diff options
Diffstat (limited to 'abs/core/LinHES-config/myth_user_call')
| -rw-r--r-- | abs/core/LinHES-config/myth_user_call | 319 |
1 files changed, 152 insertions, 167 deletions
diff --git a/abs/core/LinHES-config/myth_user_call b/abs/core/LinHES-config/myth_user_call index 0914b03..1b8d315 100644 --- a/abs/core/LinHES-config/myth_user_call +++ b/abs/core/LinHES-config/myth_user_call @@ -1,174 +1,159 @@ -#!/bin/bash +#!/usr/bin/python2 +# -*- coding: utf-8 -*- #Wrapper script to manage USERNAME accounts + web security # myth_USERNAME_all -c add -u USERNAME # myth_USERNAME_all -c delete -u USERNAME # myth_USERNAME_all -c pass -u USERNAME -p pass # myth_USERNAME_all -c web -u USERNAME -p pass -INIT_CHECK=TRUE -FULL_CALL="$@" -function CHROOT_CHECK { - INIT=`ps -p 1 -o comm=` - if [ x$INIT = xrunit ] - then - CHROOT_NEEDED=FALSE - else - CHROOT_NEEDED=TRUE - fi -} - -function store_commands () { - echo "$FULL_CALL" >> /root/myth_user_call.out - chmod 600 /root/myth_user_call.out -} - - -function add_user() { - if [ $CHROOT_NEEDED = TRUE ] - then - echo "calling myth_call_user in chroot to add user" - store_commands - else - echo "adding user $USERNAME" - useradd -m -s /bin/bash $USERNAME -G audio,video,optical,storage,users - usermod -a -G mythtv $USERNAME - - fi - -} - - -function del_user() { - if [ $CHROOT_NEEDED = TRUE ] - then - echo "calling myth_call_user in chroot to delete user" - store_commands - else - echo "removing user $USERNAME" - userdel $USERNAME - fi - -} - - -function pass_change() { - if [ $CHROOT_NEEDED = TRUE ] - then - echo "calling myth_call_user in chroot to change password" - store_commands - else - echo "changing password for $USERNAME" - echo $USERNAME:$PASSWORD | chpasswd - fi - -} - - -function web_security { - - grep -q ${USERNAME}: /etc/lighttpd/lighttpd.user - if [ $? = 0 ] - then - #delete user - sed -i "/${USERNAME}\:/d" /etc/lighttpd/lighttpd.user - fi - echo "${USERNAME}:${PASSWORD}" >> /etc/lighttpd/lighttpd.user - -} - -function ARG_ERR() { - if [ x$OPTARG = "x" ] - then - echo "$SWITCH NEEDS AND ARG" - exit 11 - fi -} - - -function print_help { - - echo "Valid options are:" - echo " -c (add|delete|pass|web)" - echo " -u USERNAMEname" - echo " -p password" - exit 1 -} - -if [ $# -eq 0 ] -then - print_help -fi - -declare -r OPTSTRING="c:u:p:i" -while getopts "$OPTSTRING" SWITCH -do - case $SWITCH in - - c) ARG_ERR - OPERATION=$OPTARG - ;; - u) ARG_ERR - USERNAME=$OPTARG - ;; - p) ARG_ERR - PASSWORD=$OPTARG - ;; - i) INIT_CHECK=FALSE - - esac -done - -if [ $INIT_CHECK = TRUE ] -then - CHROOT_CHECK -else - CHROOT_NEEDED=FALSE -fi - -case $OPERATION in - add) - if [ x$USERNAME = x ] - then - print_help - fi - add_user - ;; - delete) - if [ x$USERNAME = x ] - then - print_help - fi - del_user - ;; - pass) - if [ x$USERNAME = x ] - then - print_help - fi - - if [ x$PASSWORD = x ] - then - print_help - fi - pass_change - ;; - - web) - if [ x$USERNAME = x ] - then - print_help - fi - - - if [ x$PASSWORD = x ] - then - print_help - fi - echo "adding webUSERNAME $USERNAME with pass $PASSWORD" - web_security - ;; - *) print_help - ;; -esac - +import pexpect, sys, time +import os, re, getopt +import mv_common + + + + +def chroot_check(): + if not INIT_CHECK : + return False + cmd = '''ps -p 1 -o comm=''' + init = mv_common.runcmd_output(cmd).strip() + if init == "runit": + return False + else: + return True + + +def store_commands(full_call): + file_name = "/root/myth_user_call.out" + try: + f = open(file_name,'a') + except: + print "%s could not be opened" % file_name + sys.exit(1) + f.write(full_call) + f.write("\n") + f.close() + try: + os.chmod(600,file_name) + except: + pass + + +def add_user(username,full_call): + if chroot_check() : + print "calling myth_call_user in chroot to add user" + store_commands(full_call) + else: + print "Adding user %s" %username + cmd = '''useradd -m -s /bin/bash %s -G audio,video,optical,storage,users''' %username + mv_common.runcmd(cmd) + cmd = ''' usermod -a -G mythtv %s ''' %username + + +def del_user(username,full_call): + if chroot_check() : + print "calling myth_call_user in chroot to del user" + store_commands(full_call) + else: + print "Removing user %s" %username + cmd = '''userdel %s ''' %username + mv_common.runcmd(cmd) + + +def pass_change(username,password,full_call) : + if chroot_check() : + print "calling myth_call_user in chroot to change password" + store_commands(full_call) + else: + print "changing password for %s" %username + passwd = pexpect.spawn("/usr/bin/passwd %s" % username) + + for repeat in (1, 2): + passwd.expect("password: ") + passwd.sendline(password) + time.sleep(0.1) + +def web_security(username,password) : + file_name = "/etc/lighttpd/lighttpd.user" + file_contents = '' + if os.path.exists(file_name): + try: + f = open(file_name,'r') + file_contents = f.readlines() + except: + print " couldn't read %s" % file_name + try: + f = open(file_name,'w') + except: + print "%s could not be opened for writing" % file_name + return + + for line in file_contents: + if not re.search(username, line): + f.write(line) + line = "%s:%s" %(username, password) + f.write(line) + f.write("\n") + f.close() + + +def usage (): + print "Valid options are:" + print " -c (add|delete|pass|web)" + print " -u USERNAME" + print " -p password" + sys.exit(0) + +def main(argv): + global INIT_CHECK + full_call = "" + INIT_CHECK = True + try: + opts, args = getopt.getopt(argv, 'c:u:p:ih' ) + except getopt.GetoptError, why: + print why + usage() + print "exception happened" + sys.exit(2) + + for opt, arg in opts: + if opt in ("-h", "--help"): + usage() + sys.exit(0) + elif opt in ("-c") : + module = arg + full_call += ''' -c %s ''' %re.escape(arg) + elif opt in ("-u") : + username = arg + full_call += ''' -u %s ''' %re.escape(arg) + elif opt in ("-p") : + password = arg + full_call += ''' -p %s ''' %re.escape(arg) + elif opt in ("-i") : + INIT_CHECK = False + full_call += ''' -i ''' + try: + username + except: + usage() + + if module == "add": + add_user(username,full_call) + elif module == "delete": + del_user(username,full_call) + elif module == "pass": + try: + password + except: + print "needs a password" + usage() + pass_change(username,password,full_call) + elif module == "web": + web_security(username,password) + else: + usage() + +if __name__ == "__main__": + main(sys.argv[1:]) |