Merge branch 'bug_fix_yu' into dev

# Conflicts:
#	service.sh
pull/94/head
yumaojun 2016-02-26 15:36:42 +08:00
commit 0b9b94bc0b
6 changed files with 736 additions and 87 deletions

594
functions Normal file
View File

@ -0,0 +1,594 @@
# -*-Shell-script-*-
#
# functions This file contains functions to be used by most or all
# shell scripts in the /etc/init.d directory.
#
TEXTDOMAIN=initscripts
# Make sure umask is sane
umask 022
# Set up a default search path.
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
export PATH
if [ $PPID -ne 1 -a -z "$SYSTEMCTL_SKIP_REDIRECT" ] && \
( /bin/mountpoint -q /cgroup/systemd || /bin/mountpoint -q /sys/fs/cgroup/systemd ) ; then
case "$0" in
/etc/init.d/*|/etc/rc.d/init.d/*)
_use_systemctl=1
;;
esac
fi
systemctl_redirect () {
local s
local prog=${1##*/}
local command=$2
local options=""
case "$command" in
start)
s=$"Starting $prog (via systemctl): "
;;
stop)
s=$"Stopping $prog (via systemctl): "
;;
reload|try-reload)
s=$"Reloading $prog configuration (via systemctl): "
;;
restart|try-restart|condrestart)
s=$"Restarting $prog (via systemctl): "
;;
esac
if [ -n "$SYSTEMCTL_IGNORE_DEPENDENCIES" ] ; then
options="--ignore-dependencies"
fi
action "$s" /bin/systemctl $options $command "$prog.service"
}
# Get a sane screen width
[ -z "${COLUMNS:-}" ] && COLUMNS=80
if [ -z "${CONSOLETYPE:-}" ]; then
if [ -c "/dev/stderr" -a -r "/dev/stderr" ]; then
CONSOLETYPE="$(/sbin/consoletype < /dev/stderr 2>/dev/null)"
else
CONSOLETYPE="serial"
fi
fi
if [ -z "${NOLOCALE:-}" ] && [ -z "${LANGSH_SOURCED:-}" ] && [ -f /etc/sysconfig/i18n -o -f /etc/locale.conf ] ; then
. /etc/profile.d/lang.sh 2>/dev/null
# avoid propagating LANGSH_SOURCED any further
unset LANGSH_SOURCED
fi
# Read in our configuration
if [ -z "${BOOTUP:-}" ]; then
if [ -f /etc/sysconfig/init ]; then
. /etc/sysconfig/init
else
# This all seem confusing? Look in /etc/sysconfig/init,
# or in /usr/share/doc/initscripts-*/sysconfig.txt
BOOTUP=color
RES_COL=60
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
SETCOLOR_SUCCESS="echo -en \\033[1;32m"
SETCOLOR_FAILURE="echo -en \\033[1;31m"
SETCOLOR_WARNING="echo -en \\033[1;33m"
SETCOLOR_NORMAL="echo -en \\033[0;39m"
LOGLEVEL=1
fi
if [ "$CONSOLETYPE" = "serial" ]; then
BOOTUP=serial
MOVE_TO_COL=
SETCOLOR_SUCCESS=
SETCOLOR_FAILURE=
SETCOLOR_WARNING=
SETCOLOR_NORMAL=
fi
fi
# Check if any of $pid (could be plural) are running
checkpid() {
local i
for i in $* ; do
[ -d "/proc/$i" ] && return 0
done
return 1
}
# __proc_pids {program} [pidfile]
# Set $pid to pids from /var/run* for {program}. $pid should be declared
# local in the caller.
# Returns LSB exit code for the 'status' action.
__pids_var_run() {
local base=${1##*/}
local pid_file=${2:-/var/run/$base.pid}
pid=
if [ -f "$pid_file" ] ; then
local line p
[ ! -r "$pid_file" ] && return 4 # "user had insufficient privilege"
while : ; do
read line
[ -z "$line" ] && break
for p in $line ; do
[ -z "${p//[0-9]/}" ] && [ -d "/proc/$p" ] && pid="$pid $p"
done
done < "$pid_file"
if [ -n "$pid" ]; then
return 0
fi
return 1 # "Program is dead and /var/run pid file exists"
fi
return 3 # "Program is not running"
}
# Output PIDs of matching processes, found using pidof
__pids_pidof() {
pidof -c -m -o $$ -o $PPID -o %PPID -x "$1" || \
pidof -c -m -o $$ -o $PPID -o %PPID -x "${1##*/}"
}
# A function to start a program.
daemon() {
# Test syntax.
local gotbase= force= nicelevel corelimit
local pid base= user= nice= bg= pid_file=
local cgroup=
nicelevel=0
while [ "$1" != "${1##[-+]}" ]; do
case $1 in
'') echo $"$0: Usage: daemon [+/-nicelevel] {program}"
return 1;;
--check)
base=$2
gotbase="yes"
shift 2
;;
--check=?*)
base=${1#--check=}
gotbase="yes"
shift
;;
--user)
user=$2
shift 2
;;
--user=?*)
user=${1#--user=}
shift
;;
--pidfile)
pid_file=$2
shift 2
;;
--pidfile=?*)
pid_file=${1#--pidfile=}
shift
;;
--force)
force="force"
shift
;;
[-+][0-9]*)
nice="nice -n $1"
shift
;;
*) echo $"$0: Usage: daemon [+/-nicelevel] {program}"
return 1;;
esac
done
# Save basename.
[ -z "$gotbase" ] && base=${1##*/}
# See if it's already running. Look *only* at the pid file.
__pids_var_run "$base" "$pid_file"
[ -n "$pid" -a -z "$force" ] && return
# make sure it doesn't core dump anywhere unless requested
corelimit="ulimit -S -c ${DAEMON_COREFILE_LIMIT:-0}"
# if they set NICELEVEL in /etc/sysconfig/foo, honor it
[ -n "${NICELEVEL:-}" ] && nice="nice -n $NICELEVEL"
# if they set CGROUP_DAEMON in /etc/sysconfig/foo, honor it
if [ -n "${CGROUP_DAEMON}" ]; then
if [ ! -x /bin/cgexec ]; then
echo -n "Cgroups not installed"; warning
echo
else
cgroup="/bin/cgexec";
for i in $CGROUP_DAEMON; do
cgroup="$cgroup -g $i";
done
fi
fi
# Echo daemon
[ "${BOOTUP:-}" = "verbose" -a -z "${LSB:-}" ] && echo -n " $base"
# And start it up.
if [ -z "$user" ]; then
$cgroup $nice /bin/bash -c "$corelimit >/dev/null 2>&1 ; $*"
else
$cgroup $nice runuser -s /bin/bash $user -c "$corelimit >/dev/null 2>&1 ; $*"
fi
[ "$?" -eq 0 ] && success $"$base startup" || failure $"$base startup"
}
# A function to stop a program.
killproc() {
local RC killlevel= base pid pid_file= delay try
RC=0; delay=3; try=0
# Test syntax.
if [ "$#" -eq 0 ]; then
echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
return 1
fi
if [ "$1" = "-p" ]; then
pid_file=$2
shift 2
fi
if [ "$1" = "-d" ]; then
delay=$(echo $2 | awk -v RS=' ' -v IGNORECASE=1 '{if($1!~/^[0-9.]+[smhd]?$/) exit 1;d=$1~/s$|^[0-9.]*$/?1:$1~/m$/?60:$1~/h$/?60*60:$1~/d$/?24*60*60:-1;if(d==-1) exit 1;delay+=d*$1} END {printf("%d",delay+0.5)}')
if [ "$?" -eq 1 ]; then
echo $"Usage: killproc [-p pidfile] [ -d delay] {program} [-signal]"
return 1
fi
shift 2
fi
# check for second arg to be kill level
[ -n "${2:-}" ] && killlevel=$2
# Save basename.
base=${1##*/}
# Find pid.
__pids_var_run "$1" "$pid_file"
RC=$?
if [ -z "$pid" ]; then
if [ -z "$pid_file" ]; then
pid="$(__pids_pidof "$1")"
else
[ "$RC" = "4" ] && { failure $"$base shutdown" ; return $RC ;}
fi
fi
# Kill it.
if [ -n "$pid" ] ; then
[ "$BOOTUP" = "verbose" -a -z "${LSB:-}" ] && echo -n "$base "
if [ -z "$killlevel" ] ; then
if checkpid $pid 2>&1; then
# TERM first, then KILL if not dead
kill -TERM $pid >/dev/null 2>&1
usleep 50000
if checkpid $pid ; then
try=0
while [ $try -lt $delay ] ; do
checkpid $pid || break
sleep 1
let try+=1
done
if checkpid $pid ; then
kill -KILL $pid >/dev/null 2>&1
usleep 50000
fi
fi
fi
checkpid $pid
RC=$?
[ "$RC" -eq 0 ] && failure $"$base shutdown" || success $"$base shutdown"
RC=$((! $RC))
# use specified level only
else
if checkpid $pid; then
kill $killlevel $pid >/dev/null 2>&1
RC=$?
[ "$RC" -eq 0 ] && success $"$base $killlevel" || failure $"$base $killlevel"
elif [ -n "${LSB:-}" ]; then
RC=7 # Program is not running
fi
fi
else
if [ -n "${LSB:-}" -a -n "$killlevel" ]; then
RC=7 # Program is not running
else
failure $"$base shutdown"
RC=0
fi
fi
# Remove pid file if any.
if [ -z "$killlevel" ]; then
rm -f "${pid_file:-/var/run/$base.pid}"
fi
return $RC
}
# A function to find the pid of a program. Looks *only* at the pidfile
pidfileofproc() {
local pid
# Test syntax.
if [ "$#" = 0 ] ; then
echo $"Usage: pidfileofproc {program}"
return 1
fi
__pids_var_run "$1"
[ -n "$pid" ] && echo $pid
return 0
}
# A function to find the pid of a program.
pidofproc() {
local RC pid pid_file=
# Test syntax.
if [ "$#" = 0 ]; then
echo $"Usage: pidofproc [-p pidfile] {program}"
return 1
fi
if [ "$1" = "-p" ]; then
pid_file=$2
shift 2
fi
fail_code=3 # "Program is not running"
# First try "/var/run/*.pid" files
__pids_var_run "$1" "$pid_file"
RC=$?
if [ -n "$pid" ]; then
echo $pid
return 0
fi
[ -n "$pid_file" ] && return $RC
__pids_pidof "$1" || return $RC
}
status() {
local base pid lock_file= pid_file=
# Test syntax.
if [ "$#" = 0 ] ; then
echo $"Usage: status [-p pidfile] {program}"
return 1
fi
if [ "$1" = "-p" ]; then
pid_file=$2
shift 2
fi
if [ "$1" = "-l" ]; then
lock_file=$2
shift 2
fi
base=${1##*/}
if [ "$_use_systemctl" = "1" ]; then
systemctl status ${0##*/}.service
return $?
fi
# First try "pidof"
__pids_var_run "$1" "$pid_file"
RC=$?
if [ -z "$pid_file" -a -z "$pid" ]; then
pid="$(__pids_pidof "$1")"
fi
if [ -n "$pid" ]; then
echo $"${base} (pid $pid) is running..."
return 0
fi
case "$RC" in
0)
echo $"${base} (pid $pid) is running..."
return 0
;;
1)
echo $"${base} dead but pid file exists"
return 1
;;
4)
echo $"${base} status unknown due to insufficient privileges."
return 4
;;
esac
if [ -z "${lock_file}" ]; then
lock_file=${base}
fi
# See if /var/lock/subsys/${lock_file} exists
if [ -f /var/lock/subsys/${lock_file} ]; then
echo $"${base} dead but subsys locked"
return 2
fi
echo $"${base} is stopped"
return 3
}
echo_success() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_SUCCESS
echo -n $" OK "
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 0
}
echo_failure() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_FAILURE
echo -n $"FAILED"
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 1
}
echo_passed() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
echo -n $"PASSED"
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 1
}
echo_warning() {
[ "$BOOTUP" = "color" ] && $MOVE_TO_COL
echo -n "["
[ "$BOOTUP" = "color" ] && $SETCOLOR_WARNING
echo -n $"WARNING"
[ "$BOOTUP" = "color" ] && $SETCOLOR_NORMAL
echo -n "]"
echo -ne "\r"
return 1
}
# Inform the graphical boot of our current state
update_boot_stage() {
if [ -x /bin/plymouth ]; then
/bin/plymouth --update="$1"
fi
return 0
}
# Log that something succeeded
success() {
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_success
return 0
}
# Log that something failed
failure() {
local rc=$?
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_failure
[ -x /bin/plymouth ] && /bin/plymouth --details
return $rc
}
# Log that something passed, but may have had errors. Useful for fsck
passed() {
local rc=$?
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_passed
return $rc
}
# Log a warning
warning() {
local rc=$?
[ "$BOOTUP" != "verbose" -a -z "${LSB:-}" ] && echo_warning
return $rc
}
# Run some action. Log its output.
action() {
local STRING rc
STRING=$1
echo -n "$STRING "
shift
"$@" && success $"$STRING" || failure $"$STRING"
rc=$?
echo
return $rc
}
# returns OK if $1 contains $2
strstr() {
[ "${1#*$2*}" = "$1" ] && return 1
return 0
}
# Check whether file $1 is a backup or rpm-generated file and should be ignored
is_ignored_file() {
case "$1" in
*~ | *.bak | *.orig | *.rpmnew | *.rpmorig | *.rpmsave)
return 0
;;
esac
return 1
}
# Evaluate shvar-style booleans
is_true() {
case "$1" in
[tT] | [yY] | [yY][eE][sS] | [tT][rR][uU][eE])
return 0
;;
esac
return 1
}
# Evaluate shvar-style booleans
is_false() {
case "$1" in
[fF] | [nN] | [nN][oO] | [fF][aA][lL][sS][eE])
return 0
;;
esac
return 1
}
# Apply sysctl settings, including files in /etc/sysctl.d
apply_sysctl() {
if [ -x /lib/systemd/systemd-sysctl ]; then
/lib/systemd/systemd-sysctl
else
for file in /usr/lib/sysctl.d/*.conf ; do
is_ignored_file "$file" && continue
[ -f /run/sysctl.d/${file##*/} ] && continue
[ -f /etc/sysctl.d/${file##*/} ] && continue
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
done
for file in /run/sysctl.d/*.conf ; do
is_ignored_file "$file" && continue
[ -f /etc/sysctl.d/${file##*/} ] && continue
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
done
for file in /etc/sysctl.d/*.conf ; do
is_ignored_file "$file" && continue
test -f "$file" && sysctl -e -p "$file" >/dev/null 2>&1
done
sysctl -e -p /etc/sysctl.conf >/dev/null 2>&1
fi
}
# A sed expression to filter out the files that is_ignored_file recognizes
__sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
if [ "$_use_systemctl" = "1" ]; then
if [ "x$1" = xstart -o \
"x$1" = xstop -o \
"x$1" = xrestart -o \
"x$1" = xreload -o \
"x$1" = xtry-restart -o \
"x$1" = xforce-reload -o \
"x$1" = xcondrestart ] ; then
systemctl_redirect $0 $1
exit $?
fi
fi

View File

@ -5,16 +5,15 @@ import subprocess
import time import time
import os import os
import sys import sys
import MySQLdb
from smtplib import SMTP, SMTPAuthenticationError, SMTPConnectError, SMTPSenderRefused from smtplib import SMTP, SMTPAuthenticationError, SMTPConnectError, SMTPSenderRefused
import ConfigParser import ConfigParser
import socket import socket
import fcntl
import struct
import readline
import random import random
import string import string
import re
import platform
jms_dir = os.path.dirname(os.path.abspath(os.path.dirname(__file__))) jms_dir = os.path.dirname(os.path.abspath(os.path.dirname(__file__)))
sys.path.append(jms_dir) sys.path.append(jms_dir)
@ -27,6 +26,13 @@ def bash(cmd):
return subprocess.call(cmd, shell=True) return subprocess.call(cmd, shell=True)
def valid_ip(ip):
if ('255' in ip) or (ip == "0.0.0.0"):
return False
else:
return True
def color_print(msg, color='red', exits=False): def color_print(msg, color='red', exits=False):
""" """
Print colorful string. Print colorful string.
@ -46,18 +52,17 @@ def color_print(msg, color='red', exits=False):
return msg return msg
def get_ip_addr(ifname='eth0'): def get_ip_addr():
try: try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
return socket.inet_ntoa(fcntl.ioctl( s.connect(("8.8.8.8", 80))
s.fileno(), return s.getsockname()[0]
0x8915, except Exception:
struct.pack('256s', ifname[:15]) if_data = ''.join(os.popen("LANG=C ifconfig").readlines())
)[20:24]) ips = re.findall(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', if_data, flags=re.MULTILINE)
except: ip = filter(valid_ip, ips)
ips = os.popen("LANG=C ifconfig | grep \"inet addr\" | grep -v \"127.0.0.1\" | awk -F \":\" '{print $2}' | awk '{print $1}'").readlines() if ip:
if len(ips) > 0: return ip[0]
return ips[0]
return '' return ''
@ -75,6 +80,17 @@ class PreSetup(object):
self.ip = '' self.ip = ''
self.key = ''.join(random.choice(string.ascii_lowercase + string.digits) \ self.key = ''.join(random.choice(string.ascii_lowercase + string.digits) \
for _ in range(16)) for _ in range(16))
self.dist = platform.dist()[0].lower()
@property
def _is_redhat(self):
if self.dist == "centos" or self.dist == "redhat":
return True
@property
def _is_ubuntu(self):
if self.dist == "ubuntu":
return True
def write_conf(self, conf_file=os.path.join(jms_dir, 'jumpserver.conf')): def write_conf(self, conf_file=os.path.join(jms_dir, 'jumpserver.conf')):
color_print('开始写入配置文件', 'green') color_print('开始写入配置文件', 'green')
@ -99,22 +115,38 @@ class PreSetup(object):
def _setup_mysql(self): def _setup_mysql(self):
color_print('开始安装设置mysql (请手动设置mysql安全)', 'green') color_print('开始安装设置mysql (请手动设置mysql安全)', 'green')
color_print('默认用户名: %s 默认密码: %s' % (self.db_user, self.db_pass), 'green') color_print('默认用户名: %s 默认密码: %s' % (self.db_user, self.db_pass), 'green')
bash('yum -y install mysql-server') if self._is_redhat:
bash('service mysqld start') bash('yum -y install mysql-server')
bash('chkconfig mysqld on') bash('service mysqld start')
bash('mysql -e "create database %s default charset=utf8"' % self.db) bash('chkconfig mysqld on')
bash('mysql -e "grant all on %s.* to \'%s\'@\'%s\' identified by \'%s\'"' % (self.db, bash('mysql -e "create database %s default charset=utf8"' % self.db)
self.db_user, bash('mysql -e "grant all on %s.* to \'%s\'@\'%s\' identified by \'%s\'"' % (self.db,
self.db_host, self.db_user,
self.db_pass)) self.db_host,
self.db_pass))
if self._is_ubuntu:
bash('echo mysql-server mysql-server/root_password select '' | debconf-set-selections')
bash('echo mysql-server mysql-server/root_password_again select '' | debconf-set-selections')
bash('apt-get -y install mysql-server')
bash('mysql -e "create database %s default charset=utf8"' % self.db)
bash('mysql -e "grant all on %s.* to \'%s\'@\'%s\' identified by \'%s\'"' % (self.db,
self.db_user,
self.db_host,
self.db_pass))
@staticmethod def _set_env(self):
def _set_env():
color_print('开始关闭防火墙和selinux', 'green') color_print('开始关闭防火墙和selinux', 'green')
os.system("export LANG='en_US.UTF-8' && sed -i 's/LANG=.*/LANG=en_US.UTF-8/g' /etc/sysconfig/i18n") if self._is_redhat:
bash('service iptables stop && chkconfig iptables off && setenforce 0') os.system("export LANG='en_US.UTF-8' && sed -i 's/LANG=.*/LANG=en_US.UTF-8/g' /etc/sysconfig/i18n")
bash('service iptables stop && chkconfig iptables off && setenforce 0')
if self._is_ubuntu:
os.system("export LANG='en_US.UTF-8'")
bash("iptables -F")
bash('which selinux && setenforce 0')
def _test_db_conn(self): def _test_db_conn(self):
bash("pip install mysql-python")
import MySQLdb
try: try:
MySQLdb.connect(host=self.db_host, port=int(self.db_port), MySQLdb.connect(host=self.db_host, port=int(self.db_port),
user=self.db_user, passwd=self.db_pass, db=self.db) user=self.db_user, passwd=self.db_pass, db=self.db)
@ -141,15 +173,18 @@ class PreSetup(object):
return True return True
return False return False
@staticmethod def _rpm_repo(self):
def _rpm_repo(): if self._is_redhat:
color_print('开始安装epel源', 'green') color_print('开始安装epel源', 'green')
bash('yum -y install epel-release') bash('yum -y install epel-release')
def _depend_rpm(self):
color_print('开始安装依赖包', 'green')
if self._is_redhat:
bash('yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass')
if self._is_ubuntu:
bash("apt-get -y install git python-pip gcc automake autoconf vim sshpass libmysqld-dev python-all-dev")
@staticmethod
def _depend_rpm():
color_print('开始安装依赖rpm包', 'green')
bash('yum -y install git python-pip mysql-devel gcc automake autoconf python-devel vim sshpass')
@staticmethod @staticmethod
def _require_pip(): def _require_pip():
@ -202,11 +237,11 @@ class PreSetup(object):
print print
def start(self): def start(self):
# self._rpm_repo()
# self._depend_rpm()
# self._require_pip()
color_print('请务必先查看wiki https://github.com/ibuler/jumpserver/wiki/Quickinstall') color_print('请务必先查看wiki https://github.com/ibuler/jumpserver/wiki/Quickinstall')
time.sleep(3) time.sleep(3)
self._rpm_repo()
self._depend_rpm()
self._require_pip()
self._set_env() self._set_env()
self._input_ip() self._input_ip()
self._input_mysql() self._input_mysql()

View File

@ -8,6 +8,8 @@ from django.core.management import execute_from_command_line
import shutil import shutil
import urllib import urllib
import socket import socket
import subprocess
jms_dir = os.path.dirname(os.path.abspath(os.path.dirname(__file__))) jms_dir = os.path.dirname(os.path.abspath(os.path.dirname(__file__)))
sys.path.append(jms_dir) sys.path.append(jms_dir)
@ -75,7 +77,8 @@ class Setup(object):
user.delete() user.delete()
db_add_user(username=self.admin_user, password=self.admin_pass, role='SU', name='admin', groups='', db_add_user(username=self.admin_user, password=self.admin_pass, role='SU', name='admin', groups='',
admin_groups='', email='admin@jumpserver.org', uuid='MayBeYouAreTheFirstUser', is_active=True) admin_groups='', email='admin@jumpserver.org', uuid='MayBeYouAreTheFirstUser', is_active=True)
os.system('id %s &> /dev/null || useradd %s' % (self.admin_user, self.admin_user)) cmd = 'useradd %s' % self.admin_user
subprocess.call(cmd, shell=True)
@staticmethod @staticmethod
def _chmod_file(): def _chmod_file():

View File

@ -125,7 +125,7 @@ class MyRunner(MyInventory):
self.results_raw = {} self.results_raw = {}
def run(self, module_name='shell', module_args='', timeout=10, forks=10, pattern='*', def run(self, module_name='shell', module_args='', timeout=10, forks=10, pattern='*',
become=False, become_method='sudo', become_user='root', become_pass='', transport='paramiko'): become=False, become_method='sudo', become_user='root', become_pass='', transport='smart'):
""" """
run module from andible ad-hoc. run module from andible ad-hoc.
module_name: ansible module_name module_name: ansible module_name

View File

@ -1,4 +1,5 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from __future__ import unicode_literals
from django.db.models import Q from django.db.models import Q
from django.http import HttpResponseBadRequest, HttpResponseNotAllowed from django.http import HttpResponseBadRequest, HttpResponseNotAllowed
@ -705,8 +706,14 @@ def perm_role_recycle(request):
recycle_assets.append(asset) recycle_assets.append(asset)
recycle_resource = gen_resource(recycle_assets) recycle_resource = gen_resource(recycle_assets)
task = MyTask(recycle_resource) task = MyTask(recycle_resource)
# TODO: 判断返回结果,处理异常 try:
msg = task.del_user(get_object(PermRole, id=role_id).name) msg_del_user = task.del_user(get_object(PermRole, id=role_id).name)
msg_del_sudo = task.del_user_sudo(get_object(PermRole, id=role_id).name)
logger.info("recycle user msg: %s" % msg_del_user)
logger.info("recycle sudo msg: %s" % msg_del_sudo)
except Exception, e:
logger.warning("Recycle Role failed: %s" % e)
raise ServerError(u"回收已推送的系统用户失败: %s" % e)
for asset_id in asset_ids: for asset_id in asset_ids:
asset = get_object(Asset, id=asset_id) asset = get_object(Asset, id=asset_id)

View File

@ -9,42 +9,55 @@
# Site: http://www.jumpserver.org # Site: http://www.jumpserver.org
# Author: Jumpserver Team # Author: Jumpserver Team
. /etc/init.d/functions base_dir=$(dirname $0)
. ${base_dir}/functions
export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin export PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/opt/node/bin
base_dir=$(dirname $0)
PROC_NAME="jumpsever" PROC_NAME="jumpsever"
lockfile=/var/lock/subsys/${PROC_NAME} lockfile=/var/lock/subsys/${PROC_NAME}
start() { start() {
jump_start=$"Starting ${PROC_NAME} service:" jump_start=$"Starting ${PROC_NAME} service:"
if [ -f $lockfile ];then if [ -f $lockfile ];then
echo "jumpserver is running..." echo "jumpserver is running..."
success "$jump_start" success "$jump_start"
else else
# daemon python $base_dir/manage.py runserver 0.0.0.0:80 &>> /tmp/jumpserver.log 2>&1 & daemon python $base_dir/manage.py runserver 0.0.0.0:80 &>> /tmp/jumpserver.log 2>&1 &
daemon python $base_dir/manage.py crontab add &>> /tmp/jumpserver.log 2>&1 daemon python $base_dir/manage.py crontab add &>> /tmp/jumpserver.log 2>&1
daemon python $base_dir/run_websocket.py &> /dev/null 2>&1 & daemon python $base_dir/run_websocket.py &> /dev/null 2>&1 &
sleep 4 sleep 4
echo -n "$jump_start" echo -n "$jump_start"
nums=0 nums=0
for i in manage.py run_websocket.py;do for i in manage.py run_websocket.py;do
ps aux | grep "$i" | grep -v 'grep' &> /dev/null && let nums+=1 || echo "$i not running" if ps aux | grep "$i" | grep -v 'grep' &> /dev/null; then
nums=$[nums+1]
else
echo "$i not running"
fi
done done
if [ "x$nums" == "x2" ];then if [ "x$nums" == "x2" ];then
success "$jump_start" success "$jump_start"
if [ ! -e $lockfile ]; then
lockfile_dir=`dirname $lockfile`
mkdir -pv $lockfile_dir
fi
touch "$lockfile" touch "$lockfile"
echo echo
else else
failure "$jump_start" failure "$jump_start"
echo echo
fi fi
fi fi
} }
@ -52,21 +65,21 @@ start() {
stop() { stop() {
echo -n $"Stopping ${PROC_NAME} service:" echo -n $"Stopping ${PROC_NAME} service:"
daemon python $base_dir/manage.py crontab remove &>> /tmp/jumpserver.log 2>&1 daemon python $base_dir/manage.py crontab remove &>> /tmp/jumpserver.log 2>&1
ps aux | grep -E 'manage.py|run_websocket.py' | grep -v grep | awk '{print $2}' | xargs kill -9 &> /dev/null ps aux | grep -E 'manage.py|run_websocket.py' | grep -v grep | awk '{print $2}' | xargs kill -9 &> /dev/null
ret=$? ret=$?
if [ $ret -eq 0 ]; then if [ $ret -eq 0 ]; then
echo_success echo_success
echo echo
rm -f "$lockfile" rm -f "$lockfile"
else else
echo_failure echo_failure
echo echo
rm -f "$lockfile" rm -f "$lockfile"
fi fi
} }
@ -94,6 +107,3 @@ case "$1" in
echo $"Usage: $0 {start|stop|restart}" echo $"Usage: $0 {start|stop|restart}"
exit 2 exit 2
esac esac