
ibuler 2015-04-18 13:52:28 +08:00
parent d6171f7fe7
commit bcc5774365
7 changed files with 57 additions and 507 deletions

View File

@ -205,7 +205,7 @@ def print_prompt():
1) Type \033[32mIP ADDRESS\033[0m To Login. 1) Type \033[32mIP ADDRESS\033[0m To Login.
2) Type \033[32mP/p\033[0m To Print The Servers You Available. 2) Type \033[32mP/p\033[0m To Print The Servers You Available.
3) Type \033[32mG/g\033[0m To Print The Server Groups You Available. 3) Type \033[32mG/g\033[0m To Print The Server Groups You Available.
4) Type \033[32mG/g+gid\033[0m To Print The Server Group Hosts You Available. 4) Type \033[32mG/g(1-N)\033[0m To Print The Server Group Hosts You Available.
5) Type \033[32mE/e\033[0m To Execute Command On Several Servers. 5) Type \033[32mE/e\033[0m To Execute Command On Several Servers.
6) Type \033[32mQ/q\033[0m To Quit. 6) Type \033[32mQ/q\033[0m To Quit.
""" """

View File

@ -1,5 +1,6 @@
# coding: utf-8 # coding: utf-8
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
import json import json
import os import os
@ -14,6 +15,7 @@ import datetime
import subprocess import subprocess
from django.core.paginator import Paginator, EmptyPage, InvalidPage from django.core.paginator import Paginator, EmptyPage, InvalidPage
from django.http import HttpResponse, Http404 from django.http import HttpResponse, Http404
from django.shortcuts import render_to_response
from juser.models import User, UserGroup, DEPT from juser.models import User, UserGroup, DEPT
from jasset.models import Asset, BisGroup, IDC from jasset.models import Asset, BisGroup, IDC
from jlog.models import Log from jlog.models import Log
@ -470,11 +472,6 @@ def verify(request, user_group=None, user=None, asset_group=None, asset=None, ed
return True return True
def get_dept_asset(request):
dept_id = get_user_dept(request)
dept_asset = DEPT.objects.get(id=dept_id).asset_set.all()
def bash(cmd): def bash(cmd):
"""鎵цbash鍛戒护""" """鎵цbash鍛戒护"""
return subprocess.call(cmd, shell=True) return subprocess.call(cmd, shell=True)
@ -486,3 +483,7 @@ def is_dir(dir_name, username='root', mode=0755):
bash("chown %s:%s '%s'" % (username, username, dir_name)) bash("chown %s:%s '%s'" % (username, username, dir_name))
os.chmod(dir_name, mode) os.chmod(dir_name, mode)
def success(request, msg):
return render_to_response('success.html', locals())

View File

@ -1,396 +0,0 @@
#!/usr/bin/env python
import socket
import sys
import os
import ast
import select
import time
from datetime import datetime
import paramiko
import struct
import fcntl
import signal
import textwrap
import django
import getpass
import fnmatch
import optparse
import readline
from multiprocessing import Pool
from ConfigParser import ConfigParser
from django.core.exceptions import ObjectDoesNotExist
os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
from juser.models import User
from jasset.models import Asset
from jlog.models import Log
from jumpserver.views import PyCrypt
from jumpserver.api import user_perm_asset_api, user_perm_group_api
import termios
import tty
except ImportError:
print '\033[1;31mOnly postfix supported.\033[0m'
CURRENT_DIR = os.path.abspath(os.path.dirname(__file__))
BASE_DIR = os.path.dirname(CURRENT_DIR)
CONF = ConfigParser()
CONF.read(os.path.join(BASE_DIR, 'jumpserver.conf'))
LOG_DIR = os.path.join(BASE_DIR, 'logs')
SSH_KEY_DIR = os.path.join(BASE_DIR, 'keys')
SERVER_KEY_DIR = os.path.join(SSH_KEY_DIR, 'server')
KEY = CONF.get('web', 'key')
LOGIN_NAME = getpass.getuser()
def color_print(msg, color='blue'):
"""Print colorful string."""
color_msg = {'blue': '\033[1;36m%s\033[0m',
'green': '\033[1;32m%s\033[0m',
'red': '\033[1;31m%s\033[0m'}
print color_msg.get(color, 'blue') % msg
def color_print_exit(msg, color='red'):
"""Print colorful string and exit."""
color_print(msg, color=color)
class ServerError(Exception):
def get_win_size():
"""This function use to get the size of the windows!"""
if 'TIOCGWINSZ' in dir(termios):
TIOCGWINSZ = 1074295912L # Assume
s = struct.pack('HHHH', 0, 0, 0, 0)
x = fcntl.ioctl(sys.stdout.fileno(), TIOCGWINSZ, s)
return struct.unpack('HHHH', x)[0:2]
def set_win_size(sig, data):
"""This function use to set the window size of the terminal!"""
win_size = get_win_size()
channel.resize_pty(height=win_size[0], width=win_size[1])
def get_object(model, **kwargs):
the_object = model.objects.get(**kwargs)
except ObjectDoesNotExist:
raise ServerError('Object get %s failed.' % str(kwargs.values()))
return the_object
def log_record(username, host):
"""Logging user command and output."""
connect_log_dir = os.path.join(LOG_DIR, 'connect')
timestamp_start = int(time.time())
today = time.strftime('%Y%m%d', time.localtime(timestamp_start))
time_now = time.strftime('%H%M%S', time.localtime(timestamp_start))
today_connect_log_dir = os.path.join(connect_log_dir, today)
log_filename = '%s_%s_%s.log' % (username, host, time_now)
log_file_path = os.path.join(today_connect_log_dir, log_filename)
pid = os.getpid()
ip_list = []
remote_ip = os.popen("who |grep `ps aux |gawk '{if ($2==%s) print $1}'` |gawk '{print $5}'|tr -d '()'" % pid).readlines()
for ip in remote_ip:
ip_list = ','.join(list(set(ip_list)))
if not os.path.isdir(today_connect_log_dir):
os.chmod(today_connect_log_dir, 0777)
except OSError:
raise ServerError('Create %s failed, Please modify %s permission.' % (today_connect_log_dir, connect_log_dir))
log_file = open(log_file_path, 'a')
except IOError:
raise ServerError('Create logfile failed, Please modify %s permission.' % today_connect_log_dir)
log = Log(user=username, host=host, remote_ip=ip_list, log_path=log_file_path, start_time=datetime.now(), pid=pid)
log_file.write('Starttime is %s\n' % datetime.now())
return log_file, log
def posix_shell(chan, username, host):
Use paramiko channel connect server interactive.
log_file, log = log_record(username, host)
old_tty = termios.tcgetattr(sys.stdin)
while True:
r, w, e = select.select([chan, sys.stdin], [], [])
if chan in r:
x = chan.recv(1024)
if len(x) == 0:
except socket.timeout:
if sys.stdin in r:
x = os.read(sys.stdin.fileno(), 1)
if len(x) == 0:
timestamp_end = time.time()
termios.tcsetattr(sys.stdin, termios.TCSADRAIN, old_tty)
log_file.write('Endtime is %s' % datetime.now())
log.is_finished = True
log.log_finished = False
log.end_time = datetime.now()
def get_user_host(username):
"""Get the hosts of under the user control."""
hosts_attr = {}
asset_all = user_perm_asset_api(username)
for asset in asset_all:
hosts_attr[asset.ip] = [asset.id, asset.comment]
return hosts_attr
def get_user_hostgroup(username):
"""Get the hostgroups of under the user control."""
groups_attr = {}
group_all = user_perm_group_api(username)
for group in group_all:
groups_attr[group.name] = [group.id, group.comment]
return groups_attr
def get_connect_item(username, ip):
cryptor = PyCrypt(KEY)
asset = get_object(Asset, ip=ip)
port = asset.port
if not asset.is_active:
raise ServerError('Host %s is not active.' % ip)
user = get_object(User, username=username)
if not user.is_active:
raise ServerError('User %s is not active.' % username)
login_type_dict = {
'L': user.ldap_pwd,
if asset.login_type in login_type_dict:
password = cryptor.decrypt(login_type_dict[asset.login_type])
return username, password, ip, port
elif asset.login_type == 'M':
username = asset.username
password = cryptor.decrypt(asset.password)
return username, password, ip, port
raise ServerError('Login type is not in ["L", "M"]')
def verify_connect(username, part_ip):
hosts_attr = get_user_host(username)
hosts = hosts_attr.keys()
ip_matched = [ip for ip in hosts if part_ip in ip]
if len(ip_matched) > 1:
for ip in ip_matched:
print '%s -- %s' % (ip, hosts_attr[ip][1])
elif len(ip_matched) < 1:
color_print('No Permission or No host.', 'red')
username, password, host, port = get_connect_item(username, ip_matched[0])
print username, password, host, port
connect(username, password, host, port, LOGIN_NAME)
def print_prompt():
msg = """\033[1;32m### Welcome Use JumpServer To Login. ### \033[0m
1) Type \033[32mIP ADDRESS\033[0m To Login.
2) Type \033[32mP/p\033[0m To Print The Servers You Available.
3) Type \033[32mG/g\033[0m To Print The Server Groups You Available.
4) Type \033[32mE/e\033[0m To Execute Command On Several Servers.
5) Type \033[32mQ/q\033[0m To Quit.
print textwrap.dedent(msg)
def print_user_host(username):
hosts_attr = get_user_host(username)
hosts = hosts_attr.keys()
for ip in hosts:
print '%s -- %s' % (ip, hosts_attr[ip][1])
def print_user_hostgroup(username):
group_attr = get_user_hostgroup(username)
groups = group_attr.keys()
for g in groups:
print '%s -- %s' % (g, group_attr[g][1])
def connect(username, password, host, port, login_name):
Connect server.
ps1 = "PS1='[\u@%s \W]\$ '\n" % host
login_msg = "clear;echo -e '\\033[32mLogin %s done. Enjoy it.\\033[0m'\n" % host
# Make a ssh connection
ssh = paramiko.SSHClient()
ssh.connect(host, port=port, username=username, password=password, compress=True)
except paramiko.ssh_exception.AuthenticationException, paramiko.ssh_exception.SSHException:
raise ServerError('Authentication Error.')
except socket.error:
raise ServerError('Connect SSH Socket Port Error, Please Correct it.')
# Make a channel and set windows size
global channel
win_size = get_win_size()
channel = ssh.invoke_shell(height=win_size[0], width=win_size[1])
#channel.resize_pty(height=win_size[0], width=win_size[1])
signal.signal(signal.SIGWINCH, set_win_size)
# Set PS1 and msg it
# Make ssh interactive tunnel
posix_shell(channel, login_name, host)
# Shutdown channel socket
def remote_exec_cmd(ip, port, username, password, cmd):
ssh = paramiko.SSHClient()
ssh.connect(ip, port, username, password, timeout=5)
stdin, stdout, stderr = ssh.exec_command("bash -l -c '%s'" % cmd)
out = stdout.readlines()
err = stderr.readlines()
color_print('%s:' %ip, 'blue')
for i in out:
color_print(" " * 4 + i.strip(), 'green')
for j in err:
color_print(" " * 4 + j.strip(), 'red')
except Exception as e:
color_print(ip + ':', 'blue')
color_print(str(e), 'red')
def multi_remote_exec_cmd(hosts, username, cmd):
pool = Pool(processes=5)
for host in hosts:
username, password, ip, port = get_connect_item(username, host)
pool.apply_async(remote_exec_cmd, (ip, port, username, password, cmd))
def exec_cmd_servers(username):
hosts = []
color_print("Input the Host IP(s),Separated by Commas, q/Q to Quit.\n \
You can choose in the following IP(s), Use Linux / Unix glob.", 'green')
while True:
inputs = raw_input('\033[1;32mip(s)>: \033[0m')
if inputs in ['q', 'Q']:
get_hosts = get_user_host(username).keys()
for host in get_hosts:
if fnmatch.fnmatch(host, inputs):
if len(hosts) == 0:
color_print("Check again, Not matched any ip!", 'red')
print "You matched ip: %s" % hosts
color_print("Input the Command , The command will be Execute on servers, q/Q to quit.", 'green')
while True:
cmd = raw_input('\033[1;32mCmd(s): \033[0m')
if cmd in ['q', 'Q']:
exec_log_dir = os.path.join(LOG_DIR, 'exec_cmds')
if not os.path.isdir(exec_log_dir):
os.chmod(exec_log_dir, 0777)
filename = "%s/%s.log" % (exec_log_dir, time.strftime('%Y%m%d'))
f = open(filename, 'a')
f.write("DateTime: %s User: %s Host: %s Cmds: %s\n" %
(time.strftime('%Y/%m/%d %H:%M:%S'), username, hosts, cmd))
multi_remote_exec_cmd(hosts, username, cmd)
def help():
global p, options, arguments
usage = "usage: %prog '' [options] arg1 [options] arg2"
p = optparse.OptionParser(usage=usage)
p.add_option('-p', '--host', help = "Print The Servers You Available.")
p.add_option('-g', '--group', help = "Print The Server Groups You Available.")
options, arguments = p.parse_args()
def main():
if options.host:
elif options.group:
verify_connect(LOGIN_NAME, sys.argv[1])
except ServerError, e:
color_print(e, 'red')
if __name__ == '__main__':

View File

@ -240,9 +240,7 @@ def install(request):
User(id=5000, username="admin", password=md5_crypt('admin'), User(id=5000, username="admin", password=md5_crypt('admin'),
name='admin', email='admin@jumpserver.org', role='SU', is_active=True, dept=dept).save() name='admin', email='admin@jumpserver.org', role='SU', is_active=True, dept=dept).save()
User(id=5001, username="group_admin", password=md5_crypt('group_admin'), return success(request, u'瀹夎鎴愬姛')
name='group_admin', email='group_admin@jumpserver.org', role='DA', is_active=True, dept=dept2).save()
return HttpResponse('Ok')
def download(request): def download(request):

View File

@ -2,29 +2,21 @@
<html> <html>
<head> <head>
<meta charset="utf-8"> <meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="viewport" content="width=device-width, initial-scale=1.0">
<title> 鐧诲綍 | JumpServer</title>
<title>JumpServer | Login</title>
<link rel="shortcut icon" href="/static/img/facio.ico" type="image/x-icon"> <link rel="shortcut icon" href="/static/img/facio.ico" type="image/x-icon">
<link href="/static/css/bootstrap.min.css" rel="stylesheet"> <link href="/static/css/bootstrap.min.css" rel="stylesheet">
<link href="/static/font-awesome/css/font-awesome.css" rel="stylesheet"> <link href="/static/font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="/static/css/animate.css" rel="stylesheet"> <link href="/static/css/animate.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet"> <link href="/static/css/style.css" rel="stylesheet">
</head> </head>
<body class="gray-bg"> <body class="gray-bg">
<div class="middle-box text-center loginscreen animated fadeInDown"> <div class="middle-box text-center loginscreen animated fadeInDown">
<div> <div>
<div> <div>
<h1 class="logo-name"><img src="/static/img/logo.png"></h1> <h1 class="logo-name"><img src="/static/img/logo.png"></h1>
</div> </div>
{% if error %} {% if error %}
<div class="alert alert-danger text-center">{{ error }}</div> <div class="alert alert-danger text-center">{{ error }}</div>
@ -39,7 +31,7 @@
</div> </div>
<button type="submit" class="btn btn-primary block full-width m-b">Login</button> <button type="submit" class="btn btn-primary block full-width m-b">Login</button>
<a href="#"><small>Forgot password?</small></a> <a href="#"><small>Forgot password? Contact Administrator. </small></a>
</form> </form>
<p class="m-t"> <small><b>Copyright</b> Jumpserver.org Organization 漏 2014-2015</small> </p> <p class="m-t"> <small><b>Copyright</b> Jumpserver.org Organization 漏 2014-2015</small> </p>
</div> </div>

View File

@ -1,84 +0,0 @@
<div class="col-sm-6">
<div class="dataTables_paginate paging_simple_numbers" id="editable_paginate">
<ul class="pagination" style="margin-top: 0; float: right">
{% if keyword %}
{% if contacts.has_previous %}
<li class="paginate_button previous" aria-controls="editable" tabindex="0" >
<a href="?keyword={{ keyword }}&page={{ contacts.previous_page_number }}">Previous</a>
{% else %}
<li class="paginate_button previous disabled" aria-controls="editable" tabindex="0" >
<a href="#">Previous</a>
{% endif %}
{% set href="" %}
{% if gid %}
{% set href=href+"&gid="+gid %}
{% endif %}
{% if did %}
{% set href=href+"&did="+did %}
{% endif %}
{% if keyword %}
{% set href=href+"&keyword"+keyword %}
{% endif %}
{% ifequal show_first 1 %}
<li class="paginate_button" aria-controls="editable" tabindex="0"><a href="?page=1{{ href }}" title="绗1椤">1...</a></li>
{% endifequal %}
{% for page in page_range %}
{% ifequal current_page page %}
<li class="paginate_button active" aria-controls="editable" tabindex="0"><a href="?page={{ page }}{{ href }}" title="绗瑊{ page }}椤">{{ page }}</a></li>
{% else %}
<li class="paginate_button" aria-controls="editable" tabindex="0"><a href="?page={{ page }}{{ href }}" title="绗瑊{ page }}椤">{{ page }}</a></li>
{% endifequal %}
{% endfor %}
{% ifequal show_end 1 %}
<li class="paginate_button" aria-controls="editable" tabindex="0"><a href="?page={{ p.num_pages }}{{ href }}" title="绗瑊{ page }}椤">...{{ p.num_pages }}</a></li>
{% endifequal %}
{% if contacts.has_next %}
<li class="paginate_button next" aria-controls="editable" tabindex="0" >
<a href="?page={{ contacts.next_page_number }}{{ href }}">Next</a>
{% else %}
<li class="paginate_button next disabled" aria-controls="editable" tabindex="0" >
<a href="#">Next</a>
{% endif %}
{% else %}
{% if contacts.has_previous %}
<li class="paginate_button previous" aria-controls="editable" tabindex="0" >
<a class="test" href="?page={{ contacts.previous_page_number }}{{ href }}">Previous</a>
{% else %}
<li class="paginate_button previous disabled" aria-controls="editable" tabindex="0" >
<a href="#">Previous</a>
{% endif %}
{% ifequal show_first 1 %}
<li class="paginate_button" aria-controls="editable" tabindex="0"><a class="test" href="?page=1{{ href }}" title="绗1椤">1...</a></li>
{% endifequal %}
{% for page in page_range %}
{% ifequal current_page page %}
<li class="paginate_button active" aria-controls="editable" tabindex="0"><a class="test" href="?page={{ page }}" title="绗瑊{ page }}椤">{{ page }}</a></li>
{% else %}
<li class="paginate_button" aria-controls="editable" tabindex="0"><a class="test" href="?page={{ page }}" title="绗瑊{ page }}椤">{{ page }}</a></li>
{% endifequal %}
{% endfor %}
{% ifequal show_end 1 %}
<li class="paginate_button" aria-controls="editable" tabindex="0"><a class="test" href="?page={{ p.num_pages }}" title="绗瑊{ page }}椤">...{{ p.num_pages }}</a></li>
{% endifequal %}
{% if contacts.has_next %}
<li class="paginate_button next" aria-controls="editable" tabindex="0" >
<a class="test" href="?page={{ contacts.next_page_number }}">Next</a>
{% else %}
<li class="paginate_button next disabled" aria-controls="editable" tabindex="0" >
<a class="test" href="#">Next</a>
{% endif %}
{% endif %}

templates/success.html Normal file
View File

@ -0,0 +1,39 @@
<!DOCTYPE html>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Jumpserver | Success</title>
<link href="/static/css/bootstrap.min.css" rel="stylesheet">
<link href="/static/font-awesome/css/font-awesome.css" rel="stylesheet">
<link href="/static/css/animate.css" rel="stylesheet">
<link href="/static/css/style.css" rel="stylesheet">
<body class="gray-bg">
<div class="middle-box text-center animated fadeInDown">
<h3 class="font-bold">{{ msg }}</h3>
<div class="error-desc">
The server success response the request. Congratulations.<br/>
You can go back to main page: <br/><a href="/" class="btn btn-primary m-t">浠〃鐩</a>
<!-- Mainly scripts -->
<script src="/static/js/jquery-2.1.1.js"></script>
<script src="/static/js/bootstrap.min.js"></script>