def main():
# message to use for sending mail logs
MESSAGE = ""
MESSAGE += "MAKING ACCOUNTS ON %s FOR %s\n\n" % (HOST, DOMAIN)
# get authentication modules
modules = auth_modules.load_modules()
# fancy python list comprehension to:
# select users with the pending_create status that don't have
# the DOMAIN_created flag for this domain
pending_users = [u for u in User.query.filter_by(status='pending_create').all()
if u.in_domain(DOMAIN) and "%s_created" % DOMAIN not in u.get_flags() ]
usernames = [u.username for u in pending_users]
# if no pending accounts, do nothing
if pending_users == []:
sys.exit()
MESSAGE += "New Accounts\n------------\n"
# create login entries for each login method
MESSAGE += "Creating logins for:\n%s\n\n" % ", ".join(usernames)
for name, module in modules.iteritems():
MESSAGE += module.create_logins(pending_users)
MESSAGE += "\n\n"
# call ZFS create scripts, and mail scripts on louie if it's research
MESSAGE += "Creating %s ZFS filesystems for:\n%s\n\n" % (DOMAIN, ", ".join(usernames))
for user in pending_users:
MESSAGE += "DEBUG: zfs_create(user)\n"
#zfs_create(user)
if user.in_domain('research'):
MESSAGE += "DEBUG: research_mail(user)\n"
#research_mail(user)
# Creating users is complete, add the flag for creation in the DB
for user in pending_users:
user.add_flag(DOMAIN+"_created")
MESSAGE += "\n\nDONE MAKING ACCOUNTS ON %s FOR %s\n" % (HOST, DOMAIN)
print MESSAGE
mail.send("*****@*****.**", "Super-User", MAILTO, \
"New Accounts - %s" % DOMAIN, MESSAGE, MAILHOST)
def main():
# Security checks
# if this is run as root for some reason, drop root to "account"
"""if os.getuid() != 0:
os.setgid(UID)
os.setuid(UID)
stderr.write("ERROR: process-nis-files.py must be run as root!")"""
# load login modules
modules = auth_modules.load_modules()
# select users with pending password changes
pw_changes = [u for u in get_with_status('pw_reset') if u.in_domain(DOMAIN)]
# get pending disables
pending_disables = [u for u in get_with_status('pending_disable') if u.in_domain(DOMAIN)]
# get pending enables
pending_enables = [u for u in get_with_status('pending_enable') if u.in_domain(DOMAIN)]
# get pending rolloffs
pending_rolloffs = [u for u in get_with_status('pending_rolloff') if u.in_domain(DOMAIN)]
# process changes, and set flags after each change
# change password and shell (both use same flag)
if pw_changes != []:
print "Changing passwords for:\n%s\n" % [u.username for u in pw_changes]
for user in pw_changes:
for name, module in modules.iteritems():
module.change_password(pw_changes)
module.change_shell(pw_changes)
user.add_flag(DOMAIN+"_reset_password")
# disable accounts, set DOMAIN_noaccess flag
if pending_disables != []:
print "Disabling accounts:\n%s\n" % [u.username for u in pending_disables]
for user in pending_disables:
for name, module in modules.iteritems():
module.disable_logins(pending_disables)
user.add_flag(DOMAIN+"_noaccess")
# enable accounts, set DOMAIN_return_access flag
if pending_enables != []:
print "Enabling accounts:\n%s\n" % [u.username for u in pending_enables]
for user in pending_enables:
for name, module in modules.iteritems():
module.enable_logins(pending_enables)
user.add_flag(DOMAIN+"_return_access")
# rolloff accounts (star pw), set DOMAIN_rolloff flag
if pending_rolloffs != []:
print "Staring passwords for:\n%s\n" % [u.username for u in pending_rolloffs]
for user in pending_rolloffs:
for name, module in modules.iteritems():
module.rolloff_disable(pending_rolloffs)
user.add_flag(DOMAIN+"_rolloff")
# Changes have been processed
print "Processed login changes"
