def __init__(self, name): self.name = name ifcfg_file_name = "ifcfg-" + name self.conf_file_path = os.path.join(IF_CONF_PATH, ifcfg_file_name) if isinstance(name, bytes): name_bytes = name else: name_bytes = name.encode() self.ifconfig_interface = ifconfig.Interface(name_bytes) # get the config file if os.path.exists(self.conf_file_path): self.conf = properties(self.conf_file_path) else: # create default if no config file ip = self.ifconfig_interface.ip mac = self.ifconfig_interface.mac netmask = self.ifconfig_interface.netmask up = self.ifconfig_interface.is_up() if up: onboot = "yes" else: onboot = "no" self.conf = properties(DEVICE=name, IPADDR=ip, NETMASK=netmask, BOOTPROTO="none", ONBOOT=onboot) # if physical, add HWADDR if self.ifconfig_interface.is_physical(): self.conf["HWADDR"] = mac
def get_global_conf(self): with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) conf_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_GLOBAL_FILE) if os.path.exists(conf_file): conf = properties(conf_file) else: conf = properties() return dict(conf)
def get_initiator_iqn(self): with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) name_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_NAME_FILE) if os.path.exists(name_file): conf = properties(name_file) else: conf = properties() return conf.get("InitiatorName", "iqn.2014-01.cn.com.opensight:default")
def set_selinux_state(self, state, user="******"): state_str_to_int = { "enforcing": 1, "permissive": 0, "disabled": 0 } param = state_str_to_int.get(state) if param is not None: old_state = check_output(["/usr/sbin/getenforce"]).lower().strip() if old_state != "disabled": check_output(["/usr/sbin/setenforce", str(param)]) if not os.path.exists(SELINUX_CONF_DIR): os.makedirs(SELINUX_CONF_DIR) conf_path = os.path.join(SELINUX_CONF_DIR, SELINUX_CONF_FILE) conf = properties() conf.delete("SELINUX") conf.apply_to(conf_path) with open(conf_path, "r") as f: content = f.read() if content.endswith("\n") or len(content) == 0: content += "SELINUX=%s\n" % state else: content += "\nSELINUX=%s\n" % state with open(conf_path, "w") as f: f.write(content) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "selinux state is set to %s by user(%s)" % (state, user))
def set_hostname(self, hostname, user="******"): # get old hostname old_hostname = self.get_hostname() # change hostname in system check_output(["/bin/hostname", hostname]) # change hostname in /etc/sysconfig/network network_propeties = properties(HOSTNAME=hostname) network_propeties.apply_to(ETC_NETWORK_FILE) # add ip for this hostname host_list = self.get_host_list() exist = False for host in host_list: if host["hostname"] == old_hostname: host["hostname"] = hostname exist = True if not exist: # ipv4 host_list.append({ "addr": "127.0.0.1", "hostname": hostname, "alias": "" }) # ipv6 host_list.append({ "addr": "::1", "hostname": hostname, "alias": "" }) self.set_host_list(host_list, user=user) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "hostname is changed to %s by user(%s)" % (hostname, user))
def set_selinux_state(self, state, user="******"): state_str_to_int = {"enforcing": 1, "permissive": 0, "disabled": 0} param = state_str_to_int.get(state) if param is not None: old_state = check_output(["/usr/sbin/getenforce"]).lower().strip() if old_state != "disabled": check_output(["/usr/sbin/setenforce", str(param)]) if not os.path.exists(SELINUX_CONF_DIR): os.makedirs(SELINUX_CONF_DIR) conf_path = os.path.join(SELINUX_CONF_DIR, SELINUX_CONF_FILE) conf = properties() conf.delete("SELINUX") conf.apply_to(conf_path) with open(conf_path, "r") as f: content = f.read() if content.endswith("\n") or len(content) == 0: content += "SELINUX=%s\n" % state else: content += "\nSELINUX=%s\n" % state with open(conf_path, "w") as f: f.write(content) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "selinux state is set to %s by user(%s)" % (state, user))
def _sync_to_system_conf(self, zabbix_agent_conf): if not os.path.exists(ZABBIX_AGENT_ETC_CONF_DIR): os.makedirs(ZABBIX_AGENT_ETC_CONF_DIR) # conf file zabbix_agent_property = properties() # active server if zabbix_agent_conf["active_check_server_list"]: zabbix_agent_property["ServerActive"] = \ ",".join(zabbix_agent_conf["active_check_server_list"]) else: zabbix_agent_property.delete("ServerActive") # Server server_list = list(zabbix_agent_conf["passive_check_server_list"]) if not server_list: server_list.append("127.0.0.1") zabbix_agent_property["Server"] = ",".join(server_list) # hostname if zabbix_agent_conf["hostname"] == "": zabbix_agent_property.delete("Hostname") else: zabbix_agent_property["Hostname"] = zabbix_agent_conf["hostname"] # RefreshActiveChecks zabbix_agent_property["RefreshActiveChecks"] = str( zabbix_agent_conf["refresh_active_check"]) etc_conf_file = os.path.join(ZABBIX_AGENT_ETC_CONF_DIR, ZABBIX_AGENT_CONF_FILE) zabbix_agent_property.apply_to(etc_conf_file)
def _sync_to_system_conf(self, zabbix_agent_conf): if not os.path.exists(ZABBIX_AGENT_ETC_CONF_DIR): os.makedirs(ZABBIX_AGENT_ETC_CONF_DIR) # conf file zabbix_agent_property = properties() # active server if zabbix_agent_conf["active_check_server_list"]: zabbix_agent_property["ServerActive"] = \ ",".join(zabbix_agent_conf["active_check_server_list"]) else: zabbix_agent_property.delete("ServerActive") # Server server_list = list(zabbix_agent_conf["passive_check_server_list"]) if not server_list: server_list.append("127.0.0.1") zabbix_agent_property["Server"] = ",".join(server_list) # hostname if zabbix_agent_conf["hostname"] == "": zabbix_agent_property.delete("Hostname") else: zabbix_agent_property["Hostname"] = zabbix_agent_conf["hostname"] # RefreshActiveChecks zabbix_agent_property["RefreshActiveChecks"] = str(zabbix_agent_conf["refresh_active_check"]) etc_conf_file = os.path.join(ZABBIX_AGENT_ETC_CONF_DIR, ZABBIX_AGENT_CONF_FILE) zabbix_agent_property.apply_to(etc_conf_file)
def set_initiator_iqn(self, iqn, operator="unkown"): with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) name_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_NAME_FILE) conf = properties(InitiatorName=iqn) conf.set_sep(True) conf.apply_to(name_file) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "iscsi initiator iqn is updated to %s by operator(%s)" % (iqn, operator))
def set_initiator_iqn(self, iqn, operator="unkown"): with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) name_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_NAME_FILE) conf = properties(InitiatorName=iqn) conf.set_sep(True) conf.apply_to(name_file) logger.log( logging.INFO, logger.LOG_TYPE_CONFIG, "iscsi initiator iqn is updated to %s by operator(%s)" % (iqn, operator))
def update_global_conf(self, new_conf={}, operator="unkown"): """update the global conf dict with the given conf if the entry does not exists in the conf, it would be created """ conf = properties(new_conf) conf.set_sep(True) with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) conf_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_GLOBAL_FILE) conf.apply_to(conf_file) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "iscsi initiator global conf is updated by operator(%s)" % (operator))
def update_global_conf(self, new_conf={}, operator="unkown"): """update the global conf dict with the given conf if the entry does not exists in the conf, it would be created """ conf = properties(new_conf) conf.set_sep(True) with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) conf_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_GLOBAL_FILE) conf.apply_to(conf_file) logger.log( logging.INFO, logger.LOG_TYPE_CONFIG, "iscsi initiator global conf is updated by operator(%s)" % (operator))
def del_global_conf_entry(self, keys=[], operator="unkown"): conf = properties() conf.set_sep(True) if isinstance(keys, list): for key in keys: conf.delete(key) else: conf.delete(keys) with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) conf_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_GLOBAL_FILE) conf.apply_to(conf_file) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "iscsi initiator global conf is updated by operator(%s)" % (operator))
def del_global_conf_entry(self, keys=[], operator="unkown"): conf = properties() conf.set_sep(True) if isinstance(keys, list): for key in keys: conf.delete(key) else: conf.delete(keys) with self.lock: if not os.path.exists(ISCSI_INITIATOR_ETC_CONF_DIR): os.makedirs(ISCSI_INITIATOR_ETC_CONF_DIR) conf_file = os.path.join(ISCSI_INITIATOR_ETC_CONF_DIR, ISCSI_INITIATOR_ETC_GLOBAL_FILE) conf.apply_to(conf_file) logger.log( logging.INFO, logger.LOG_TYPE_CONFIG, "iscsi initiator global conf is updated by operator(%s)" % (operator))
def _sync_to_system_conf(self, smb_conf): if not os.path.exists(SMB_ETC_CONF_DIR): os.makedirs(SMB_ETC_CONF_DIR) smb_etc_conf_file = os.path.join(SMB_ETC_CONF_DIR, SMB_ETC_CONF_FILE) if os.path.exists(smb_etc_conf_file): smb_etc_conf = ini(smb_etc_conf_file) else: smb_etc_conf = ini() smb_etc_conf.set_sep(True) # global configs if "global" not in smb_etc_conf: smb_etc_conf["global"] = properties() smb_etc_conf["global"].set_sep(True) if smb_conf["workgroup"] == "": smb_etc_conf["global"].delete("workgroup") else: smb_etc_conf["global"]["workgroup"] = smb_conf["workgroup"] smb_etc_conf["global"]["server string"] = smb_conf["server_string"] if smb_conf["netbios_name"] == "": smb_etc_conf["global"].delete("netbios name") else: smb_etc_conf["global"]["netbios name"] = smb_conf["netbios_name"] if smb_conf["hosts_allow"] == "": smb_etc_conf["global"].delete("hosts allow") else: smb_etc_conf["global"]["hosts allow"] = smb_conf["hosts_allow"] smb_etc_conf["global"]["security"] = smb_conf["security"] if smb_conf["passdb_backend"] == "": smb_etc_conf["global"].delete("passdb backend") else: smb_etc_conf["global"]["passdb backend"] = smb_conf[ "passdb_backend"] if smb_conf["password_server"] == "": smb_etc_conf["global"].delete("password server") else: smb_etc_conf["global"]["password server"] = smb_conf[ "password_server"] if smb_conf["realm"] == "": smb_etc_conf["global"].delete("realm") else: smb_etc_conf["global"]["realm"] = smb_conf["realm"] if smb_conf["guest_account"] == "": smb_etc_conf["global"].delete("guest account") else: smb_etc_conf["global"]["guest account"] = smb_conf["guest_account"] smb_etc_conf["global"]["browseable"] = self._bool_to_yn( smb_conf["browseable"]) # for share configs for share_name, share_conf in smb_conf["share_list"].items(): if share_name not in smb_etc_conf: smb_etc_conf[share_name] = properties() smb_etc_conf[share_name].set_sep(True) if share_conf["path"] == "": smb_etc_conf[share_name].delete("path") else: smb_etc_conf[share_name]["path"] = share_conf["path"] if share_conf["comment"] == "": smb_etc_conf[share_name].delete("comment") else: smb_etc_conf[share_name]["comment"] = share_conf["comment"] smb_etc_conf[share_name][ "create mask"] = "0%03o" % share_conf["create_mask"] smb_etc_conf[share_name][ "directory mask"] = "0%03o" % share_conf["directory_mask"] smb_etc_conf[share_name]["guest ok"] = self._bool_to_yn( share_conf["guest_ok"]) smb_etc_conf[share_name]["read only"] = self._bool_to_yn( share_conf["read_only"]) smb_etc_conf[share_name]["browseable"] = self._bool_to_yn( share_conf["browseable"]) smb_etc_conf[share_name][ "force create mode"] = "0%03o" % share_conf["force_create_mode"] smb_etc_conf[share_name][ "force directory mode"] = "0%03o" % share_conf[ "force_directory_mode"] if share_conf["valid_users"] == "": smb_etc_conf[share_name].delete("valid users") else: smb_etc_conf[share_name]["valid users"] = share_conf[ "valid_users"] if share_conf["write_list"] == "": smb_etc_conf[share_name].delete("write list") else: smb_etc_conf[share_name]["write list"] = share_conf[ "write_list"] if share_conf["veto_files"] == "": smb_etc_conf[share_name].delete("veto files") else: smb_etc_conf[share_name]["veto files"] = share_conf[ "veto_files"] # delete other shares old_share_list = smb_etc_conf.keys() for share_name in old_share_list: if share_name != "global" and share_name not in smb_conf[ "share_list"]: del smb_etc_conf[share_name] smb_etc_conf.write()
def add_group(self, miimon, mode, ifs=[], ip="", netmask="", gateway="", user="******"): """ add a bond group parameters: miimon, int, link detect interval in ms mode, int, bond mode ifs, Array of string, the array of the slave interface name return the new bond group name (bond interface name) """ if mode not in modeMap: StorLeverError("mdoe(%d) is not supported" % mode, 400) # get mutex with self.lock: # check slave ifs exist and not slave exist_if_list = if_mgr().interface_name_list() for slave_if in ifs: if slave_if not in exist_if_list: raise StorLeverError("%s not found" % slave_if, 404) if ifconfig.Interface(slave_if).is_slave(): raise StorLeverError("%s is already a slave of other bond group" % slave_if, 400) # find the available bond name max_index = self._find_max_index() bond_name = "bond%d" % (max_index + 1) # change bond.conf self._add_bond_to_conf(bond_name) # create ifcfg-bond* conf = properties(DEVICE=bond_name, IPADDR="", NETMASK="", GATEWAY="", BOOTPROTO="none", NM_CONTROLLED="no", ONBOOT="yes", BONDING_OPTS='"miimon=%d, mode=%d"' % (miimon, mode)) ifcfg_name = "ifcfg-%s" % bond_name conf.apply_to(os.path.join(IF_CONF_PATH, ifcfg_name)) # modify the slave's ifcfg for slave_if in ifs: slave_object = EthInterface(slave_if) slave_object.conf.delete("IPADDR") slave_object.conf.delete("NETMASK") slave_object.conf.delete("GATEWAY") slave_object.conf["BOOTPROTO"] = "none" slave_object.conf["ONBOOT"] = "yes" slave_object.conf["MASTER"] = bond_name slave_object.conf["SLAVE"] = "yes" slave_object.save_conf() # remove the if's ip avoid ip conflict # for slave_if in ifs: # check_output([IFDOWN, slave_if]) # ifconfig.Interface(slave_if).set_ip("0.0.0.0") # check_output([IFUP, slave_if]) # restart network check_output([IFUP, bond_name]) # set real ip if ip != "" or netmask != "" or gateway != "": with self.lock: conf = properties(IPADDR=ip, NETMASK=netmask, GATEWAY=gateway) conf.apply_to(os.path.join(IF_CONF_PATH, ifcfg_name)) check_output([IFDOWN, bond_name]) check_output([IFUP, bond_name]) logger.log(logging.INFO, logger.LOG_TYPE_CONFIG, "New bond group %s (mode:%d, miimon:%d, slaves:[%s]) " "is added by user(%s)" % (bond_name, mode, miimon, ",".join(ifs), user)) return bond_name
def _sync_to_system_conf(self, ftp_conf): if not os.path.exists(VSFTPD_ETC_CONF_DIR): os.makedirs(VSFTPD_ETC_CONF_DIR) # conf file vsftpd_conf = properties() vsftpd_conf["listen"] = self._bool_to_yn(ftp_conf["listen"]) vsftpd_conf["listen_ipv6"] = self._bool_to_yn(ftp_conf["listen6"]) vsftpd_conf["listen_port"] = ftp_conf["listen_port"] vsftpd_conf["idle_session_timeout"] = ftp_conf["idle_session_timeout"] vsftpd_conf["anon_max_rate"] = ftp_conf["anon_max_rate"] vsftpd_conf["local_max_rate"] = ftp_conf["local_max_rate"] vsftpd_conf["max_clients"] = ftp_conf["max_clients"] vsftpd_conf["max_per_ip"] = ftp_conf["max_per_ip"] vsftpd_conf["local_max_rate"] = ftp_conf["local_max_rate"] vsftpd_conf["max_clients"] = ftp_conf["max_clients"] vsftpd_conf["download_enable"] = self._bool_to_yn(ftp_conf["download_enable"]) vsftpd_conf["write_enable"] = self._bool_to_yn(ftp_conf["write_enable"]) vsftpd_conf["download_enable"] = self._bool_to_yn(ftp_conf["download_enable"]) vsftpd_conf["write_enable"] = self._bool_to_yn(ftp_conf["write_enable"]) vsftpd_conf["local_enable"] = self._bool_to_yn(ftp_conf["local_enable"]) if ftp_conf["local_enable"]: vsftpd_conf["userlist_enable"] = self._bool_to_yn(ftp_conf["userlist_enable"]) else: vsftpd_conf["userlist_enable"] = "NO" vsftpd_conf["userlist_deny"] = "NO" vsftpd_conf["local_umask"] = "0%o" % ftp_conf["local_umask"] if len(ftp_conf["local_root"]) == 0: vsftpd_conf.delete("local_root") else: vsftpd_conf["local_root"] = ftp_conf["local_root"] if ftp_conf["chroot_enable"]: if ftp_conf["chroot_list"]: vsftpd_conf["chroot_local_user"] = "******" vsftpd_conf["chroot_list_enable"] = "YES" else: vsftpd_conf["chroot_local_user"] = "******" vsftpd_conf["chroot_list_enable"] = "NO" else: vsftpd_conf["chroot_local_user"] = "******" vsftpd_conf["chroot_list_enable"] = "NO" vsftpd_conf["anonymous_enable"] = self._bool_to_yn(ftp_conf["anonymous_enable"]) vsftpd_conf["anon_mkdir_write_enable"] = self._bool_to_yn(ftp_conf["anon_mkdir_write_enable"]) vsftpd_conf["anon_upload_enable"] = self._bool_to_yn(ftp_conf["anon_upload_enable"]) vsftpd_conf["ftp_username"] = ftp_conf["anon_username"] if len(ftp_conf["anon_root"]) == 0: vsftpd_conf.delete("anon_root") else: vsftpd_conf["anon_root"] = ftp_conf["anon_root"] conf_file = os.path.join(VSFTPD_ETC_CONF_DIR, VSFTPD_ETC_CONF_FILE) vsftpd_conf.apply_to(conf_file) # user_list file user_list_lines = [] if ftp_conf["local_enable"] and ftp_conf["userlist_enable"]: for name, user_conf in ftp_conf["user_list"].items(): if user_conf["login_enable"]: user_list_lines.append(user_conf["user_name"] + "\n") if ftp_conf["anonymous_enable"]: user_list_lines.append("anonymous\n") user_list_lines.append("ftp\n") user_list_file = os.path.join(VSFTPD_ETC_CONF_DIR, VSFTPD_ETC_USER_LIST) with open(user_list_file, "w") as f: f.writelines(user_list_lines) # chroot_list file chroot_list_lines = [] if ftp_conf["chroot_enable"] and ftp_conf["chroot_list"]: for name, user_conf in ftp_conf["user_list"].items(): if user_conf["chroot_enable"]: chroot_list_lines.append(user_conf["user_name"] + "\n") chroot_list_file = os.path.join(VSFTPD_ETC_CONF_DIR, VSFTPD_ETC_CHROOT_LIST) with open(chroot_list_file, "w") as f: f.writelines(chroot_list_lines)