def action_restore(arg):
stat_res = None
zipf = None
try:
# try to open archive, don't follow symlinks
stat_res = os.lstat(arg)
except OSError as ose:
print 'Unable to open archive'
return 1
if not (stat_res.st_uid == 0 and stat_res.st_gid == 0 and stat.S_ISREG(
stat_res.st_mode) and not stat_res.st_mode & stat.S_IWOTH):
# requirement: uid and gid == root, regular file (no link), not world-writeable (o-w)
print 'file has unacceptable permissions'
return 2
try:
with zipfile.ZipFile(arg, 'r', zipfile.ZIP_DEFLATED) as zipf:
# for each file in archive
for name in zipf.namelist():
# check if file from archive is specified in BACKUP_LOCATIONS or is at least in one of the directories
contained = False
for entry in BACKUP_LOCATIONS:
if name.startswith(entry):
contained = True
break
if not contained:
print 'omitting not permitted file %s' % (name, )
else:
try:
extract_file(zipf, name)
except ValueError:
print "omitting file %s with incorrect or missing uid/gid extra field" % (
name, )
print 'files restored'
print 'applying settings'
# apply settings from restored local facts
return call_ansible("all")
except OSError as ose:
print 'Unable to restore backup'
print ose
return 3
def action_restart_firewall(arg):
print 'restarting firewall...'
return call_ansible('iptables')
def action_restart_dhcpd(arg):
print 'restarting dhcp server...'
return call_ansible('dhcp_server')
def action_restart_network(arg):
print 'restarting network...'
return call_ansible('network_config')
def action_restart_vpn(arg):
print 'restarting vpn...'
return call_ansible('toggle_vpn')
def action_restart_apate(arg):
print 'restarting apate...'
return call_ansible('toggle_apate')
def action_configure_devices(arg):
print 'configuring devices...'
return call_ansible('configure_devices')
def action_restart_ssh(arg):
print 'restarting ssh...'
return call_ansible('toggle_ssh')
def action_restart_silent(arg):
print 'restarting silent...'
return call_ansible('toggle_silent')
def action_restart_wlan(arg):
print 'restarting wlan...'
return call_ansible('ssid')