mirror of https://github.com/jumpserver/jumpserver
修复创建tty日志文件失败, 请修改目录 bug (#231)
* fix(api) 修改建立目录的bug 使用bash代替python完成建立777目录的功能 * fix passwd input * fix(mkdir) 修改mkdirs策略 修改原来导致的bug * fix passwd input (#232) 修复记录敏感密码bug * fix passwd input * fix passwd inputpull/237/head
ibuler
parent
d66ba9d6c6
commit
93e08a6e29
59
connect.py
59
connect.py
|
|
@ -93,9 +93,7 @@ class Tty(object):
|
|||
self.remote_ip = ''
|
||||
self.login_type = login_type
|
||||
self.vim_flag = False
|
||||
self.vim_end_flag = False
|
||||
self.vim_end_pattern = re.compile(r'\x1b\[\?1049', re.X)
|
||||
self.vim_pattern = re.compile(r'\W?vi[m]?\s.* | \W?fg\s.*', re.X)
|
||||
self.vim_data = ''
|
||||
self.stream = None
|
||||
self.screen = None
|
||||
|
|
@ -117,7 +115,8 @@ class Tty(object):
|
|||
return True
|
||||
return False
|
||||
|
||||
def command_parser(self, command):
|
||||
@staticmethod
|
||||
def command_parser(command):
|
||||
"""
|
||||
处理命令中如果有ps1或者mysql的特殊情况,极端情况下会有ps1和mysql
|
||||
:param command:要处理的字符传
|
||||
|
|
@ -157,14 +156,10 @@ class Tty(object):
|
|||
else:
|
||||
command = line_data
|
||||
break
|
||||
if command != '':
|
||||
# 判断用户输入的是否是vim 或者fg命令
|
||||
if self.vim_pattern.search(command):
|
||||
self.vim_flag = True
|
||||
# 虚拟屏幕清空
|
||||
self.screen.reset()
|
||||
except Exception:
|
||||
pass
|
||||
# 虚拟屏幕清空
|
||||
self.screen.reset()
|
||||
return command
|
||||
|
||||
def get_log(self):
|
||||
|
|
@ -180,8 +175,8 @@ class Tty(object):
|
|||
log_file_path = os.path.join(today_connect_log_dir, '%s_%s_%s' % (self.username, self.asset_name, time_start))
|
||||
|
||||
try:
|
||||
mkdir(os.path.dirname(today_connect_log_dir), mode=0777)
|
||||
mkdir(today_connect_log_dir, mode=0777)
|
||||
mkdir(os.path.dirname(today_connect_log_dir), mode=777)
|
||||
mkdir(today_connect_log_dir, mode=777)
|
||||
except OSError:
|
||||
logger.debug('创建目录 %s 失败,请修改%s目录权限' % (today_connect_log_dir, tty_log_dir))
|
||||
raise ServerError('创建目录 %s 失败,请修改%s目录权限' % (today_connect_log_dir, tty_log_dir))
|
||||
|
|
@ -305,7 +300,6 @@ class SshTty(Tty):
|
|||
old_tty = termios.tcgetattr(sys.stdin)
|
||||
pre_timestamp = time.time()
|
||||
data = ''
|
||||
input_str = ''
|
||||
input_mode = False
|
||||
try:
|
||||
tty.setraw(sys.stdin.fileno())
|
||||
|
|
@ -325,8 +319,7 @@ class SshTty(Tty):
|
|||
x = self.channel.recv(10240)
|
||||
if len(x) == 0:
|
||||
break
|
||||
if self.vim_flag:
|
||||
self.vim_data += x
|
||||
|
||||
index = 0
|
||||
len_x = len(x)
|
||||
while index < len_x:
|
||||
|
|
@ -347,11 +340,10 @@ class SshTty(Tty):
|
|||
pre_timestamp = now_timestamp
|
||||
log_file_f.flush()
|
||||
|
||||
if input_mode and not self.is_output(x):
|
||||
self.vim_data += x
|
||||
if input_mode:
|
||||
data += x
|
||||
|
||||
input_str = ''
|
||||
|
||||
except socket.timeout:
|
||||
pass
|
||||
|
||||
|
|
@ -362,25 +354,22 @@ class SshTty(Tty):
|
|||
pass
|
||||
termlog.recoder = True
|
||||
input_mode = True
|
||||
input_str += x
|
||||
if str(x) in ['\r', '\n', '\r\n']:
|
||||
# 这个是用来处理用户的复制操作
|
||||
if input_str != x:
|
||||
data += input_str
|
||||
if self.vim_flag:
|
||||
match = self.vim_end_pattern.findall(self.vim_data)
|
||||
if match:
|
||||
if self.vim_end_flag or len(match) == 2:
|
||||
self.vim_flag = False
|
||||
self.vim_end_flag = False
|
||||
else:
|
||||
self.vim_end_flag = True
|
||||
else:
|
||||
if self.is_output(str(x)):
|
||||
# 如果len(str(x)) > 1 说明是复制输入的
|
||||
if len(str(x)) > 1:
|
||||
data = x
|
||||
match = self.vim_end_pattern.findall(self.vim_data)
|
||||
if match:
|
||||
if self.vim_flag or len(match) == 2:
|
||||
self.vim_flag = False
|
||||
else:
|
||||
self.vim_flag = True
|
||||
elif not self.vim_flag:
|
||||
self.vim_flag = False
|
||||
data = self.deal_command(data)[0:200]
|
||||
if len(data) > 0:
|
||||
if data is not None:
|
||||
TtyLog(log=log, datetime=datetime.datetime.now(), cmd=data).save()
|
||||
data = ''
|
||||
input_str = ''
|
||||
self.vim_data = ''
|
||||
input_mode = False
|
||||
|
||||
|
|
@ -406,7 +395,7 @@ class SshTty(Tty):
|
|||
"""
|
||||
# 发起ssh连接请求 Make a ssh connection
|
||||
ssh = self.get_connection()
|
||||
|
||||
|
||||
transport = ssh.get_transport()
|
||||
transport.set_keepalive(30)
|
||||
transport.use_compression(True)
|
||||
|
|
@ -422,7 +411,7 @@ class SshTty(Tty):
|
|||
signal.signal(signal.SIGWINCH, self.set_win_size)
|
||||
except:
|
||||
pass
|
||||
|
||||
|
||||
self.posix_shell()
|
||||
|
||||
# Shutdown channel socket
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ def gen_keys(key="", key_path_dir=""):
|
|||
key_path_dir = os.path.join(KEY_DIR, 'role_key', key_basename)
|
||||
private_key = os.path.join(key_path_dir, 'id_rsa')
|
||||
public_key = os.path.join(key_path_dir, 'id_rsa.pub')
|
||||
mkdir(key_path_dir, mode=0755)
|
||||
mkdir(key_path_dir, mode=755)
|
||||
if not key:
|
||||
key = RSAKey.generate(2048)
|
||||
key.write_private_key_file(private_key)
|
||||
|
|
|
|||
|
|
@ -91,7 +91,7 @@ def get_role_key(user, role):
|
|||
"""
|
||||
user_role_key_dir = os.path.join(KEY_DIR, 'user')
|
||||
user_role_key_path = os.path.join(user_role_key_dir, '%s_%s.pem' % (user.username, role.name))
|
||||
mkdir(user_role_key_dir, mode=0777)
|
||||
mkdir(user_role_key_dir, mode=777)
|
||||
if not os.path.isfile(user_role_key_path):
|
||||
with open(os.path.join(role.key_path, 'id_rsa')) as fk:
|
||||
with open(user_role_key_path, 'w') as fu:
|
||||
|
|
@ -458,14 +458,13 @@ def bash(cmd):
|
|||
return subprocess.call(cmd, shell=True)
|
||||
|
||||
|
||||
def mkdir(dir_name, username='', mode=0755):
|
||||
def mkdir(dir_name, username='', mode=755):
|
||||
"""
|
||||
insure the dir exist and mode ok
|
||||
目录存在,如果不存在就建立,并且权限正确
|
||||
"""
|
||||
if not os.path.isdir(dir_name):
|
||||
os.makedirs(dir_name)
|
||||
os.chmod(dir_name, mode)
|
||||
cmd = '[ ! -d %s ] && mkdir -p %s && chmod %s %s' % (dir_name, dir_name, mode, dir_name)
|
||||
bash(cmd)
|
||||
if username:
|
||||
chown(dir_name, username)
|
||||
|
||||
|
|
@ -486,7 +485,7 @@ def my_render(template, data, request):
|
|||
def get_tmp_dir():
|
||||
seed = uuid.uuid4().hex[:4]
|
||||
dir_name = os.path.join('/tmp', '%s-%s' % (datetime.datetime.now().strftime('%Y%m%d-%H%M%S'), seed))
|
||||
mkdir(dir_name, mode=0777)
|
||||
mkdir(dir_name, mode=777)
|
||||
return dir_name
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -130,14 +130,14 @@ def gen_ssh_key(username, password='',
|
|||
"""
|
||||
logger.debug('生成ssh key, 并设置authorized_keys')
|
||||
private_key_file = os.path.join(key_dir, username+'.pem')
|
||||
mkdir(key_dir, mode=0777)
|
||||
mkdir(key_dir, mode=777)
|
||||
if os.path.isfile(private_key_file):
|
||||
os.unlink(private_key_file)
|
||||
ret = bash('echo -e "y\n"|ssh-keygen -t rsa -f %s -b %s -P "%s"' % (private_key_file, length, password))
|
||||
|
||||
if authorized_keys:
|
||||
auth_key_dir = os.path.join(home, username, '.ssh')
|
||||
mkdir(auth_key_dir, username=username, mode=0700)
|
||||
mkdir(auth_key_dir, username=username, mode=700)
|
||||
authorized_key_file = os.path.join(auth_key_dir, 'authorized_keys')
|
||||
with open(private_key_file+'.pub') as pub_f:
|
||||
with open(authorized_key_file, 'w') as auth_f:
|
||||
|
|
|
|||
Loading…
Reference in New Issue