def removeLdapDatabase(self): """Удаляем предыдущую базу данных""" pathDatabase = "/var/lib/openldap-data" # if os.path.exists(pathDatabase) and os.listdir(pathDatabase): # if os.system("rm /var/lib/openldap-data/* &>/dev/null") !=0: # self.printERROR("Can't remove /var/lib/openldap-data/*") # return False # return True if os.path.exists(pathDatabase): fileOrDirNames = os.listdir(pathDatabase) if fileOrDirNames: for fileOrDirName in fileOrDirNames: fullFileOrDirName = os.path.join(pathDatabase, fileOrDirName) if os.path.isdir(fullFileOrDirName): try: removeDir(pathDatabase) except: self.printERROR(_("Can't remove directory %s") % fullFileOrDirName) return False else: try: os.remove(fullFileOrDirName) except: self.printERROR(_("Can't remove file %s") % fullFileOrDirName) return False self.printOK(_("Erased LDAP Database") + " ...") return True
def restorePathDelUser(self,userName,destDir,relDir,message,unixObj=False): """Восстанавливает директорию удаленного пользователя""" removedDir = False flagError = False resRestore = self.__restoreDelUser(userName, relDir, destDir, message, unixObj) # Если ошибка то выходим if not resRestore: flagError = True # Флаг создания директории профиля пользователя createDir = destDir term = "" if resRestore == True: term = message if not flagError and type(resRestore) == types.TupleType: # Если cansel if resRestore[0] == "Cancel": # Удаляем пользователя flagError = True term = None # Если No elif resRestore[0] == "No": try: removeDir(resRestore[1]) except: flagError = True if not flagError: removedDir = resRestore[1] term = False elif resRestore[0] == "Yes": createDir = False removedDir = resRestore[1] term = True if flagError or term == "": return False else: return (term, createDir, removedDir)
def createCertificateAutority(self,sslCountry=sslCountry, sslState=sslState, sslLocality=sslLocality, sslOrganization=sslOrganization, sslUnit=sslUnit, sslCommonName=sslCommonName, sslEmail=sslEmail, nsCertType=nsCertType, sslDays=sslDays, sslBits=sslBits, userName=userName, CAPath=CAPath, CACertFileName=CACertFileName, CAKeyFileName=CAKeyFileName, CACrlFileName=CACrlFileName, fileMode=fileMode, force=False): '''Create CA''' rCACertFile = os.path.join(self.rCACertPath, CACertFileName) rCAKeyFile = os.path.join(self.rCAKeyPath, CAKeyFileName) rCACrlFile = os.path.join(self.rCACrlPath, CACrlFileName) rRandFile = os.path.join(self.rCAKeyPath,".rnd") CACertFile = os.path.join(CAPath, rCACertFile) CAKeyFile = os.path.join(CAPath, rCAKeyFile) # Cerificates exists if not force and os.path.isfile(CACertFile) and\ os.path.isfile(CAKeyFile): return True # получаем id и gid пользователя try: pwdObj = pwd.getpwnam(userName) except: self.printERROR(_("User %s not found")%userName) return False uid = pwdObj.pw_uid gid = pwdObj.pw_gid # delete certificate dir if os.path.isdir(CAPath): removeDir(CAPath) # create certificate dirs self._createDir(CAPath) CACertPath = os.path.join(CAPath, self.rCACertPath) CAKeyPath = os.path.join(CAPath, self.rCAKeyPath) CACrlPath = os.path.join(CAPath, self.rCACrlPath) for createDir in [CACertPath, CAKeyPath, CACrlPath]: self._createDir(createDir) # save serial number SerialFile = os.path.join(CAPath, self.rSerialFileName) self._createFile(SerialFile, "01\n") # create database file DatabaseFile = os.path.join(CAPath, self.rDatabaseFileName) self._createFile(DatabaseFile, "") textCnf = self.templCnfCA%{'CAPath':CAPath, 'rCACertPath':self.rCACertPath, 'rCACrlPath':self.rCACrlPath, 'rDatabaseFileName':self.rDatabaseFileName, 'rCACertFile':rCACertFile, 'rSerialFileName':self.rSerialFileName, 'rCACrlFile':rCACrlFile, 'rCAKeyFile':rCAKeyFile, 'rRandFile':rRandFile, 'sslBits':sslBits, 'sslCountry':sslCountry, 'sslState':sslState, 'sslLocality':sslLocality, 'sslOrganization':sslOrganization, 'sslUnit':sslUnit, 'sslCommonName':sslCommonName, 'sslEmail':sslEmail, 'nsCertType':nsCertType} cnfFile = self.createCnfFile(textCnf) if cnfFile is False: return False # generate CA RSA key execStr = self.templCreateKey%{'sslFile':self.sslFile, 'certKeyFile':CAKeyFile, 'sslBits':sslBits} if execProg(execStr) is False: self.printERROR(_("Can not execute '%s'")%execStr) return False if os.path.exists(CAKeyFile): os.chown(CAKeyFile, uid,gid) os.chmod(CAKeyFile, fileMode) # create CA execStr = self.templCreateCert%{'sslFile':self.sslFile, 'sslDays':sslDays, 'cnfFile':cnfFile, 'certKeyFile':CAKeyFile, 'certFile':CACertFile} if execProg(execStr) is False: self.printERROR(_("Can not execute '%s'")%execStr) return False if os.path.exists(CACertFile): os.chown(CACertFile, uid,gid) os.chmod(CACertFile, fileMode) if os.path.exists(cnfFile): os.remove(cnfFile) # check certificate return self.checkCertificate(CACertFile)