|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
1 |
# IVLE - Informatics Virtual Learning Environment
|
2 |
# Copyright (C) 2007-2008 The University of Melbourne
|
|
3 |
#
|
|
4 |
# This program is free software; you can redistribute it and/or modify
|
|
5 |
# it under the terms of the GNU General Public License as published by
|
|
6 |
# the Free Software Foundation; either version 2 of the License, or
|
|
7 |
# (at your option) any later version.
|
|
8 |
#
|
|
9 |
# This program is distributed in the hope that it will be useful,
|
|
10 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
11 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
12 |
# GNU General Public License for more details.
|
|
13 |
#
|
|
14 |
# You should have received a copy of the GNU General Public License
|
|
15 |
# along with this program; if not, write to the Free Software
|
|
16 |
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
17 |
||
18 |
# Module: MakeUser
|
|
19 |
# Author: Matt Giuca
|
|
20 |
# Date: 1/2/2008
|
|
21 |
||
22 |
# Allows creation of users. This sets up the following:
|
|
23 |
# * User's jail and home directory within the jail.
|
|
24 |
# * Subversion repository (TODO)
|
|
25 |
# * Check out Subversion workspace into jail (TODO)
|
|
26 |
# * Database details for user
|
|
27 |
# * Unix user account
|
|
28 |
||
29 |
# TODO: Sanitize login name and other fields.
|
|
30 |
# Users must not be called "temp" or "template".
|
|
31 |
||
32 |
# TODO: When creating a new home directory, chown it to its owner
|
|
33 |
||
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
34 |
# TODO: In chown_to_webserver:
|
35 |
# Do not call os.system("chown www-data") - use Python lib
|
|
36 |
# and use the web server uid given in conf. (Several places).
|
|
37 |
||
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
38 |
import md5 |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
39 |
import os |
|
412
by mattgiuca
lib/common/makeuser: Removed function makeuser. This top-level function is too |
40 |
import stat |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
41 |
import shutil |
|
471
by drtomc
doc/setup/ivle-svn.conf: a non-configured apache config for the svn server |
42 |
import time |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
43 |
import uuid |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
44 |
import warnings |
|
755
by dcoles
Added support for an incremental rebuild of all the users jails. |
45 |
import filecmp |
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
46 |
import logging |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
47 |
import conf |
48 |
import db |
|
49 |
||
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
50 |
def chown_to_webserver(filename): |
51 |
"""
|
|
52 |
Chowns a file so the web server user owns it.
|
|
53 |
(This is useful in setting up Subversion conf files).
|
|
54 |
Assumes root.
|
|
55 |
"""
|
|
56 |
try: |
|
57 |
os.system("chown -R www-data:www-data %s" % filename) |
|
58 |
except: |
|
59 |
pass
|
|
60 |
||
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
61 |
def make_svn_repo(login, throw_on_error=True): |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
62 |
"""Create a repository for the given user.
|
63 |
"""
|
|
64 |
path = os.path.join(conf.svn_repo_path, login) |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
65 |
try: |
66 |
res = os.system("svnadmin create '%s'" % path) |
|
67 |
if res != 0 and throw_on_error: |
|
68 |
raise Exception("Cannot create repository for %s" % login) |
|
69 |
except Exception, exc: |
|
70 |
print repr(exc) |
|
71 |
if throw_on_error: |
|
72 |
raise
|
|
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
73 |
|
74 |
chown_to_webserver(path) |
|
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
75 |
|
|
471
by drtomc
doc/setup/ivle-svn.conf: a non-configured apache config for the svn server |
76 |
def rebuild_svn_config(): |
77 |
"""Build the complete SVN configuration file.
|
|
78 |
"""
|
|
79 |
conn = db.DB() |
|
80 |
res = conn.query("SELECT login, rolenm FROM login;").dictresult() |
|
81 |
groups = {} |
|
82 |
for r in res: |
|
83 |
role = r['rolenm'] |
|
84 |
if role not in groups: |
|
85 |
groups[role] = [] |
|
86 |
groups[role].append(r['login']) |
|
87 |
f = open(conf.svn_conf + ".new", "w") |
|
88 |
f.write("# IVLE SVN Repositories Configuration\n") |
|
89 |
f.write("# Auto-generated on %s\n" % time.asctime()) |
|
90 |
f.write("\n") |
|
91 |
f.write("[groups]\n") |
|
92 |
for (g,ls) in groups.iteritems(): |
|
93 |
f.write("%s = %s\n" % (g, ",".join(ls))) |
|
94 |
f.write("\n") |
|
95 |
for r in res: |
|
96 |
login = r['login'] |
|
97 |
f.write("[%s:/]\n" % login) |
|
98 |
f.write("%s = rw\n" % login) |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
99 |
#f.write("@tutor = r\n")
|
100 |
#f.write("@lecturer = rw\n")
|
|
101 |
#f.write("@admin = rw\n")
|
|
|
471
by drtomc
doc/setup/ivle-svn.conf: a non-configured apache config for the svn server |
102 |
f.write("\n") |
103 |
f.close() |
|
104 |
os.rename(conf.svn_conf + ".new", conf.svn_conf) |
|
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
105 |
chown_to_webserver(conf.svn_conf) |
|
471
by drtomc
doc/setup/ivle-svn.conf: a non-configured apache config for the svn server |
106 |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
107 |
def make_svn_config(login, throw_on_error=True): |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
108 |
"""Add an entry to the apache-svn config file for the given user.
|
|
471
by drtomc
doc/setup/ivle-svn.conf: a non-configured apache config for the svn server |
109 |
Assumes the given user is either a guest or a student.
|
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
110 |
"""
|
111 |
f = open(conf.svn_conf, "a") |
|
112 |
f.write("[%s:/]\n" % login) |
|
|
471
by drtomc
doc/setup/ivle-svn.conf: a non-configured apache config for the svn server |
113 |
f.write("%s = rw\n" % login) |
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
114 |
#f.write("@tutor = r\n")
|
115 |
#f.write("@lecturer = rw\n")
|
|
116 |
#f.write("@admin = rw\n")
|
|
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
117 |
f.write("\n") |
118 |
f.close() |
|
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
119 |
chown_to_webserver(conf.svn_conf) |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
120 |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
121 |
def make_svn_auth(login, throw_on_error=True): |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
122 |
"""Setup svn authentication for the given user.
|
123 |
FIXME: create local.auth entry
|
|
124 |
"""
|
|
125 |
passwd = md5.new(uuid.uuid4().bytes).digest().encode('hex') |
|
126 |
if os.path.exists(conf.svn_auth_ivle): |
|
127 |
create = "" |
|
128 |
else: |
|
129 |
create = "c" |
|
130 |
||
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
131 |
db.DB().update_user(login, svn_pass=passwd) |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
132 |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
133 |
res = os.system("htpasswd -%smb %s %s %s" % (create, |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
134 |
conf.svn_auth_ivle, |
135 |
login, passwd)) |
|
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
136 |
if res != 0 and throw_on_error: |
|
467
by drtomc
makeuser: Add some of the helper functions for activating users. |
137 |
raise Exception("Unable to create ivle-auth for %s" % login) |
138 |
||
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
139 |
# Make sure the file is owned by the web server
|
140 |
if create == "c": |
|
141 |
chown_to_webserver(conf.svn_auth_ivle) |
|
142 |
||
|
522
by drtomc
Add quite a lot of stuff to get usrmgt happening. |
143 |
return passwd |
144 |
||
|
755
by dcoles
Added support for an incremental rebuild of all the users jails. |
145 |
def generate_manifest(basedir, targetdir, parent=''): |
146 |
""" From a basedir and a targetdir work out which files are missing or out
|
|
147 |
of date and need to be added/updated and which files are redundant and need
|
|
148 |
to be removed.
|
|
149 |
|
|
150 |
parent: This is used for the recursive call to track the relative paths
|
|
151 |
that we have decended.
|
|
152 |
"""
|
|
153 |
||
154 |
cmp = filecmp.dircmp(basedir, targetdir) |
|
155 |
||
156 |
# Add all new files and files that have changed
|
|
157 |
to_add = [os.path.join(parent,x) for x in (cmp.left_only + cmp.diff_files)] |
|
158 |
||
159 |
# Remove files that are redundant
|
|
160 |
to_remove = [os.path.join(parent,x) for x in cmp.right_only] |
|
161 |
||
162 |
# Recurse
|
|
163 |
for d in cmp.common_dirs: |
|
164 |
newbasedir = os.path.join(basedir, d) |
|
165 |
newtargetdir = os.path.join(targetdir, d) |
|
166 |
newparent = os.path.join(parent, d) |
|
167 |
(sadd,sremove) = generate_manifest(newbasedir, newtargetdir, newparent) |
|
168 |
to_add += sadd |
|
169 |
to_remove += sremove |
|
170 |
||
171 |
return (to_add, to_remove) |
|
172 |
||
173 |
||
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
174 |
def make_jail(username, uid, force=True, svn_pass=None): |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
175 |
"""Creates a new user's jail space, in the jail directory as configured in
|
176 |
conf.py.
|
|
177 |
||
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
178 |
This only creates things within /home - everything else is expected to be
|
179 |
part of another UnionFS branch.
|
|
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
180 |
|
181 |
Returns the path to the user's home directory.
|
|
182 |
||
|
412
by mattgiuca
lib/common/makeuser: Removed function makeuser. This top-level function is too |
183 |
Chowns the user's directory within the jail to the given UID.
|
184 |
||
185 |
Note: This takes separate username and uid arguments. The UID need not
|
|
186 |
*necessarily* correspond to a Unix username at all, if all you are
|
|
187 |
planning to do is setuid to it. This allows the caller the freedom of
|
|
188 |
deciding the binding between username and uid, if any.
|
|
189 |
||
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
190 |
force: If false, exception if jail already exists for this user.
|
191 |
If true (default), overwrites it, but preserves home directory.
|
|
|
755
by dcoles
Added support for an incremental rebuild of all the users jails. |
192 |
|
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
193 |
svn_pass: If provided this will be a string, the randomly-generated
|
194 |
Subversion password for this user (if you happen to already have it).
|
|
195 |
If not provided, it will be read from the database.
|
|
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
196 |
"""
|
197 |
# MUST run as root or some of this may fail
|
|
198 |
if os.getuid() != 0: |
|
199 |
raise Exception("Must run make_jail as root") |
|
200 |
||
201 |
# tempdir is for putting backup homes in
|
|
|
755
by dcoles
Added support for an incremental rebuild of all the users jails. |
202 |
tempdir = os.path.join(conf.jail_base, '__temp__') |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
203 |
if not os.path.exists(tempdir): |
204 |
os.makedirs(tempdir) |
|
205 |
elif not os.path.isdir(tempdir): |
|
206 |
os.unlink(tempdir) |
|
207 |
os.mkdir(tempdir) |
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
208 |
userdir = os.path.join(conf.jail_src_base, username) |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
209 |
homedir = os.path.join(userdir, 'home') |
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
210 |
userhomedir = os.path.join(homedir, username) # Return value |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
211 |
|
212 |
if os.path.exists(userdir): |
|
213 |
if not force: |
|
214 |
raise Exception("User's jail already exists") |
|
215 |
# User jail already exists. Blow it away but preserve their home
|
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
216 |
# directory. It should be all that is there anyway, but you never
|
217 |
# know!
|
|
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
218 |
# Ignore warnings about the use of tmpnam
|
219 |
warnings.simplefilter('ignore') |
|
220 |
homebackup = os.tempnam(tempdir) |
|
221 |
warnings.resetwarnings() |
|
222 |
# Note: shutil.move does not behave like "mv" - it does not put a file
|
|
223 |
# into a directory if it already exists, just fails. Therefore it is
|
|
224 |
# not susceptible to tmpnam symlink attack.
|
|
225 |
shutil.move(homedir, homebackup) |
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
226 |
shutil.rmtree(userdir) |
227 |
os.makedirs(homedir) |
|
228 |
shutil.move(homebackup, homedir) |
|
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
229 |
else: |
230 |
# No user jail exists
|
|
231 |
# Set up the user's home directory
|
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
232 |
os.makedirs(userhomedir) |
|
412
by mattgiuca
lib/common/makeuser: Removed function makeuser. This top-level function is too |
233 |
# Chown (and set the GID to the same as the UID).
|
234 |
os.chown(userhomedir, uid, uid) |
|
|
439
by drtomc
makeuser: Fix the default jail home directory permissions so that the |
235 |
# Chmod to rwxr-xr-x (755)
|
236 |
os.chmod(userhomedir, 0755) |
|
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
237 |
|
|
815
by William Grant
lib/common/makeuser.py: Create a jail-specific /etc/passwd. This makes |
238 |
# There are 2 special files which need to be generated specific to this
|
239 |
# user: /opt/ivle/lib/conf/conf.py and /etc/passwd.
|
|
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
240 |
# "__" username "__" users are exempt (special)
|
241 |
if not (username.startswith("__") and username.endswith("__")): |
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
242 |
make_conf_py(username, userdir, conf.jail_system, svn_pass) |
|
815
by William Grant
lib/common/makeuser.py: Create a jail-specific /etc/passwd. This makes |
243 |
make_etc_passwd(username, userdir, conf.jail_system, uid) |
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
244 |
|
245 |
return userhomedir |
|
246 |
||
247 |
def make_conf_py(username, user_jail_dir, staging_dir, svn_pass=None): |
|
248 |
"""
|
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
249 |
Creates (overwriting any existing file, and creating directories) a
|
250 |
file /opt/ivle/lib/conf/conf.py in a given user's jail.
|
|
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
251 |
username: Username.
|
252 |
user_jail_dir: User's jail dir, ie. conf.jail_base + username
|
|
253 |
staging_dir: The dir with the staging copy of the jail. (With the
|
|
254 |
template conf.py file).
|
|
255 |
svn_pass: As with make_jail. User's SVN password, but if not supplied,
|
|
256 |
will look up in the DB.
|
|
257 |
"""
|
|
258 |
template_conf_path = os.path.join(staging_dir,"opt/ivle/lib/conf/conf.py") |
|
259 |
conf_path = os.path.join(user_jail_dir, "opt/ivle/lib/conf/conf.py") |
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
260 |
os.makedirs(os.path.dirname(conf_path)) |
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
261 |
|
262 |
# If svn_pass isn't supplied, grab it from the DB
|
|
263 |
if svn_pass is None: |
|
264 |
dbconn = db.DB() |
|
265 |
svn_pass = dbconn.get_user(username).svn_pass |
|
266 |
dbconn.close() |
|
267 |
||
268 |
# Read the contents of the template conf file
|
|
269 |
try: |
|
270 |
template_conf_file = open(template_conf_path, "r") |
|
271 |
template_conf_data = template_conf_file.read() |
|
272 |
template_conf_file.close() |
|
273 |
except: |
|
274 |
# Couldn't open template conf.py for some reason
|
|
275 |
# Just treat it as empty file
|
|
|
782
by mattgiuca
makeuser.py: If the template file cannot be found, prints a warning comment at |
276 |
template_conf_data = ("# Warning: Problem building config script.\n" |
277 |
"# Could not find template conf.py file.\n") |
|
|
767
by mattgiuca
Moved code to create user's jail version of conf.py from usrmgt server |
278 |
|
279 |
conf_file = open(conf_path, "w") |
|
280 |
conf_file.write(template_conf_data) |
|
281 |
conf_file.write("\n# The login name for the owner of the jail\n") |
|
282 |
conf_file.write("login = %s\n" % repr(username)) |
|
283 |
conf_file.write("\n") |
|
284 |
conf_file.write("# The subversion-only password for the owner of " |
|
285 |
"the jail\n") |
|
286 |
conf_file.write("svn_pass = %s\n" % repr(svn_pass)) |
|
287 |
conf_file.close() |
|
288 |
||
289 |
# Make this file world-readable
|
|
290 |
# (chmod 644 conf_path)
|
|
291 |
os.chmod(conf_path, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP |
|
292 |
| stat.S_IROTH) |
|
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
293 |
|
|
815
by William Grant
lib/common/makeuser.py: Create a jail-specific /etc/passwd. This makes |
294 |
def make_etc_passwd(username, user_jail_dir, template_dir, unixid): |
295 |
"""
|
|
296 |
Creates /etc/passwd in the given user's jail. This will be identical to
|
|
297 |
that in the template jail, except for the added entry for this user.
|
|
298 |
"""
|
|
299 |
template_passwd_path = os.path.join(template_dir, "etc/passwd") |
|
300 |
passwd_path = os.path.join(user_jail_dir, "etc/passwd") |
|
301 |
passwd_dir = os.path.dirname(passwd_path) |
|
302 |
if not os.path.exists(passwd_dir): |
|
303 |
os.makedirs(passwd_dir) |
|
304 |
shutil.copy(template_passwd_path, passwd_path) |
|
305 |
passwd_file = open(passwd_path, 'a') |
|
306 |
passwd_file.write('%s:x:%d:%d::/home/%s:/bin/bash' |
|
307 |
% (username, unixid, unixid, username)) |
|
308 |
passwd_file.close() |
|
309 |
||
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
310 |
def linktree(src, dst): |
311 |
"""Recursively hard-link a directory tree using os.link().
|
|
312 |
||
313 |
The destination directory must not already exist.
|
|
314 |
If exception(s) occur, an Error is raised with a list of reasons.
|
|
315 |
||
316 |
Symlinks are preserved (in fact, hard links are created which point to the
|
|
317 |
symlinks).
|
|
318 |
||
319 |
Code heavily based upon shutil.copytree from Python 2.5 library.
|
|
320 |
"""
|
|
321 |
names = os.listdir(src) |
|
322 |
os.makedirs(dst) |
|
323 |
errors = [] |
|
324 |
for name in names: |
|
325 |
srcname = os.path.join(src, name) |
|
326 |
dstname = os.path.join(dst, name) |
|
327 |
try: |
|
328 |
if os.path.isdir(srcname): |
|
329 |
linktree(srcname, dstname) |
|
330 |
else: |
|
331 |
os.link(srcname, dstname) |
|
332 |
# XXX What about devices, sockets etc.?
|
|
333 |
except (IOError, os.error), why: |
|
334 |
errors.append((srcname, dstname, str(why))) |
|
335 |
# catch the Error from the recursive copytree so that we can
|
|
336 |
# continue with other files
|
|
337 |
except Exception, err: |
|
338 |
errors.append(err.args[0]) |
|
339 |
try: |
|
340 |
shutil.copystat(src, dst) |
|
341 |
except WindowsError: |
|
342 |
# can't copy file access times on Windows
|
|
343 |
pass
|
|
344 |
except OSError, why: |
|
345 |
errors.extend((src, dst, str(why))) |
|
346 |
if errors: |
|
347 |
raise Exception, errors |
|
348 |
||
|
584
by drtomc
makeuser: added a default argument that was missing. |
349 |
def make_user_db(throw_on_error = True, **kwargs): |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
350 |
"""Creates a user's entry in the database, filling in all the fields.
|
|
472
by mattgiuca
db.py: No longer exceptions if password is not supplied. |
351 |
All arguments must be keyword args. They are the fields in the table.
|
352 |
However, instead of supplying a "passhash", you must supply a
|
|
353 |
"password" argument, which will be hashed internally.
|
|
354 |
Also do not supply a state. All users are created in the "no_agreement"
|
|
355 |
state.
|
|
356 |
Throws an exception if the user already exists.
|
|
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
357 |
"""
|
358 |
dbconn = db.DB() |
|
|
472
by mattgiuca
db.py: No longer exceptions if password is not supplied. |
359 |
dbconn.create_user(**kwargs) |
|
409
by mattgiuca
Moved www/conf and www/common to a new directory lib. This separates the "web" |
360 |
dbconn.close() |
|
542
by drtomc
makeuser: create svn auth for local users. |
361 |
|
362 |
if kwargs['password']: |
|
363 |
if os.path.exists(conf.svn_auth_local): |
|
364 |
create = "" |
|
365 |
else: |
|
366 |
create = "c" |
|
367 |
res = os.system("htpasswd -%smb %s %s %s" % (create, |
|
368 |
conf.svn_auth_local, |
|
369 |
kwargs['login'], |
|
370 |
kwargs['password'])) |
|
371 |
if res != 0 and throw_on_error: |
|
372 |
raise Exception("Unable to create local-auth for %s" % kwargs['login']) |
|
373 |
||
|
759
by mattgiuca
lib/common/makeuser.py: Fixed permissions on /opt/ivle/svn files. |
374 |
# Make sure the file is owned by the web server
|
375 |
if create == "c": |
|
376 |
chown_to_webserver(conf.svn_auth_local) |
|
|
813
by William Grant
Merge jails-redux branch. We now use aufs rather than hardlinking tens |
377 |
|
378 |
def mount_jail(login): |
|
379 |
# This is where we'll mount to...
|
|
380 |
destdir = os.path.join(conf.jail_base, login) |
|
381 |
# ... and this is where we'll get the user bits.
|
|
382 |
srcdir = os.path.join(conf.jail_src_base, login) |
|
383 |
try: |
|
384 |
if not os.path.exists(destdir): |
|
385 |
os.mkdir(destdir) |
|
386 |
if os.system('/bin/mount -t aufs -o dirs=%s:%s=ro none %s' |
|
387 |
% (srcdir, conf.jail_system, destdir)) == 0: |
|
388 |
logging.info("mounted user %s's jail." % login) |
|
389 |
else: |
|
390 |
logging.error("failed to mount user %s's jail!" % login) |
|
391 |
except Exception, message: |
|
392 |
logging.warning(str(message)) |