github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

修改connect方法

pull/26/head
ibuler 2015-11-18 15:15:08 +08:00
parent 42745c52df
commit cf8e366ae1
3 changed files with 99 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
connect.py
View File

@ -19,8 +19,8 @@ import struct, fcntl, signal, socket, select
os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings' os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings'
if django.get_version() != '1.6': if django.get_version() != '1.6':
django.setup() django.setup()
from jumpserver.api import ServerError, User, Asset, AssetGroup, get_object from jumpserver.api import ServerError, User, Asset, AssetGroup, get_object, mkdir
from jumpserver.api import logger, mkdir, Log, TtyLog from jumpserver.api import logger, Log, TtyLog
from jumpserver.settings import LOG_DIR from jumpserver.settings import LOG_DIR
@ -68,9 +68,6 @@ def check_vim_status(command, ssh):
return False return False
class Tty(object): class Tty(object):
""" """
A virtual tty class A virtual tty class
@ -252,6 +249,7 @@ class Tty(object):
log_file_path = os.path.join(today_connect_log_dir, '%s_%s_%s' % (self.username, self.asset_name, time_start)) log_file_path = os.path.join(today_connect_log_dir, '%s_%s_%s' % (self.username, self.asset_name, time_start))
try: try:
mkdir(os.path.dirname(today_connect_log_dir), mode=0777)
mkdir(today_connect_log_dir, mode=0777) mkdir(today_connect_log_dir, mode=0777)
except OSError: except OSError:
logger.debug('创建目录 %s 失败,请修改%s目录权限' % (today_connect_log_dir, tty_log_dir)) logger.debug('创建目录 %s 失败,请修改%s目录权限' % (today_connect_log_dir, tty_log_dir))
@ -289,7 +287,7 @@ class Tty(object):
# 2. get 映射用户 # 2. get 映射用户
# 3. get 映射用户的账号密码或者key # 3. get 映射用户的账号密码或者key
# self.connect_info = {'user': '', 'asset': '', 'ip': '', 'port': 0, 'role_name': '', 'role_pass': '', 'role_key': ''} # self.connect_info = {'user': '', 'asset': '', 'ip': '', 'port': 0, 'role_name': '', 'role_pass': '', 'role_key': ''}
self.connect_info = {'user': 'a', 'asset': 'b', 'ip': '127.0.0.1', 'port': 22, 'role_name': 'root', 'role_pass': '', 'role_key': '/root/.ssh/id_rsa.bak'} self.connect_info = {'user': 'a', 'asset': 'b', 'ip': '127.0.0.1', 'port': 22, 'role_name': 'root', 'role_pass': 'redhat', 'role_key': ''}
return self.connect_info return self.connect_info
def get_connection(self): def get_connection(self):
@ -452,7 +450,7 @@ class SshTty(Tty):
#print 'ok'+tmp+'ok' #print 'ok'+tmp+'ok'
# SSH_TTY = re.search(r'(?<=/dev/).*', tmp).group().strip() # SSH_TTY = re.search(r'(?<=/dev/).*', tmp).group().strip()
# SSH_TTY = '' # SSH_TTY = ''
channel.send('clear\n') # channel.send('clear\n')
# Make ssh interactive tunnel # Make ssh interactive tunnel
self.posix_shell() self.posix_shell()
@ -468,20 +466,83 @@ class SshTty(Tty):
pass pass
def print_prompt(): def print_user_asset_group_info(user):
""" asset_groups = AssetGroup.objects.all()
Print prompt for asset_group in asset_groups:
打印提示导航 if asset_group.comment:
""" print '[%-2s] %-10s %s' % (asset_group.id, asset_group.name, asset_group.comment)
msg = """\033[1;32m### Welcome Use JumpServer To Login. ### \033[0m else:
1) Type \033[32mIP or Part IP, Host Alias or Comments \033[0m To Login. print '[%-2s] %-10s' % (asset_group.id, asset_group.name)
2) Type \033[32mP/p\033[0m To Print The Servers You Available. print
3) Type \033[32mG/g\033[0m To Print The Server Groups You Available.
4) Type \033[32mG/g(1-N)\033[0m To Print The Server Group Hosts You Available.
5) Type \033[32mE/e\033[0m To Execute Command On Several Servers. class Nav(object):
6) Type \033[32mQ/q\033[0m To Quit. def __init__(self, user):
""" self.user = user
print textwrap.dedent(msg) self.search_result = {}
@staticmethod
def print_nav():
"""
Print prompt
打印提示导航
"""
msg = """\n\033[1;32m### Welcome To Use JumpServer, A Open Source System . ### \033[0m
1) Type \033[32mID\033[0m To Login.
2) Type \033[32m/\033[0m + \033[32mIP, Host Name, Host Alias or Comments \033[0mTo Search.
3) Type \033[32mP/p\033[0m To Print The Servers You Available.
4) Type \033[32mG/g\033[0m To Print The Server Groups You Available.
5) Type \033[32mG/g\033[0m\033[0m + \033[32mGroup ID\033[0m To Print The Server Group You Available.
6) Type \033[32mE/e\033[0m To Execute Command On Several Servers.
7) Type \033[32mQ/q\033[0m To Quit.
"""
msg = """\n\033[1;32m### 欢迎使用Jumpserver开源跳板机 ### \033[0m
1) 输入 \033[32mID\033[0m 直接登录.
2) 输入 \033[32m/\033[0m + \033[32mIP, 主机名, 主机别名 or 备注 \033[0m搜索.
3) 输入 \033[32mP/p\033[0m 显示您有权限的主机.
4) 输入 \033[32mG/g\033[0m 显示您有权限的主机组.
5) 输入 \033[32mG/g\033[0m\033[0m + \033[32m组ID\033[0m 显示该组下主机.
6) 输入 \033[32mE/e\033[0m 批量执行命令.
7) 输入 \033[32mQ/q\033[0m 退出.
"""
print textwrap.dedent(msg)
def search(self, str_r=''):
gid_pattern = re.compile(r'^g\d+$')
user_asset_all = list(Asset.objects.all())
user_asset_search = []
if str_r:
if gid_pattern.match(str_r):
user_asset_search = list(Asset.objects.all())
else:
for asset in user_asset_all:
if str_r in asset.ip or str_r in str(asset.comment):
user_asset_search.append(asset)
else:
user_asset_search = user_asset_all
self.search_result = dict(zip(range(len(user_asset_search)), user_asset_search))
print '\033[32m[%-3s] %-15s %-15s %-5s %-5s %s \033[0m' % ('ID', 'AssetName', 'IP', 'Port', 'Role', 'Comment')
for index, asset in self.search_result.items():
if asset.comment:
print '[%-3s] %-15s %-15s %-5s %-5s %s' % (index, 'asset_name'+str(index), asset.ip, asset.port, 'role', asset.comment)
else:
print '[%-3s] %-15s %-15s %-5s %-5s' % (index, 'asset_name'+str(index), asset.ip, asset.port, 'role')
print
@staticmethod
def print_asset_group():
user_asset_group_all = AssetGroup.objects.all()
print '\033[32m[%-3s] %-15s %s \033[0m' % ('ID', 'GroupName', 'Comment')
for asset_group in user_asset_group_all:
if asset_group.comment:
print '[%-3s] %-15s %s' % (asset_group.id, asset_group.name, asset_group.comment)
else:
print '[%-3s] %-15s' % (asset_group.id, asset_group.name)
print
def main(): def main():
@ -492,29 +553,26 @@ def main():
if not login_user: # 判断用户是否存在 if not login_user: # 判断用户是否存在
color_print(u'没有该用户或许你是以root运行的 No that user.', exits=True) color_print(u'没有该用户或许你是以root运行的 No that user.', exits=True)
print_prompt()
gid_pattern = re.compile(r'^g\d+$') gid_pattern = re.compile(r'^g\d+$')
nav = Nav(login_user)
nav.print_nav()
try: try:
while True: while True:
try: try:
option = raw_input("\033[1;32mOpt or IP>:\033[0m ") option = raw_input("\033[1;32mOpt or ID>:\033[0m ").strip()
except EOFError: except EOFError:
print_prompt() nav.print_nav()
continue continue
except KeyboardInterrupt: except KeyboardInterrupt:
sys.exit(0) sys.exit(0)
if option in ['P', 'p']: if option in ['P', 'p', '\n', '']:
login_user.get_asset_info(printable=True) nav.search()
continue continue
if option.startswith('/') or gid_pattern.match(option):
nav.search(option.lstrip('/'))
elif option in ['G', 'g']: elif option in ['G', 'g']:
login_user.get_asset_group_info(printable=True) nav.print_asset_group()
continue
elif gid_pattern.match(option):
gid = option[1:].strip()
asset_group = get_object(AssetGroup, id=gid)
if asset_group and asset_group.is_permed(user=login_user):
asset_group.get_asset_info(printable=True)
continue continue
elif option in ['E', 'e']: elif option in ['E', 'e']:
# exec_cmd_servers(login_name) # exec_cmd_servers(login_name)
@ -523,7 +581,11 @@ def main():
sys.exit() sys.exit()
else: else:
try: try:
verify_connect(login_user, option) asset = nav.search_result[int(option)]
ssh_tty = SshTty('a', 'b')
ssh_tty.connect()
except (KeyError, ValueError):
color_print('请输入正确ID', 'red')
except ServerError, e: except ServerError, e:
color_print(e, 'red') color_print(e, 'red')
except IndexError: except IndexError:

7
jperm/utils.py
View File

@ -4,7 +4,7 @@ import random
import os.path import os.path
from paramiko.rsakey import RSAKey from paramiko.rsakey import RSAKey
from os import chmod, mkdir from jumpserver.api import mkdir
from uuid import uuid4 from uuid import uuid4
from jumpserver.settings import KEY_DIR from jumpserver.settings import KEY_DIR
@ -46,7 +46,7 @@ def gen_keys():
""" """
key_basename = "key-" + uuid4().hex key_basename = "key-" + uuid4().hex
key_path_dir = os.path.join(KEY_DIR, key_basename) key_path_dir = os.path.join(KEY_DIR, key_basename)
mkdir(key_path_dir, 0700) mkdir(key_path_dir, 0755)
key = RSAKey.generate(2048) key = RSAKey.generate(2048)
private_key = os.path.join(key_path_dir, 'id_rsa') private_key = os.path.join(key_path_dir, 'id_rsa')
@ -61,9 +61,6 @@ def gen_keys():
content_file.write(data) content_file.write(data)
return key_path_dir return key_path_dir
if __name__ == "__main__": if __name__ == "__main__":
print gen_keys() print gen_keys()

3
jumpserver/api.py
View File

@ -388,14 +388,13 @@ def bash(cmd):
return subprocess.call(cmd, shell=True) return subprocess.call(cmd, shell=True)
def mkdir(dir_name, username='root', mode=0755): def mkdir(dir_name, mode=0755):
""" """
insure the dir exist and mode ok insure the dir exist and mode ok
目录存在如果不存在就建立并且权限正确 目录存在如果不存在就建立并且权限正确
""" """
if not os.path.isdir(dir_name): if not os.path.isdir(dir_name):
os.makedirs(dir_name) os.makedirs(dir_name)
bash("chown %s:%s '%s'" % (username, username, dir_name))
os.chmod(dir_name, mode) os.chmod(dir_name, mode)