~azzar1/unity/add-show-desktop-key

1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
1
# IVLE - Informatics Virtual Learning Environment
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
2
# Copyright (C) 2007-2009 The University of Melbourne
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
3
#
4
# This program is free software; you can redistribute it and/or modify
5
# it under the terms of the GNU General Public License as published by
6
# the Free Software Foundation; either version 2 of the License, or
7
# (at your option) any later version.
8
#
9
# This program is distributed in the hope that it will be useful,
10
# but WITHOUT ANY WARRANTY; without even the implied warranty of
11
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12
# GNU General Public License for more details.
13
#
14
# You should have received a copy of the GNU General Public License
15
# along with this program; if not, write to the Free Software
16
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
17
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
18
"""User and group filesystem management helpers."""
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
19
1197 by Matt Giuca
ivle.chat, ivle.database, ivle.makeuser: Replaced use of md5 library with
20
import hashlib
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
21
import os
22
import stat
23
import shutil
24
import time
25
import uuid
26
import warnings
27
import logging
1239 by William Grant
Replace some of ivle.makeuser's os.system calls with subprocess.call.
28
import subprocess
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
29
1165.5.2 by William Grant
Give tutors and lecturers access to individual submissions in their offerings.
30
from storm.expr import Select, Max
31
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
32
import ivle.config
1165.5.2 by William Grant
Give tutors and lecturers access to individual submissions in their offerings.
33
from ivle.database import (User, ProjectGroup, Assessed, ProjectSubmission,
1165.5.5 by William Grant
Implement group submission ACLs.
34
        Project, ProjectSet, Offering, Enrolment, Subject, Semester)
1080.1.44 by William Grant
ivle.makeuser: Port rebuild_svn_group_config() to Storm.
35
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
36
def chown_to_webserver(filename):
1239 by William Grant
Replace some of ivle.makeuser's os.system calls with subprocess.call.
37
    """chown a directory and its contents to the web server.
38
39
    Recursively chowns a file or directory so the web server user owns it.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
40
    Assumes root.
41
    """
1239 by William Grant
Replace some of ivle.makeuser's os.system calls with subprocess.call.
42
    subprocess.call(['chown', '-R', 'www-data:www-data', filename])
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
43
44
def make_svn_repo(path, throw_on_error=True):
1239 by William Grant
Replace some of ivle.makeuser's os.system calls with subprocess.call.
45
    """Create a Subversion repository at the given path."""
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
46
    try:
1239 by William Grant
Replace some of ivle.makeuser's os.system calls with subprocess.call.
47
        res = subprocess.call(['svnadmin', 'create', path])
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
48
        if res != 0 and throw_on_error:
49
            raise Exception("Cannot create repository: %s" % path)
50
    except Exception, exc:
51
        print repr(exc)
52
        if throw_on_error:
53
            raise
54
55
    chown_to_webserver(path)
56
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
57
def rebuild_svn_config(store, config):
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
58
    """Build the complete SVN configuration file.
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
59
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
60
    @param config: An ivle.config.Config object.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
61
    """
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
62
    users = store.find(User)
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
63
    conf_name = config['paths']['svn']['conf']
64
    temp_name = conf_name + ".new"
65
    f = open(temp_name, "w")
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
66
    f.write("""\
67
# IVLE SVN repository authorisation configuration
68
# Generated: %(time)s
69
""" % {'time': time.asctime()})
70
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
71
    for u in users:
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
72
        f.write("""
73
[%(login)s:/]
74
%(login)s = rw
75
""" % {'login': u.login})
76
1165.5.2 by William Grant
Give tutors and lecturers access to individual submissions in their offerings.
77
    # Now we need to grant offering tutors and lecturers access to the latest
78
    # submissions in their offerings. There are much prettier ways to do this,
79
    # but a lot of browser requests call this function, so it needs to be
80
    # fast. We can grab all of the paths needing authorisation directives with
81
    # a single query, and we cache the list of viewers for each offering.
82
    offering_viewers_cache = {}
83
    for (login, psid, pspath, offeringid) in store.find(
84
        (User.login, ProjectSubmission.id, ProjectSubmission.path,
85
         Offering.id),
86
            Assessed.id == ProjectSubmission.assessed_id,
87
            User.id == Assessed.user_id,
88
            Project.id == Assessed.project_id,
89
            ProjectSet.id == Project.project_set_id,
90
            Offering.id == ProjectSet.id,
91
            ProjectSubmission.date_submitted == Select(
92
                    Max(ProjectSubmission.date_submitted),
93
                    ProjectSubmission.assessed_id == Assessed.id,
94
                    tables=ProjectSubmission
95
            )
96
        ):
97
98
        # Do we already have the list of logins authorised for this offering
99
        # cached? If not, get it.
100
        if offeringid not in offering_viewers_cache:
101
            offering_viewers_cache[offeringid] = list(store.find(
102
                    User.login,
103
                    User.id == Enrolment.user_id,
104
                    Enrolment.offering_id == offeringid,
105
                    Enrolment.role.is_in((u'tutor', u'lecturer'))
106
                )
107
            )
108
109
        f.write("""
110
# Submission %(id)d
111
[%(login)s:%(path)s]
112
""" % {'login': login, 'id': psid, 'path': pspath})
113
114
        for viewer_login in offering_viewers_cache[offeringid]:
1165.5.3 by William Grant
Avoid clobbering the submission owner's privileges if they have offering privs.
115
            # We don't want to override the owner's write privilege,
116
            # so we don't add them to the read-only ACL.
117
            if login != viewer_login:
118
                f.write("%s = r\n" % viewer_login)
1165.5.2 by William Grant
Give tutors and lecturers access to individual submissions in their offerings.
119
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
120
    f.close()
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
121
    os.rename(temp_name, conf_name)
122
    chown_to_webserver(conf_name)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
123
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
124
def rebuild_svn_group_config(store, config):
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
125
    """Build the complete SVN configuration file for groups
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
126
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
127
    @param config: An ivle.config.Config object.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
128
    """
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
129
    conf_name = config['paths']['svn']['group_conf']
130
    temp_name = conf_name + ".new"
131
    f = open(temp_name, "w")
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
132
133
    f.write("""\
134
# IVLE SVN group repository authorisation configuration
135
# Generated: %(time)s
136
137
""" % {'time': time.asctime()})
138
1165.5.6 by William Grant
Exclude group members from the SVN submission grants, to avoid revoking write access.
139
    group_members_cache = {}
1080.1.44 by William Grant
ivle.makeuser: Port rebuild_svn_group_config() to Storm.
140
    for group in store.find(ProjectGroup):
141
        offering = group.project_set.offering
142
        reponame = "_".join([offering.subject.short_name,
143
                             offering.semester.year,
144
                             offering.semester.semester,
145
                             group.name])
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
146
147
        f.write("[%s:/]\n" % reponame)
1165.5.6 by William Grant
Exclude group members from the SVN submission grants, to avoid revoking write access.
148
        if group.id not in group_members_cache:
149
            group_members_cache[group.id] = set()
1080.1.44 by William Grant
ivle.makeuser: Port rebuild_svn_group_config() to Storm.
150
        for user in group.members:
1165.5.6 by William Grant
Exclude group members from the SVN submission grants, to avoid revoking write access.
151
            group_members_cache[group.id].add(user.login)
1080.1.44 by William Grant
ivle.makeuser: Port rebuild_svn_group_config() to Storm.
152
            f.write("%s = rw\n" % user.login)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
153
        f.write("\n")
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
154
1165.5.5 by William Grant
Implement group submission ACLs.
155
    # Now we need to grant offering tutors and lecturers access to the latest
156
    # submissions in their offerings. There are much prettier ways to do this,
157
    # but a lot of browser requests call this function, so it needs to be
158
    # fast. We can grab all of the paths needing authorisation directives with
159
    # a single query, and we cache the list of viewers for each offering.
160
    offering_viewers_cache = {}
1165.5.6 by William Grant
Exclude group members from the SVN submission grants, to avoid revoking write access.
161
    for (ssn, year, sem, name, psid, pspath, gid, offeringid) in store.find(
1165.5.5 by William Grant
Implement group submission ACLs.
162
        (Subject.short_name, Semester.year, Semester.semester,
163
         ProjectGroup.name, ProjectSubmission.id, ProjectSubmission.path,
1165.5.6 by William Grant
Exclude group members from the SVN submission grants, to avoid revoking write access.
164
         ProjectGroup.id, Offering.id),
1165.5.5 by William Grant
Implement group submission ACLs.
165
            Assessed.id == ProjectSubmission.assessed_id,
166
            ProjectGroup.id == Assessed.project_group_id,
167
            Project.id == Assessed.project_id,
168
            ProjectSet.id == Project.project_set_id,
169
            Offering.id == ProjectSet.offering_id,
170
            Subject.id == Offering.subject_id,
171
            Semester.id == Offering.semester_id,
172
            ProjectSubmission.date_submitted == Select(
173
                    Max(ProjectSubmission.date_submitted),
174
                    ProjectSubmission.assessed_id == Assessed.id,
175
                    tables=ProjectSubmission
176
            )
177
        ):
178
179
        reponame = "_".join([ssn, year, sem, name])
180
181
        # Do we already have the list of logins authorised for this offering
182
        # cached? If not, get it.
183
        if offeringid not in offering_viewers_cache:
184
            offering_viewers_cache[offeringid] = list(store.find(
185
                    User.login,
186
                    User.id == Enrolment.user_id,
187
                    Enrolment.offering_id == offeringid,
188
                    Enrolment.role.is_in((u'tutor', u'lecturer'))
189
                )
190
            )
191
192
        f.write("""
193
# Submission %(id)d
194
[%(repo)s:%(path)s]
195
""" % {'repo': reponame, 'id': psid, 'path': pspath})
196
197
        for viewer_login in offering_viewers_cache[offeringid]:
1165.5.6 by William Grant
Exclude group members from the SVN submission grants, to avoid revoking write access.
198
            # Skip existing group members, or they can't write to it any more.
199
            if viewer_login not in group_members_cache[gid]:
200
                f.write("%s = r\n" % viewer_login)
1165.5.5 by William Grant
Implement group submission ACLs.
201
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
202
    f.close()
1229 by Matt Giuca
ivle.makeuser: rebuild_svn_config and rebuild_svn_group_config now require a
203
    os.rename(temp_name, conf_name)
204
    chown_to_webserver(conf_name)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
205
1230 by Matt Giuca
ivle.makeuser: make_svn_auth now requires a config argument.
206
def make_svn_auth(store, login, config, throw_on_error=True):
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
207
    """Create a Subversion password for a user.
208
209
    Generates a new random Subversion password, and assigns it to the user.
210
    The password is added to Apache's Subversion authentication file.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
211
    """
1230 by Matt Giuca
ivle.makeuser: make_svn_auth now requires a config argument.
212
    # filename is, eg, /var/lib/ivle/svn/ivle.auth
213
    filename = config['paths']['svn']['auth_ivle']
214
    if os.path.exists(filename):
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
215
        create = ""
216
    else:
217
        create = "c"
218
1242 by William Grant
Use some multiline strings to make ivle.makeuser prettier.
219
    user = User.get_by_login(store, login)
1352 by William Grant
make_svn_auth now only generates a new password if none is already known by the DB.
220
221
    if user.svn_pass is None:
222
        passwd = hashlib.md5(uuid.uuid4().bytes).hexdigest()
223
        user.svn_pass = unicode(passwd)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
224
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
225
    res = subprocess.call(['htpasswd', '-%smb' % create,
1352 by William Grant
make_svn_auth now only generates a new password if none is already known by the DB.
226
                           filename, login, user.svn_pass])
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
227
    if res != 0 and throw_on_error:
228
        raise Exception("Unable to create ivle-auth for %s" % login)
229
230
    # Make sure the file is owned by the web server
231
    if create == "c":
1230 by Matt Giuca
ivle.makeuser: make_svn_auth now requires a config argument.
232
        chown_to_webserver(filename)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
233
1352 by William Grant
make_svn_auth now only generates a new password if none is already known by the DB.
234
    return user.svn_pass
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
235
1231 by Matt Giuca
ivle.makeuser: make_jail now requires a config argument.
236
def make_jail(user, config, force=True):
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
237
    """Create or update a user's jail.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
238
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
239
    Only the user-specific parts of the jail are created here - everything
240
    else is expected to be part of another aufs branch.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
241
242
    Returns the path to the user's home directory.
243
244
    Chowns the user's directory within the jail to the given UID.
245
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
246
    @param force: If False, raise an exception if the user already has a jail.
247
                  If True (default), rebuild the jail preserving /home.
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
248
    """
249
    # MUST run as root or some of this may fail
250
    if os.getuid() != 0:
251
        raise Exception("Must run make_jail as root")
252
    
253
    # tempdir is for putting backup homes in
1231 by Matt Giuca
ivle.makeuser: make_jail now requires a config argument.
254
    jail_src_base = config['paths']['jails']['src']
255
    tempdir = os.path.join(jail_src_base, '__temp__')
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
256
    if not os.path.exists(tempdir):
257
        os.makedirs(tempdir)
258
    elif not os.path.isdir(tempdir):
259
        os.unlink(tempdir)
260
        os.mkdir(tempdir)
1231 by Matt Giuca
ivle.makeuser: make_jail now requires a config argument.
261
    userdir = os.path.join(jail_src_base, user.login)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
262
    homedir = os.path.join(userdir, 'home')
1281.1.4 by William Grant
ivle.makeuser.make_jail creates an appropriate /tmp.
263
    tmpdir = os.path.join(userdir, 'tmp')
1080.1.19 by me at id
ivle.makeuser.make_jail: Just take an ivle.database.User, rather than some
264
    userhomedir = os.path.join(homedir, user.login)   # Return value
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
265
266
    if os.path.exists(userdir):
267
        if not force:
268
            raise Exception("User's jail already exists")
269
        # User jail already exists. Blow it away but preserve their home
270
        # directory. It should be all that is there anyway, but you never
271
        # know!
1421 by Matt Giuca
Minor comment fix.
272
        # Ignore warnings about the use of tempnam
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
273
        warnings.simplefilter('ignore')
274
        homebackup = os.tempnam(tempdir)
275
        warnings.resetwarnings()
1186 by Matt Giuca
ivle.makeuser: Fixed odd code which would create the home directory, then
276
        # Back up the /home directory, delete the entire jail, recreate the
277
        # jail directory tree, then copy the /home back
278
        # NOTE that shutil.move changed in Python 2.6, it now moves a
279
        # directory INTO the target (like `mv`), which it didn't use to do.
280
        # This code works regardless.
1281.1.3 by William Grant
ivle.makeuser.make_jail now builds a new-style jail.
281
        shutil.move(userhomedir, homebackup)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
282
        shutil.rmtree(userdir)
1281.1.3 by William Grant
ivle.makeuser.make_jail now builds a new-style jail.
283
        os.makedirs(homedir)
284
        shutil.move(homebackup, userhomedir)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
285
        # Change the ownership of all the files to the right unixid
286
        logging.debug("chown %s's home directory files to uid %d"
1080.1.19 by me at id
ivle.makeuser.make_jail: Just take an ivle.database.User, rather than some
287
            %(user.login, user.unixid))
1114 by William Grant
ivle.makeuser.make_jail() no longer uses os.walk() to recursively set
288
        os.spawnvp(os.P_WAIT, 'chown', ['chown', '-R', '%d:%d' % (user.unixid,
289
                                        user.unixid), userhomedir])
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
290
    else:
291
        # No user jail exists
292
        # Set up the user's home directory
293
        os.makedirs(userhomedir)
294
        # Chown (and set the GID to the same as the UID).
1080.1.19 by me at id
ivle.makeuser.make_jail: Just take an ivle.database.User, rather than some
295
        os.chown(userhomedir, user.unixid, user.unixid)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
296
        # Chmod to rwxr-xr-x (755)
297
        os.chmod(userhomedir, 0755)
298
1232 by Matt Giuca
ivle.makeuser: make_ivle_conf now requires a config argument.
299
    make_ivle_conf(user.login, userdir, user.svn_pass, config)
1231 by Matt Giuca
ivle.makeuser: make_jail now requires a config argument.
300
    make_etc_passwd(user.login, userdir, config['paths']['jails']['template'],
301
                    user.unixid)
1281.1.4 by William Grant
ivle.makeuser.make_jail creates an appropriate /tmp.
302
    os.makedirs(tmpdir)
303
    os.chmod(tmpdir, 01777)
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
304
305
    return userhomedir
306
1232 by Matt Giuca
ivle.makeuser: make_ivle_conf now requires a config argument.
307
def make_ivle_conf(username, user_jail_dir, svn_pass, sys_config):
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
308
    """Generate an ivle.conf for a user's jail.
309
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
310
    Creates (overwriting any existing file, and creating directories) a
1187 by Matt Giuca
Stopped clobbering conf.py within the jail, using a proper ivle.conf instead.
311
    file /etc/ivle/ivle.conf in a given user's jail.
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
312
1232 by Matt Giuca
ivle.makeuser: make_ivle_conf now requires a config argument.
313
    @param username: Username.
1236 by Matt Giuca
Fixed docstring in makeuser (don't refer to ivle.conf).
314
    @param user_jail_dir: User's jail dir, ie. ['jails']['src'] + username
1232 by Matt Giuca
ivle.makeuser: make_ivle_conf now requires a config argument.
315
    @param svn_pass: User's SVN password.
316
    @param sys_config: An ivle.config.Config object (the system-wide config).
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
317
    """
1281.1.3 by William Grant
ivle.makeuser.make_jail now builds a new-style jail.
318
    conf_path = os.path.join(user_jail_dir, "home/.ivle.conf")
319
    if not os.path.exists(os.path.dirname(conf_path)):
320
        os.makedirs(os.path.dirname(conf_path))
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
321
1092.1.1 by William Grant
[Uber-commit of holiday work because I lacked a local copy of the branch.]
322
    # In the "in-jail" version of conf, we don't need MOST of the details
323
    # (it would be a security risk to have them here).
1187 by Matt Giuca
Stopped clobbering conf.py within the jail, using a proper ivle.conf instead.
324
    # So we just write root_dir.
325
    conf_obj = ivle.config.Config(blank=True)
326
    conf_obj.filename = conf_path
1232 by Matt Giuca
ivle.makeuser: make_ivle_conf now requires a config argument.
327
    conf_obj['urls']['root'] = sys_config['urls']['root']
328
    conf_obj['urls']['public_host'] = sys_config['urls']['public_host']
329
    conf_obj['urls']['svn_addr'] = sys_config['urls']['svn_addr']
1187 by Matt Giuca
Stopped clobbering conf.py within the jail, using a proper ivle.conf instead.
330
    conf_obj['user_info']['login'] = username
331
    conf_obj['user_info']['svn_pass'] = svn_pass
332
    conf_obj.write()
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
333
334
    # Make this file world-readable
335
    # (chmod 644 conf_path)
336
    os.chmod(conf_path, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP
337
                        | stat.S_IROTH)
338
339
def make_etc_passwd(username, user_jail_dir, template_dir, unixid):
1240 by William Grant
Remove a couple of unused functions from ivle.makeuser, and clean up docstrings
340
    """Create a passwd file for a user's jail.
341
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
342
    Creates /etc/passwd in the given user's jail. This will be identical to
343
    that in the template jail, except for the added entry for this user.
344
    """
1281.1.3 by William Grant
ivle.makeuser.make_jail now builds a new-style jail.
345
    template_passwd_path = os.path.join(template_dir, "home/.passwd")
346
    passwd_path = os.path.join(user_jail_dir, "home/.passwd")
1079 by William Grant
Merge setup-refactor branch. This completely breaks existing installations;
347
    passwd_dir = os.path.dirname(passwd_path)
348
    if not os.path.exists(passwd_dir):
349
        os.makedirs(passwd_dir)
350
    shutil.copy(template_passwd_path, passwd_path)
351
    passwd_file = open(passwd_path, 'a')
352
    passwd_file.write('%s:x:%d:%d::/home/%s:/bin/bash'
353
                      % (username, unixid, unixid, username))
354
    passwd_file.close()