def generate_smb4_system_shares(smb4_shares): if domaincontroller_enabled(): try: dc = DomainController.objects.all()[0] sysvol_path = "/var/db/samba4/sysvol" for share in ["sysvol", "netlogon"]: confset1(smb4_shares, "\n") confset1(smb4_shares, "[%s]" % (share), space=0) if share == "sysvol": path = sysvol_path else: path = "%s/%s/scripts" % (sysvol_path, dc.dc_realm.lower()) confset1(smb4_shares, "path = %s" % (path)) confset1(smb4_shares, "read only = no") vfs_objects = [] extend_vfs_objects_for_zfs(path, vfs_objects) config_share_for_vfs_objects(smb4_shares, vfs_objects) config_share_for_nfs4(smb4_shares) config_share_for_zfs(smb4_shares) except: pass
def delete(self, using=None, reload=True): from freenasUI.services.models import CIFS if self.bsdusr_builtin is True: raise ValueError(_( "User %s is built-in and can not be deleted!" ) % (self.bsdusr_username)) notifier().user_deleteuser(self.bsdusr_username.encode('utf-8')) if domaincontroller_enabled(): Samba4().user_delete(self.bsdusr_username.encode('utf-8')) try: gobj = self.bsdusr_group count = bsdGroupMembership.objects.filter( bsdgrpmember_group=gobj).count() count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude( id=self.id).count() if not gobj.bsdgrp_builtin and count == 0 and count2 == 0: gobj.delete(reload=False, pwdelete=False) except: pass cifs = CIFS.objects.latest('id') if cifs: if cifs.cifs_srv_guest == self.bsdusr_username: cifs.cifs_srv_guest = 'nobody' cifs.save() super(bsdUsers, self).delete(using) if reload: notifier().reload("user")
def generate_smb4_system_shares(smb4_shares): if domaincontroller_enabled(): try: dc = DomainController.objects.all()[0] sysvol_path = "/var/db/samba4/sysvol" for share in ["sysvol", "netlogon"]: confset1(smb4_shares, "\n") confset1(smb4_shares, "[%s]" % (share), space=0) if share == "sysvol": path = sysvol_path else: path = "%s/%s/scripts" % (sysvol_path, dc.dc_realm.lower()) confset1(smb4_shares, "path = %s" % (path)) confset1(smb4_shares, "read only = no") vfs_objects = [] extend_vfs_objects_for_zfs(path, vfs_objects) config_share_for_vfs_objects(smb4_shares, vfs_objects) config_share_for_nfs4(smb4_shares) config_share_for_zfs(smb4_shares) except: pass
def main(): nsswitch_conf = { 'group': ['files'], 'hosts': ['files', 'mdns', 'dns'], 'networks': ['files'], 'passwd': ['files'], 'shells': ['files'], 'services': ['files'], 'protocols': ['files'], 'rpc': ['files'], 'sudoers': ['files'] } verb = "start" if len(sys.argv) > 1: verb = sys.argv[1].lower() if verb == 'start': if activedirectory_enabled() and \ activedirectory_has_unix_extensions() and \ activedirectory_has_principal(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') elif activedirectory_enabled() or \ domaincontroller_enabled() or nt4_enabled(): nsswitch_conf['passwd'].append('winbind') nsswitch_conf['group'].append('winbind') #if nt4_enabled(): # nsswitch_conf['hosts'].append('wins') if ldap_enabled() and ldap_anonymous_bind(): nsswitch_conf['passwd'].append('ldap') nsswitch_conf['group'].append('ldap') elif ldap_enabled(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') if ldap_sudo_configured(): nsswitch_conf['sudoers'].append('sss') if nis_enabled(): nsswitch_conf['passwd'].append('nis') nsswitch_conf['group'].append('nis') nsswitch_conf['hosts'].append('nis') try: fd = os.open(NSSWITCH_CONF_PATH, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0644) for key in nsswitch_conf: line = "%s: %s\n" % ( key.strip(), string.join(map(lambda x: x.strip(), nsswitch_conf[key]), ' ')) os.write(fd, line) os.close(fd) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (NSSWITCH_CONF_PATH, e) sys.exit(1)
def main(): nsswitch_conf = { 'group': ['files'], 'hosts': ['files', 'mdns', 'dns'], 'networks': ['files'], 'passwd': ['files'], 'shells': ['files'], 'services': ['files'], 'protocols': ['files'], 'rpc': ['files'], 'sudoers': ['files'] } verb = "start" if len(sys.argv) > 1: verb = sys.argv[1].lower() if verb == 'start': if activedirectory_enabled() and \ activedirectory_has_unix_extensions() and \ activedirectory_has_keytab(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') elif activedirectory_enabled() or \ domaincontroller_enabled() or nt4_enabled(): nsswitch_conf['passwd'].append('winbind') nsswitch_conf['group'].append('winbind') #if nt4_enabled(): # nsswitch_conf['hosts'].append('wins') if ldap_enabled() and ldap_anonymous_bind(): nsswitch_conf['passwd'].append('ldap') nsswitch_conf['group'].append('ldap') elif ldap_enabled(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') if ldap_sudo_configured(): nsswitch_conf['sudoers'].append('sss') if nis_enabled(): nsswitch_conf['passwd'].append('nis') nsswitch_conf['group'].append('nis') nsswitch_conf['hosts'].append('nis') try: fd = os.open(NSSWITCH_CONF_PATH, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0644) for key in nsswitch_conf: line = "%s: %s\n" % ( key.strip(), string.join(map(lambda x: x.strip(), nsswitch_conf[key]), ' ') ) os.write(fd, line) os.close(fd) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (NSSWITCH_CONF_PATH, e) sys.exit(1)
def delete(self, using=None, reload=True): if self.bsdgrp_builtin is True: raise ValueError( _("Group %s is built-in and can not be deleted!") % (self.bsdgrp_group)) notifier().user_deletegroup(self.bsdgrp_group.encode('utf-8')) if domaincontroller_enabled(): Samba4().group_delete(self.bsdgrp_group.encode('utf-8')) super(bsdGroups, self).delete(using) if reload: notifier().reload("user")
def delete(self, using=None, reload=True): if self.bsdgrp_builtin is True: raise ValueError(_( "Group %s is built-in and can not be deleted!" ) % (self.bsdgrp_group)) notifier().user_deletegroup(self.bsdgrp_group.encode('utf-8')) if domaincontroller_enabled(): Samba4().group_delete(self.bsdgrp_group.encode('utf-8')) super(bsdGroups, self).delete(using) if reload: notifier().reload("user")
def main(): domain = None nameservers = [] if domaincontroller_enabled(): try: cifs = CIFS.objects.all()[0] dc = DomainController.objects.all()[0] domain = dc.dc_realm if cifs.cifs_srv_bindip: for ip in cifs.cifs_srv_bindip: nameservers.append(ip) else: nameservers.append("127.0.0.1") except Exception as e: print >> sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) else: try: gc = GlobalConfiguration.objects.all()[0] if gc.gc_domain: domain = gc.gc_domain if gc.gc_nameserver1: nameservers.append(gc.gc_nameserver1) if gc.gc_nameserver2: nameservers.append(gc.gc_nameserver2) if gc.gc_nameserver3: nameservers.append(gc.gc_nameserver3) except Exception as e: print >> sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) if (not nameservers and Interfaces.objects.filter(int_dhcp=True)) or len( Interfaces.objects.all()) == 0: sys.exit(0) try: fd = os.open(RESOLV_CONF_PATH, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0644) if domain: os.write(fd, "search %s\n" % domain) for ns in nameservers: os.write(fd, "nameserver %s\n" % ns) os.close(fd) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (RESOLV_CONF_PATH, e) sys.exit(1)
def __new__(cls, **kwargs): log.debug("FreeNAS_GroupCache.__new__: enter") obj = None if ldap_enabled() or activedirectory_enabled() or \ nt4_enabled() or nis_enabled() or domaincontroller_enabled(): obj = FreeNAS_Directory_LocalGroupCache(**kwargs) else: obj = FreeNAS_BaseCache(**kwargs) log.debug("FreeNAS_GroupCache.__new__: leave") return obj
def get_server_role(): role = "standalone" if nt4_enabled() or activedirectory_enabled() or smb4_ldap_enabled(): role = "member" if domaincontroller_enabled(): try: dc = DomainController.objects.all()[0] role = dc.dc_role except: pass return role
def _get_dflags(): dflags = 0 if activedirectory_enabled(): dflags |= U_AD_ENABLED elif nis_enabled(): dflags |= U_NIS_ENABLED elif ldap_enabled(): dflags |= U_LDAP_ENABLED elif domaincontroller_enabled(): dflags |= U_DC_ENABLED return dflags
def get_server_role(): role = "standalone" if nt4_enabled() or activedirectory_enabled() or smb4_ldap_enabled(): role = "member" if domaincontroller_enabled(): try: dc = DomainController.objects.all()[0] role = dc.dc_role except: pass return role
def __new__(cls, **kwargs): log.debug("FreeNAS_GroupCache.__new__: enter") obj = None if ldap_enabled() or activedirectory_enabled() or \ nt4_enabled() or nis_enabled() or domaincontroller_enabled(): obj = FreeNAS_Directory_LocalGroupCache(**kwargs) else: obj = FreeNAS_BaseCache(**kwargs) log.debug("FreeNAS_GroupCache.__new__: leave") return obj
def _get_dflags(): dflags = 0 if activedirectory_enabled(): dflags |= U_AD_ENABLED elif nis_enabled(): dflags |= U_NIS_ENABLED elif ldap_enabled(): dflags |= U_LDAP_ENABLED elif domaincontroller_enabled(): dflags |= U_DC_ENABLED return dflags
def main(): domain = None nameservers = [] if domaincontroller_enabled(): try: cifs = CIFS.objects.all()[0] dc = DomainController.objects.all()[0] domain = dc.dc_realm if cifs.cifs_srv_bindip: for ip in cifs.cifs_srv_bindip: nameservers.append(ip) else: nameservers.append("127.0.0.1") except Exception as e: print >> sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) else: try: gc = GlobalConfiguration.objects.all()[0] if gc.gc_domain: domain = gc.gc_domain if gc.gc_nameserver1: nameservers.append(gc.gc_nameserver1) if gc.gc_nameserver2: nameservers.append(gc.gc_nameserver2) if gc.gc_nameserver3: nameservers.append(gc.gc_nameserver3) except Exception as e: print >> sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) if (not nameservers and Interfaces.objects.filter(int_dhcp=True)) or len(Interfaces.objects.all()) == 0: sys.exit(0) try: fd = os.open(RESOLV_CONF_PATH, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0644) if domain: os.write(fd, "search %s\n" % domain) for ns in nameservers: os.write(fd, "nameserver %s\n" % ns) os.close(fd) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (RESOLV_CONF_PATH, e) sys.exit(1)
def main(): nsswitch_conf = { 'group': ['files'], 'hosts': ['files', 'dns'], 'networks': ['files'], 'passwd': ['files'], 'shells': ['files'], 'services': ['files'], 'protocols': ['files'], 'rpc': ['files'] } if activedirectory_enabled() and activedirectory_has_unix_extensions(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') elif activedirectory_enabled() or \ domaincontroller_enabled() or nt4_enabled(): nsswitch_conf['passwd'].append('winbind') nsswitch_conf['group'].append('winbind') if nt4_enabled(): nsswitch_conf['hosts'].append('wins') if ldap_enabled(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') if nis_enabled(): nsswitch_conf['passwd'].append('nis') nsswitch_conf['group'].append('nis') nsswitch_conf['hosts'].append('nis') try: fd = os.open(NSSWITCH_CONF_PATH, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0644) for key in nsswitch_conf: line = "%s: %s\n" % ( key.strip(), string.join(map(lambda x: x.strip(), nsswitch_conf[key]), ' ') ) os.write(fd, line) os.close(fd) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (NSSWITCH_CONF_PATH, e) sys.exit(1)
def __new__(cls, **kwargs): log.debug("FreeNAS_Directory_LocalGroupCache.__new__: enter") obj = None if ldap_enabled(): obj = FreeNAS_LDAP_LocalGroupCache(**kwargs) elif activedirectory_enabled(): obj = FreeNAS_ActiveDirectory_LocalGroupCache(**kwargs) elif nis_enabled(): obj = FreeNAS_NIS_LocalGroupCache(**kwargs) elif domaincontroller_enabled(): obj = FreeNAS_DomainController_LocalGroupCache(**kwargs) log.debug("FreeNAS_Directory_LocalGroupCache.__new__: leave") return obj
def __new__(cls, **kwargs): log.debug("FreeNAS_Directory_LocalGroupCache.__new__: enter") obj = None if ldap_enabled(): obj = FreeNAS_LDAP_LocalGroupCache(**kwargs) elif activedirectory_enabled(): obj = FreeNAS_ActiveDirectory_LocalGroupCache(**kwargs) elif nis_enabled(): obj = FreeNAS_NIS_LocalGroupCache(**kwargs) elif domaincontroller_enabled(): obj = FreeNAS_DomainController_LocalGroupCache(**kwargs) log.debug("FreeNAS_Directory_LocalGroupCache.__new__: leave") return obj
def generate_smb4_system_shares(smb4_shares): if domaincontroller_enabled(): try: dc = DomainController.objects.all()[0] sysvol_path = "/var/db/samba4/sysvol" confset1(smb4_shares, "\n") confset1(smb4_shares, "[sysvol]", space=0) confset1(smb4_shares, "path = %s" % sysvol_path) confset1(smb4_shares, "read only = no") confset1(smb4_shares, "\n") confset1(smb4_shares, "[netlogon]", space=0) confset1(smb4_shares, "path = %s/%s/scripts" % (sysvol_path, dc.dc_realm.lower())) confset1(smb4_shares, "read only = no") except: pass
def generate_smb4_system_shares(smb4_shares): if domaincontroller_enabled(): try: dc = DomainController.objects.all()[0] sysvol_path = "/var/db/samba4/sysvol" confset1(smb4_shares, "\n") confset1(smb4_shares, "[sysvol]", space=0) confset1(smb4_shares, "path = %s" % sysvol_path) confset1(smb4_shares, "read only = no") confset1(smb4_shares, "\n") confset1(smb4_shares, "[netlogon]", space=0) confset1(smb4_shares, "path = %s/%s/scripts" % ( sysvol_path, dc.dc_realm.lower())) confset1(smb4_shares, "read only = no") except: pass
def main(): nsswitch_conf = { 'group': ['files'], 'hosts': ['files', 'dns'], 'networks': ['files'], 'passwd': ['files'], 'shells': ['files'], 'services': ['files'], 'protocols': ['files'], 'rpc': ['files'] } if activedirectory_enabled() and activedirectory_has_unix_extensions(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') elif activedirectory_enabled() or \ domaincontroller_enabled() or nt4_enabled(): nsswitch_conf['passwd'].append('winbind') nsswitch_conf['group'].append('winbind') if ldap_enabled(): nsswitch_conf['passwd'].append('sss') nsswitch_conf['group'].append('sss') if nis_enabled(): nsswitch_conf['passwd'].append('nis') nsswitch_conf['group'].append('nis') nsswitch_conf['hosts'].append('nis') try: fd = os.open(NSSWITCH_CONF_PATH, os.O_WRONLY|os.O_CREAT|os.O_TRUNC, 0644) for key in nsswitch_conf: line = "%s: %s\n" % ( key.strip(), string.join(map(lambda x: x.strip(), nsswitch_conf[key]), ' ') ) os.write(fd, line) os.close(fd) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (NSSWITCH_CONF_PATH, e) sys.exit(1)
def delete(self, using=None, reload=True): if self.bsdusr_builtin is True: raise ValueError( _("User %s is built-in and can not be deleted!") % (self.bsdusr_username)) notifier().user_deleteuser(self.bsdusr_username.encode('utf-8')) if domaincontroller_enabled(): Samba4().user_delete(self.bsdusr_username.encode('utf-8')) try: gobj = self.bsdusr_group count = bsdGroupMembership.objects.filter( bsdgrpmember_group=gobj).count() count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude( id=self.id).count() if not gobj.bsdgrp_builtin and count == 0 and count2 == 0: gobj.delete(reload=False) except: pass super(bsdUsers, self).delete(using) if reload: notifier().reload("user")
def delete(self, using=None, reload=True): if self.bsdusr_builtin is True: raise ValueError(_( "User %s is built-in and can not be deleted!" ) % (self.bsdusr_username)) notifier().user_deleteuser(self.bsdusr_username.encode('utf-8')) if domaincontroller_enabled(): Samba4().user_delete(self.bsdusr_username.encode('utf-8')) try: gobj = self.bsdusr_group count = bsdGroupMembership.objects.filter( bsdgrpmember_group=gobj).count() count2 = bsdUsers.objects.filter(bsdusr_group=gobj).exclude( id=self.id).count() if not gobj.bsdgrp_builtin and count == 0 and count2 == 0: gobj.delete(reload=False) except: pass super(bsdUsers, self).delete(using) if reload: notifier().reload("user")
if sid != sidval: sanity = False if sanity: sys.path.extend(['/usr/local/www', '/usr/local/www/freenasUI']) os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'freenasUI.settings') import django django.setup() from freenasUI.common.system import (activedirectory_enabled, domaincontroller_enabled, ldap_enabled, nt4_enabled) if (activedirectory_enabled() or domaincontroller_enabled() or ldap_enabled() or nt4_enabled()): print "A directory service is enabled, aborting without making changes." exit(1) print "detected SID: %s\n" % sidval from freenasUI.services.models import CIFS cifs = CIFS.objects.all()[0] print "database SID: %s\n" % cifs.cifs_SID if cifs.cifs_SID != sidval: cifs.cifs_SID = sidval print "Saving detected SID to the database" cifs.save() print "Please either reboot the system or run the following commands as root:" print "service samba_server stop" print "service ix-pre-samba start"
def main(): domain = None nameservers = [] if domaincontroller_enabled(): try: cifs = CIFS.objects.all()[0] dc = DomainController.objects.all()[0] domain = dc.dc_realm if cifs.cifs_srv_bindip: for ip in cifs.cifs_srv_bindip: nameservers.append(ip) else: nameservers.append("127.0.0.1") except Exception as e: print >> sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) else: try: gc = GlobalConfiguration.objects.all()[0] if gc.gc_domain: domain = gc.gc_domain if gc.gc_nameserver1: nameservers.append(gc.gc_nameserver1) if gc.gc_nameserver2: nameservers.append(gc.gc_nameserver2) if gc.gc_nameserver3: nameservers.append(gc.gc_nameserver3) except Exception as e: print >> sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) if (not nameservers and (Interfaces.objects.count() == 0 or Interfaces.objects.filter(int_dhcp=True))): # since we have set a dhclient hook that disables dhclient from writing to /etc/resolv.conf # we should remove it now try: os.remove("/etc/dhclient-enter-hooks") except OSError as e: # if this error is not due to the file not existing then we have a problem if e.errno != errno.ENOENT: raise # else we never wrote that file so....moving on pass sys.exit(0) try: fd = os.open(RESOLV_CONF_PATH, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0x0644) if domain: os.write(fd, "search %s\n" % domain) for ns in nameservers: os.write(fd, "nameserver %s\n" % ns) os.close(fd) with open("/etc/dhclient-enter-hooks", 'w') as f: f.write(""" add_new_resolv_conf() { # We don't want /etc/resolv.conf changed # So this is an empty function return 0 } """) os.chmod("/etc/dhclient-enter-hooks", 0x0744) except Exception as e: print >> sys.stderr, "can't create %s: %s" % (RESOLV_CONF_PATH, e) sys.exit(1)
def main(): domain = None nameservers = [] if domaincontroller_enabled(): try: cifs = CIFS.objects.all()[0] dc = DomainController.objects.all()[0] domain = dc.dc_realm if cifs.cifs_srv_bindip: for ip in cifs.cifs_srv_bindip: nameservers.append(ip) else: nameservers.append("127.0.0.1") except Exception as e: print >>sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) else: try: gc = GlobalConfiguration.objects.all()[0] if gc.gc_domain: domain = gc.gc_domain if gc.gc_nameserver1: nameservers.append(gc.gc_nameserver1) if gc.gc_nameserver2: nameservers.append(gc.gc_nameserver2) if gc.gc_nameserver3: nameservers.append(gc.gc_nameserver3) except Exception as e: print >>sys.stderr, "ix-resolv: ERROR: %s" % e sys.exit(1) if not nameservers and (Interfaces.objects.count() == 0 or Interfaces.objects.filter(int_dhcp=True)): # since we have set a dhclient hook that disables dhclient from writing to /etc/resolv.conf # we should remove it now try: os.remove("/etc/dhclient-enter-hooks") except OSError as e: # if this error is not due to the file not existing then we have a problem if e.errno != errno.ENOENT: raise # else we never wrote that file so....moving on pass sys.exit(0) try: fd = os.open(RESOLV_CONF_PATH, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0x0644) if domain: os.write(fd, "search %s\n" % domain) for ns in nameservers: os.write(fd, "nameserver %s\n" % ns) os.close(fd) with open("/etc/dhclient-enter-hooks", "w") as f: f.write( """ add_new_resolv_conf() { # We don't want /etc/resolv.conf changed # So this is an empty function return 0 } """ ) os.chmod("/etc/dhclient-enter-hooks", 0x0744) except Exception as e: print >>sys.stderr, "can't create %s: %s" % (RESOLV_CONF_PATH, e) sys.exit(1)
os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'freenasUI.settings') # Make sure to load all modules from django.db.models.loading import cache cache.get_apps() from freenasUI.common.system import ( activedirectory_enabled, domaincontroller_enabled, ldap_enabled, nt4_enabled ) if (activedirectory_enabled() or domaincontroller_enabled() or ldap_enabled() or nt4_enabled()): print "A directory service is enabled, aborting without making changes." exit(1) print "detected SID: %s\n" % sidval from freenasUI.services.models import CIFS cifs = CIFS.objects.all()[0] print "database SID: %s\n" % cifs.cifs_SID if cifs.cifs_SID != sidval: cifs.cifs_SID = sidval print "Saving detected SID to the database" cifs.save() print "Please either reboot the system or run the following commands as root:" print "service samba_server stop"