Esempio n. 1
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service_name = 'smb'
        service = Service.objects.get(name=service_name)
        if (command == 'config'):
            aso = Service.objects.get(name='active-directory')
            if (aso.config is not None):
                e_msg = ('Active Directory service is configured, so '
                         'Workgroup is automatically retrieved and cannot '
                         'be set manually')
                handle_exception(Exception(e_msg), request)

            try:
                config = request.data.get('config', {
                    'workgroup': 'MYGROUP',
                })
                workgroup = config['workgroup']
                self._save_config(service, config)
                update_global_config(workgroup)
                restart_samba(hard=True)
            except Exception, e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
Esempio n. 2
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service = Service.objects.get(name=self.service_name)
        if (command == 'config'):
            aso = Service.objects.get(name='active-directory')
            if (aso.config is not None):
                e_msg = ('Active Directory service is configured, so '
                         'Workgroup is automatically retrieved and cannot '
                         'be set manually')
                handle_exception(Exception(e_msg), request)

            try:
                config = request.data.get('config', {})
                global_config = {}
                gc_lines = config['global_config'].split('\n')
                for l in gc_lines:
                    gc_param = l.strip().split('=')
                    if (len(gc_param) == 2):
                        global_config[gc_param[0].strip().lower()] = gc_param[1].strip()
                if ('workgroup' not in global_config):
                    global_config['workgroup'] = config['workgroup']
                self._save_config(service, global_config)
                adso = Service.objects.get(name='active-directory')
                adconfig = {}
                if (adso.config is not None):
                    adconfig = self._get_config(adso)
                update_global_config(global_config, adconfig)
                restart_samba(hard=True)
            except Exception, e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
Esempio n. 3
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service = Service.objects.get(name=self.service_name)

        if (command == 'config'):
            try:
                config = request.data.get('config', {})
                global_config = {}
                gc_lines = config['global_config'].split('\n')
                for l in gc_lines:
                    gc_param = l.strip().split(' = ')
                    if (len(gc_param) == 2):
                        if '=' in gc_param[0]:
                            raise Exception(
                                'Syntax error, one param has wrong spaces around equal signs, '
                                'please check syntax of \'%s\'' %
                                ''.join(gc_param))
                        global_config[
                            gc_param[0].strip().lower()] = gc_param[1].strip()
                #Default set current workgroup to one got via samba config page
                global_config['workgroup'] = config['workgroup']
                #Check Active Directory config and status
                #if AD configured and ON set workgroup to AD retrieved workgroup
                #else AD not running and leave workgroup to one choosen by user
                adso = Service.objects.get(name='active-directory')
                adconfig = None
                adso_status = 1
                if (adso.config is not None):
                    adconfig = self._get_config(adso)
                    adso_out, adso_err, adso_status = service_status(
                        'active-directory', adconfig)
                    if adso_status == 0:
                        global_config['workgroup'] = adconfig['workgroup']
                    else:
                        adconfig = None

                self._save_config(service, global_config)
                update_global_config(global_config, adconfig)
                restart_samba(hard=True)
            except Exception, e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
Esempio n. 4
0
 def post(self, request, command):
     """
     execute a command on the service
     """
     service_name = 'smb'
     service = Service.objects.get(name=service_name)
     if (command == 'config'):
         #nothing to really configure atm. just save the model
         try:
             config = request.data.get('config', {'workgroup': 'MYGROUP',})
             workgroup = config['workgroup']
             self._save_config(service, config)
             update_global_config(workgroup)
             restart_samba(hard=True)
         except Exception, e:
             e_msg = ('Samba could not be configured. Try again. '
                      'Exception: %s' % e.__str__())
             handle_exception(Exception(e_msg), request)
Esempio n. 5
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service = Service.objects.get(name=self.service_name)

        if (command == 'config'):
            try:
                config = request.data.get('config', {})
                global_config = {}
                gc_lines = config['global_config'].split('\n')
                for l in gc_lines:
                    gc_param = l.strip().split(' = ')
                    if (len(gc_param) == 2):
                        if '=' in gc_param[0]:
                            raise Exception('Syntax error, one param has wrong spaces around equal signs, '
                                            'please check syntax of \'%s\'' % ''.join(gc_param))
                        global_config[gc_param[0].strip().lower()] = gc_param[1].strip()
                #Default set current workgroup to one got via samba config page
                global_config['workgroup'] = config['workgroup']
                #Check Active Directory config and status
                #if AD configured and ON set workgroup to AD retrieved workgroup
                #else AD not running and leave workgroup to one choosen by user
                adso = Service.objects.get(name='active-directory')
                adconfig = None
                adso_status = 1
                if (adso.config is not None):
                    adconfig = self._get_config(adso)
                    adso_out, adso_err, adso_status = service_status('active-directory', adconfig)
                    if adso_status == 0:
                        global_config['workgroup'] = adconfig['workgroup']
                    else:
                        adconfig = None

                self._save_config(service, global_config)
                update_global_config(global_config, adconfig)
                restart_samba(hard=True)
            except Exception, e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
Esempio n. 6
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service_name = 'smb'
        service = Service.objects.get(name=service_name)
        if (command == 'config'):
            aso = Service.objects.get(name='active-directory')
            if (aso.config is not None):
                e_msg = ('Active Directory service is configured, so '
                         'Workgroup is automatically retrieved and cannot '
                         'be set manually')
                handle_exception(Exception(e_msg), request)

            try:
                config = request.data.get('config', {'workgroup': 'MYGROUP',})
                workgroup = config['workgroup']
                self._save_config(service, config)
                update_global_config(workgroup)
                restart_samba(hard=True)
            except Exception, e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
Esempio n. 7
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service = Service.objects.get(name=self.service_name)

        if (command == 'config'):
            try:
                config = request.data.get('config', {})
                global_config = {}
                if 'global_config' in config:
                    gc_lines = config['global_config'].split('\n')
                    for l in gc_lines:
                        gc_param = l.strip().split(' = ')
                        if (len(gc_param) == 2):
                            if '=' in gc_param[0]:
                                raise Exception(
                                    'Syntax error, one param has wrong '
                                    'spaces around equal signs, '
                                    'please check syntax of '
                                    '\'%s\'' % ''.join(gc_param))
                            global_config[gc_param[0].strip().lower(
                            )] = gc_param[1].strip()  # noqa
                    # #E501 Default set current workgroup to one got via samba
                    # config page
                    global_config['workgroup'] = config['workgroup']
                else:
                    global_config = config
                # Check Active Directory config and status if AD configured and
                # ON set workgroup to AD retrieved workgroup else AD not
                # running and leave workgroup to one choosen by user
                adso = Service.objects.get(name='active-directory')
                adconfig = None
                adso_status = 1
                if (adso.config is not None):
                    adconfig = self._get_config(adso)
                    adso_out, adso_err, adso_status = service_status(
                        'active-directory', adconfig)
                    if adso_status == 0:
                        global_config['workgroup'] = adconfig['workgroup']
                    else:
                        adconfig = None

                self._save_config(service, global_config)
                update_global_config(global_config, adconfig)
                restart_samba(hard=True)
            except Exception as e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
        else:
            try:
                if (command == 'stop'):
                    systemctl('smb', 'disable')
                    systemctl('nmb', 'disable')
                else:
                    systemd_name = '%s.service' % self.service_name
                    ss_dest = ('/etc/systemd/system/%s' % systemd_name)
                    ss_src = ('%s/%s' % (settings.CONFROOT, systemd_name))
                    sum1 = md5sum(ss_dest)
                    sum2 = md5sum(ss_src)
                    if (sum1 != sum2):
                        shutil.copy(ss_src, ss_dest)
                    systemctl('smb', 'enable')
                    systemctl('nmb', 'enable')
                systemctl('nmb', command)
                systemctl('smb', command)
            except Exception as e:
                e_msg = ('Failed to %s samba due to a system error: %s' %
                         (command, e.__str__()))
                handle_exception(Exception(e_msg), request)
        return Response()
Esempio n. 8
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service = Service.objects.get(name=self.service_name)

        if (command == 'config'):
            try:
                config = request.data.get('config', {})
                global_config = {}
                if 'global_config' in config:
                    gc_lines = config['global_config'].split('\n')
                    for l in gc_lines:
                        gc_param = l.strip().split(' = ')
                        if (len(gc_param) == 2):
                            if '=' in gc_param[0]:
                                raise Exception(
                                    'Syntax error, one param has wrong '
                                    'spaces around equal signs, '
                                    'please check syntax of '
                                    '\'%s\'' % ''.join(gc_param))
                            global_config[gc_param[0].strip().lower()] = gc_param[1].strip()  # noqa
                    # #E501 Default set current workgroup to one got via samba
                    # config page
                    global_config['workgroup'] = config['workgroup']
                else:
                    global_config = config
                # Check Active Directory config and status if AD configured and
                # ON set workgroup to AD retrieved workgroup else AD not
                # running and leave workgroup to one choosen by user
                adso = Service.objects.get(name='active-directory')
                adconfig = None
                adso_status = 1
                if (adso.config is not None):
                    adconfig = self._get_config(adso)
                    adso_out, adso_err, adso_status = service_status(
                        'active-directory', adconfig)
                    if adso_status == 0:
                        global_config['workgroup'] = adconfig['workgroup']
                    else:
                        adconfig = None

                self._save_config(service, global_config)
                update_global_config(global_config, adconfig)
                restart_samba(hard=True)
            except Exception as e:
                e_msg = ('Samba could not be configured. Try again. '
                         'Exception: %s' % e.__str__())
                handle_exception(Exception(e_msg), request)
        else:
            try:
                if (command == 'stop'):
                    systemctl('smb', 'disable')
                    systemctl('nmb', 'disable')
                else:
                    systemd_name = '%s.service' % self.service_name
                    ss_dest = ('/etc/systemd/system/%s' % systemd_name)
                    ss_src = ('%s/%s' % (settings.CONFROOT, systemd_name))
                    sum1 = md5sum(ss_dest)
                    sum2 = md5sum(ss_src)
                    if (sum1 != sum2):
                        shutil.copy(ss_src, ss_dest)
                    systemctl('smb', 'enable')
                    systemctl('nmb', 'enable')
                systemctl('nmb', command)
                systemctl('smb', command)
            except Exception as e:
                e_msg = ('Failed to %s samba due to a system error: %s'
                         % (command, e.__str__()))
                handle_exception(Exception(e_msg), request)
        return Response()
Esempio n. 9
0
                    #nss
                    cmd += ['--enablewinbind', '--enablewins',]
                    #pam
                    cmd += ['--enablewinbindauth',]
                    #smb
                    cmd += ['--smbsecurity', 'ads', '--smbrealm', domain.upper(),]
                    #kerberos
                    cmd += ['--krb5realm=%s' % domain.upper(),]
                    #winbind
                    cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
                            '--winbindtemplateshell=/bin/sh',]
                    #general
                    cmd += ['--update', '--enablelocauthorize',]
                    run_command(cmd)
                workgroup = self._domain_workgroup(domain, method=method)
                update_global_config(workgroup, domain, config.get('idmap_range'), config.get('rfc2307'))
                self._join_domain(config, method=method)
                if (method == 'sssd' and config.get('enumerate') is True):
                    self._update_sssd(domain)
                so = Service.objects.get(name='smb')
                so.config = json.dumps({'workgroup': workgroup})
                so.save()

                if (method == 'winbind'):
                    systemctl('winbind', 'enable')
                    systemctl('winbind', 'start')
                systemctl('smb', 'restart')
                systemctl('nmb', 'restart')

            elif (command == 'stop'):
                config = self._config(service, request)
Esempio n. 10
0
    def post(self, request, command):
        """
        execute a command on the service
        """
        service = Service.objects.get(name=self.service_name)

        if command == "config":
            try:
                config = request.data.get("config", {})
                global_config = {}
                if "global_config" in config:
                    gc_lines = config["global_config"].split("\n")
                    for l in gc_lines:
                        gc_param = l.strip().split(" = ")
                        if len(gc_param) == 2:
                            if "=" in gc_param[0]:
                                raise Exception(
                                    "Syntax error, one param has wrong "
                                    "spaces around equal signs, "
                                    "please check syntax of "
                                    "'%s'" % "".join(gc_param))
                            global_config[gc_param[0].strip().lower(
                            )] = gc_param[1].strip()  # noqa
                    # #E501 Default set current workgroup to one got via samba
                    # config page
                    global_config["workgroup"] = config["workgroup"]
                else:
                    global_config = config
                # Check Active Directory config and status if AD configured and
                # ON set workgroup to AD retrieved workgroup else AD not
                # running and leave workgroup to one choosen by user
                adso = Service.objects.get(name="active-directory")
                adconfig = None
                adso_status = 1
                if adso.config is not None:
                    adconfig = self._get_config(adso)
                    adso_out, adso_err, adso_status = service_status(
                        "active-directory", adconfig)
                    if adso_status == 0:
                        global_config["workgroup"] = adconfig["workgroup"]
                    else:
                        adconfig = None

                self._save_config(service, global_config)
                update_global_config(global_config, adconfig)
                _, _, smb_rc = service_status(self.service_name)
                # Restart samba only if already ON
                # rc == 0 if service is ON, rc != 0 otherwise
                if smb_rc == 0:
                    restart_samba(hard=True)
            except Exception as e:
                e_msg = ("Samba could not be configured. Try again. "
                         "Exception: %s" % e.__str__())
                handle_exception(Exception(e_msg), request)
        else:
            try:
                if command == "stop":
                    systemctl("smb", "disable")
                    systemctl("nmb", "disable")
                else:
                    systemd_name = "{}.service".format(self.service_name)
                    distro_id = settings.OS_DISTRO_ID
                    self._write_smb_service(systemd_name, distro_id)
                    systemctl("smb", "enable")
                    systemctl("nmb", "enable")
                systemctl("nmb", command)
                systemctl("smb", command)
            except Exception as e:
                e_msg = "Failed to {} samba due to a system error: {}".format(
                    command, e.__str__())
                handle_exception(Exception(e_msg), request)
        return Response()
Esempio n. 11
0
                    ]
                    #winbind
                    cmd += [
                        '--enablewinbindoffline',
                        '--enablewinbindkrb5',
                        '--winbindtemplateshell=/bin/sh',
                    ]
                    #general
                    cmd += [
                        '--update',
                        '--enablelocauthorize',
                    ]
                    run_command(cmd)
                workgroup = self._domain_workgroup(domain, method=method)
                update_global_config(workgroup, domain,
                                     config.get('idmap_range'),
                                     config.get('rfc2307'))
                self._join_domain(config, method=method)
                if (method == 'sssd' and config.get('enumerate') is True):
                    self._update_sssd(domain)
                so = Service.objects.get(name='smb')
                so.config = json.dumps({'workgroup': workgroup})
                so.save()

                if (method == 'winbind'):
                    systemctl('winbind', 'enable')
                    systemctl('winbind', 'start')
                systemctl('smb', 'restart')
                systemctl('nmb', 'restart')

            elif (command == 'stop'):
Esempio n. 12
0
    def post(self, request, command):

        with self._handle_exception(request):
            method = 'winbind'
            service = Service.objects.get(name='active-directory')
            if (command == 'config'):
                config = request.data.get('config')
                self._validate_config(config, request)

                # 1. Name resolution check
                self._resolve_check(config.get('domain'), request)

                # 2. realm discover check?
                # @todo: phase our realm and just use net?
                domain = config.get('domain')
                try:
                    cmd = ['realm', 'discover', '--name-only', domain]
                    o, e, rc = run_command(cmd)
                except Exception as e:
                    e_msg = ('Failed to discover the given(%s) AD domain. '
                             'Error: %s' % (domain, e.__str__()))
                    handle_exception(Exception(e_msg), request)

                default_range = '10000 - 999999'
                idmap_range = config.get('idmap_range', '10000 - 999999')
                idmap_range = idmap_range.strip()
                if (len(idmap_range) > 0):
                    rfields = idmap_range.split()
                    if (len(rfields) != 3):
                        raise Exception('Invalid idmap range. valid format is '
                                        'two integers separated by a -. eg: '
                                        '10000 - 999999')
                    try:
                        rlow = int(rfields[0].strip())
                        rhigh = int(rfields[2].strip())
                    except Exception as e:
                        raise Exception('Invalid idmap range. Numbers in the '
                                        'range must be valid integers. '
                                        'Error: %s.' % e.__str__())
                    if (rlow >= rhigh):
                        raise Exception('Invalid idmap range. Numbers in the '
                                        'range must go from low to high. eg: '
                                        '10000 - 999999')
                else:
                    config['idmap_range'] = default_range

                self._save_config(service, config)

            elif (command == 'start'):
                config = self._config(service, request)
                smbo = Service.objects.get(name='smb')
                smb_config = self._get_config(smbo)
                domain = config.get('domain')
                # 1. make sure ntpd is running, or else, don't start.
                self._ntp_check(request)
                # 2. Name resolution check?
                self._resolve_check(config.get('domain'), request)

                if (method == 'winbind'):
                    cmd = [
                        '/usr/sbin/authconfig',
                    ]
                    # nss
                    cmd += [
                        '--enablewinbind',
                        '--enablewins',
                    ]
                    # pam
                    cmd += [
                        '--enablewinbindauth',
                    ]
                    # smb
                    cmd += [
                        '--smbsecurity',
                        'ads',
                        '--smbrealm',
                        domain.upper(),
                    ]
                    # kerberos
                    cmd += [
                        '--krb5realm=%s' % domain.upper(),
                    ]
                    # winbind
                    cmd += [
                        '--enablewinbindoffline',
                        '--enablewinbindkrb5',
                        '--winbindtemplateshell=/bin/sh',
                    ]
                    # general
                    cmd += [
                        '--update',
                        '--enablelocauthorize',
                    ]
                    run_command(cmd)
                config['workgroup'] = self._domain_workgroup(domain,
                                                             method=method)
                self._save_config(service, config)
                update_global_config(smb_config, config)
                self._join_domain(config, method=method)
                if (method == 'sssd' and config.get('enumerate') is True):
                    self._update_sssd(domain)

                if (method == 'winbind'):
                    systemctl('winbind', 'enable')
                    systemctl('winbind', 'start')
                systemctl('smb', 'restart')
                systemctl('nmb', 'restart')

            elif (command == 'stop'):
                config = self._config(service, request)
                try:
                    self._leave_domain(config, method=method)
                    smbo = Service.objects.get(name='smb')
                    smb_config = self._get_config(smbo)
                    update_global_config(smb_config)
                    systemctl('smb', 'restart')
                    systemctl('nmb', 'restart')
                except Exception as e:
                    e_msg = ('Failed to leave AD domain(%s). Error: %s' %
                             (config.get('domain'), e.__str__()))
                    handle_exception(Exception(e_msg), request)

            return Response()
    def post(self, request, command):

        with self._handle_exception(request):
            method = "sssd"
            service = Service.objects.get(name="active-directory")
            if command == "config":
                config = request.data.get("config")
                self._validate_config(config, request)

                # 1. Name resolution check
                self._resolve_check(config.get("domain"), request)

                # 2. realm discover check?
                domain = config.get("domain")
                try:
                    cmd = [REALM, "discover", "--name-only", domain]
                    o, e, rc = run_command(cmd)
                except Exception as e:
                    e_msg = ("Failed to discover the given({}) AD domain. "
                             "Error: {}".format(domain, e.__str__()))
                    handle_exception(Exception(e_msg), request)
                # Would be required only if method == "winbind":
                # validate_idmap_range(config)

                self._save_config(service, config)

            elif command == "start":
                config = self._config(service, request)
                domain = config.get("domain")
                # 1. make sure ntpd is running, or else, don't start.
                self._ntp_check(request)
                # 2. Name resolution check?
                self._resolve_check(config.get("domain"), request)
                # 3. Get current Samba config
                smbo = Service.objects.get(name="smb")
                smb_config = self._get_config(smbo)

                if method == "winbind":
                    cmd = [
                        "/usr/sbin/authconfig",
                    ]
                    # nss
                    cmd += [
                        "--enablewinbind",
                        "--enablewins",
                    ]
                    # pam
                    cmd += [
                        "--enablewinbindauth",
                    ]
                    # smb
                    cmd += [
                        "--smbsecurity",
                        "ads",
                        "--smbrealm",
                        domain.upper(),
                    ]
                    # kerberos
                    cmd += [
                        "--krb5realm=%s" % domain.upper(),
                    ]
                    # winbind
                    cmd += [
                        "--enablewinbindoffline",
                        "--enablewinbindkrb5",
                        "--winbindtemplateshell=/bin/sh",
                    ]
                    # general
                    cmd += [
                        "--update",
                        "--enablelocauthorize",
                    ]
                    run_command(cmd)
                config["workgroup"] = domain_workgroup(domain, method=method)
                self._save_config(service, config)
                update_global_config(smb_config, config)
                join_domain(config, method=method)

                # Customize SSSD config
                if (method == "sssd"
                        and (config.get("enumerate")
                             or config.get("case_sensitive")) is True):
                    sssd_update_ad(domain, config)

                # Update nsswitch.conf
                update_nss(["passwd", "group"], "sss")

                systemctl("smb", "restart")
                systemctl("nmb", "restart")
                # The winbind service is required only for id mapping while
                # accessing samba shares hosted by Rockstor
                systemctl("winbind", "enable")
                systemctl("winbind", "start")

            elif command == "stop":
                config = self._config(service, request)
                try:
                    leave_domain(config, method=method)
                    smbo = Service.objects.get(name="smb")
                    smb_config = self._get_config(smbo)
                    update_global_config(smb_config)
                    systemctl("smb", "restart")
                    systemctl("nmb", "restart")
                    systemctl("winbind", "stop")
                    systemctl("winbind", "disable")
                    update_nss(["passwd", "group"], "sss", remove=True)
                except Exception as e:
                    e_msg = "Failed to leave AD domain({}). Error: {}".format(
                        config.get("domain"),
                        e.__str__(),
                    )
                    handle_exception(Exception(e_msg), request)

            return Response()
Esempio n. 14
0
    def post(self, request, command):

        with self._handle_exception(request):
            method = "sssd"
            service = Service.objects.get(name="active-directory")
            if command == "config":
                config = request.data.get("config")
                self._validate_config(config, request)

                # 1. Name resolution check
                self._resolve_check(config.get("domain"), request)

                # 2. realm discover check?
                domain = config.get("domain")
                try:
                    cmd = [REALM, "discover", "--name-only", domain]
                    o, e, rc = run_command(cmd)
                except Exception as e:
                    e_msg = ("Failed to discover the given({}) AD domain. "
                             "Error: {}".format(domain, e.__str__()))
                    handle_exception(Exception(e_msg), request)
                # Would be required only if method == "winbind":
                # validate_idmap_range(config)

                self._save_config(service, config)

            elif command == "start":
                config = self._config(service, request)
                domain = config.get("domain")
                # 1. make sure ntpd is running, or else, don't start.
                self._ntp_check(request)
                # 2. Name resolution check?
                self._resolve_check(config.get("domain"), request)

                if method == "winbind":
                    cmd = [
                        "/usr/sbin/authconfig",
                    ]
                    # nss
                    cmd += [
                        "--enablewinbind",
                        "--enablewins",
                    ]
                    # pam
                    cmd += [
                        "--enablewinbindauth",
                    ]
                    # smb
                    cmd += [
                        "--smbsecurity",
                        "ads",
                        "--smbrealm",
                        domain.upper(),
                    ]
                    # kerberos
                    cmd += [
                        "--krb5realm=%s" % domain.upper(),
                    ]
                    # winbind
                    cmd += [
                        "--enablewinbindoffline",
                        "--enablewinbindkrb5",
                        "--winbindtemplateshell=/bin/sh",
                    ]
                    # general
                    cmd += [
                        "--update",
                        "--enablelocauthorize",
                    ]
                    run_command(cmd)
                # 3. Get WORKGROUP from AD server
                config["workgroup"] = domain_workgroup(domain, method=method)

                # 4. Update Samba config
                smbo = Service.objects.get(name="smb")
                # smb_config = self._get_config(smbo)
                try:
                    smb_config = self._get_config(smbo)
                    if smb_config["workgroup"] != config["workgroup"]:
                        # the current Samba workgroup is different than what
                        # we need so stop here and alert the user
                        err_msg = (
                            "The AD domain workgroup differs from the workgroup "
                            "currently defined in the Samba configuration:\n"
                            "AD domain workgroup: {}\n"
                            "Samba workgroup: {}\n"
                            "Ensure the Samba workgroup matches the AD domain "
                            "workgroup and try again.".format(
                                config["workgroup"], smb_config["workgroup"]))
                        raise Exception(err_msg)
                except TypeError:
                    # Samba service is not configured, so let's do that now
                    smb_config = {}
                    smb_config["workgroup"] = config["workgroup"]
                    self._save_config(smbo, smb_config)
                # finally:
                #     # Set Samba WORKGROUP as AD REALM and save entry to Model
                update_global_config(smb_config, config)

                # 5. Save final Active_Directory service config and join AD
                self._save_config(service, config)
                join_domain(config, method=method)

                # Customize SSSD config
                if (method == "sssd"
                        and (config.get("enumerate")
                             or config.get("case_sensitive")) is True):
                    sssd_update_ad(domain, config)

                # Update nsswitch.conf
                update_nss(["passwd", "group"], "sss")

                systemctl("smb", "restart")
                systemctl("nmb", "restart")
                # The winbind service is required only for id mapping while
                # accessing samba shares hosted by Rockstor
                systemctl("winbind", "enable")
                systemctl("winbind", "start")

            elif command == "stop":
                config = self._config(service, request)
                try:
                    leave_domain(config, method=method)
                    smbo = Service.objects.get(name="smb")
                    smb_config = self._get_config(smbo)
                    update_global_config(smb_config)
                    systemctl("smb", "restart")
                    systemctl("nmb", "restart")
                    systemctl("winbind", "stop")
                    systemctl("winbind", "disable")
                    update_nss(["passwd", "group"], "sss", remove=True)
                except Exception as e:
                    e_msg = "Failed to leave AD domain({}). Error: {}".format(
                        config.get("domain"),
                        e.__str__(),
                    )
                    handle_exception(Exception(e_msg), request)

            return Response()
Esempio n. 15
0
    def post(self, request, command):

        with self._handle_exception(request):
            method = 'winbind'
            service = Service.objects.get(name='active-directory')
            if (command == 'config'):
                config = request.data.get('config')
                self._validate_config(config, request)

                # 1. Name resolution check
                self._resolve_check(config.get('domain'), request)

                # 2. realm discover check?
                # @todo: phase our realm and just use net?
                domain = config.get('domain')
                try:
                    cmd = ['realm', 'discover', '--name-only', domain]
                    o, e, rc = run_command(cmd)
                except Exception as e:
                    e_msg = ('Failed to discover the given(%s) AD domain. '
                             'Error: %s' % (domain, e.__str__()))
                    handle_exception(Exception(e_msg), request)

                default_range = '10000 - 999999'
                idmap_range = config.get('idmap_range', '10000 - 999999')
                idmap_range = idmap_range.strip()
                if (len(idmap_range) > 0):
                    rfields = idmap_range.split()
                    if (len(rfields) != 3):
                        raise Exception('Invalid idmap range. valid format is '
                                        'two integers separated by a -. eg: '
                                        '10000 - 999999')
                    try:
                        rlow = int(rfields[0].strip())
                        rhigh = int(rfields[2].strip())
                    except Exception as e:
                        raise Exception('Invalid idmap range. Numbers in the '
                                        'range must be valid integers. '
                                        'Error: %s.' % e.__str__())
                    if (rlow >= rhigh):
                        raise Exception('Invalid idmap range. Numbers in the '
                                        'range must go from low to high. eg: '
                                        '10000 - 999999')
                else:
                    config['idmap_range'] = default_range

                self._save_config(service, config)

            elif (command == 'start'):
                config = self._config(service, request)
                smbo = Service.objects.get(name='smb')
                smb_config = self._get_config(smbo)
                domain = config.get('domain')
                # 1. make sure ntpd is running, or else, don't start.
                self._ntp_check(request)
                # 2. Name resolution check?
                self._resolve_check(config.get('domain'), request)

                if (method == 'winbind'):
                    cmd = ['/usr/sbin/authconfig', ]
                    # nss
                    cmd += ['--enablewinbind', '--enablewins', ]
                    # pam
                    cmd += ['--enablewinbindauth', ]
                    # smb
                    cmd += ['--smbsecurity', 'ads', '--smbrealm',
                            domain.upper(), ]
                    # kerberos
                    cmd += ['--krb5realm=%s' % domain.upper(), ]
                    # winbind
                    cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
                            '--winbindtemplateshell=/bin/sh', ]
                    # general
                    cmd += ['--update', '--enablelocauthorize', ]
                    run_command(cmd)
                config['workgroup'] = self._domain_workgroup(domain,
                                                             method=method)
                self._save_config(service, config)
                update_global_config(smb_config, config)
                self._join_domain(config, method=method)
                if (method == 'sssd' and config.get('enumerate') is True):
                    self._update_sssd(domain)

                if (method == 'winbind'):
                    systemctl('winbind', 'enable')
                    systemctl('winbind', 'start')
                systemctl('smb', 'restart')
                systemctl('nmb', 'restart')

            elif (command == 'stop'):
                config = self._config(service, request)
                try:
                    self._leave_domain(config, method=method)
                    smbo = Service.objects.get(name='smb')
                    smb_config = self._get_config(smbo)
                    update_global_config(smb_config)
                    systemctl('smb', 'restart')
                    systemctl('nmb', 'restart')
                except Exception as e:
                    e_msg = ('Failed to leave AD domain(%s). Error: %s' %
                             (config.get('domain'), e.__str__()))
                    handle_exception(Exception(e_msg), request)

            return Response()
Esempio n. 16
0
                    cmd += ['--enablewinbind', '--enablewins',]
                    #pam
                    cmd += ['--enablewinbindauth',]
                    #smb
                    cmd += ['--smbsecurity', 'ads', '--smbrealm', domain.upper(),]
                    #kerberos
                    cmd += ['--krb5realm=%s' % domain.upper(),]
                    #winbind
                    cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
                            '--winbindtemplateshell=/bin/sh',]
                    #general
                    cmd += ['--update', '--enablelocauthorize',]
                    run_command(cmd)
                config['workgroup'] = self._domain_workgroup(domain, method=method)
                self._save_config(service, config)
                update_global_config(smb_config, config)
                self._join_domain(config, method=method)
                if (method == 'sssd' and config.get('enumerate') is True):
                    self._update_sssd(domain)

                if (method == 'winbind'):
                    systemctl('winbind', 'enable')
                    systemctl('winbind', 'start')
                systemctl('smb', 'restart')
                systemctl('nmb', 'restart')

            elif (command == 'stop'):
                config = self._config(service, request)
                try:
                    self._leave_domain(config, method=method)
                    smbo = Service.objects.get(name='smb')
                #2. Name resolution check?
                self._resolve_check(config.get('domain'), request)

                try:
                    #4. realmd stuff
                    self._join_domain(config)
                    if (config.get('enumerate') is True):
                        self._update_sssd(domain)
                except Exception, e:
                    e_msg = ('Failed to join AD domain(%s). Error: %s' %
                             (config.get('domain'), e.__str__()))
                    handle_exception(Exception(e_msg), request)

                workgroup = self._domain_workgroup(domain)
                so = Service.objects.get(name='smb')
                so.config = json.dumps({'workgroup': workgroup})
                so.save()
                update_global_config(workgroup, domain)

            elif (command == 'stop'):
                config = self._config(service, request)
                try:
                    self._leave_domain(config)
                except Exception, e:
                    e_msg = ('Failed to leave AD domain(%s). Error: %s' %
                             (config.get('domain'), e.__str__()))
                    handle_exception(Exception(e_msg), request)


            return Response()
Esempio n. 18
0
                    #nss
                    cmd += ['--enablewinbind', '--enablewins',]
                    #pam
                    cmd += ['--enablewinbindauth',]
                    #smb
                    cmd += ['--smbsecurity', 'ads', '--smbrealm', domain.upper(),]
                    #kerberos
                    cmd += ['--krb5realm=%s' % domain.upper(),]
                    #winbind
                    cmd += ['--enablewinbindoffline', '--enablewinbindkrb5',
                            '--winbindtemplateshell=/bin/sh',]
                    #general
                    cmd += ['--update', '--enablelocauthorize',]
                    run_command(cmd)
                config['workgroup'] = self._domain_workgroup(domain, method=method)
                update_global_config(smb_config, config)
                self._join_domain(config, method=method)
                if (method == 'sssd' and config.get('enumerate') is True):
                    self._update_sssd(domain)

                if (method == 'winbind'):
                    systemctl('winbind', 'enable')
                    systemctl('winbind', 'start')
                systemctl('smb', 'restart')
                systemctl('nmb', 'restart')

            elif (command == 'stop'):
                config = self._config(service, request)
                try:
                    self._leave_domain(config, method=method)
                    smbo = Service.objects.get(name='smb')