def download(self):
while True:
if not self.user_perm:
self.user_perm = get_group_user_perm(self.user)
try:
print("进入批量下载模式")
print("请输入主机名或ansile支持的pattern, 多个主机:分隔,q退出")
pattern = input("\033[1;32mPattern>:\033[0m ").strip()
if pattern == 'q':
break
else:
assets = self.user_perm.get('asset').keys()
res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm)
runner = MyRunner(res)
asset_name_str = ''
print("匹配用户:\n")
for inv in runner.inventory.get_hosts(pattern=pattern):
asset_name_str += '%s ' % inv.name
print(' %s' % inv.name)
if not asset_name_str:
color_print('没有匹配主机')
continue
print()
while True:
tmp_dir = get_tmp_dir()
logger.debug('Download tmp dir: %s' % tmp_dir)
print("请输入文件路径(不支持目录)")
file_path = input("\033[1;32mPath>:\033[0m ").strip()
if file_path == 'q':
break
if not file_path:
color_print("文件路径为空")
continue
runner.run('fetch', module_args='src=%s dest=%s' % (file_path, tmp_dir), pattern=pattern)
ret = runner.results
FileLog(user=self.user.name, host=asset_name_str, filename=file_path, type='download',
remote_ip=remote_ip, result=ret).save()
logger.debug('Download file result: %s' % ret)
os.chdir('/tmp')
tmp_dir_name = os.path.basename(tmp_dir)
if not os.listdir(tmp_dir):
color_print('下载全部失败')
continue
bash('tar czf %s.tar.gz %s && sz %s.tar.gz' % (tmp_dir, tmp_dir_name, tmp_dir))
if ret.get('failed'):
error = '文件名称: %s \n下载失败: [ %s ] \n下载成功 [ %s ]' % \
('%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('failed').keys()),
', '.join(ret.get('ok').keys()))
color_print(error)
else:
msg = '文件名称: %s \n下载成功 [ %s ]' % (
'%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('ok').keys()))
color_print(msg, 'green')
print
except IndexError:
pass
def server_add_user(username, ssh_key_pwd=''):
"""
add a system user in jumpserver
在jumpserver服务器上添加一个用户
"""
bash("useradd -s '%s' '%s'" %
(os.path.join(settings.BASE_DIR, 'init.sh'), username))
gen_ssh_key(username, ssh_key_pwd)
def download(self):
while True:
if not self.user_perm:
self.user_perm = get_group_user_perm(self.user)
try:
print "进入批量下载模式"
print "请输入主机名或ansible支持的pattern, 多个主机:分隔,q退出"
pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
if pattern == 'q':
break
else:
assets = self.user_perm.get('asset').keys()
res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm)
runner = MyRunner(res)
asset_name_str = ''
print "匹配主机:\n"
for inv in runner.inventory.get_hosts(pattern=pattern):
asset_name_str += '%s ' % inv.name
print ' %s' % inv.name
if not asset_name_str:
color_print('没有匹配主机')
continue
print
while True:
tmp_dir = get_tmp_dir()
logger.debug('Download tmp dir: %s' % tmp_dir)
print "请输入文件路径(不支持目录)"
file_path = raw_input("\033[1;32mPath>:\033[0m ").strip()
if file_path == 'q':
break
if not file_path:
color_print("文件路径为空")
continue
runner.run('fetch', module_args='src=%s dest=%s' % (file_path, tmp_dir), pattern=pattern)
ret = runner.results
FileLog(user=self.user.name, host=asset_name_str, filename=file_path, type='download',
remote_ip=remote_ip, result=ret).save()
logger.debug('Download file result: %s' % ret)
os.chdir('/tmp')
tmp_dir_name = os.path.basename(tmp_dir)
if not os.listdir(tmp_dir):
color_print('下载全部失败')
continue
bash('tar czf %s.tar.gz %s && sz %s.tar.gz' % (tmp_dir, tmp_dir_name, tmp_dir))
if ret.get('failed'):
error = '文件名称: %s \n下载失败: [ %s ] \n下载成功 [ %s ]' % \
('%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('failed').keys()), ', '.join(ret.get('ok').keys()))
color_print(error)
else:
msg = '文件名称: %s \n下载成功 [ %s ]' % ('%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('ok').keys()))
color_print(msg, 'green')
print
except IndexError:
pass
def server_del_user(username):
"""
删除系统上的用户
:param username:
:return:
"""
bash('userdel -r -f %s' % username)
logger.debug('rm -f %s/%s_*.perm' % (os.path.join(settings.KEY_DIR, 'user'), username))
bash('rm -f %s/%s_*.perm' % (os.path.join(settings.KEY_DIR,'user'),username))
def server_add_user(username, ssh_key_pwd=''):
"""
在跳板机的服务器上添加一个用户
:param username:
:param ssh_key_pwd:
:return:
"""
bash("adduser -s '%s' '%s'") % (os.path.join(settings.BASE_DIR, 'init.sh'), username)
gen_ssh_key(username, ssh_key_pwd)
def upload(self):
while True:
try:
print "进入批量上传模式"
print
print "授权包含该系统用户的所有主机"
assets = self.user_perm.get('asset').keys()
for asset in assets:
print ' %s' % asset.hostname
print
print "请输入主机名或ansible支持的pattern, 多个主机:分隔 q退出"
print
pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
if pattern == 'q':
break
else:
res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm)
runner = MyRunner(res)
asset_name_str = ''
print "匹配主机:"
for inv in runner.inventory.get_hosts(pattern=pattern):
print inv.name
asset_name_str += '%s ' % inv.name
if not asset_name_str:
color_print('没有匹配主机')
continue
tmp_dir = get_tmp_dir()
logger.debug('Upload tmp dir: %s' % tmp_dir)
os.chdir(tmp_dir)
bash('rz')
filename_str = ' '.join(os.listdir(tmp_dir))
if not filename_str:
color_print("上传文件为空")
continue
logger.debug('上传文件: %s' % filename_str)
runner = MyRunner(res)
runner.run('copy', module_args='src=%s dest=%s directory_mode'
% (tmp_dir, '/tmp'), pattern=pattern)
ret = runner.results
FileLog(user=self.user.username, name=self.user.name, host=asset_name_str, filename=filename_str,
remote_ip=remote_ip, type='upload', result=ret).save()
logger.debug('Upload file: %s' % ret)
if ret.get('failed'):
error = '上传目录: %s \n上传失败: [ %s ] \n上传成功 [ %s ]' % (tmp_dir,
', '.join(ret.get('failed').keys()),
', '.join(ret.get('ok').keys()))
color_print(error)
else:
msg = '上传目录: %s \n传送成功 [ %s ]' % (tmp_dir, ', '.join(ret.get('ok').keys()))
color_print(msg, 'green')
print
except IndexError:
pass
def upload(self):
while True:
if not self.user_perm:
self.user_perm = get_group_user_perm(self.user)
try:
print "进入批量上传模式"
print "请输入主机名或ansible支持的pattern, 多个主机:分隔 q退出"
pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
if pattern == 'q':
break
else:
assets = self.user_perm.get('asset').keys()
res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm)
runner = MyRunner(res)
asset_name_str = ''
print "匹配主机:"
for inv in runner.inventory.get_hosts(pattern=pattern):
print inv.name
asset_name_str += '%s ' % inv.name
if not asset_name_str:
color_print('没有匹配主机')
continue
tmp_dir = get_tmp_dir()
logger.debug('Upload tmp dir: %s' % tmp_dir)
os.chdir(tmp_dir)
bash('rz')
filename_str = ' '.join(os.listdir(tmp_dir))
if not filename_str:
color_print("上传文件为空")
continue
logger.debug('上传文件: %s' % filename_str)
runner = MyRunner(res)
runner.run('copy', module_args='src=%s dest=%s directory_mode'
% (tmp_dir, tmp_dir), pattern=pattern)
ret = runner.results
FileLog(user=self.user.name, host=asset_name_str, filename=filename_str,
remote_ip=remote_ip, type='upload', result=ret).save()
logger.debug('Upload file: %s' % ret)
if ret.get('failed'):
error = '上传目录: %s \n上传失败: [ %s ] \n上传成功 [ %s ]' % (tmp_dir,
', '.join(ret.get('failed').keys()),
', '.join(ret.get('ok').keys()))
color_print(error)
else:
msg = '上传目录: %s \n传送成功 [ %s ]' % (tmp_dir, ', '.join(ret.get('ok').keys()))
color_print(msg, 'green')
print
except IndexError:
pass
def gen_ssh_key(username, password='',
key_dir=os.path.join(settings.KEY_DIR, 'user'),
authorized_keys=True, home="/home", length=2048):
"""
生成用户ssh密匙对
:param username:
:param password:
:param key_dir:
:param authorized_keys:
:param home:
:param length:
:return:
"""
logger.debug('生成ssh_key,并设置authorized_keys')
private_key_file = os.path.join(key_dir, username+'.perm')
os.mkdir(key_dir, mode=777)
if os.path.isfile(private_key_file):
os.unlink(private_key_file)
ret = bash('echo -e "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"') % (private_key_file, length, password)
if authorized_keys:
auth_key_dir = os.path.join(home, username, '.ssh')
mkdir(auth_key_dir, username=username, mode=700)
authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
with open(private_key_file + '.pub') as pub_f:
with open(authorized_key_file, 'w') as auth_f:
auth_f.write(pub_f.read())
os.chmod(authorized_key_file, mode=0600)
chown(authorized_key_file, username)
def gen_ssh_key(username,
password='',
key_dir=os.path.join(settings.KEY_DIR, 'user'),
authorized_keys=True,
home="/home",
length=2048):
"""
generate a user ssh key in a property dir
生成一个用户ssh密钥对
"""
logger.debug('生成ssh key, 并设置authorized_keys')
private_key_file = os.path.join(key_dir, username + '.pem')
mkdir(key_dir, mode=777)
if os.path.isfile(private_key_file):
os.unlink(private_key_file)
ret = bash('echo -e "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"' %
(private_key_file, length, password))
if authorized_keys:
auth_key_dir = os.path.join(home, username, '.ssh')
mkdir(auth_key_dir, username=username, mode=700)
authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
with open(private_key_file + '.pub') as pub_f:
with open(authorized_key_file, 'w') as auth_f:
auth_f.write(pub_f.read())
os.chmod(authorized_key_file, 0o600)
chown(authorized_key_file, username)
def server_del_user(username):
"""
delete a user from jumpserver linux system
删除系统上的某用户
"""
bash('userdel -r -f %s' % username)
logger.debug('rm -f %s/%s_*.pem' %
(os.path.join(settings.KEY_DIR, 'user'), username))
bash('rm -f %s/%s_*.pem' %
(os.path.join(settings.KEY_DIR, 'user'), username))
bash('rm -f %s/%s.pem*' %
(os.path.join(settings.KEY_DIR, 'user'), username))
def download(self):
while True:
if not self.user_perm:
self.user_perm = get_group_user_perm(self.user)
try:
print "进入批量下载模式"
print "请输入主机名或ansile支持的pattern, 多个主机:分隔,q退出"
pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
if pattern == "q":
break
else:
assets = self.user_perm.get("asset").keys()
res = gen_resource({"user": self.user, "asset": assets}, perm=self.user_perm)
runner = MyRunner(res)
asset_name_str = ""
print "匹配主机:\n"
for inv in runner.inventory.get_hosts(pattern=pattern):
asset_name_str += "%s " % inv.name
print " %s" % inv.name
if not asset_name_str:
color_print("没有匹配主机")
continue
print
while True:
tmp_dir = get_tmp_dir()
logger.debug("Download tmp dir: %s" % tmp_dir)
print "请输入文件路径(不支持目录)"
file_path = raw_input("\033[1;32mPath>:\033[0m ").strip()
if file_path == "q":
break
if not file_path:
color_print("文件路径为空")
continue
runner.run("fetch", module_args="src=%s dest=%s" % (file_path, tmp_dir), pattern=pattern)
ret = runner.results
FileLog(
user=self.user.name,
host=asset_name_str,
filename=file_path,
type="download",
remote_ip=remote_ip,
result=ret,
).save()
logger.debug("Download file result: %s" % ret)
os.chdir("/tmp")
tmp_dir_name = os.path.basename(tmp_dir)
if not os.listdir(tmp_dir):
color_print("下载全部失败")
continue
bash("tar czf %s.tar.gz %s && sz %s.tar.gz" % (tmp_dir, tmp_dir_name, tmp_dir))
if ret.get("failed"):
error = "文件名称: %s \n下载失败: [ %s ] \n下载成功 [ %s ]" % (
"%s.tar.gz" % tmp_dir_name,
", ".join(ret.get("failed").keys()),
", ".join(ret.get("ok").keys()),
)
color_print(error)
else:
msg = "文件名称: %s \n下载成功 [ %s ]" % (
"%s.tar.gz" % tmp_dir_name,
", ".join(ret.get("ok").keys()),
)
color_print(msg, "green")
print
except IndexError:
pass
def upload(self):
while True:
if not self.user_perm:
self.user_perm = get_group_user_perm(self.user)
try:
print "进入批量上传模式"
print "请输入主机名或ansile支持的pattern, 多个主机:分隔 q退出"
pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip()
if pattern == "q":
break
else:
assets = self.user_perm.get("asset").keys()
res = gen_resource({"user": self.user, "asset": assets}, perm=self.user_perm)
runner = MyRunner(res)
asset_name_str = ""
print "匹配主机:"
for inv in runner.inventory.get_hosts(pattern=pattern):
print inv.name
asset_name_str += "%s " % inv.name
if not asset_name_str:
color_print("没有匹配主机")
continue
tmp_dir = get_tmp_dir()
logger.debug("Upload tmp dir: %s" % tmp_dir)
os.chdir(tmp_dir)
bash("rz")
filename_str = " ".join(os.listdir(tmp_dir))
if not filename_str:
color_print("上传文件为空")
continue
logger.debug("上传文件: %s" % filename_str)
runner = MyRunner(res)
runner.run(
"copy", module_args="src=%s dest=%s directory_mode" % (tmp_dir, tmp_dir), pattern=pattern
)
ret = runner.results
FileLog(
user=self.user.name,
host=asset_name_str,
filename=filename_str,
remote_ip=remote_ip,
type="upload",
result=ret,
).save()
logger.debug("Upload file: %s" % ret)
if ret.get("failed"):
error = "上传目录: %s \n上传失败: [ %s ] \n上传成功 [ %s ]" % (
tmp_dir,
", ".join(ret.get("failed").keys()),
", ".join(ret.get("ok").keys()),
)
color_print(error)
else:
msg = "上传目录: %s \n传送成功 [ %s ]" % (tmp_dir, ", ".join(ret.get("ok").keys()))
color_print(msg, "green")
print
except IndexError:
pass
def _cp_zzsh():
os.chdir(os.path.join(jms_dir, 'install'))
shutil.copy('zzjumpserver.sh', '/etc/profile.d/')
bash("sed -i 's#/opt/jumpserver#%s#g' /etc/profile.d/zzjumpserver.sh" % jms_dir)
def _cp_zzsh():
os.chdir(os.path.join(jms_dir, 'install'))
shutil.copy('zzjumpserver.sh', '/etc/profile.d/')
bash("sed -i 's#/opt/jumpserver#%s#g' /etc/profile.d/zzjumpserver.sh" %
jms_dir)
