def setupWebDAVCalendar(cfgScript):
createLink([dirEtcHttpdConfd(cfgScript), 'mycalendar.conf'], HTTPD_CONFD_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0644, 'root', 'root')
chprops(join(srvDirMaco(), '.htpasswd.calendars'), 0440, 'apache', 'apache')
mymakedirs(srvDirCalendars())
runCmd('chown', '-R', 'apache:apache', srvDirCalendars())
setupMacoPolicy(cfgScript)
info('Configured WebDAV on HTTPD for calendars.')
def configureNest(cfgScript):
main = cfgScript.getMain()
nest = main.serviceNest()
repoPath = nest.getCentralRepoPath()
info("Installing 'Mercurial'...")
info("Creating the '" + repoPath + "' repository...")
mymakedirs(repoPath)
runCmd('groupadd', NEST_RW_GROUP)
info("Added the '" + NEST_RW_GROUP + "' group.")
runCmd('usermod', '-a', '-G', NEST_RW_GROUP, 'matej')
info("Added the user 'matej' to the '" + NEST_RW_GROUP + "' group.")
runCmd('chown', '-R', 'root:root', repoPath)
runCmd('setfacl', '-b', repoPath)
runCmd('setfacl', '-R', '-m', 'd:u::rwx,d:g::rwx,d:o:0,d:m:rwx,m:rwx,d:u:apache:rx,d:g:apache:rx,d:u:root:rwx,d:g:root:rwx,d:g:' + NEST_RW_GROUP + ':rwx,u:apache:rx,g:apache:rx,g:' + NEST_RW_GROUP + ':rwx', repoPath)
info("Configured Nest access rights.")
createLink([ main.dirNastavitve(), 'Mercurial/Server Configuration/BackupHgRepos.sh' ], CRON_WEEKLY_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0550, 'root', 'root')
createLink([ main.dirNastavitve(), 'Mercurial/Server Configuration/hgrc' ], MERCURIAL_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0444, 'root', 'root')
restoreconR(MERCURIAL_ETC_DIR)
restoreconR(CRON_WEEKLY_DIR)
info('Installed the global Mercurial configuration file and configured the repository backup creation script.')
def setupMySvnPolicy(cfgScript):
if 'noselinux' in argv:
info('MySVN SELinux policy not applied.')
return
if (runCmd([dirSvnPolicy(cfgScript), 'mysvn.sh'], 'clean') != 0 or
runCmd([dirSvnPolicy(cfgScript), 'mysvn.sh']) != 0):
raise Exception("Could not install the MySVN SELinux policy.")
info("Installed the the MySVN SELinux policy.")
def setupMacoPolicy(cfgScript):
if 'noselinux' in argv:
info('General Maco SELinux policy not applied.')
return
if (runCmd([dirMacoSeLinuxPolicy(cfgScript), 'mymaco.sh'], 'clean') != 0 or
runCmd([dirMacoSeLinuxPolicy(cfgScript), 'mymaco.sh']) != 0):
raise Exception("Could not install the general Maco SELinux policy.")
info("Installed the general Maco SELinux policy.")
def restorecon(*paths):
"""
Restores the SELinux contexts of the given files.
@param paths The files/directories for which to restore their contexts.
"""
paths = flatten(paths)
for path in paths:
runCmd('restorecon', path)
def setupSvn(cfgScript):
runCmd('chown', '-R', 'apache:apache', srvDirSvn())
setupMySvnPolicy(cfgScript)
createLink([dirSvn(cfgScript), 'SVNBackup'], CRON_WEEKLY_DIR, UTILS_CREATE_LINK_HARD_LINK | UTILS_CREATE_LINK_DELETE, 0550, 'root', 'root')
restoreconR(CRON_WEEKLY_DIR)
info('Installed the weekly SVN backup cron script.')
restoreconR(srvDirSvn())
info('Configured the SVN repository.')
def restoreconR(*paths):
"""
Restores the SELinux contexts of the given files. This method also recurses
into directories.
@param paths The files/directories for which to restore their contexts.
"""
paths = flatten(paths)
for path in paths:
runCmd('restorecon', '-R', path)
def installPrivateKey(cfgScript, keyPath, destName = None):
"""
Installs the given private key into the '/etc/pki/tls/private' folder.
@param cfgScript The context object (provides us with the path to the
tool for decrypting private keys).
@param keyPath The path to the private key to install.
"""
keyPath = joinPaths(keyPath)
if destName is None:
destPath = join(KEYS_DIR, basename(keyPath))
else:
destPath = join(KEYS_DIR, destName)
if not exists(destPath):
runCmd([dirCertifikati(cfgScript), 'DecryptPrivateKey.sh'], keyPath, '-o', destPath)
chmod(destPath, 0400)
# restorecon(destPath)
info("Installed private key '" + destPath + "'.")
def setupPostfix(cfgScript):
installUrbasPrivateKey(cfgScript, 'smtp.urbas.si.20110122.key.pem', 'smtp.urbas.si.key.pem')
installUrbasCert(cfgScript, 'smtp.urbas.si.20110122.cert.pem', 'smtp.urbas.si.cert.pem')
createLink([dirPostfix(cfgScript), 'main.cf'], POSTFIX_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirPostfix(cfgScript), 'master.cf'], POSTFIX_ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirPostfix(cfgScript), 'sasl', 'smtpd.conf'], [POSTFIX_ETC_DIR, 'sasl'], UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
createLink([dirPostfix(cfgScript), 'aliases'], ETC_DIR, UTILS_CREATE_LINK_HARD_LINK, 0644, 'root', 'root')
# restorecon(join(ETC_DIR, 'aliases'))
srcAliases = join(dirPostfix(cfgScript), 'aliases')
runCmd('postalias', 'hash:' + srcAliases)
aliases = join(ETC_DIR, 'aliases.db')
if exists(aliases):
remove(aliases)
move(join(dirPostfix(cfgScript), 'aliases.db'), aliases)
chprops(aliases, 0644, 'root', 'smmsp')
# restorecon(aliases)
runCmd('newaliases')
runCmd('postmap', 'hash:' + join(dirPostfix(cfgScript), 'local_recipient_table'))
try:
remove(join(POSTFIX_ETC_DIR, 'local_recipient_table.db'))
except Exception as ex:
info("Could not remove '" + join(POSTFIX_ETC_DIR, 'local_recipient_table.db') + "'.");
move(join(dirPostfix(cfgScript), 'local_recipient_table.db'), POSTFIX_ETC_DIR)
chprops(join(POSTFIX_ETC_DIR, 'local_recipient_table.db'), 0644, 'root', 'root')
def createUser(uname, fullName):
if not userExists(uname):
runCmd('useradd', '-U', '-m', '-c', fullName, uname)
runCmd('passwd', uname)
info("Created user '" + uname + "'.")
def userExists(uname):
return runCmd('id', uname) == 0
def addRepository(self, uri):
runCmd(PACKAGE_MANAGER, '-y', '-v', 'localinstall', '--nogpgcheck', uri)
def install(self, *packages):
if packages:
packages = flatten(packages)
if runCmd(PACKAGE_MANAGER, "-y", "install", packages):
raise Exception("Installation process failed.")
info("Installed packages: " + ", ".join(packages))