diff options
author | Luke Shumaker <lukeshu@sbcglobal.net> | 2014-10-04 16:12:13 -0400 |
---|---|---|
committer | Luke Shumaker <lukeshu@sbcglobal.net> | 2014-10-04 16:12:13 -0400 |
commit | be4588009b7106859e1beae6038aaea8d7f85825 (patch) | |
tree | ee0010a7003d23a686888fc9585de4e0ec429547 /utils | |
parent | 8e54633a2b520dff0a237349f5fc4cbcf4719f40 (diff) |
remove non-nslcd stuff
Diffstat (limited to 'utils')
-rw-r--r-- | utils/Makefile.am | 42 | ||||
-rwxr-xr-x | utils/chsh.py | 71 | ||||
-rw-r--r-- | utils/cmdline.py | 68 | ||||
-rwxr-xr-x | utils/getent.py | 353 | ||||
-rw-r--r-- | utils/nslcd.py | 136 | ||||
-rw-r--r-- | utils/shells.py | 64 | ||||
-rw-r--r-- | utils/users.py | 60 |
7 files changed, 0 insertions, 794 deletions
diff --git a/utils/Makefile.am b/utils/Makefile.am deleted file mode 100644 index e59516a..0000000 --- a/utils/Makefile.am +++ /dev/null @@ -1,42 +0,0 @@ -# Makefile.am - use automake to generate Makefile.in -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -utilsdir = $(datadir)/nslcd-utils - -utils_PYTHON = cmdline.py nslcd.py getent.py chsh.py shells.py users.py -nodist_utils_PYTHON = constants.py -CLEANFILES = $(nodist_utils_PYTHON) - -all-local: $(nodist_utils_PYTHON) - -# clean up locally created compiled Python files -clean-local: - rm -f *.pyc *.pyo - -# copy constants module -constants.py: ../pynslcd/constants.py - cp ../pynslcd/constants.py . - -# create symbolic links to the commands and fix permissions -install-data-hook: - $(MKDIR_P) $(DESTDIR)$(bindir) - set -ex; for cmd in getent chsh ; do \ - chmod a+rx $(DESTDIR)$(utilsdir)/$$cmd.py ; \ - [ -L $(DESTDIR)$(bindir)/$$cmd.ldap ] || $(LN_S) $(utilsdir)/$$cmd.py $(DESTDIR)$(bindir)/$$cmd.ldap ; \ - done diff --git a/utils/chsh.py b/utils/chsh.py deleted file mode 100755 index 2f81f13..0000000 --- a/utils/chsh.py +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/env python -# coding: utf-8 - -# chsh.py - program for changing the login shell using nslcd -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -import argparse - -from cmdline import VersionAction, ListShellsAction -import constants -import nslcd -import shells -import users - - -# set up command line parser -parser = argparse.ArgumentParser( - description='Change the user login shell in LDAP.', - epilog='Report bugs to <%s>.' % constants.PACKAGE_BUGREPORT) -parser.add_argument('-V', '--version', action=VersionAction) -parser.add_argument('-s', '--shell', help='login shell for the user account') -parser.add_argument('-l', '--list-shells', action=ListShellsAction) -parser.add_argument('username', metavar='USER', nargs='?', - help="the user who's shell to change") - - -def ask_shell(oldshell): - """Ask the user to provide a shell.""" - shell = raw_input(' Login Shell [%s]: ' % oldshell) - return shell or oldshell - - -if __name__ == '__main__': - # parse arguments - args = parser.parse_args() - # check username part - user = users.User(args.username) - user.check() - # check the command line shell if one was provided (to fail early) - shell = args.shell - if shell is not None: - shells.check(shell, user.asroot) - # prompt for a password if required - password = user.get_passwd() - # prompt for a shell if it was not specified on the command line - if shell is None: - print 'Enter the new value, or press ENTER for the default' - shell = ask_shell(user.shell) - shells.check(shell, user.asroot) - # perform the modification - result = nslcd.usermod( - user.username, user.asroot, password, { - constants.NSLCD_USERMOD_SHELL: shell, - }) - # TODO: print proper response diff --git a/utils/cmdline.py b/utils/cmdline.py deleted file mode 100644 index 3d7d58f..0000000 --- a/utils/cmdline.py +++ /dev/null @@ -1,68 +0,0 @@ -# coding: utf-8 - -# cmdline.py - functions for handling command-line options -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -import argparse - -import constants - - -version_string = ''' -%s -Written by Arthur de Jong. - -Copyright (C) 2013 Arthur de Jong -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -'''.strip() % constants.PACKAGE_STRING - - -class VersionAction(argparse.Action): - - def __init__(self, option_strings, dest, - help='output version information and exit'): - super(VersionAction, self).__init__( - option_strings=option_strings, - dest=argparse.SUPPRESS, - default=argparse.SUPPRESS, - nargs=0, - help=help) - - def __call__(self, parser, namespace, values, option_string=None): - print version_string - parser.exit() - - -class ListShellsAction(argparse.Action): - - def __init__(self, option_strings, dest, - help='list the shells found in /etc/shells'): - super(ListShellsAction, self).__init__( - option_strings=option_strings, - dest=argparse.SUPPRESS, - default=argparse.SUPPRESS, - nargs=0, - help=help) - - def __call__(self, parser, namespace, values, option_string=None): - import shells - for shell in shells.list_shells(): - print shell - parser.exit() diff --git a/utils/getent.py b/utils/getent.py deleted file mode 100755 index bd27c11..0000000 --- a/utils/getent.py +++ /dev/null @@ -1,353 +0,0 @@ -#!/usr/bin/env python -# coding: utf-8 - -# getent.py - program for querying nslcd -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -import argparse -import re -import socket -import struct -import sys - -from cmdline import VersionAction -from nslcd import NslcdClient -import constants - - -epilog = ''' -supported databases: - aliases, ethers, group, group.bymember, hosts, hostsv4, hostsv6, - netgroup, netgroup.norec, networks, networksv4, networksv6, passwd, - protocols, rpc, services, shadow - -Report bugs to <%s>. -'''.strip() % constants.PACKAGE_BUGREPORT - -# set up command line parser -parser = argparse.ArgumentParser( - formatter_class=argparse.RawDescriptionHelpFormatter, - description='Query information in LDAP via nslcd.', - epilog=epilog) -parser.add_argument('-V', '--version', action=VersionAction) -parser.add_argument('database', metavar='DATABASE', - help='any database supported by nslcd') -parser.add_argument('key', metavar='KEY', nargs='?', - help='filter returned database values by key') - - -def getent_aliases(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_ALIAS_ALL) - else: - con = NslcdClient(constants.NSLCD_ACTION_ALIAS_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - print '%-16s%s' % ( - con.read_string() + ': ', - ', '.join(con.read_stringlist()), - ) - - -def getent_ethers(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_ETHER_ALL) - elif re.match('^[0-9a-fA-F]{1,2}(:[0-9a-fA-F]{1,2}){5}$', key): - con = NslcdClient(constants.NSLCD_ACTION_ETHER_BYETHER) - con.write_ether(key) - else: - con = NslcdClient(constants.NSLCD_ACTION_ETHER_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - name = con.read_string() - ether = con.read_ether() - print '%s %s' % (ether, name) - - -def getent_group(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_GROUP_ALL) - elif database == 'group.bymember': - con = NslcdClient(constants.NSLCD_ACTION_GROUP_BYMEMBER) - con.write_string(key) - elif re.match('^\d+$', key): - con = NslcdClient(constants.NSLCD_ACTION_GROUP_BYGID) - con.write_int32(int(key)) - else: - con = NslcdClient(constants.NSLCD_ACTION_GROUP_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - print '%s:%s:%d:%s' % ( - con.read_string(), - con.read_string(), - con.read_int32(), - ','.join(con.read_stringlist()), - ) - - -def _get_ipv4(value): - try: - return socket.inet_pton(socket.AF_INET, value) - except socket.error: - return None - - -def _get_ipv6(value): - try: - return socket.inet_pton(socket.AF_INET6, value) - except socket.error: - return None - - -def _get_af(database): - if database.endswith('v4'): - return socket.AF_INET - elif database.endswith('v6'): - return socket.AF_INET6 - else: - return None - - -def getent_hosts(database, key=None): - db_af = _get_af(database) - if not key: - con = NslcdClient(constants.NSLCD_ACTION_HOST_ALL) - else: - ipv4_addr = _get_ipv4(key) - ipv6_addr = _get_ipv6(key) - if ipv4_addr and db_af in (socket.AF_INET, None): - con = NslcdClient(constants.NSLCD_ACTION_HOST_BYADDR) - con.write_address(socket.AF_INET, ipv4_addr) - elif ipv6_addr and db_af in (socket.AF_INET, None): - con = NslcdClient(constants.NSLCD_ACTION_HOST_BYADDR) - con.write_address(socket.AF_INET6, ipv6_addr) - else: - con = NslcdClient(constants.NSLCD_ACTION_HOST_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - names = ' '.join([con.read_string()] + con.read_stringlist()) - for af, address in con.read_addresslist(): - if db_af in (af, None): - print '%-15s %s' % (address, names) - - -def _read_netgroup(con): - """Read netgroup name, members and tripples from stream.""" - name = con.read_string() - members = [] - tripples = [] - while True: - member_type = con.read_int32() - if member_type == constants.NSLCD_NETGROUP_TYPE_NETGROUP: - members.append(con.read_string()) - elif member_type == constants.NSLCD_NETGROUP_TYPE_TRIPLE: - tripples.append(( - con.read_string(), con.read_string(), - con.read_string() - )) - else: - break - return name, members, tripples - - -def _get_getgroups(con, recurse, netgroups=None): - if netgroups is None: - netgroups = {} - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - name, members, tripples = _read_netgroup(con) - if not recurse: - yield (name, members, tripples) - else: - netgroups[name] = None - for netgroup in members: - if netgroup not in netgroups: - con2 = NslcdClient(constants.NSLCD_ACTION_NETGROUP_BYNAME) - con2.write_string(netgroup) - all(_get_getgroups(con2, recurse, netgroups)) - if netgroups.get(netgroup, None) is not None: - tripples += netgroups[netgroup][1] - netgroups[name] = (members, tripples) - yield (name, [], tripples) - - -def getent_netgroup(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_NETGROUP_ALL) - else: - con = NslcdClient(constants.NSLCD_ACTION_NETGROUP_BYNAME) - con.write_string(key) - for name, members, tripples in _get_getgroups(con, database == 'netgroup'): - print '%-15s %s' % (name, ' '.join( - members + - ['(%s, %s, %s)' % (host, user, domain) - for host, user, domain in tripples] - )) - - -def getent_networks(database, key=None): - db_af = _get_af(database) - if not key: - con = NslcdClient(constants.NSLCD_ACTION_NETWORK_ALL) - else: - ipv4_addr = _get_ipv4(key) - ipv6_addr = _get_ipv6(key) - if ipv4_addr and db_af in (socket.AF_INET, None): - con = NslcdClient(constants.NSLCD_ACTION_NETWORK_BYADDR) - con.write_address(socket.AF_INET, ipv4_addr) - elif ipv6_addr and db_af in (socket.AF_INET, None): - con = NslcdClient(constants.NSLCD_ACTION_NETWORK_BYADDR) - con.write_address(socket.AF_INET6, ipv6_addr) - else: - con = NslcdClient(constants.NSLCD_ACTION_NETWORK_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - names = ' '.join([con.read_string()] + con.read_stringlist()) - for af, address in con.read_addresslist(): - if db_af in (af, None): - print '%-15s %s' % (address, names) - - -def getent_passwd(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_PASSWD_ALL) - elif re.match('^\d+$', key): - con = NslcdClient(constants.NSLCD_ACTION_PASSWD_BYUID) - con.write_int32(int(key)) - else: - con = NslcdClient(constants.NSLCD_ACTION_PASSWD_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - print '%s:%s:%d:%d:%s:%s:%s' % ( - con.read_string(), - con.read_string(), - con.read_int32(), - con.read_int32(), - con.read_string(), - con.read_string(), - con.read_string(), - ) - - -def getent_protocols(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_PROTOCOL_ALL) - elif re.match('^\d+$', key): - con = NslcdClient(constants.NSLCD_ACTION_PROTOCOL_BYNUMBER) - con.write_int32(int(key)) - else: - con = NslcdClient(constants.NSLCD_ACTION_PROTOCOL_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - name = con.read_string() - aliases = con.read_stringlist() - number = con.read_int32() - print '%-21s %d %s' % (name, number, ' '.join(aliases)) - - -def getent_rpc(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_RPC_ALL) - elif re.match('^\d+$', key): - con = NslcdClient(constants.NSLCD_ACTION_RPC_BYNUMBER) - con.write_int32(int(key)) - else: - con = NslcdClient(constants.NSLCD_ACTION_RPC_BYNAME) - con.write_string(key) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - name = con.read_string() - aliases = con.read_stringlist() - number = con.read_int32() - print '%-15s %d %s' % (name, number, ' '.join(aliases)) - - -def getent_services(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_SERVICE_ALL) - else: - value = key - protocol = '' - if '/' in value: - value, protocol = value.split('/', 1) - if re.match('^\d+$', value): - con = NslcdClient(constants.NSLCD_ACTION_SERVICE_BYNUMBER) - con.write_int32(int(value)) - con.write_string(protocol) - else: - con = NslcdClient(constants.NSLCD_ACTION_SERVICE_BYNAME) - con.write_string(value) - con.write_string(protocol) - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - name = con.read_string() - aliases = con.read_stringlist() - number = con.read_int32() - protocol = con.read_string() - print '%-21s %d/%s %s' % (name, number, protocol, ' '.join(aliases)) - - -def getent_shadow(database, key=None): - if not key: - con = NslcdClient(constants.NSLCD_ACTION_SHADOW_ALL) - else: - con = NslcdClient(constants.NSLCD_ACTION_SHADOW_BYNAME) - con.write_string(key) - value2str = lambda x: str(x) if x != -1 else '' - while con.get_response() == constants.NSLCD_RESULT_BEGIN: - print '%s:%s:%s:%s:%s:%s:%s:%s:%s' % ( - con.read_string(), - con.read_string(), - value2str(con.read_int32()), - value2str(con.read_int32()), - value2str(con.read_int32()), - value2str(con.read_int32()), - value2str(con.read_int32()), - value2str(con.read_int32()), - value2str(con.read_int32()), - ) - - -if __name__ == '__main__': - args = parser.parse_args() - try: - if args.database == 'aliases': - getent_aliases(args.database, args.key) - elif args.database == 'ethers': - getent_ethers(args.database, args.key) - elif args.database in ('group', 'group.bymember'): - getent_group(args.database, args.key) - elif args.database in ('hosts', 'hostsv4', 'hostsv6'): - getent_hosts(args.database, args.key) - elif args.database in ('netgroup', 'netgroup.norec'): - getent_netgroup(args.database, args.key) - elif args.database in ('networks', 'networksv4', 'networksv6'): - getent_networks(args.database, args.key) - elif args.database == 'passwd': - getent_passwd(args.database, args.key) - elif args.database == 'protocols': - getent_protocols(args.database, args.key) - elif args.database == 'rpc': - getent_rpc(args.database, args.key) - elif args.database == 'services': - getent_services(args.database, args.key) - elif args.database == 'shadow': - getent_shadow(args.database, args.key) - else: - parser.error('Unknown database: %s' % args.database) - except struct.error: - print 'Problem communicating with nslcd' - sys.exit(1) diff --git a/utils/nslcd.py b/utils/nslcd.py deleted file mode 100644 index 22d18b7..0000000 --- a/utils/nslcd.py +++ /dev/null @@ -1,136 +0,0 @@ -# coding: utf-8 - -# nslcd.py - functions for doing nslcd requests -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -import fcntl -import os -import socket -import struct - -import constants - - -# definition for reading and writing INT32 values -_int32 = struct.Struct('!i') - - -class NslcdClient(object): - - def __init__(self, action): - # set up the socket (store in class to avoid closing it) - self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) - fcntl.fcntl(self.sock, fcntl.F_SETFD, fcntl.FD_CLOEXEC) - # connect to nslcd - self.sock.connect(constants.NSLCD_SOCKET) - #self.sock.setblocking(1) - self.fp = os.fdopen(self.sock.fileno(), 'r+b', 1024 * 1024) - # write a request header with a request code - self.action = action - self.write_int32(constants.NSLCD_VERSION) - self.write_int32(action) - - def write(self, value): - self.fp.write(value) - - def write_int32(self, value): - self.write(_int32.pack(value)) - - def write_string(self, value): - self.write_int32(len(value)) - self.write(value) - - def write_ether(self, value): - value = struct.pack('BBBBBB', *(int(x, 16) for x in value.split(':'))) - self.write(value) - - def write_address(self, af, value): - self.write_int32(af) - self.write_string(value) - - def read(self, size): - return self.fp.read(size) - - def read_int32(self): - return _int32.unpack(self.read(_int32.size))[0] - - def read_string(self): - num = self.read_int32() - return self.read(num) - - def read_stringlist(self): - num = self.read_int32() - return [self.read_string() for x in xrange(num)] - - def read_ether(self): - value = self.fp.read(6) - return ':'.join('%x' % x for x in struct.unpack('6B', value)) - - def read_address(self): - af = self.read_int32() - return af, socket.inet_ntop(af, self.read_string()) - - def read_addresslist(self): - num = self.read_int32() - return [self.read_address() for x in xrange(num)] - - def get_response(self): - # complete the request if required and check response header - if self.action: - # flush the stream - self.fp.flush() - # read and check response version number - assert self.read_int32() == constants.NSLCD_VERSION - assert self.read_int32() == self.action - self.action = None - # get the NSLCD_RESULT_* marker and return it - return self.read_int32() - - def close(self): - if hasattr(self, 'fp'): - try: - self.fp.close() - except IOError: - pass - - def __del__(self): - self.close() - - -def usermod(username, asroot=False, password=None, args=None): - # open a connection to nslcd - con = NslcdClient(constants.NSLCD_ACTION_USERMOD) - # write the request information - con.write_string(username) - con.write_int32(1 if asroot else 0) - con.write_string(password) - for k, v in args.items(): - con.write_int32(k) - con.write_string(v) - con.write_int32(constants.NSLCD_USERMOD_END) - # read the response - assert con.get_response() == constants.NSLCD_RESULT_BEGIN - response = {} - while True: - key = con.read_int32() - if key == constants.NSLCD_USERMOD_END: - break - response[key] = con.read_string() - # return the response - return response diff --git a/utils/shells.py b/utils/shells.py deleted file mode 100644 index cc3fca1..0000000 --- a/utils/shells.py +++ /dev/null @@ -1,64 +0,0 @@ -# coding: utf-8 - -# shells.py - functions for validating user shells -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -import ctypes -import ctypes.util -import os -import sys - - -def list_shells(): - """List the shells from /etc/shells.""" - libc = ctypes.CDLL(ctypes.util.find_library("c")) - libc.setusershell() - while True: - shell = ctypes.c_char_p(libc.getusershell()).value - if not shell: - break - yield shell - libc.endusershell() - - -def shellexists(shell): - """Check if the provided shell exists and is executable.""" - return os.path.isfile(shell) and os.access(shell, os.X_OK) - - -def check(shell, asroot=False): - """Check if the specified shell is valid and exit if it isn't.""" - # if the shell is listed in /etc/shells, everything should be OK - if shell in list_shells(): - return - # if we are not root, bail out - if not asroot: - if not shell: - # FIXME: print to stderr - print '%s: empty shell not allowed' % sys.argv[0] - else: - # FIXME: print to stderr - print '%s: %s is an invalid shell' % (sys.argv[0], shell) - sys.exit(1) - # warn if something seems wrong - if not shell: - # FIXME: print to stderr - print '%s: Warning: setting empty shell' % sys.argv[0] - elif not shellexists(shell): - print '%s: Warning: %s does not exist' % (sys.argv[0], shell) diff --git a/utils/users.py b/utils/users.py deleted file mode 100644 index 3387318..0000000 --- a/utils/users.py +++ /dev/null @@ -1,60 +0,0 @@ -# coding: utf-8 - -# users.py - functions for validating the user to change information for -# -# Copyright (C) 2013 Arthur de Jong -# -# This library is free software; you can redistribute it and/or -# modify it under the terms of the GNU Lesser General Public -# License as published by the Free Software Foundation; either -# version 2.1 of the License, or (at your option) any later version. -# -# This library is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# Lesser General Public License for more details. -# -# You should have received a copy of the GNU Lesser General Public -# License along with this library; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301 USA - -import getpass -import os -import pwd -import sys - - -class User(object): - - def __init__(self, username): - self.myuid = os.getuid() - if username: - userinfo = pwd.getpwnam(username) - else: - self.asroot = False - userinfo = pwd.getpwuid(self.myuid) - (self.username, self.password, self.uid, self.gid, self.gecos, - self.homedir, self.shell) = userinfo - # if we are trying to modify another user we should be root - self.asroot = self.myuid != self.uid - - def check(self): - """Check if the user we want to modify is an LDAP user and whether - we may modify the user information.""" - if self.asroot and self.myuid != 0: - print "%s: you may not modify user '%s'.\n" % \ - (sys.argv[0], self.username) - sys.exit(1) - # FIXME: check if the user is an LDAP user - - def get_passwd(self): - """Ask and return a password that is required to change the user.""" - # FIXME: only ask the password if we require it - # (e.g. when root and nslcd has userpwmoddn we don't need to) - return getpass.getpass( - 'LDAP administrator password: ' - if self.asroot else - 'LDAP password for %s: ' % self.username - ) - # FIXME: check if the provided password is valid |