def create_access(self): user_mail = self.conf.get('main','client_mail') unix_user = self.conf.get('access','unix_user') unix_pass = self.conf.get('access','unix_pass') unix_group = self.conf.get('access','unix_group') ldap_user = self.conf.get('access','ldap_user') ldap_pass = self.conf.get('access','ldap_pass') ldap_group = self.conf.get('access','ldap_group') if CONF_MAP('ldap','enabled') and self.conf.get('access','ldap_to_apply'): self.ask_domain_admin() if ldap_user and not ldap.user_exists(ldap_user): ldap.create_user(ldap_user, user_mail, ldap_pass) if ldap_group and not ldap.group_exists(ldap_group): ldap.create_group(ldap_group) if ldap_user and ldap_group and not ldap.is_member_of(ldap_user, ldap_group): ldap.user_to_group(ldap_user, ldap_group) if CONF_MAP('unix','enabled'): if unix_user and not unix.user_exists(unix_user): unix.create_user(unix_user, user_mail, unix_pass) if unix_group and not unix.group_exists(unix_group): unix.create_group(unix_group) if unix_user and unix_group and not unix.is_member_of(unix_user , unix_group): unix.user_to_group(unix_user, unix_group)
if __name__ == '__main__': site_name = "${site_name}" site_path = "${site_path}" ldap_group = "${ldap_group}" ldap_dev_team = CONF_MAP('site','ldap_dev_team') unix_group = "${unix_group}" pam_user = os.getenv('PAM_USER') site_home_path = "/home/%s/%s" % (pam_user, site_name) is_member = False if ldap_group: is_member |= ldap.is_member_of(pam_user,ldap_group) if ldap_dev_team: is_member |= ldap.is_member_of(pam_user,ldap_dev_team,'') #L.info("%s, is_member:%s of %s" % (pam_user,is_member,ldap_dev_team)) if unix_group: is_member |= unix.is_member_of(pam_user,unix_group) if is_member: files.mkdir(site_home_path) files.chown(site_home_path) cmd_list = [ 'mount --bind %s %s' % (site_path, site_home_path), ] if not files.contains("/proc/mounts", site_home_path): core.exec_cmd_list(cmd_list)