a_meth if x in self.auth_format]:
try:
if self.auth_format[uauth]['format']:
passwd = self.auth_format[uauth]['format'] % \
self.auth_data[account_id][uauth]
else:
passwd = self.auth_data[account_id][uauth]
except KeyError:
pass
if not row['shell']:
self.logger.warn("User %s have no posix-shell!" % uname)
return None, None
else:
shell = self.shell_tab[int(row['shell'])]
if account_id in self.quarantines:
self.qh.quarantines = self.quarantines[account_id]
if self.qh.should_skip():
return None, None
if self.qh.is_locked():
passwd = '{crypt}' + '*Locked'
qshell = self.qh.get_shell()
if qshell is not None:
shell = qshell
try:
if row['disk_id']:
disk_path = self.disk_tab[int(row['disk_id'])]
else:
disk_path = None
home = self.posuser.resolve_homedir(account_name=uname,
home=row['home'],
disk_path=disk_path)
# 22.07.2013: Jira, CRB-98
# Quick fix, treat empty "home" as an error, to make
# generate_posix_ldif complete
if not home:
# This event should be treated the same way as a disk_id
# NotFoundError -- it means that a PosixUser has no home
# directory set.
raise Exception()
except (Errors.NotFoundError, Exception):
self.logger.warn("User %s has no home-directory!" % uname)
return None, None
cn = row['name'] or row['gecos'] or uname
gecos = latin1_to_iso646_60(row['gecos'] or cn)
entry = {'objectClass': ['top', 'account', 'posixAccount'],
'cn': (LDIFutils.iso2utf(cn),),
'uid': (uname,),
'uidNumber': (str(int(row['posix_uid'])),),
'gidNumber': (str(int(row['posix_gid'])),),
'homeDirectory': (home,),
'userPassword': (passwd,),
'loginShell': (shell,),
'gecos': (gecos,)}
self.update_user_entry(account_id, entry, row)
if not account_id in self.id2uname:
self.id2uname[account_id] = uname
else:
self.logger.warn('Duplicate user-entry: (%s,%s)!',
account_id, uname)
return None, None
dn = ','.join((('uid=' + uname), self.user_dn))
return dn, entry
