def main(): # message to use for sending mail logs MESSAGE = "" MESSAGE += "MAKING ACCOUNTS ON %s FOR %s\n\n" % (HOST, DOMAIN) # get authentication modules modules = auth_modules.load_modules() # fancy python list comprehension to: # select users with the pending_create status that don't have # the DOMAIN_created flag for this domain pending_users = [u for u in User.query.filter_by(status='pending_create').all() if u.in_domain(DOMAIN) and "%s_created" % DOMAIN not in u.get_flags() ] usernames = [u.username for u in pending_users] # if no pending accounts, do nothing if pending_users == []: sys.exit() MESSAGE += "New Accounts\n------------\n" # create login entries for each login method MESSAGE += "Creating logins for:\n%s\n\n" % ", ".join(usernames) for name, module in modules.iteritems(): MESSAGE += module.create_logins(pending_users) MESSAGE += "\n\n" # call ZFS create scripts, and mail scripts on louie if it's research MESSAGE += "Creating %s ZFS filesystems for:\n%s\n\n" % (DOMAIN, ", ".join(usernames)) for user in pending_users: MESSAGE += "DEBUG: zfs_create(user)\n" #zfs_create(user) if user.in_domain('research'): MESSAGE += "DEBUG: research_mail(user)\n" #research_mail(user) # Creating users is complete, add the flag for creation in the DB for user in pending_users: user.add_flag(DOMAIN+"_created") MESSAGE += "\n\nDONE MAKING ACCOUNTS ON %s FOR %s\n" % (HOST, DOMAIN) print MESSAGE mail.send("*****@*****.**", "Super-User", MAILTO, \ "New Accounts - %s" % DOMAIN, MESSAGE, MAILHOST)
def main(): # Security checks # if this is run as root for some reason, drop root to "account" """if os.getuid() != 0: os.setgid(UID) os.setuid(UID) stderr.write("ERROR: process-nis-files.py must be run as root!")""" # load login modules modules = auth_modules.load_modules() # select users with pending password changes pw_changes = [u for u in get_with_status('pw_reset') if u.in_domain(DOMAIN)] # get pending disables pending_disables = [u for u in get_with_status('pending_disable') if u.in_domain(DOMAIN)] # get pending enables pending_enables = [u for u in get_with_status('pending_enable') if u.in_domain(DOMAIN)] # get pending rolloffs pending_rolloffs = [u for u in get_with_status('pending_rolloff') if u.in_domain(DOMAIN)] # process changes, and set flags after each change # change password and shell (both use same flag) if pw_changes != []: print "Changing passwords for:\n%s\n" % [u.username for u in pw_changes] for user in pw_changes: for name, module in modules.iteritems(): module.change_password(pw_changes) module.change_shell(pw_changes) user.add_flag(DOMAIN+"_reset_password") # disable accounts, set DOMAIN_noaccess flag if pending_disables != []: print "Disabling accounts:\n%s\n" % [u.username for u in pending_disables] for user in pending_disables: for name, module in modules.iteritems(): module.disable_logins(pending_disables) user.add_flag(DOMAIN+"_noaccess") # enable accounts, set DOMAIN_return_access flag if pending_enables != []: print "Enabling accounts:\n%s\n" % [u.username for u in pending_enables] for user in pending_enables: for name, module in modules.iteritems(): module.enable_logins(pending_enables) user.add_flag(DOMAIN+"_return_access") # rolloff accounts (star pw), set DOMAIN_rolloff flag if pending_rolloffs != []: print "Staring passwords for:\n%s\n" % [u.username for u in pending_rolloffs] for user in pending_rolloffs: for name, module in modules.iteritems(): module.rolloff_disable(pending_rolloffs) user.add_flag(DOMAIN+"_rolloff") # Changes have been processed print "Processed login changes"