def download(self): while True: if not self.user_perm: self.user_perm = get_group_user_perm(self.user) try: print("进入批量下载模式") print("请输入主机名或ansile支持的pattern, 多个主机:分隔,q退出") pattern = input("\033[1;32mPattern>:\033[0m ").strip() if pattern == 'q': break else: assets = self.user_perm.get('asset').keys() res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm) runner = MyRunner(res) asset_name_str = '' print("匹配用户:\n") for inv in runner.inventory.get_hosts(pattern=pattern): asset_name_str += '%s ' % inv.name print(' %s' % inv.name) if not asset_name_str: color_print('没有匹配主机') continue print() while True: tmp_dir = get_tmp_dir() logger.debug('Download tmp dir: %s' % tmp_dir) print("请输入文件路径(不支持目录)") file_path = input("\033[1;32mPath>:\033[0m ").strip() if file_path == 'q': break if not file_path: color_print("文件路径为空") continue runner.run('fetch', module_args='src=%s dest=%s' % (file_path, tmp_dir), pattern=pattern) ret = runner.results FileLog(user=self.user.name, host=asset_name_str, filename=file_path, type='download', remote_ip=remote_ip, result=ret).save() logger.debug('Download file result: %s' % ret) os.chdir('/tmp') tmp_dir_name = os.path.basename(tmp_dir) if not os.listdir(tmp_dir): color_print('下载全部失败') continue bash('tar czf %s.tar.gz %s && sz %s.tar.gz' % (tmp_dir, tmp_dir_name, tmp_dir)) if ret.get('failed'): error = '文件名称: %s \n下载失败: [ %s ] \n下载成功 [ %s ]' % \ ('%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('failed').keys()), ', '.join(ret.get('ok').keys())) color_print(error) else: msg = '文件名称: %s \n下载成功 [ %s ]' % ( '%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('ok').keys())) color_print(msg, 'green') print except IndexError: pass
def server_add_user(username, ssh_key_pwd=''): """ add a system user in jumpserver 在jumpserver服务器上添加一个用户 """ bash("useradd -s '%s' '%s'" % (os.path.join(settings.BASE_DIR, 'init.sh'), username)) gen_ssh_key(username, ssh_key_pwd)
def download(self): while True: if not self.user_perm: self.user_perm = get_group_user_perm(self.user) try: print "进入批量下载模式" print "请输入主机名或ansible支持的pattern, 多个主机:分隔,q退出" pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip() if pattern == 'q': break else: assets = self.user_perm.get('asset').keys() res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm) runner = MyRunner(res) asset_name_str = '' print "匹配主机:\n" for inv in runner.inventory.get_hosts(pattern=pattern): asset_name_str += '%s ' % inv.name print ' %s' % inv.name if not asset_name_str: color_print('没有匹配主机') continue print while True: tmp_dir = get_tmp_dir() logger.debug('Download tmp dir: %s' % tmp_dir) print "请输入文件路径(不支持目录)" file_path = raw_input("\033[1;32mPath>:\033[0m ").strip() if file_path == 'q': break if not file_path: color_print("文件路径为空") continue runner.run('fetch', module_args='src=%s dest=%s' % (file_path, tmp_dir), pattern=pattern) ret = runner.results FileLog(user=self.user.name, host=asset_name_str, filename=file_path, type='download', remote_ip=remote_ip, result=ret).save() logger.debug('Download file result: %s' % ret) os.chdir('/tmp') tmp_dir_name = os.path.basename(tmp_dir) if not os.listdir(tmp_dir): color_print('下载全部失败') continue bash('tar czf %s.tar.gz %s && sz %s.tar.gz' % (tmp_dir, tmp_dir_name, tmp_dir)) if ret.get('failed'): error = '文件名称: %s \n下载失败: [ %s ] \n下载成功 [ %s ]' % \ ('%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('failed').keys()), ', '.join(ret.get('ok').keys())) color_print(error) else: msg = '文件名称: %s \n下载成功 [ %s ]' % ('%s.tar.gz' % tmp_dir_name, ', '.join(ret.get('ok').keys())) color_print(msg, 'green') print except IndexError: pass
def server_del_user(username): """ 删除系统上的用户 :param username: :return: """ bash('userdel -r -f %s' % username) logger.debug('rm -f %s/%s_*.perm' % (os.path.join(settings.KEY_DIR, 'user'), username)) bash('rm -f %s/%s_*.perm' % (os.path.join(settings.KEY_DIR,'user'),username))
def server_add_user(username, ssh_key_pwd=''): """ 在跳板机的服务器上添加一个用户 :param username: :param ssh_key_pwd: :return: """ bash("adduser -s '%s' '%s'") % (os.path.join(settings.BASE_DIR, 'init.sh'), username) gen_ssh_key(username, ssh_key_pwd)
def upload(self): while True: try: print "进入批量上传模式" print print "授权包含该系统用户的所有主机" assets = self.user_perm.get('asset').keys() for asset in assets: print ' %s' % asset.hostname print print "请输入主机名或ansible支持的pattern, 多个主机:分隔 q退出" print pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip() if pattern == 'q': break else: res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm) runner = MyRunner(res) asset_name_str = '' print "匹配主机:" for inv in runner.inventory.get_hosts(pattern=pattern): print inv.name asset_name_str += '%s ' % inv.name if not asset_name_str: color_print('没有匹配主机') continue tmp_dir = get_tmp_dir() logger.debug('Upload tmp dir: %s' % tmp_dir) os.chdir(tmp_dir) bash('rz') filename_str = ' '.join(os.listdir(tmp_dir)) if not filename_str: color_print("上传文件为空") continue logger.debug('上传文件: %s' % filename_str) runner = MyRunner(res) runner.run('copy', module_args='src=%s dest=%s directory_mode' % (tmp_dir, '/tmp'), pattern=pattern) ret = runner.results FileLog(user=self.user.username, name=self.user.name, host=asset_name_str, filename=filename_str, remote_ip=remote_ip, type='upload', result=ret).save() logger.debug('Upload file: %s' % ret) if ret.get('failed'): error = '上传目录: %s \n上传失败: [ %s ] \n上传成功 [ %s ]' % (tmp_dir, ', '.join(ret.get('failed').keys()), ', '.join(ret.get('ok').keys())) color_print(error) else: msg = '上传目录: %s \n传送成功 [ %s ]' % (tmp_dir, ', '.join(ret.get('ok').keys())) color_print(msg, 'green') print except IndexError: pass
def upload(self): while True: if not self.user_perm: self.user_perm = get_group_user_perm(self.user) try: print "进入批量上传模式" print "请输入主机名或ansible支持的pattern, 多个主机:分隔 q退出" pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip() if pattern == 'q': break else: assets = self.user_perm.get('asset').keys() res = gen_resource({'user': self.user, 'asset': assets}, perm=self.user_perm) runner = MyRunner(res) asset_name_str = '' print "匹配主机:" for inv in runner.inventory.get_hosts(pattern=pattern): print inv.name asset_name_str += '%s ' % inv.name if not asset_name_str: color_print('没有匹配主机') continue tmp_dir = get_tmp_dir() logger.debug('Upload tmp dir: %s' % tmp_dir) os.chdir(tmp_dir) bash('rz') filename_str = ' '.join(os.listdir(tmp_dir)) if not filename_str: color_print("上传文件为空") continue logger.debug('上传文件: %s' % filename_str) runner = MyRunner(res) runner.run('copy', module_args='src=%s dest=%s directory_mode' % (tmp_dir, tmp_dir), pattern=pattern) ret = runner.results FileLog(user=self.user.name, host=asset_name_str, filename=filename_str, remote_ip=remote_ip, type='upload', result=ret).save() logger.debug('Upload file: %s' % ret) if ret.get('failed'): error = '上传目录: %s \n上传失败: [ %s ] \n上传成功 [ %s ]' % (tmp_dir, ', '.join(ret.get('failed').keys()), ', '.join(ret.get('ok').keys())) color_print(error) else: msg = '上传目录: %s \n传送成功 [ %s ]' % (tmp_dir, ', '.join(ret.get('ok').keys())) color_print(msg, 'green') print except IndexError: pass
def gen_ssh_key(username, password='', key_dir=os.path.join(settings.KEY_DIR, 'user'), authorized_keys=True, home="/home", length=2048): """ 生成用户ssh密匙对 :param username: :param password: :param key_dir: :param authorized_keys: :param home: :param length: :return: """ logger.debug('生成ssh_key,并设置authorized_keys') private_key_file = os.path.join(key_dir, username+'.perm') os.mkdir(key_dir, mode=777) if os.path.isfile(private_key_file): os.unlink(private_key_file) ret = bash('echo -e "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"') % (private_key_file, length, password) if authorized_keys: auth_key_dir = os.path.join(home, username, '.ssh') mkdir(auth_key_dir, username=username, mode=700) authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys') with open(private_key_file + '.pub') as pub_f: with open(authorized_key_file, 'w') as auth_f: auth_f.write(pub_f.read()) os.chmod(authorized_key_file, mode=0600) chown(authorized_key_file, username)
def gen_ssh_key(username, password='', key_dir=os.path.join(settings.KEY_DIR, 'user'), authorized_keys=True, home="/home", length=2048): """ generate a user ssh key in a property dir 生成一个用户ssh密钥对 """ logger.debug('生成ssh key, 并设置authorized_keys') private_key_file = os.path.join(key_dir, username + '.pem') mkdir(key_dir, mode=777) if os.path.isfile(private_key_file): os.unlink(private_key_file) ret = bash('echo -e "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"' % (private_key_file, length, password)) if authorized_keys: auth_key_dir = os.path.join(home, username, '.ssh') mkdir(auth_key_dir, username=username, mode=700) authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys') with open(private_key_file + '.pub') as pub_f: with open(authorized_key_file, 'w') as auth_f: auth_f.write(pub_f.read()) os.chmod(authorized_key_file, 0o600) chown(authorized_key_file, username)
def server_del_user(username): """ delete a user from jumpserver linux system 删除系统上的某用户 """ bash('userdel -r -f %s' % username) logger.debug('rm -f %s/%s_*.pem' % (os.path.join(settings.KEY_DIR, 'user'), username)) bash('rm -f %s/%s_*.pem' % (os.path.join(settings.KEY_DIR, 'user'), username)) bash('rm -f %s/%s.pem*' % (os.path.join(settings.KEY_DIR, 'user'), username))
def download(self): while True: if not self.user_perm: self.user_perm = get_group_user_perm(self.user) try: print "进入批量下载模式" print "请输入主机名或ansile支持的pattern, 多个主机:分隔,q退出" pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip() if pattern == "q": break else: assets = self.user_perm.get("asset").keys() res = gen_resource({"user": self.user, "asset": assets}, perm=self.user_perm) runner = MyRunner(res) asset_name_str = "" print "匹配主机:\n" for inv in runner.inventory.get_hosts(pattern=pattern): asset_name_str += "%s " % inv.name print " %s" % inv.name if not asset_name_str: color_print("没有匹配主机") continue print while True: tmp_dir = get_tmp_dir() logger.debug("Download tmp dir: %s" % tmp_dir) print "请输入文件路径(不支持目录)" file_path = raw_input("\033[1;32mPath>:\033[0m ").strip() if file_path == "q": break if not file_path: color_print("文件路径为空") continue runner.run("fetch", module_args="src=%s dest=%s" % (file_path, tmp_dir), pattern=pattern) ret = runner.results FileLog( user=self.user.name, host=asset_name_str, filename=file_path, type="download", remote_ip=remote_ip, result=ret, ).save() logger.debug("Download file result: %s" % ret) os.chdir("/tmp") tmp_dir_name = os.path.basename(tmp_dir) if not os.listdir(tmp_dir): color_print("下载全部失败") continue bash("tar czf %s.tar.gz %s && sz %s.tar.gz" % (tmp_dir, tmp_dir_name, tmp_dir)) if ret.get("failed"): error = "文件名称: %s \n下载失败: [ %s ] \n下载成功 [ %s ]" % ( "%s.tar.gz" % tmp_dir_name, ", ".join(ret.get("failed").keys()), ", ".join(ret.get("ok").keys()), ) color_print(error) else: msg = "文件名称: %s \n下载成功 [ %s ]" % ( "%s.tar.gz" % tmp_dir_name, ", ".join(ret.get("ok").keys()), ) color_print(msg, "green") print except IndexError: pass
def upload(self): while True: if not self.user_perm: self.user_perm = get_group_user_perm(self.user) try: print "进入批量上传模式" print "请输入主机名或ansile支持的pattern, 多个主机:分隔 q退出" pattern = raw_input("\033[1;32mPattern>:\033[0m ").strip() if pattern == "q": break else: assets = self.user_perm.get("asset").keys() res = gen_resource({"user": self.user, "asset": assets}, perm=self.user_perm) runner = MyRunner(res) asset_name_str = "" print "匹配主机:" for inv in runner.inventory.get_hosts(pattern=pattern): print inv.name asset_name_str += "%s " % inv.name if not asset_name_str: color_print("没有匹配主机") continue tmp_dir = get_tmp_dir() logger.debug("Upload tmp dir: %s" % tmp_dir) os.chdir(tmp_dir) bash("rz") filename_str = " ".join(os.listdir(tmp_dir)) if not filename_str: color_print("上传文件为空") continue logger.debug("上传文件: %s" % filename_str) runner = MyRunner(res) runner.run( "copy", module_args="src=%s dest=%s directory_mode" % (tmp_dir, tmp_dir), pattern=pattern ) ret = runner.results FileLog( user=self.user.name, host=asset_name_str, filename=filename_str, remote_ip=remote_ip, type="upload", result=ret, ).save() logger.debug("Upload file: %s" % ret) if ret.get("failed"): error = "上传目录: %s \n上传失败: [ %s ] \n上传成功 [ %s ]" % ( tmp_dir, ", ".join(ret.get("failed").keys()), ", ".join(ret.get("ok").keys()), ) color_print(error) else: msg = "上传目录: %s \n传送成功 [ %s ]" % (tmp_dir, ", ".join(ret.get("ok").keys())) color_print(msg, "green") print except IndexError: pass
def _cp_zzsh(): os.chdir(os.path.join(jms_dir, 'install')) shutil.copy('zzjumpserver.sh', '/etc/profile.d/') bash("sed -i 's#/opt/jumpserver#%s#g' /etc/profile.d/zzjumpserver.sh" % jms_dir)