| Current Path : /home/cgabriel/20_dev/11_iftlib/sysadmin/ |
Linux ift1.ift-informatik.de 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 |
| Current File : //home/cgabriel/20_dev/11_iftlib/sysadmin/user.py |
import os
import sys
import re
import random
import time
import glob
class User (object):
def __init__ (self):
self.IFT = "ift"
#***********************************************************
def actualize_iftlib (self,pars):
os.system('chdir /usr/local/lib/python2.7/dist-packages/iftlib; bash sync.bat')
print ("1----------------", os.system)
#***********************************************************
def upd (self,pars):
dir = glob.glob("/home/*/51_iftlib")
print(dir)
if len(dir) == 1:
# os.system("cd " + dir[0])
m = re.search(r"\/home\/(.*?)\/",dir[0])
if m:
print("User:",m.group(1))
os.system("chdir " + dir[0] + "; sudo -u " + m.group(1) + " bash sync.bat")
if len(pars) > 0:
os.system("chdir " + dir[0] + "/intern; sh install_script.sh 1")
os.system("apt-get update")
os.system("apt-get dist-upgrade")
os.system("apt-get autoremove")
os.system("apt-get autoclean")
#***********************************************************
def syu (self,pars):
IFT = self.IFT
try:
remote_host = pars[0]
except:
remote_host = ""
try:
remote_port = " -P " + pars[1] + " "
except:
if not remote_host == "":
print("\nFormat: yc syu host port\n")
return()
print(remote_host)
if not remote_host == "":
os.system("rm /tmp/__tmp__.txt")
try:
os.system('scp ' + remote_port + IFT + '@' + pars[0] + ':/etc/passwd /tmp/__tmp__.txt')
passwd0 = open("/tmp/__tmp__.txt").read()
passwd = open("/etc/passwd").read()
os.system('scp ' + remote_port + IFT + '@' + pars[0] + ':/etc/shadow /tmp/__tmp__.txt')
shadow0 = open("/tmp/__tmp__.txt").read()
shadow = open("/etc/shadow").read()
os.system('scp ' + remote_port + IFT + '@' + pars[0] + ':/etc/group /tmp/__tmp__.txt')
groups0 = open("/tmp/__tmp__.txt").read()
groups = open("/etc/group").read()
except:
print("scp connection failed. Consider port.")
return()
passwd1 = ( re.sub("^(.*\n)(" + IFT + "\:.*)$","\\1",passwd,flags=re.DOTALL) +
re.sub("^(.*\n)(" + IFT + "\:.*)$","\\2",passwd0,flags=re.DOTALL) )
shadow1 = ( re.sub("^(.*\n)(" + IFT + "\:.*)$","\\1",shadow,flags=re.DOTALL) +
re.sub("^(.*\n)(" + IFT + "\:.*)$","\\2",shadow0,flags=re.DOTALL) )
groups1 = ( re.sub("^(.*\n)(" + IFT + "\:.*)$","\\1",groups,flags=re.DOTALL) +
re.sub("^(.*\n)(" + IFT + "\:.*)$","\\2",groups0,flags=re.DOTALL) )
open("/etc/passwd1","w").write(passwd1)
open("/etc/shadow1","w").write(shadow1)
open("/etc/group1", "w").write(groups1)
nr = str(random.randint(1000,9999))
os.system('mv /etc/passwd /etc/passwd' + nr)
os.system('mv /etc/shadow /etc/shadow' + nr)
os.system('mv /etc/group /etc/group' + nr)
os.system('mv /etc/passwd1 /etc/passwd')
os.system('mv /etc/shadow1 /etc/shadow')
os.system('mv /etc/group1 /etc/group' )
# User anlegen
userlist = {}
for zeile in passwd1.split("\n"):
print(zeile)
m = re.search(r"^(.*?)\:",zeile)
if m:
user = m.group(1)
print ("USERxx",user)
m1 = re.search("/home/"+user+":/bin/bash",zeile)
if m1:
print (user)
userlist[user] = 1
if not os.path.isfile("/home/"+user+"/.bashrc"):
print("Create new user directory")
os.system("mkdir /home/"+user)
os.system("cp /home/x" + IFT + "/.bashrc /home/" + user)
os.system("cp /home/x" + IFT + "/.bash_logout /home/" + user)
os.system("cp /home/x" + IFT + "/.bash_history /home/" + user)
os.system("cp /home/x" + IFT + "/.profile /home/" + user)
if os.path.isfile("/home/x" + IFT + "/examples.desktop"):
os.system("cp /home/x" + IFT + "/examples.desktop /home/" + user)
os.system("chown " + user + ":" + IFT + " /home/" + user + "/.*")
os.system("chown " + user + ":" + IFT + " /home/" + user + "/examples.desktop")
os.system("chown " + IFT + ":" + IFT + " /home/" + user + "/..")
if not os.path.isdir("/home/"+user+"/Desktop"):
print("Change ownership")
os.system("mkdir /home/" + user + "/Desktop")
os.system("cp /home/x" + IFT + "/Desktop/*.desktop /home/" + user + "/Desktop")
os.system("mkdir /home/" + user + "/Documents")
if os.path.isdir("/home/" + user + "/Download"):
os.system("rmdir /home/" + user + "/Download")
os.system("mkdir /home/" + user + "/Downloads")
os.system("mkdir /home/" + user + "/Music")
os.system("mkdir /home/" + user + "/Pictures")
os.system("mkdir /home/" + user + "/Templates")
os.system("mkdir /home/" + user + "/Videos")
os.system("mkdir /home/" + user + "/Public")
if not os.path.isdir("/home/" + user + "/.config"):
os.system("cp -a /home/x" + IFT + "/.config /home/" + user)
os.system("chown -R " + user + ":" + IFT + " /home/" + user + "/*")
os.system("chown -R " + user + ":" + IFT + " /home/" + user + "/.config")
if os.path.isfile("/home/"+user+"/Desktop/user-home.desktop"):
text = open("/home/"+user+"/Desktop/user-home.desktop").read()
text = re.sub(r"xift",user,text,99)
text = re.sub(r"ame=\.*([a-z])","ame=.\\1",text,99)
text = open("/home/"+user+"/Desktop/user-home.desktop","w").write(text)
# htpasswoerter in jedes Git-Directory uebertragen
else:
shadow1 = open("/etc/shadow").read()
# die verschluesselten htpasswoerter stehen jeweils in der /etc/shadow Datei
# daher diese auslesen und in den Hash htpass2 schreiben
print("UPDATE HTPASSWD")
htpass20 = {}
for zeile in shadow1.split("\n"):
m = re.search("^(.+?)\:(.+?)\:",zeile)
if m:
if len(m.group(2)) > 3:
htpass20[m.group(1)] = m.group(2)
if os.path.isdir("/var/www/private/"+m.group(1)):
open("/var/www/private/"+m.group(1)+"/.htpasswd","w").write(m.group(1)+":"+m.group(2)+"\n# root:x\n")
if not os.path.isfile("/var/www/private/"+m.group(1)+".htaccess"):
open("/var/www/private/"+m.group(1)+"/.htaccess","w").write(
'''AuthType Basic
AuthName "Login with Username and Password"
AuthUserFile /var/www/private/'''+m.group(1)+'''/.htpasswd
Require valid-user
''')
os.system("chown www-data:www-data /var/www/private/"+m.group(1)+"/.ht*")
# jetzt alle htpasswd Dateien durchgehen
# htpasswd_list = ( os.popen("ls /var/www/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/*/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/*/*/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/*/*/*/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/*/*/*/*/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/*/*/*/*/*/.htpasswd 2> /dev/null").read()
# + os.popen("ls /var/www/*/*/*/*/*/*/*/.htpasswd 2> /dev/null").read()
# )
print(".... read all .htpasswd")
htpasswd_list = ( glob.glob("/var/www/.htpasswd") +
glob.glob("/var/www/*/.htpasswd") +
glob.glob("/var/www/*/*/.htpasswd") +
glob.glob("/var/www/*/*/*/.htpasswd") +
glob.glob("/var/www/*/*/*/*/.htpasswd") +
glob.glob("/var/www/repos/*/*/*/*/.htpasswd") +
glob.glob("/var/www/repos/*/*/*/*/*/.htpasswd") +
glob.glob("/var/www/repos/*/*/*/*/*/*/.htpasswd") +
glob.glob("/var/www/repos/*/*/*/*/*/*/*/.htpasswd")
)
print(".... done")
os.system("rm /etc/apache2/sites-available/*.git")
for direntry in htpasswd_list:
if not re.search(r"htpasswd$",direntry):
continue
print (direntry)
htpass2 = htpass20.copy()
text = {} # neuer .htpasswd Inhalt
restrict_users = "" # Prefix fuer die fehlenden User, die aus der shadow Datei zusaetzlich eingetragen werden sollen
for zeile in open(direntry).read().split("\n"):
# print (zeile)
m = re.search("^(\#? *)(.*?)\:(.*)$",zeile)
if not m:
continue
if re.search(r"^\#",m.group(1)):
# print (zeile)
restrict_users = "# "
try:
text[m.group(2)] = m.group(1) + m.group(2) + ":" + htpass2[m.group(2)] + "\n" # aktuelles Passwort hinzufuegen
del htpass2[m.group(2)] # und aus der Liste der hinzuzufuegenden User loeschen
except: # User, die sich nicht in der shadow-Datei befinden, nicht mehr in der
if re.search(r"^ ",m.group(1)) or m.group(2) == "root": # neuen passwd-Datei beruecksichtigen, es sei denn, es sind durch fuehren-
text[m.group(2)] = m.group(1) + m.group(2) + ":" + m.group(3) + "\n" # de Blanks als extern markierte User
# print (restrict_users)
for user in htpass2: # die fehlenden User hinzufuegen
# if user == "root":
# continue
# print user
if restrict_users == "": # wenn alle User hinzugefuegt werden sollen, sonst nicht
text[user] = restrict_users + user + ":" + htpass2[user] + "\n"
newpass = open(direntry,"w")
# if not restrict_users == "":
# newpass.write("# root:x\n")
userfield = list(text.keys())
userfield.sort()
for user in userfield:
newpass.write(text[user])
# create the additional snippets for the Apache
m = re.search(r"^/var/www/repos/(.*)\.(.*?)/.htpasswd$",direntry)
if not m:
continue
direntry1 = m.group(1)
direntry = m.group(1) + "." + m.group(2)
direntry2 = re.sub("\/","__",direntry,9999)
print("DD",direntry,direntry1,direntry2)
open("/etc/apache2/sites-available/"+direntry2,"w").write(
"""<Location /repos/""" + direntry1 + """>
AuthType Basic
AuthName "Git"
AuthUserFile /var/www/repos/""" + direntry + """/.htpasswd
Require valid-user
</Location>
<Location /repos/""" + direntry + """>
AuthType Basic
AuthName "Git"
AuthUserFile /var/www/repos/""" + direntry + """/.htpasswd
Require valid-user
</Location>
""")
os.system("chdir /etc/apache2/sites-enabled; ln -fs ../sites-available/"+direntry)
if not re.search(r"GIT_PROJECT_ROOT",open("/etc/apache2/apache2.conf").read()):
open("/etc/apache2/apache2.conf","a").write("""
SETENV GIT_PROJECT_ROOT /var/www/repos
SETENV GIT_HTTP_EXPORT_ALL
ScriptAlias /repos/ /usr/lib/git-core/git-http-backend/
""")
open("/etc/apache2/_01.sh","w").write('''
#!/bin/sh
cd ../sites-enabled
rm /etc/apache2/sites-available/*~
rm /etc/apache2/sites-enabled/*
ln -s ../sites-available/*.* .
rm /etc/apache2/sites-enabled/_*
/etc/init.d/apache2 restart
''')
os.system("chmod 775 /etc/apache2/sites-available/*")
os.system("chown ift:ift -R /home/ift/DEV*")
os.system("chown ift:ift -R /home/ift/restart*")
os.system("chmod 775 -R /home/ift/DEV*")
os.system("chmod 775 -R /home/ift/restart*")
os.system("mkdir /home/ift/virtualbox")
os.system("chown ift:ift -R /home/ift/virtualbox")
os.system("chmod 775 -R /home/ift/virtualbox")
#************************************************************************
def mv (self,pars):
if len(pars) > 0:
ziel = pars[0]
else:
ziel = ""
datei = os.popen("ps ax | grep fbgs").read()
m = re.search(r"(\/home.*?.pdf)",datei)
if not m:
return(0)
datei = m.group(1)
datei = re.sub("\.pdf$","",datei)
print(datei)
# print("---")
# return()
if ziel == "":
os.system("rm " + datei + ".pdf")
os.system("rm " + datei + ".ocr")
elif not os.path.isdir(ziel):
ziel = re.sub("\.pdf$","",ziel)
os.system("mv " + datei + ".pdf " + ziel + ".pdf")
os.system("mv " + datei + ".ocr " + ziel + ".ocr")
else:
os.system("mv " + datei + ".pdf " + ziel)
os.system("mv " + datei + ".ocr " + ziel)
#************************************************************************
def scanner (self,pars):
interval = 5
lfd_nrs = {}
os.chdir("/home/scans")
activity_counter = 0
while (0 == 0):
list_of_scans = ( glob.glob("*_*_*.pdf") ) # + glob.glob("*_*_1*.pdf") + glob.glob("*_*_2*.pdf") + glob.glob("*_*_3*.pdf") + glob.glob("*_*_4*.pdf") +
# + glob.glob("*_*_5*.pdf") + glob.glob("*_*_6*.pdf") + glob.glob("*_*_7*.pdf") + glob.glob("*_*_8*.pdf") + glob.glob("*_*_9*.pdf") )
list_of_scans.sort()
# print(list_of_scans)
if len(list_of_scans) > 0:
activity_counter = 0
interval = 5
m = re.search(r"^(.*)\_(\d\d\d\d)\.pdf$",list_of_scans[0])
print(list_of_scans[0])
if m:
fileroot = m.group(1)
list_of_parts = glob.glob(fileroot+"-*.pdf")
list_of_parts.sort()
os.system("pdftk " + fileroot + "_* output __xxpdf.pdf")
os.system("mv __xxpdf.pdf " + fileroot + ".pdf")
lfd_nr = 1
if len(list_of_parts) > 0:
m = re.search(r"^(.*)\-(\d\d\d\d)\.pdf$",list_of_parts[-1])
if m:
lfd_nr = int(m.group(2))
if fileroot in lfd_nrs:
lfd_nr = max(lfd_nr,lfd_nrs[fileroot])
for scanfile in list_of_scans:
print(fileroot,scanfile,lfd_nr)
partsfile = fileroot+"-" + ("%04u"%lfd_nr) + ".pdf"
time.sleep(1)
if not scanfile.startswith(fileroot):
continue
if int(os.stat(scanfile).st_size) < 50000: # empty site
if os.path.isfile(partsfile):
lfd_nr = lfd_nr + 1
lfd_nrs[fileroot] = lfd_nr
else:
if fileroot in lfd_nrs:
del lfd_nrs[fileroot]
if os.path.isfile(partsfile):
os.system("pdftk " + partsfile + " " + scanfile + " output __yypdf.pdf")
print("mv __yypdf.pdf " + partsfile)
os.system("mv -f __yypdf.pdf " + partsfile)
else:
print("mv " + scanfile + " " + partsfile)
os.system("mv -f " + scanfile + " " + partsfile)
if os.path.isfile(scanfile):
os.unlink(scanfile)
else:
if activity_counter > 500:
interval = 60
else:
activity_counter = activity_counter + 1
time.sleep(interval)
print("INTERVAL " + str(interval) + " " + str(activity_counter))
#************************************************************************
def ovpn (self,pars):
print("make ovpn")
if not os.path.isdir("ovpn"):
os.system("mkdir ovpn")
file = pars[0]
text = open("../../client/base.conf").read()
text = text + '<ca>\n' + open("pki/ca.crt").read() + '</ca>\n'
text = text + '<cert>\n' + open("pki/issued/" + file + ".crt").read() + '</cert>\n'
text = text + '<key>\n' + open("pki/private/" + file + ".key").read() + '</key>\n'
text = text + '<tls-auth>\n' + open("pki/ta.key").read() + '</tls-auth>\n'
open("ovpn/" + file + ".ovpn","w").write(text)
#************************************************************************
def radio (self,pars):
zaehler = 0
while (0 == 0):
actual_program = ""
proc_number = ""
m = re.search(r"(^|\n) *(\d+) [^\n]+mplayer [^\n]+?(\S+\.\S+)",os.popen('ps ax').read(),re.DOTALL)
if m:
actual_program = m.group(3)
proc_number = m.group(2)
try:
m = re.search(r"(^|\n) *mplayer [^\n]+?(\S+\.\S+)",open('/etc/mplayer/radio.sh').read(),re.DOTALL)
if m:
new_program = m.group(2)
except Exception as e:
print (str(e))
new_program = ""
if zaehler == 0:
actual_program = "xxxxxx"
print (str(zaehler) + " ACT: " + actual_program + " , PROCNR: " + proc_number + " , NEW: " + new_program)
if actual_program != new_program:
try:
os.kill(int(proc_number),9)
continue
except Exception as e:
print (str(e))
if zaehler == 0:
os.system("pulseaudio -k")
time.sleep(1)
os.system("alsa force-reload")
time.sleep(1)
os.system('bash /etc/mplayer/radio.sh &')
time.sleep(12)
zaehler = zaehler + 1
if zaehler > 1000 and (zaehler % 100) == 0 and int(time.strftime("%H")) == 4:
zaehler = 0
def test (self,pars):
print (pars[0])
#***************************************************************
if __name__ == "__main__":
User.__dict__[sys.argv[1]](User(),sys.argv[2:])