github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #71 from jumpserver/dev 

fix(bsd推送系统用户bug)
pull/86/merge
ibuler 2016-02-23 15:50:59 +08:00
parent b1768565c1 18e66f52dd
commit 586e43c8d0
2 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
jperm/ansible_api.py
View File

@ -125,7 +125,7 @@ class MyRunner(MyInventory):
self.results_raw = {} self.results_raw = {}
def run(self, module_name='shell', module_args='', timeout=10, forks=10, pattern='*', def run(self, module_name='shell', module_args='', timeout=10, forks=10, pattern='*',
become=False, become_method='sudo', become_user='root', become_pass=''): become=False, become_method='sudo', become_user='root', become_pass='', transport='paramiko'):
""" """
run module from andible ad-hoc. run module from andible ad-hoc.
module_name: ansible module_name module_name: ansible module_name
@ -140,7 +140,8 @@ class MyRunner(MyInventory):
become=become, become=become,
become_method=become_method, become_method=become_method,
become_user=become_user, become_user=become_user,
become_pass=become_pass become_pass=become_pass,
transport=transport
) )
self.results_raw = hoc.run() self.results_raw = hoc.run()
logger.debug(self.results_raw) logger.debug(self.results_raw)

19
templates/jperm/role_sudo.j2
View File

@ -4,6 +4,13 @@
real_file=/etc/sudoers real_file=/etc/sudoers
tmp_file=$(mktemp /tmp/XXXXXXX) tmp_file=$(mktemp /tmp/XXXXXXX)
# fixed sudoers file path in bsd
isbsd=$(uname -a | grep -i 'freebsd' &> /dev/null && echo "yes" || echo "no")
if [ $isbsd == "yes" ]; then
real_file=/usr/local/etc/sudoers
fi
# Backup sudoers file # Backup sudoers file
cp ${real_file} ${tmp_file} cp ${real_file} ${tmp_file}
@ -13,7 +20,11 @@ add_cmd_alias() {
{% for sudo_name, sudo_cmd in sudo_alias.items %} {% for sudo_name, sudo_cmd in sudo_alias.items %}
{% if sudo_name != 'ALL' %} {% if sudo_name != 'ALL' %}
if $(grep '^Cmnd_Alias \<{{ sudo_name }}\>' ${sudo_file} &> /dev/null); then if $(grep '^Cmnd_Alias \<{{ sudo_name }}\>' ${sudo_file} &> /dev/null); then
sed -i 's@^Cmnd_Alias \<{{ sudo_name }}\>.*@Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}@g' ${sudo_file} if [ $isbsd == "yes" ]; then
sed -i .bk 's@^Cmnd_Alias \<{{ sudo_name }}\>.*@Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}@g' ${sudo_file}
else
sed -i 's@^Cmnd_Alias \<{{ sudo_name }}\>.*@Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}@g' ${sudo_file}
fi
else else
echo "Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}" >> ${sudo_file} echo "Cmnd_Alias {{ sudo_name }} = {{ sudo_cmd }}" >> ${sudo_file}
fi fi
@ -27,7 +38,11 @@ add_role_chosen() {
sudo_file=$1 sudo_file=$1
{% for user, alias in sudo_user.items %} {% for user, alias in sudo_user.items %}
if $(grep '^{{ user }}\>' ${sudo_file} &> /dev/null); then if $(grep '^{{ user }}\>' ${sudo_file} &> /dev/null); then
sed -i 's@^{{ user }}\>.*@{{ user }} ALL = (root) NOPASSWD: {{ alias }}@g' ${sudo_file} if [ $isbsd == "yes" ]; then
sed -i .bk 's@^{{ user }}\>.*@{{ user }} ALL = (root) NOPASSWD: {{ alias }}@g' ${sudo_file}
else
sed -i 's@^{{ user }}\>.*@{{ user }} ALL = (root) NOPASSWD: {{ alias }}@g' ${sudo_file}
fi
else else
echo "{{ user }} ALL = (root) NOPASSWD: {{ alias }}" >> ${sudo_file} echo "{{ user }} ALL = (root) NOPASSWD: {{ alias }}" >> ${sudo_file}
fi fi