Exemplo n.º 1
0
    def default_firefox_policy(self, username):
        exec_command = None
        firefox_path = None

        if self.util.is_exist("/usr/lib/firefox-esr/"):
            firefox_path = "/usr/lib/firefox-esr/"
            exec_command = "firefox-esr"

        elif self.util.is_exist('/opt/firefox-esr/'):
            firefox_path = "/opt/firefox-esr/"
            exec_command = "firefox-esr"

        elif self.util.is_exist('/usr/lib/iceweasel/'):
            firefox_path = "/usr/lib/iceweasel/"
            exec_command = "iceweasel"

        elif self.util.is_exist('/opt/firefox/'):
            firefox_path = "/opt/firefox/"
            exec_command = "firefox"

        else:
            self.logger.error('Firefox installation path not found')

        self.logger.info("if mozilla profile is not created run firefox to create profile for user: "******"/home/" + username + "/.mozilla/"):
            self.logger.info("firefox profile does not exist. Check autostart file.")
            if not Util.is_exist("/home/" + username + "/.config/autostart/"):
                self.logger.info(".config/autostart folder does not exist. Creating folder.")
                Util.create_directory("/home/" + username + "/.config/autostart/")
            else:
                self.logger.info(".config/autostart folder exists.")
                self.logger.info(
                    "Checking if {0}-autostart-for-profile.desktop autorun file exists.".format(exec_command))

            if not Util.is_exist(
                    "/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command)):
                self.logger.info(
                    "{0}-autostart-for-profile.desktop autorun file does not exists. Creating file.".format(
                        exec_command))
                Util.create_file(
                    "/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command))
                content = "[Desktop Entry]\n\n" \
                          "Type=Application\n\n" \
                          "Exec={0}{1} www.liderahenk.org".format(firefox_path, exec_command)
                Util.write_file(
                    "/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command),
                    content)
                self.logger.info(
                    "Autorun config is written to {0}-autostart-for-profile.desktop.".format(exec_command))
            else:
                self.logger.info("{0}-autostart-for-profile.desktop exists".format(exec_command))
        else:
            self.logger.info(".mozilla firefox profile path exists. Delete autorun file.")
            Util.delete_file(
                "/home/" + username + "/.config/autostart/{0}-autostart-for-profile.desktop".format(exec_command))
Exemplo n.º 2
0
 def create_sudo_polkit(self, username):
     content = "[Configuration] \nAdminIdentities=unix-user:{}".format(
         username)
     ahenk_policy_file = "/etc/polkit-1/localauthority.conf.d/99-ahenk-policy.conf"
     if not Util.is_exist(ahenk_policy_file):
         Util.create_file(ahenk_policy_file)
         Util.write_file(ahenk_policy_file, content)
         self.logger.debug(
             'Ahenk polkit file created and user added.. User : {}'.format(
                 username))
     else:
         self.logger.debug('Writing result to file')
         Util.delete_file(ahenk_policy_file)
         Util.create_file(ahenk_policy_file)
         Util.write_file(ahenk_policy_file, content)
Exemplo n.º 3
0
 def init_fifo_file():
     """ docstring"""
     if Util.is_exist(System.Ahenk.fifo_file()):
         Util.delete_file(System.Ahenk.fifo_file())
     Util.create_file(System.Ahenk.fifo_file())
     Util.set_permission(System.Ahenk.fifo_file(), '600')
Exemplo n.º 4
0
    def default_firefox_policy(self, username):
        exec_command = None
        firefox_path = None

        if self.util.is_exist("/usr/lib/firefox-esr/"):
            firefox_path = "/usr/lib/firefox-esr/"
            exec_command = "firefox-esr"

        elif self.util.is_exist('/opt/firefox-esr/'):
            firefox_path = "/opt/firefox-esr/"
            exec_command = "firefox-esr"

        elif self.util.is_exist('/usr/lib/iceweasel/'):
            firefox_path = "/usr/lib/iceweasel/"
            exec_command = "iceweasel"

        elif self.util.is_exist('/opt/firefox/'):
            firefox_path = "/opt/firefox/"
            exec_command = "firefox"

        else:
            self.logger.error('Firefox installation path not found')

        self.logger.info(
            "if mozilla profile is not created run firefox to create profile for user: "******"Get home directory is {0} of {1} for firefox default policy".
            format(homedir, username))
        if not Util.is_exist("{0}/.mozilla/".format(homedir)):
            self.logger.info(
                "firefox profile does not exist. Check autostart file.")
            if not Util.is_exist("{0}/.config/autostart/".format(homedir)):
                self.logger.info(
                    ".config/autostart folder does not exist. Creating folder."
                )
                Util.create_directory("{0}/.config/autostart/".format(homedir))
            else:
                self.logger.info(".config/autostart folder exists.")
                self.logger.info(
                    "Checking if {0}-autostart-for-profile.desktop autorun file exists."
                    .format(exec_command))
            if not Util.is_exist(
                    "{0}/.config/autostart/{1}-autostart-for-profile.desktop".
                    format(homedir, exec_command)):
                self.logger.info(
                    "{0}-autostart-for-profile.desktop autorun file does not exists. Creating file."
                    .format(exec_command))
                Util.create_file(
                    "{0}/.config/autostart/{1}-autostart-for-profile.desktop".
                    format(homedir, exec_command))
                content = "[Desktop Entry]\n\n" \
                          "Type=Application\n\n" \
                          "Exec={0}{1} www.liderahenk.org".format(firefox_path, exec_command)
                Util.write_file(
                    "{0}/.config/autostart/{1}-autostart-for-profile.desktop".
                    format(homedir, exec_command), content)
                self.logger.info(
                    "Autorun config is written to {0}-autostart-for-profile.desktop."
                    .format(exec_command))
                gid = self.util.file_group(homedir)
                cmd = "chown -R {0}:{1} {2}/.config/autostart".format(
                    username, gid, homedir)
                self.util.execute(cmd)
                self.logger.info(
                    "Set permissons for {0}/.config/autostart directory".
                    format(homedir))
            else:
                self.logger.info(
                    "{0}-autostart-for-profile.desktop exists".format(
                        exec_command))
        else:
            self.logger.info(
                ".mozilla firefox profile path exists. Delete autorun file.")
            Util.delete_file(
                "{0}/.config/autostart/{1}-autostart-for-profile.desktop".
                format(homedir, exec_command))
Exemplo n.º 5
0
class ExecuteLDAPLogin:
    def __init__(self):
        scope = Scope().get_instance()
        self.logger = scope.get_logger()
        self.util = Util()

    def login(self, server_address, dn, version, admin_dn, admin_password):
        try:
            self.logger.info("----------------> server_address: " +
                             server_address)
            self.logger.info("----------------> dn: " + dn)
            self.logger.info("----------------> version: " + version)
            self.logger.info("----------------> admin_dn: " + admin_dn)
            self.logger.info("----------------> admin_password: "******"/bin/bash /usr/share/ahenk/base/registration/scripts/test.sh")
            (result_code, p_out, p_err) = self.util.execute(
                "/bin/bash /usr/share/ahenk/base/registration/scripts/ldap-login.sh {0} {1} {2} {3} {4}"
                .format(server_address, "\'" + dn + "\'",
                        "\'" + admin_dn + "\'", "\'" + admin_password + "\'",
                        version))
            if result_code == 0:
                self.logger.info("Script has run successfully")
            else:
                self.logger.error("Script could not run successfully: " +
                                  p_err)

            # pattern for clearing file data from spaces, tabs and newlines
            pattern = re.compile(r'\s+')

            pam_scripts_original_directory_path = "/usr/share/ahenk/pam_scripts_original"

            ldap_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/ldap"
            ldap_original_file_path = "/usr/share/pam-configs/ldap"
            ldap_configured_file_path = "/usr/share/ahenk/plugins/ldap-login/config-files/ldap"

            pam_script_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/pam_script"
            pam_script_original_file_path = "/usr/share/pam-configs/pam_script"
            pam_script_configured_file_path = "/usr/share/ahenk/plugins/ldap-login/config-files/pam_script"

            # create pam_scripts_original directory if not exists
            if not self.util.is_exist(pam_scripts_original_directory_path):
                self.logger.info("Creating {0} directory.".format(
                    pam_scripts_original_directory_path))
                self.util.create_directory(pam_scripts_original_directory_path)

            if self.util.is_exist(ldap_back_up_file_path):
                self.logger.info("Changing {0} with {1}.".format(
                    ldap_original_file_path, ldap_configured_file_path))
                self.util.copy_file(ldap_configured_file_path,
                                    ldap_original_file_path)
            else:
                self.logger.info(
                    "Backing up {0}".format(ldap_original_file_path))
                self.util.copy_file(ldap_original_file_path,
                                    ldap_back_up_file_path)
                self.logger.info("{0} file is replaced with {1}.".format(
                    ldap_original_file_path, ldap_configured_file_path))
                self.util.copy_file(ldap_configured_file_path,
                                    ldap_original_file_path)

            if self.util.is_exist(pam_script_back_up_file_path):
                self.util.copy_file(pam_script_configured_file_path,
                                    pam_script_original_file_path)
                self.logger.info("{0} is replaced with {1}.".format(
                    pam_script_original_file_path,
                    pam_script_configured_file_path))
            else:
                self.logger.info(
                    "Backing up {0}".format(pam_script_original_file_path))
                self.util.copy_file(pam_script_original_file_path,
                                    pam_script_back_up_file_path)
                self.logger.info("{0} file is replaced with {1}".format(
                    pam_script_original_file_path,
                    pam_script_configured_file_path))
                self.util.copy_file(pam_script_configured_file_path,
                                    pam_script_original_file_path)

            (result_code, p_out, p_err) = self.util.execute(
                "DEBIAN_FRONTEND=noninteractive pam-auth-update --package")
            if result_code == 0:
                self.logger.info(
                    "'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' has run successfully"
                )
            else:
                self.logger.error(
                    "'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: "
                    + p_err)

            # Configure nsswitch.conf
            file_ns_switch = open("/etc/nsswitch.conf", 'r')
            file_data = file_ns_switch.read()

            # cleared file data from spaces, tabs and newlines
            text = pattern.sub('', file_data)

            is_configuration_done_before = False
            if ("passwd:compatldap" not in text):
                file_data = file_data.replace("passwd:         compat",
                                              "passwd:         compat ldap")
                is_configuration_done_before = True

            if ("group:compatldap" not in text):
                file_data = file_data.replace("group:          compat",
                                              "group:          compat ldap")
                is_configuration_done_before = True

            if ("shadow:compatldap" not in text):
                file_data = file_data.replace("shadow:         compat",
                                              "shadow:         compat ldap")
                is_configuration_done_before = True

            if is_configuration_done_before:
                self.logger.info(
                    "nsswitch.conf configuration has been completed")
            else:
                self.logger.info("nsswitch.conf is already configured")

            file_ns_switch.close()
            file_ns_switch = open("/etc/nsswitch.conf", 'w')
            file_ns_switch.write(file_data)
            file_ns_switch.close()

            # configure ldap-cache
            self.logger.info("Starting to ldap-cache configurations.")
            result_code, p_out, p_err = self.util.execute(
                "apt-get install nss-updatedb -y")
            if result_code != 0:
                self.logger.error(
                    "Error occured while downloading nss-updatedb.")
            else:
                self.logger.info(
                    "nss-updatedb downloaded successfully. Configuring /etc/nsswitch.conf."
                )
                file_ns_switch = open("/etc/nsswitch.conf", 'r')
                file_data = file_ns_switch.read()

                # cleared file data from spaces, tabs and newlines
                text = pattern.sub('', file_data)

                did_configuration_change = False
                if "passwd:compatldap[NOTFOUND=return]db" not in text:
                    file_data = file_data.replace(
                        "passwd:         compat ldap",
                        "passwd:         compat ldap [NOTFOUND=return] db")
                    did_configuration_change = True

                if "group:compatldap[NOTFOUND=return]db" not in text:
                    file_data = file_data.replace(
                        "group:          compat ldap",
                        "group:          compat ldap [NOTFOUND=return] db")
                    did_configuration_change = True

                if "gshadow:files" in text and "#gshadow:files" not in text:
                    file_data = file_data.replace("gshadow:        files",
                                                  "#gshadow:        files")
                    did_configuration_change = True

                if did_configuration_change:
                    self.logger.info(
                        "nsswitch.conf configuration has been configured for ldap cache."
                    )
                else:
                    self.logger.info(
                        "nsswitch.conf has already been configured for ldap cache."
                    )

                file_ns_switch.close()
                file_ns_switch = open("/etc/nsswitch.conf", 'w')
                file_ns_switch.write(file_data)
                file_ns_switch.close()
                self.util.execute("nss_updatedb ldap")

            # create cron job for ldap cache
            content = "#!/bin/bash\n" \
                      "nss-updatedb ldap"
            nss_update_cron_job_file_path = "/etc/cron.daily/nss-updatedb"
            if self.util.is_exist(nss_update_cron_job_file_path):
                self.logger.info(
                    "{0} exists. File will be deleted and creating new one.".
                    format(nss_update_cron_job_file_path))
                self.util.delete_file(nss_update_cron_job_file_path)
                self.util.create_file(nss_update_cron_job_file_path)
                self.util.write_file(nss_update_cron_job_file_path, content,
                                     'w+')
                self.util.execute("chmod +x " + nss_update_cron_job_file_path)
            else:
                self.logger.info(
                    "{0} doesnt exist. File will be created and content will be written."
                    .format(nss_update_cron_job_file_path))
                self.util.create_file(nss_update_cron_job_file_path)
                self.util.write_file(nss_update_cron_job_file_path, content,
                                     'w+')
                self.util.execute("chmod +x " + nss_update_cron_job_file_path)

            # configure /etc/libnss-ldap.conf
            libnss_ldap_file_path = "/etc/libnss-ldap.conf"
            content = "bind_policy hard" \
                      "\nnss_reconnect_tries 1" \
                      "\nnss_reconnect_sleeptime 1" \
                      "\nnss_reconnect_maxsleeptime 8" \
                      "\nnss_reconnect_maxconntries 2"
            if self.util.is_exist(libnss_ldap_file_path):
                self.logger.info("{0} exists.".format(libnss_ldap_file_path))
                self.util.execute("sed -i '/bind_policy hard/c\\' " +
                                  libnss_ldap_file_path)
                self.util.execute("sed -i '/nss_reconnect_tries 1/c\\' " +
                                  libnss_ldap_file_path)
                self.util.execute("sed -i '/nss_reconnect_sleeptime 1/c\\' " +
                                  libnss_ldap_file_path)
                self.util.execute(
                    "sed -i '/nss_reconnect_maxsleeptime 8/c\\' " +
                    libnss_ldap_file_path)
                self.util.execute(
                    "sed -i '/nss_reconnect_maxconntries 2/c\\' " +
                    libnss_ldap_file_path)
                self.util.write_file(libnss_ldap_file_path, content, 'a+')
                self.logger.info("Configuration has been made to {0}.".format(
                    libnss_ldap_file_path))

            result_code, p_out, p_err = self.util.execute(
                "apt-get install libnss-db libpam-ccreds -y")
            if result_code != 0:
                self.logger.error(
                    "Error occured while downloading libnss-db libpam-ccreds.")
            else:
                self.logger.error("libnss-db libpam-ccreds are downloaded.")

            # configure sudo-ldap
            sudo_ldap_conf_file_path = "/etc/sudo-ldap.conf"
            content = "sudoers_base ou=Roles," + dn \
                      + "\nBASE " + dn \
                      + "\nURI ldap://" + server_address
            # clean if config is already written
            self.util.execute("sed -i '/BASE /c\\' " +
                              sudo_ldap_conf_file_path)
            self.util.execute("sed -i '/sudoers_base /c\\' " +
                              sudo_ldap_conf_file_path)
            self.util.execute("sed -i '/URI /c\\' " + sudo_ldap_conf_file_path)

            if self.util.is_exist(sudo_ldap_conf_file_path):
                self.logger.info(
                    "{0} exists.".format(sudo_ldap_conf_file_path))
                self.util.write_file(sudo_ldap_conf_file_path, content, 'a+')
                self.logger.info(
                    "Content is written to {0} successfully.".format(
                        sudo_ldap_conf_file_path))

            # Configure lightdm.service
            # check if 99-pardus-xfce.conf exists if not create
            pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
            if not self.util.is_exist(pardus_xfce_path):
                self.logger.info("99-pardus-xfce.conf does not exist.")
                self.util.create_file(pardus_xfce_path)

                file_lightdm = open(pardus_xfce_path, 'a')
                file_lightdm.write("[Seat:*]\n")
                file_lightdm.write("greeter-hide-users=true")
                file_lightdm.close()
                self.logger.info("lightdm has been configured.")
            else:
                self.logger.info(
                    "99-pardus-xfce.conf exists. Delete file and create new one."
                )
                self.util.delete_file(pardus_xfce_path)
                self.util.create_file(pardus_xfce_path)

                file_lightdm = open(pardus_xfce_path, 'a')
                file_lightdm.write("[Seat:*]")
                file_lightdm.write("greeter-hide-users=true")
                file_lightdm.close()
                self.logger.info("lightdm.conf has been configured.")
            self.util.execute("systemctl restart nscd.service")
            self.util.execute("pam-auth-update --force")
            self.logger.info("LDAP Login operation has been completed.")

            self.logger.info("LDAP Login işlemi başarı ile sağlandı.")
        except Exception as e:
            self.logger.error(str(e))
            self.logger.info("LDAP Login işlemi esnasında hata oluştu.")
            raise Exception(
                'LDAP Ayarları yapılırken hata oluştu. Lütfen ağ bağlantınızı kontrol ediniz. Deponuzun güncel olduğundan emin olunuz.'
            )
Exemplo n.º 6
0
class Registration:
    def __init__(self):
        scope = Scope().get_instance()
        self.logger = scope.get_logger()
        self.message_manager = scope.get_message_manager()
        self.event_manager = scope.get_event_manager()
        self.messenger = scope.get_messenger()
        self.conf_manager = scope.get_configuration_manager()
        self.db_service = scope.get_db_service()
        self.util = Util()
        self.servicename = 'im.liderahenk.org'
        self.local_user_disable = None

        #self.event_manager.register_event('REGISTRATION_RESPONSE', self.registration_process)
        self.event_manager.register_event('REGISTRATION_SUCCESS',
                                          self.registration_success)
        self.event_manager.register_event('REGISTRATION_ERROR',
                                          self.registration_error)

        self.ldap_login_cancel = ExecuteCancelSSSDAuthentication()
        self.ad_login_cancel = ExecuteCancelSSSDAdAuthentication()
        self.ldap_login = ExecuteSSSDAuthentication()
        self.ad_login = ExecuteSSSDAdAuthentication()

        self.directory_server = None

        if self.is_registered():
            self.logger.debug('Ahenk already registered')
        else:
            self.register(True)

    def registration_request(self, hostname, username, password):

        self.logger.debug('Requesting registration')
        # SetupTimer.start(Timer(System.Ahenk.registration_timeout(), timeout_function=self.registration_timeout,checker_func=self.is_registered, kwargs=None))

        self.servicename = self.conf_manager.get("CONNECTION", "servicename")

        self.host = hostname
        self.user_name = username
        self.user_password = password

        if (username is None and password is None and self.host is None):

            self.host = self.conf_manager.get("CONNECTION", "host")

            user_name = os.getlogin()
            self.logger.debug('User : '******'Makineyi Lider MYS sistemine kaydetmek için bilgileri ilgili alanlara giriniz. LÜTFEN DEVAM EDEN İŞLEMLERİ SONLANDIRDIĞINZA EMİN OLUNUZ !',
                'LIDER MYS SISTEMINE KAYIT', self.host)
            self.logger.debug('pout : ' + str(pout))
            field_values = pout.split(' ')
            user_registration_info = list(field_values)

            if self.host == '':
                self.host = user_registration_info[0]
                self.user_name = user_registration_info[1]
                self.user_password = user_registration_info[2]
                self.directory_server = user_registration_info[3]

            else:
                self.user_name = user_registration_info[0]
                self.user_password = user_registration_info[1]
                self.directory_server = user_registration_info[2]

        #anon_messenger = AnonymousMessenger(self.message_manager.registration_msg(user_name,user_password), self.host,self.servicename)
        #anon_messenger.connect_to_server()

        self.logger.debug('Requesting registration')
        SetupTimer.start(
            Timer(System.Ahenk.registration_timeout(),
                  timeout_function=self.registration_timeout,
                  checker_func=self.is_registered,
                  kwargs=None))
        anon_messenger = AnonymousMessenger(
            self.message_manager.registration_msg(self.user_name,
                                                  self.user_password,
                                                  self.directory_server),
            self.host, self.servicename)
        anon_messenger.connect_to_server()

    def ldap_registration_request(self):
        self.logger.info('Requesting LDAP registration')
        self.messenger.send_Direct_message(
            self.message_manager.ldap_registration_msg())

    def registration_success(self, reg_reply):

        try:
            self.local_user_disable = reg_reply['disableLocalUser']
            if self.local_user_disable is True:
                self.conf_manager.set('MACHINE', 'user_disabled', 'true')
            else:
                self.conf_manager.set('MACHINE', 'user_disabled', 'false')

            self.logger.info('LDAP Registration update starting')
            dn = str(reg_reply['agentDn'])
            self.logger.info('Current dn:' + dn)
            self.logger.info('updating host name and service')
            self.update_registration_attrs(dn)

            # lightdm configuration by desktop env is XFCE
            self.desktop_env = self.util.get_desktop_env()
            self.logger.info("Get desktop environment is {0}".format(
                self.desktop_env))
            if self.desktop_env == "xfce":
                # Configure lightdm.service
                # check if 99-pardus-xfce.conf exists if not create
                pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
                if not self.util.is_exist(pardus_xfce_path):
                    self.logger.info("99-pardus-xfce.conf does not exist.")
                    self.util.create_file(pardus_xfce_path)

                    file_lightdm = open(pardus_xfce_path, 'a')
                    file_lightdm.write("[Seat:*]\n")
                    file_lightdm.write("greeter-hide-users=true")
                    file_lightdm.close()
                    self.logger.info("lightdm has been configured.")
                else:
                    self.logger.info(
                        "99-pardus-xfce.conf exists. Delete file and create new one."
                    )
                    self.util.delete_file(pardus_xfce_path)
                    self.util.create_file(pardus_xfce_path)

                    file_lightdm = open(pardus_xfce_path, 'a')
                    file_lightdm.write("[Seat:*]")
                    file_lightdm.write("greeter-hide-users=true")
                    file_lightdm.close()
                    self.logger.info("lightdm.conf has been configured.")

            if self.desktop_env == "gnome":
                pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults"
                if not self.util.is_exist(pardus_gnome_path):
                    self.logger.info("Gnome conf doesn't exist")

                else:
                    reading_file = open(pardus_gnome_path, "r")

                    new_file_content = ""
                    for line in reading_file:
                        stripped_line = line.strip()
                        new_line = stripped_line.replace(
                            "# disable-user-list=true",
                            "disable-user-list=true")
                        new_file_content += new_line + "\n"
                    reading_file.close()

                    writing_file = open(pardus_gnome_path, "w")
                    writing_file.write(new_file_content)
                    writing_file.close()
                    self.logger.info("gdm.conf has been configured.")

            # LDAP registration
            if self.directory_server == "LDAP":
                self.install_and_config_ldap(reg_reply)
            # AD registration
            else:
                self.install_and_config_ad(reg_reply)

        except Exception as e:
            self.logger.error('Registration error. Error Message: {0}.'.format(
                str(e)))
            print(e)
            raise

    def update_registration_attrs(self, dn=None):
        self.logger.debug('Registration configuration is updating...')
        self.db_service.update('registration', ['dn', 'registered'], [dn, 1],
                               ' registered = 0')

        if self.conf_manager.has_section('CONNECTION'):
            self.conf_manager.set(
                'CONNECTION', 'uid',
                self.db_service.select_one_result('registration', 'jid',
                                                  ' registered=1'))
            self.conf_manager.set(
                'CONNECTION', 'password',
                self.db_service.select_one_result('registration', 'password',
                                                  ' registered=1'))

            if self.host and self.servicename:
                self.conf_manager.set('CONNECTION', 'host', self.host)
                self.conf_manager.set('CONNECTION', 'servicename',
                                      self.servicename)

            # TODO  get file path?
            with open('/etc/ahenk/ahenk.conf', 'w') as configfile:
                self.conf_manager.write(configfile)
            self.logger.debug('Registration configuration file is updated')

    def install_and_config_ldap(self, reg_reply):
        self.logger.info('ldap install process starting')
        server_address = str(reg_reply['ldapServer'])
        dn = str(reg_reply['ldapBaseDn'])
        version = str(reg_reply['ldapVersion'])
        admin_dn = str(reg_reply['ldapUserDn']
                       )  # get user full dn from server.. password same
        #admin_password = self.user_password # same user get from server
        admin_password = self.db_service.select_one_result(
            'registration', 'password', ' registered=1')
        self.ldap_login.authenticate(server_address, dn, admin_dn,
                                     admin_password)

        if server_address != '' and dn != '' and version != '' and admin_dn != '' and admin_password != '':
            self.logger.info("SSSD configuration process starting....")
            self.logger.info("SSSD configuration process starting....")
        else:
            raise Exception(
                'LDAP Ayarları yapılırken hata oluştu. Lütfen ağ bağlantınızı kontrol ediniz. Deponuzun güncel olduğundan emin olunuz.'
            )

    def install_and_config_ad(self, reg_reply):
        self.logger.info('AD install process starting')
        domain_name = str(reg_reply['adDomainName'])
        host_name = str(reg_reply['adHostName'])
        ip_address = str(reg_reply['adIpAddress'])
        password = str(reg_reply['adAdminPassword'])
        ad_username = str(reg_reply['adAdminUserName'])

        if domain_name is None or host_name is None or ip_address is None or password is None:
            self.logger.error("Registration params is null")
            return

        self.ad_login.authenticate(domain_name, host_name, ip_address,
                                   password, ad_username)

    def registration_error(self, reg_reply):
        self.re_register()

    def is_registered(self):
        try:
            if str(System.Ahenk.uid()):
                return True
            else:
                return False
        except:
            return False

    def is_ldap_registered(self):
        dn = self.db_service.select_one_result('registration', 'dn',
                                               'registered = 1')
        if dn is not None and dn != '':
            return True
        else:
            return False

    def register(self, uuid_depend_mac=False):
        cols = ['jid', 'password', 'registered', 'params', 'timestamp']
        vals = [
            str(System.Os.hostname()),
            str(self.generate_uuid(uuid_depend_mac)), 0,
            str(self.get_registration_params()),
            str(datetime.datetime.now().strftime("%d-%m-%Y %I:%M"))
        ]

        self.db_service.delete('registration', ' 1==1 ')
        self.db_service.update('registration', cols, vals)
        self.logger.debug('Registration parameters were created')

    def get_registration_params(self):
        parts = []
        for part in System.Hardware.Disk.partitions():
            parts.append(part[0])

        params = {
            'ipAddresses':
            str(System.Hardware.Network.ip_addresses()).replace('[',
                                                                '').replace(
                                                                    ']', ''),
            'macAddresses':
            str(System.Hardware.Network.mac_addresses()).replace('[',
                                                                 '').replace(
                                                                     ']', ''),
            'hostname':
            System.Os.hostname(),
            'os.name':
            System.Os.name(),
            'os.version':
            System.Os.version(),
            'os.kernel':
            System.Os.kernel_release(),
            'os.distributionName':
            System.Os.distribution_name(),
            'os.distributionId':
            System.Os.distribution_id(),
            'os.distributionVersion':
            System.Os.distribution_version(),
            'os.architecture':
            System.Os.architecture(),
            'hardware.cpu.architecture':
            System.Hardware.Cpu.architecture(),
            'hardware.cpu.logicalCoreCount':
            System.Hardware.Cpu.logical_core_count(),
            'hardware.cpu.physicalCoreCount':
            System.Hardware.Cpu.physical_core_count(),
            'hardware.disk.total':
            System.Hardware.Disk.total(),
            'hardware.disk.used':
            System.Hardware.Disk.used(),
            'hardware.disk.free':
            System.Hardware.Disk.free(),
            'hardware.disk.partitions':
            str(parts),
            'hardware.monitors':
            str(System.Hardware.monitors()),
            'hardware.screens':
            str(System.Hardware.screens()),
            'hardware.usbDevices':
            str(System.Hardware.usb_devices()),
            'hardware.printers':
            str(System.Hardware.printers()),
            'hardware.systemDefinitions':
            str(System.Hardware.system_definitions()),
            'hardware.model.version':
            str(System.Hardware.machine_model()),
            'hardware.memory.total':
            System.Hardware.Memory.total(),
            'hardware.network.ipAddresses':
            str(System.Hardware.Network.ip_addresses()),
            'sessions.userNames':
            str(System.Sessions.user_name()),
            'bios.releaseDate':
            System.BIOS.release_date()[1].replace('\n', '')
            if System.BIOS.release_date()[0] == 0 else 'n/a',
            'bios.version':
            System.BIOS.version()[1].replace('\n', '')
            if System.BIOS.version()[0] == 0 else 'n/a',
            'bios.vendor':
            System.BIOS.vendor()[1].replace('\n', '')
            if System.BIOS.vendor()[0] == 0 else 'n/a',
            'hardware.baseboard.manufacturer':
            System.Hardware.BaseBoard.manufacturer()[1].replace('\n', '')
            if System.Hardware.BaseBoard.manufacturer()[0] == 0 else 'n/a',
            'hardware.baseboard.version':
            System.Hardware.BaseBoard.version()[1].replace('\n', '')
            if System.Hardware.BaseBoard.version()[0] == 0 else 'n/a',
            'hardware.baseboard.assetTag':
            System.Hardware.BaseBoard.asset_tag()[1].replace('\n', '')
            if System.Hardware.BaseBoard.asset_tag()[0] == 0 else 'n/a',
            'hardware.baseboard.productName':
            System.Hardware.BaseBoard.product_name()[1].replace('\n', '')
            if System.Hardware.BaseBoard.product_name()[0] == 0 else 'n/a',
            'hardware.baseboard.serialNumber':
            System.Hardware.BaseBoard.serial_number()[1].replace('\n', '')
            if System.Hardware.BaseBoard.serial_number()[0] == 0 else 'n/a',
        }

        return json.dumps(params)

    def unregister(self):
        self.logger.debug('Ahenk is unregistering...')
        self.db_service.delete('registration', ' 1==1 ')
        self.logger.debug('Ahenk is unregistered')

    def re_register(self):
        self.logger.debug('Reregistrating...')
        self.unregister()
        self.register(False)

    def generate_uuid(self, depend_mac=True):
        if depend_mac is False:
            self.logger.debug('uuid creating randomly')
            return uuid.uuid4()  # make a random UUID
        else:
            self.logger.debug('uuid creating according to mac address')
            return uuid.uuid3(
                uuid.NAMESPACE_DNS, str(get_mac())
            )  # make a UUID using an MD5 hash of a namespace UUID and a mac address

    def generate_password(self):
        return uuid.uuid4()

    def registration_timeout(self):
        self.logger.error(
            'Could not reach registration response from Lider. Be sure XMPP server is reachable and it supports anonymous message, Lider is running properly '
            'and it is connected to XMPP server! Check your Ahenk configuration file (/etc/ahenk/ahenk.conf)'
        )
        self.logger.error('Ahenk is shutting down...')
        print('Ahenk is shutting down...')
        Util.show_message(
            os.getlogin(), ':0',
            "Lider MYS sistemine ulaşılamadı. Lütfen sunucu adresini kontrol ediniz....",
            "HATA")
        System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))

    def purge_and_unregister(self):
        try:
            self.logger.info('Ahenk conf cleaned')
            self.logger.info('Ahenk conf cleaning from db')
            self.unregister()

            directory_type = "LDAP"
            if self.util.is_exist("/etc/ahenk/ad_info"):
                directory_type = "AD"

            if directory_type == "LDAP":
                self.ldap_login_cancel.cancel()
            else:
                self.ad_login_cancel.cancel()

            self.logger.info('Cleaning ahenk conf..')
            self.clean()
            self.logger.info('Ahenk conf cleaned from db')

            if self.conf_manager.has_section('MACHINE'):
                user_disabled = self.conf_manager.get("MACHINE",
                                                      "user_disabled")
                self.logger.info('User disabled value=' + str(user_disabled))
                if user_disabled != 'false':
                    self.logger.info('Enable Users')
                    self.enable_local_users()
                else:
                    self.logger.info('Local users already enabled')
            # İf desktop env is XFCE configured lightdm.service
            if self.util.get_desktop_env() == "xfce":
                pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
                if self.util.is_exist(pardus_xfce_path):
                    self.logger.info(
                        "99-pardus-xfce.conf exists. Deleting file.")
                    self.util.delete_file(pardus_xfce_path)

            if self.util.get_desktop_env() == "gnome":
                pardus_gnome_path = "/etc/gdm3/greeter.dconf-defaults"
                if not self.util.is_exist(pardus_gnome_path):
                    self.logger.info("Gnome conf doesn't exist")

                else:
                    reading_file = open(pardus_gnome_path, "r")

                    new_file_content = ""
                    for line in reading_file:
                        stripped_line = line.strip()
                        new_line = stripped_line.replace(
                            "disable-user-list=true",
                            "# disable-user-list=true")
                        new_file_content += new_line + "\n"
                    reading_file.close()

                    writing_file = open(pardus_gnome_path, "w")
                    writing_file.write(new_file_content)
                    writing_file.close()
                    self.logger.info("gdm.conf has been configured.")

            Util.shutdown()
        except Exception as e:
            self.logger.error(
                "Error while running purge_and_unregister process.. Error Message  "
                + str(e))
        #System.Process.kill_by_pid(int(System.Ahenk.get_pid_number()))
        #sys.exit(2)

    def change_configs_after_purge(self):
        # pattern for clearing file data from spaces, tabs and newlines
        pattern = re.compile(r'\s+')

        ldap_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/ldap"
        ldap_original_file_path = "/usr/share/pam-configs/ldap"

        pam_script_back_up_file_path = "/usr/share/ahenk/pam_scripts_original/pam_script"
        pam_script_original_file_path = "/usr/share/pam-configs/pam_script"

        if self.util.is_exist(ldap_back_up_file_path):
            self.logger.info("Replacing {0} with {1}".format(
                ldap_original_file_path, ldap_back_up_file_path))
            self.util.copy_file(ldap_back_up_file_path,
                                ldap_original_file_path)
            self.logger.info("Deleting {0}".format(ldap_back_up_file_path))
            self.util.delete_file(ldap_back_up_file_path)

        if self.util.is_exist(pam_script_back_up_file_path):
            self.logger.info("Replacing {0} with {1}".format(
                pam_script_original_file_path, pam_script_back_up_file_path))
            self.util.copy_file(pam_script_back_up_file_path,
                                pam_script_original_file_path)
            self.logger.info(
                "Deleting {0}".format(pam_script_back_up_file_path))
            self.util.delete_file(pam_script_back_up_file_path)

        (result_code, p_out, p_err) = self.util.execute(
            "DEBIAN_FRONTEND=noninteractive pam-auth-update --package")
        if result_code == 0:
            self.logger.info(
                "'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' has run successfully"
            )
        else:
            self.logger.error(
                "'DEBIAN_FRONTEND=noninteractive pam-auth-update --package' could not run successfully: "
                + p_err)

        # Configure nsswitch.conf
        file_ns_switch = open("/etc/nsswitch.conf", 'r')
        file_data = file_ns_switch.read()

        # cleared file data from spaces, tabs and newlines
        text = pattern.sub('', file_data)

        did_configuration_change = False
        if "passwd:compatldap[NOTFOUND=return]db" in text:
            file_data = file_data.replace(
                "passwd:         compat ldap [NOTFOUND=return] db",
                "passwd:         compat")
            did_configuration_change = True

        if "group:compatldap[NOTFOUND=return]db" in text:
            file_data = file_data.replace(
                "group:          compat ldap [NOTFOUND=return] db",
                "group:          compat")
            did_configuration_change = True

        if "shadow:compatldap" in text:
            file_data = file_data.replace("shadow:         compat ldap",
                                          "shadow:         compat")
            did_configuration_change = True

        if "#gshadow:files" in text:
            file_data = file_data.replace("#gshadow:        files",
                                          "gshadow:        files")
            did_configuration_change = True

        if did_configuration_change:
            self.logger.info("nsswitch.conf configuration has been configured")
        else:
            self.logger.info("nsswitch.conf has already been configured")

        file_ns_switch.close()
        file_ns_switch = open("/etc/nsswitch.conf", 'w')
        file_ns_switch.write(file_data)
        file_ns_switch.close()

        # Configure ldap-cache
        nss_update_cron_job_file_path = "/etc/cron.daily/nss-updatedb"
        if self.util.is_exist(nss_update_cron_job_file_path):
            self.util.delete_file(nss_update_cron_job_file_path)
            self.logger.info(
                "{0} is deleted.".format(nss_update_cron_job_file_path))

        # Configure lightdm.service
        pardus_xfce_path = "/usr/share/lightdm/lightdm.conf.d/99-pardus-xfce.conf"
        if self.util.is_exist(pardus_xfce_path):
            self.logger.info("99-pardus-xfce.conf exists. Deleting file.")
            self.util.delete_file(pardus_xfce_path)

        self.util.execute("systemctl restart nscd.service")
        self.logger.info("Operation finished")

    def clean(self):
        print('Ahenk cleaning..')
        import configparser
        try:
            config = configparser.ConfigParser()
            config._interpolation = configparser.ExtendedInterpolation()
            config.read(System.Ahenk.config_path())
            db_path = config.get('BASE', 'dbPath')

            if Util.is_exist(System.Ahenk.fifo_file()):
                Util.delete_file(System.Ahenk.fifo_file())

            if Util.is_exist(db_path):
                Util.delete_file(db_path)

            if Util.is_exist(System.Ahenk.pid_path()):
                Util.delete_file(System.Ahenk.pid_path())

            config.set('CONNECTION', 'uid', '')
            config.set('CONNECTION', 'password', '')
            config.set('MACHINE', 'user_disabled', 'false')

            with open(System.Ahenk.config_path(), 'w') as file:
                config.write(file)
            file.close()
            print('Ahenk cleaned.')
        except Exception as e:
            self.logger.error(
                "Error while running clean command. Error Message  " + str(e))
            print(
                'Error while running clean command. Error Message {0}'.format(
                    str(e)))

    def enable_local_users(self):
        passwd_cmd = 'passwd -u {}'
        change_home = 'usermod -m -d {0} {1}'
        change_username = '******'
        content = self.util.read_file('/etc/passwd')
        for p in pwd.getpwall():
            if not sysx.shell_is_interactive(p.pw_shell):
                continue
            if p.pw_uid == 0:
                continue
            if p.pw_name in content:
                new_home_dir = p.pw_dir.rstrip('-local/') + '/'
                new_username = p.pw_name.rstrip('-local')
                self.util.execute(passwd_cmd.format(p.pw_name))
                self.util.execute(
                    change_username.format(new_username, p.pw_name))
                self.util.execute(
                    change_home.format(new_home_dir, new_username))
                self.logger.debug(
                    "User: '******' will be enabled and changed username and home directory of username"
                    .format(p.pw_name))

    def disable_local_users(self):
        passwd_cmd = 'passwd -l {}'
        change_home = 'usermod -m -d {0} {1}'
        change_username = '******'
        content = Util.read_file('/etc/passwd')
        kill_all_process = 'killall -KILL -u {}'
        change_permisson = "chmod -R 700 {}"

        add_user_conf_file = "/etc/adduser.conf"
        file_dir_mode = open(add_user_conf_file, 'r')
        file_data = file_dir_mode.read()
        file_data = file_data.replace("DIR_MODE=0755", "DIR_MODE=0700")
        file_dir_mode.close()

        file_dir_mode = open(add_user_conf_file, 'w')
        file_dir_mode.write(file_data)
        file_dir_mode.close()

        self.logger.info("add user mode changed to 0700 in file {}".format(
            add_user_conf_file))

        for p in pwd.getpwall():
            self.logger.info(
                "User: '******' will be disabled and changed username and home directory of username"
                .format(p.pw_name))
            if not sysx.shell_is_interactive(p.pw_shell):
                continue
            if p.pw_uid == 0:
                continue
            if p.pw_name in content:
                new_home_dir = p.pw_dir.rstrip('/') + '-local/'
                new_username = p.pw_name + '-local'
                Util.execute(kill_all_process.format(p.pw_name))
                Util.execute(passwd_cmd.format(p.pw_name))
                Util.execute(change_username.format(new_username, p.pw_name))
                Util.execute(change_home.format(new_home_dir, new_username))
                Util.execute(change_permisson.format(new_home_dir))
Exemplo n.º 7
0
 def init_fifo_file():
     """ docstring"""
     if Util.is_exist(System.Ahenk.fifo_file()):
         Util.delete_file(System.Ahenk.fifo_file())
     Util.create_file(System.Ahenk.fifo_file())
     Util.set_permission(System.Ahenk.fifo_file(), '600')
Exemplo n.º 8
0
class ExecuteSSSDAdAuthentication:
    def __init__(self):
        scope = Scope().get_instance()
        self.logger = scope.get_logger()
        self.util = Util()

    def authenticate(self, domain_name, host_name, ip_address, password,
                     ad_username):
        try:
            # Create and Configure ad_info file
            (result_code, p_out,
             p_err) = self.util.create_file("/etc/ahenk/ad_info")
            if (result_code == 0):
                self.logger.info("AD INFO başarılı bir şekilde oluşturuldu")
                # Configure ad_info for deregisteration info
                default_ad_info_path = "/etc/ahenk/ad_info"
                file_default_ad_info = open(default_ad_info_path, 'r')
                file_data = file_default_ad_info.read()

                file_data = file_data + ("{}".format(ip_address)) + "\n" + (
                    "{}".format(host_name)) + "\n" + ("{}".format(
                        domain_name)) + "\n" + ("{}".format(ad_username))
                self.logger.info("/etc/ahenk/ad_info bilgiler girildi.")
                file_default_ad_info.close()
                file_default_ad_info = open(default_ad_info_path, 'w')
                file_default_ad_info.write(file_data)
                file_default_ad_info.close()
            else:
                self.logger.error("ad_info oluşturma komutu başarısız : " +
                                  str(p_err))

            self.logger.info("Authenticate starting....")
            # Configure /etc/dhcp/dhclient.conf
            dhclient_conf_path = "/etc/dhcp/dhclient.conf"
            dhc_conf = self.util.read_file_by_line(dhclient_conf_path, "r")
            dhc_conf_temp = open(dhclient_conf_path, 'w')

            for lines in dhc_conf:
                if (lines == "#prepend domain-name-servers 127.0.0.1;\n"):
                    lines = lines.replace(
                        lines,
                        ("prepend domain-name-servers {};\n".format(ip_address)
                         ))
                dhc_conf_temp.write(lines)
            dhc_conf_temp.close()

            file_default_dhcp = open(dhclient_conf_path, 'r')
            file_data = file_default_dhcp.read()

            if ("prepend domain-name-servers {};\n".format(ip_address)
                ) not in file_data:
                file_data = file_data + "\n" + (
                    "prepend domain-name-servers {};".format(ip_address))

            file_default_dhcp.close()
            file_default_dhcp = open(dhclient_conf_path, 'w')
            file_default_dhcp.write(file_data)
            file_default_dhcp.close()

            # Configure /etc/resolv.conf
            resolve_conf_path = "/etc/resolv.conf"
            resolve_conf = self.util.read_file_by_line(resolve_conf_path, "r")
            resolve_conf_temp = open(resolve_conf_path, 'w')

            for lines in resolve_conf:
                if (lines == ("nameserver {}\n".format(ip_address))):
                    continue
                lines = lines.replace(lines, ("#" + lines))
                resolve_conf_temp.write(lines)
            resolve_conf_temp.close()

            file_default_resolve = open(resolve_conf_path, 'r')
            file_data = file_default_resolve.read()

            if ("nameserver {}\n".format(ip_address)) not in file_data:
                file_data = file_data + "\n" + (
                    "nameserver {}\n".format(ip_address))
                self.logger.info("/etc/resolv.conf is configured")

            file_default_resolve.close()
            file_default_resolve = open(resolve_conf_path, 'w')
            file_default_resolve.write(file_data)
            file_default_resolve.close()

            # Configure /etc/hosts
            host_path = "/etc/hosts"
            file_default_hosts = open(host_path, 'r')
            file_data = file_default_hosts.read()

            if ("{0}    {1}".format(ip_address, host_name)) not in file_data:
                file_data = file_data + "\n" + ("{0}    {1}".format(
                    ip_address, host_name))
                self.logger.info("/etc/hosts is configured")

            file_default_hosts.close()
            file_default_hosts = open(host_path, 'w')
            file_default_hosts.write(file_data)
            file_default_hosts.close()

            # Execute the script that required for "samba-common" and "krb5"
            (result_code, p_out, p_err) = self.util.execute(
                "/bin/bash /usr/share/ahenk/base/registration/scripts/ad.sh {0} {1}"
                .format(domain_name.upper(), host_name))

            if (result_code == 0):
                self.logger.info("Script başarılı bir  şekilde çalıştırıldı.")
            else:
                self.logger.error("Script başarısız oldu : " + str(p_err))

            # Installation of required packages
            (result_code, p_out, p_err) = self.util.execute(
                "sudo apt-get -y install realmd sssd sssd-tools adcli packagekit samba-common-bin samba-libs"
            )
            if (result_code == 0):
                self.logger.info("İndirmeler Başarılı")
            else:
                self.logger.error("İndirmeler Başarısız : " + str(p_err))

            # Configure pam.d/common-session
            pamd_common_session_path = "/etc/pam.d/common-session"
            file_default_pam = open(pamd_common_session_path, 'r')
            file_data = file_default_pam.read()

            if "session optional        pam_mkhomedir.so skel=/etc/skel umask=077" not in file_data:
                file_data = file_data + "\n" + "session optional        pam_mkhomedir.so skel=/etc/skel umask=077"
                self.logger.info("/etc/pam.d/common-session is configured")

            file_default_pam.close()
            file_default_pam = open(pamd_common_session_path, 'w')
            file_default_pam.write(file_data)
            file_default_pam.close()

            # Execute the commands that require for join Domain
            (result_code, p_out, p_err) = self.util.execute(
                "realm discover {}".format(domain_name.upper()))
            if (result_code == 0):
                self.logger.info("Realm Discover komutu başarılı")
            else:
                self.logger.error("Realm Discover komutu başarısız : " +
                                  str(p_err))

            (result_code, p_out, p_err) = self.util.execute(
                "echo \"{0}\" | realm join --user={1} {2}".format(
                    password, ad_username, domain_name.upper()))
            if (result_code == 0):
                self.logger.info("Realm Join komutu başarılı")
            else:
                self.logger.error("Realm Join komutu başarısız : " +
                                  str(p_err))

            # Configure sssd template
            sssd_config_template_path = "/usr/share/ahenk/base/registration/config-files/sssd_ad.conf"
            sssd_config_folder_path = "/etc/sssd"
            sssd_config_file_path = "/etc/sssd/sssd.conf"

            if not self.util.is_exist(sssd_config_folder_path):
                self.util.create_directory(sssd_config_folder_path)
                self.logger.info(
                    "{0} folder is created".format(sssd_config_folder_path))

            if self.util.is_exist(sssd_config_file_path):
                self.util.delete_file(sssd_config_file_path)
                self.logger.info("delete sssd org conf")

            self.util.copy_file(sssd_config_template_path,
                                sssd_config_folder_path)
            self.logger.info("{0} config file is copied under {1}".format(
                sssd_config_template_path, sssd_config_folder_path))
            self.util.rename_file("/etc/sssd/sssd_ad.conf",
                                  "/etc/sssd/sssd.conf")

            # Configure sssd.conf
            file_sssd = open(sssd_config_file_path, 'r')
            file_data = file_sssd.read()

            file_data = file_data.replace("###domains###",
                                          "domains = {}".format(domain_name))
            file_data = file_data.replace("###[domain/###",
                                          "[domain/{}]".format(domain_name))
            file_data = file_data.replace("###ad_domain###",
                                          "ad_domain = {}".format(domain_name))
            file_data = file_data.replace(
                "###krb5_realm###",
                "krb5_realm = {}".format(domain_name.upper()))

            file_sssd.close()
            file_sssd = open(sssd_config_file_path, 'w')
            file_sssd.write(file_data)
            file_sssd.close()

            # Arrangement of chmod as 600 for sssd.conf
            (result_code, p_out, p_err) = self.util.execute(
                "chmod 600 {}".format(sssd_config_file_path))
            if (result_code == 0):
                self.logger.info(
                    "Chmod komutu başarılı bir şekilde çalıştırıldı")
            else:
                self.logger.error("Chmod komutu başarısız : " + str(p_err))

            # Configure sssd for language environment
            default_sssd_path = "/etc/default/sssd"
            file_default_sssd = open(default_sssd_path, 'r')
            file_data = file_default_sssd.read()

            if not self.util.is_exist(default_sssd_path):
                self.util.create_directory(default_sssd_path)
                self.logger.info(
                    "{0} folder is created".format(default_sssd_path))

            if self.util.is_exist(default_sssd_path):
                self.util.delete_file(default_sssd_path)
                self.logger.info("delete sssd org conf")

            if "LC_ALL=\"tr_CY.UTF-8\"" not in file_data:
                file_data = file_data + "\n" + "LC_ALL=\"tr_CY.UTF-8\""
                self.logger.info("/etc/default/sssd is configured")

            file_default_sssd.close()
            file_default_sssd = open(default_sssd_path, 'w')
            file_default_sssd.write(file_data)
            file_default_sssd.close()

            self.util.execute("systemctl restart nscd.service")
            # self.util.execute("pam-auth-update --force")
            self.logger.info("AD Login operation has been completed.")

            self.logger.info("AD Login işlemi başarı ile sağlandı.")
            return True
        except Exception as e:
            self.logger.error(str(e))
            self.logger.info("AD Login işlemi esnasında hata oluştu.")
            return False