diff --git a/Bundler/feteduslip.xml b/Bundler/feteduslip.xml
index 6bb6a7f..a396fb3 100644
--- a/Bundler/feteduslip.xml
+++ b/Bundler/feteduslip.xml
@@ -1,3 +1,3 @@
-
+
diff --git a/Bundler/isc-dhcp-client.xml b/Bundler/isc-dhcp-client.xml
index f088869..4897fa8 100644
--- a/Bundler/isc-dhcp-client.xml
+++ b/Bundler/isc-dhcp-client.xml
@@ -1,6 +1,6 @@
-
-
+
+
diff --git a/Bundler/isc-dhcp-server.xml b/Bundler/isc-dhcp-server.xml
index f1ea073..09347fa 100644
--- a/Bundler/isc-dhcp-server.xml
+++ b/Bundler/isc-dhcp-server.xml
@@ -1,7 +1,7 @@
-
+
diff --git a/Bundler/iscsi.xml b/Bundler/iscsi.xml
index dbce25a..4f0da67 100644
--- a/Bundler/iscsi.xml
+++ b/Bundler/iscsi.xml
@@ -15,41 +15,41 @@
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
-
-
+
+
-
-
-
+
+
+
-
+
-
-
-
+
+
+
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
diff --git a/Bundler/openntpd.xml b/Bundler/openntpd.xml
deleted file mode 100644
index e8e3fec..0000000
--- a/Bundler/openntpd.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-
-
-
-
-
-
diff --git a/Bundler/secrets.xml b/Bundler/secrets.xml
index 87efa13..983f8fd 100644
--- a/Bundler/secrets.xml
+++ b/Bundler/secrets.xml
@@ -3,7 +3,7 @@
-
+
diff --git a/Cfg/etc/init.d/openntpd/info.xml b/Cfg/etc/init.d/openntpd/info.xml
deleted file mode 100644
index 9488c80..0000000
--- a/Cfg/etc/init.d/openntpd/info.xml
+++ /dev/null
@@ -1,3 +0,0 @@
-
-
-
diff --git a/Cfg/etc/init.d/openntpd/openntpd b/Cfg/etc/init.d/openntpd/openntpd
deleted file mode 100755
index 09c19a8..0000000
--- a/Cfg/etc/init.d/openntpd/openntpd
+++ /dev/null
@@ -1,74 +0,0 @@
-#!/bin/sh
-
-### BEGIN INIT INFO
-# Provides: openntpd
-# Required-Start: $remote_fs $syslog
-# Required-Stop: $remote_fs $syslog
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Start openntpd at boot time
-# Description: NTP, the Network Time Protocol, is used to keep the
-# computer clocks synchronized.
-### END INIT INFO
-
-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
-DAEMON=/usr/sbin/ntpd
-NAME=ntpd
-DESC=openntpd
-PIDFILE=/var/run/openntpd/ntpd.pid
-
-test -e $DAEMON || exit 0
-
-# Include openntpd defaults if available
-if [ -f /etc/default/openntpd ]
-then
- . /etc/default/openntpd
-fi
-
-set -e
-
-check_privsep_dir()
-{
- # check that the privsep dir exists
- if [ ! -d /var/run/openntpd ]
- then
- mkdir /var/run/openntpd
- chmod 0755 /var/run/openntpd
- fi
-}
-
-case "$1" in
- start)
- check_privsep_dir
- echo -n "Starting $DESC: "
- start-stop-daemon --start --quiet --exec $DAEMON -- $DAEMON_OPTS
- echo "$NAME."
- ps aux | egrep "^root .* /usr/sbin/ntpd$" | awk '{print $2}' > $PIDFILE
- ;;
-
- stop)
- echo -n "Stopping $DESC: "
- start-stop-daemon --stop --oknodo --quiet \
- --pidfile /var/run/openntpd/ntpd.pid --exec $DAEMON
- echo "$NAME."
- ;;
-
- restart|force-reload)
- echo -n "Restarting $DESC: "
- start-stop-daemon --stop --oknodo --quiet \
- --pidfile /var/run/openntpd/ntpd.pid --exec $DAEMON
- sleep 1
- check_privsep_dir
- start-stop-daemon --start --quiet --exec $DAEMON -- $DAEMON_OPTS
- echo "$NAME."
- ps aux | egrep "^root .* /usr/sbin/ntpd$" | awk '{print $2}' > $PIDFILE
- ;;
-
- *)
- N=/etc/init.d/$NAME
- echo "Usage: $N {start|stop|restart|force-reload}" >&2
- exit 1
- ;;
-esac
-
-exit 0
diff --git a/Metadata/clients.xml b/Metadata/clients.xml
index e384b4a..d219d16 100755
--- a/Metadata/clients.xml
+++ b/Metadata/clients.xml
@@ -11,7 +11,7 @@
-
+
diff --git a/Metadata/groups.xml b/Metadata/groups.xml
index 66ca46d..4fb7e66 100644
--- a/Metadata/groups.xml
+++ b/Metadata/groups.xml
@@ -972,7 +972,7 @@
-
+
@@ -1093,12 +1093,12 @@
-
+
-
+
@@ -1243,11 +1243,6 @@
-
-
-
-
-
@@ -1312,7 +1307,7 @@
-
+
@@ -1551,7 +1546,7 @@
-
+
@@ -1583,7 +1578,7 @@
-
+
diff --git a/Python/etc/apt/sources.list b/Python/etc/apt/sources.list
index de94b66..f14ad32 100644
--- a/Python/etc/apt/sources.list
+++ b/Python/etc/apt/sources.list
@@ -13,15 +13,15 @@ distro = metadata.categories["debian-version"]
repo = "ftp://mirror.adm.crans.org"
def source(args):
- print "deb " + args
- print "deb-src " + args
- print
+ out("deb %s" % (args,))
+ out("deb-src %s" % (args,))
+ out()
components = "main"
customcomponents = "main"
if has("non-free"):
components = "main contrib non-free"
-
+
if has("ovh") or has("soyouz"):
@# Dépôt classique
source("ftp://mir1.ovh.net/debian/ %s %s" % (distro, components))
@@ -29,13 +29,13 @@ if has("ovh") or has("soyouz"):
source("ftp://mir1.ovh.net/debian/ %s-updates %s" % (distro, components))
@# Mises à jour de sécurité
source("ftp://security.debian.org/debian-security %s/updates %s" % (distro, components))
-
+
@# Paquets construits à la main
source("%s/custom %s %s" % (repo, distro, customcomponents))
-
+
else:
source("%s/debian-security %s/updates %s" % (repo, distro, components))
-
+
@# Dépôt classique
source("%s/debian %s %s" % (repo, distro, components))
@# Dépôt pour mises à jour fréquentes (volatile)
diff --git a/Python/etc/arpwatch.conf b/Python/etc/arpwatch.conf
index 6fd7a60..7d2f265 100644
--- a/Python/etc/arpwatch.conf
+++ b/Python/etc/arpwatch.conf
@@ -22,4 +22,4 @@ info["mode"] = 0644
include("arpwatch")
for vlan in watched_vlans:
iface = 'eth0.%d' % vlan
- print("%s -m root@crans.org" % iface)
+ out("%s -m root@crans.org" % (iface,))
diff --git a/Python/etc/auto.master b/Python/etc/auto.master
index a775a7e..f00da45 100644
--- a/Python/etc/auto.master
+++ b/Python/etc/auto.master
@@ -4,9 +4,9 @@ header("Définition des points de montage pour autofs.")
def mount(mntpoint, script, timeout=None):
if timeout is not None:
- print mntpoint, script, '-t%s' % timeout
+ out("%s %s -t%s" % (mntpoint, script, timeout))
else:
- print mntpoint, script
+ out("%s %s" % (mntpoint, script))
if has("home") and not has("home-permanent"):
mount("/home", "/etc/auto.home", 600)
diff --git a/Python/etc/backuppc/config.pl b/Python/etc/backuppc/config.pl
index 6a80802..50113d9 100644
--- a/Python/etc/backuppc/config.pl
+++ b/Python/etc/backuppc/config.pl
@@ -1257,7 +1257,7 @@ info["mode"] = 0600
@#
@#$Conf{RsyncdPasswd} = '';
@
-print "$Conf{RsyncdPasswd} = '%s';" % secrets.backuppc_RsyncdPasswd
+out("$Conf{RsyncdPasswd} = '%s';" % (secrets.backuppc_RsyncdPasswd,))
@
@#
@# Whether authentication is mandatory when connecting to the client's
diff --git a/Python/etc/backuppc/hosts b/Python/etc/backuppc/hosts
index aba874b..950dfd6 100644
--- a/Python/etc/backuppc/hosts
+++ b/Python/etc/backuppc/hosts
@@ -6,11 +6,11 @@ info["owner"] = "backuppc"
info["group"] = "adm"
info["mode"] = 0640
-def backuppc_hosts(comment, hostslist):
- print "# %s" % comment
+def backuppc_hosts(commentaire, hostslist):
+ comment(commentaire)
for host in hostslist:
- print '%s 0 backuppc' % host
- print ''
+ out('%s 0 backuppc' % (host,))
+ out()
@#============================================================= -*-perl-*-
@#
diff --git a/Python/etc/bind/db.fake b/Python/etc/bind/db.fake
index bf7ece6..31db740 100644
--- a/Python/etc/bind/db.fake
+++ b/Python/etc/bind/db.fake
@@ -29,4 +29,4 @@ header("Zone du dns menteur pour accueil")
for ip in config.accueil_route.keys():
if 'hosts' in config.accueil_route[ip].keys():
for host in config.accueil_route[ip]['hosts']:
- print "%s IN A %s" % (host,ip)
+ out("%s IN A %s" % (host, ip))
diff --git a/Python/etc/bind/db.loppsi.crans.org b/Python/etc/bind/db.loppsi.crans.org
index cc9cd03..6bd73ae 100644
--- a/Python/etc/bind/db.loppsi.crans.org
+++ b/Python/etc/bind/db.loppsi.crans.org
@@ -12,16 +12,16 @@ header("Zone du dns menteur")
@$TTL 3600 ; 1 hour
@@ IN SOA sable.crans.org. root.crans.org. (
-print """ 2386410401 ; serial
- 21600 ; refresh (6 hours)
- 3600 ; retry (1 hour)
- 1209600 ; expire (2 weeks)
- 3600 ; minimum (1 hour)
- )
- NS sable.crans.org.
-"""
+@ 2386410401 ; serial
+@ 21600 ; refresh (6 hours)
+@ 3600 ; retry (1 hour)
+@ 1209600 ; expire (2 weeks)
+@ 3600 ; minimum (1 hour)
+@ )
+@ NS sable.crans.org.
+@
-print "archive.ubuntu.com CNAME charybde.crans.org."
-print "*.archive.ubuntu.com CNAME charybde.crans.org."
+@archive.ubuntu.com CNAME charybde.crans.org.
+@*.archive.ubuntu.com CNAME charybde.crans.org.
-print "teredo.ipv6.microsoft.com CNAME ."
+@teredo.ipv6.microsoft.com CNAME .
diff --git a/Python/etc/bind/db.rpz.crans.org b/Python/etc/bind/db.rpz.crans.org
index 4b92257..2a19af6 100644
--- a/Python/etc/bind/db.rpz.crans.org
+++ b/Python/etc/bind/db.rpz.crans.org
@@ -12,13 +12,13 @@ header("Zone pour la response policy pour les utilisateur courant")
@$TTL 3600 ; 1 hour
@@ IN SOA sable.crans.org. root.crans.org. (
-print """ 2386410401 ; serial
- 21600 ; refresh (6 hours)
- 3600 ; retry (1 hour)
- 1209600 ; expire (2 weeks)
- 3600 ; minimum (1 hour)
- )
- NS sable.crans.org.
-"""
+@ 2386410401 ; serial
+@ 21600 ; refresh (6 hours)
+@ 3600 ; retry (1 hour)
+@ 1209600 ; expire (2 weeks)
+@ 3600 ; minimum (1 hour)
+@ )
+@ NS sable.crans.org.
+@
-print "teredo.ipv6.microsoft.com CNAME ."
+@teredo.ipv6.microsoft.com CNAME .
diff --git a/Python/etc/bind/named.conf.local b/Python/etc/bind/named.conf.local
index d91c547..cd08035 100644
--- a/Python/etc/bind/named.conf.local
+++ b/Python/etc/bind/named.conf.local
@@ -17,7 +17,7 @@ class print_idented(object):
def __init(self):
pass
def p(self, str):
- print '%s%s' % (' '*ident, str)
+ out('%s%s' % (' '*ident, str))
class view(print_idented):
def __init__(self, name, match_client=None):
@@ -121,11 +121,11 @@ with view("default-view", "any") as v:
z.p(' %s;' % f)
z.p('};')
-print """
+out("""
// bricoles de config en plus
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { "key"; };
};
-"""
+""")
diff --git a/Python/etc/bind/named.conf.notify b/Python/etc/bind/named.conf.notify
index 27f9c17..2ccbbc0 100644
--- a/Python/etc/bind/named.conf.notify
+++ b/Python/etc/bind/named.conf.notify
@@ -11,7 +11,7 @@ header("Options de Bind9")
import config.dns
def notify(ips):
- print " also-notify { \n %s;\n };" % ';\n '.join(ips)
+ out(" also-notify { \n %s;\n };" % (';\n '.join(ips),))
allowed = set()
diff --git a/Python/etc/bind/named.conf.options b/Python/etc/bind/named.conf.options
index 84cbe0a..179cba5 100644
--- a/Python/etc/bind/named.conf.options
+++ b/Python/etc/bind/named.conf.options
@@ -13,16 +13,16 @@ import config.dns
comment("Listes d'acces")
if has("vlan-isolement"):
- print 'acl "isolement" { %s; };' % '; '.join(config.NETs['isolement'])
+ out('acl "isolement" { %s; };' % ('; '.join(config.NETs['isolement']),))
if has("vlan-radin"):
- print 'acl "radins" { %s; };' % '; '.join(config.NETs['gratuit'])
+ out('acl "radins" { %s; };' % ('; '.join(config.NETs['gratuit']),))
if has("vlan-accueil"):
- print 'acl "accueil" { %s; };' % '; '.join(config.NETs['accueil'])
+ out('acl "accueil" { %s; };' % ('; '.join(config.NETs['accueil']),))
if has("vlan-ens"):
- print 'acl "appartement" { %s; };' % '; '.join(config.NETs['personnel-ens'] + config.prefix['personnel-ens'])
-print 'acl "crans" { %s; };' % '; '.join(config.prefix['fil'] + config.prefix['wifi'] + config.NETs['all'])
-print 'acl "cransadm" { %s; };' % '; '.join(config.prefix['adm'] + config.NETs['adm'])
-print 'acl "menteur" { %s; };' % '; '.join(config.dns.menteur_clients)
+ out('acl "appartement" { %s; };' % ('; '.join(config.NETs['personnel-ens'] + config.prefix['personnel-ens']),))
+out('acl "crans" { %s; };' % ('; '.join(config.prefix['fil'] + config.prefix['wifi'] + config.NETs['all']),))
+out('acl "cransadm" { %s; };' % ('; '.join(config.prefix['adm'] + config.NETs['adm']),))
+out('acl "menteur" { %s; };' % ('; '.join(config.dns.menteur_clients),))
@options {
@@ -40,8 +40,8 @@ if has("dns-recursif") or has("dns-forward-only"):
zones.append("accueil")
if has("vlan-isolement"):
zones.append("isolement")
- print " allow-query-cache { %s; };" % '; '.join(zones)
- print " allow-recursion { %s; };" % '; '.join(zones)
+ out(" allow-query-cache { %s; };" % ('; '.join(zones),))
+ out(" allow-recursion { %s; };" % ('; '.join(zones),))
@ recursive-clients 5000;
else:
@@ -62,7 +62,7 @@ if has("dns-primary") or has("dns-tv"):
if allowed:
allowed = list(allowed)
allowed.sort()
- print " %s;" % ';\n '.join(allowed)
+ out(" %s;" % (';\n '.join(allowed),))
@ };
@ allow-query { any; };
@ auth-nxdomain no; # conform to RFC1035
@@ -75,7 +75,7 @@ if not has("dns-secondary-no-forward") and not has("dns-forward-only"):
@ // Ne pas modifier le commentaire de fin de ligne suivant,
@ // traitement automatique pour la connexion de secours
@ // (ligne decommentee automatiquement en mode secours)
- print"// forwarders { %s; } ; #POUR SECOURS" % config.dns.secours_relay
+ out("// forwarders { %s; } ; #POUR SECOURS" % (config.dns.secours_relay,))
if has("dnssec-validation"):
@ dnssec-enable yes;
diff --git a/Python/etc/bind/rndc.key b/Python/etc/bind/rndc.key
index 9fe1579..00191e6 100644
--- a/Python/etc/bind/rndc.key
+++ b/Python/etc/bind/rndc.key
@@ -11,6 +11,6 @@ info["mode"] = 0640
@
@key "key" {
@ algorithm hmac-md5;
-print ' secret "%s";' % secrets.rndc_key
+out(' secret "%s";' % (secrets.rndc_key,))
@};
diff --git a/Python/etc/crans/secrets/README b/Python/etc/crans/secrets/README
index 1aa56a0..fea2a93 100644
--- a/Python/etc/crans/secrets/README
+++ b/Python/etc/crans/secrets/README
@@ -1,2 +1,2 @@
info["mode"] = 0640
-print file("/etc/crans/secrets/README").read()
+_out(open("/etc/crans/secrets/README", "r").read())
diff --git a/Python/etc/crans/secrets/dhcp.py b/Python/etc/crans/secrets/dhcp.py
index 65f8997..0bbb412 100644
--- a/Python/etc/crans/secrets/dhcp.py
+++ b/Python/etc/crans/secrets/dhcp.py
@@ -6,5 +6,5 @@ else:
info["group"] = "adm"
import dhcp
-print "dhcp_omapi_keyname = '%s'" % dhcp.dhcp_omapi_keyname
-print "dhcp_omapi_keys = %s" % dhcp.dhcp_omapi_keys
+out("dhcp_omapi_keyname = '%s'" % (dhcp.dhcp_omapi_keyname,))
+out("dhcp_omapi_keys = %s" % (dhcp.dhcp_omapi_keys,))
diff --git a/Python/etc/crans/secrets/icecast-token b/Python/etc/crans/secrets/icecast-token
index 6a6c9bf..fdfcfa7 100644
--- a/Python/etc/crans/secrets/icecast-token
+++ b/Python/etc/crans/secrets/icecast-token
@@ -2,4 +2,4 @@ info["mode"] = 0440
info["owner"] = "root"
info["group"] = "adm"
-print file("/etc/crans/secrets/icecast-token").read()
+_out(open("/etc/crans/secrets/icecast-token", "r").read())
diff --git a/Python/etc/crans/secrets/nols.py b/Python/etc/crans/secrets/nols.py
index 94cda26..346ac7a 100644
--- a/Python/etc/crans/secrets/nols.py
+++ b/Python/etc/crans/secrets/nols.py
@@ -1,3 +1,3 @@
info["mode"] = 0440
info["group"] = "adm"
-print file("/etc/crans/secrets/nols.py").read()
+_out(open("/etc/crans/secrets/nols.py", "r").read())
diff --git a/Python/etc/crans/secrets/privatekey_passphrase b/Python/etc/crans/secrets/privatekey_passphrase
index dbe2be4..6921be0 100644
--- a/Python/etc/crans/secrets/privatekey_passphrase
+++ b/Python/etc/crans/secrets/privatekey_passphrase
@@ -4,4 +4,4 @@ if has("users") or has("2B"):
else:
info["owner"] = "root"
info["group"] = "adm"
-print file("/etc/crans/secrets/privatekey_passphrase").read()
+_out(open("/etc/crans/secrets/privatekey_passphrase", "r").read())
diff --git a/Python/etc/crans/secrets/rabbitmq_trigger_password b/Python/etc/crans/secrets/rabbitmq_trigger_password
index c8ab314..20a2bcd 100644
--- a/Python/etc/crans/secrets/rabbitmq_trigger_password
+++ b/Python/etc/crans/secrets/rabbitmq_trigger_password
@@ -2,4 +2,4 @@ info["mode"] = 0440
info["owner"] = "root"
info["group"] = "adm"
-print file("/etc/crans/secrets/rabbitmq_trigger_password").read()
+_out(open("/etc/crans/secrets/rabbitmq_trigger_password", "r").read())
diff --git a/Python/etc/crans/secrets/rsyncd.secrets b/Python/etc/crans/secrets/rsyncd.secrets
index dd3ae7d..4f687f8 100644
--- a/Python/etc/crans/secrets/rsyncd.secrets
+++ b/Python/etc/crans/secrets/rsyncd.secrets
@@ -1,4 +1,4 @@
# -*- coding: utf-8 -*-
info["mode"] = 0600
-print file("/etc/crans/secrets/rsyncd.secrets").read()
+_out(open("/etc/crans/secrets/rsyncd.secrets", "r").read())
diff --git a/Python/etc/crans/secrets/secrets.py b/Python/etc/crans/secrets/secrets.py
index a784590..f04c60f 100644
--- a/Python/etc/crans/secrets/secrets.py
+++ b/Python/etc/crans/secrets/secrets.py
@@ -5,4 +5,4 @@ else:
info["owner"] = "root"
info["group"] = "adm"
-print file("/etc/crans/secrets/secrets.py").read()
+_out(open("/etc/crans/secrets/secrets.py", "r").read())
diff --git a/Python/etc/crans/secrets/slon.py b/Python/etc/crans/secrets/slon.py
index d6ea53b..a337d67 100644
--- a/Python/etc/crans/secrets/slon.py
+++ b/Python/etc/crans/secrets/slon.py
@@ -1,3 +1,4 @@
info["mode"] = 0440
info["group"] = "adm"
-print file("/etc/crans/secrets/slon.py").read()
+
+_out(open("/etc/crans/secrets/slon.py", "r").read())
diff --git a/Python/etc/crans/secrets/trigger-generate b/Python/etc/crans/secrets/trigger-generate
index 1a8f74b..96d68dc 100644
--- a/Python/etc/crans/secrets/trigger-generate
+++ b/Python/etc/crans/secrets/trigger-generate
@@ -2,4 +2,4 @@ info["mode"] = 0440
info["owner"] = "root"
info["group"] = "adm"
-print file("/etc/crans/secrets/trigger-generate").read()
+_out(open("/etc/crans/secrets/trigger-generate", "r").read())
diff --git a/Python/etc/crans/secrets/trigger-generate.pub b/Python/etc/crans/secrets/trigger-generate.pub
index 6c176c6..8d5e57c 100644
--- a/Python/etc/crans/secrets/trigger-generate.pub
+++ b/Python/etc/crans/secrets/trigger-generate.pub
@@ -1,4 +1,4 @@
info["mode"] = 0444
info["owner"] = "root"
info["group"] = "adm"
-print file("/etc/crans/secrets/trigger-generate.pub").read()
+_out(open("/etc/crans/secrets/trigger-generate.pub", "r").read())
diff --git a/Python/etc/crans/services.py b/Python/etc/crans/services.py
index 28c0348..52b2980 100644
--- a/Python/etc/crans/services.py
+++ b/Python/etc/crans/services.py
@@ -15,8 +15,8 @@ for client in clients:
for group in client.groups:
groups_dict.setdefault(group, []).append(client.hostname.split('.', 1)[0])
-print "services = {"
+out("services = {")
for (group_name, clients) in groups_dict.iteritems():
clients.sort()
- print " '%s': %s," % (group_name, clients)
-print "}"
+ out(" '%s': %s," % (group_name, clients))
+out("}")
diff --git a/Python/etc/crans/wgetrc_monit b/Python/etc/crans/wgetrc_monit
index d6ac0c3..c44d2c0 100644
--- a/Python/etc/crans/wgetrc_monit
+++ b/Python/etc/crans/wgetrc_monit
@@ -8,8 +8,8 @@ include("secrets")
header("Config de wget pour récupérer le status des serveurs")
-print """quiet=1
-timeout=10
-http-user=monit"""
-print "http-password=" + secrets_new.get('monit_password')
+@quiet=1
+@timeout=10
+@http-user=monit
+out("http-password=%s" % (secrets_new.get('monit_password'),))
diff --git a/Python/etc/cron.d/check_cert b/Python/etc/cron.d/check_cert
index b90d411..1b07926 100644
--- a/Python/etc/cron.d/check_cert
+++ b/Python/etc/cron.d/check_cert
@@ -14,11 +14,9 @@ def check_cert(host='localhost', port=443, user="www-data", filename=None):
'filename': filename,
}
if filename:
- print "43 7 * * * %(user)s /usr/scripts/utils/check_cert.py --filename %(filename)s" %\
- params
+ out("43 7 * * * %(user)s /usr/scripts/utils/check_cert.py --filename %(filename)s" % params)
else:
- print "42 7 * * * %(user)s /usr/scripts/utils/check_cert.py %(host)s %(port)s" %\
- params
+ out("42 7 * * * %(user)s /usr/scripts/utils/check_cert.py %(host)s %(port)s" % params)
# Host specific
if has('https-server') or has('https_cert'):
diff --git a/Python/etc/cron.d/firewall b/Python/etc/cron.d/firewall
index 14c7fd5..39aa74d 100644
--- a/Python/etc/cron.d/firewall
+++ b/Python/etc/cron.d/firewall
@@ -12,12 +12,12 @@ random.seed(admip())
header("Régénération du pare-feu")
min=random.randint(0,59)
-print "# Regénération des règles MAC-IP du firewall"
-print "%s 1 * * * root /usr/scripts/gestion/gen_confs/firewall4/firewall4.py test_mac_ip > /dev/null" % min
+@# Regénération des règles MAC-IP du firewall
+out("%s 1 * * * root /usr/scripts/gestion/gen_confs/firewall4/firewall4.py test_mac_ip > /dev/null" % (min,))
-print "# Régénération des blacklists du firewall"
-print "%s 2 * * * root /usr/scripts/gestion/gen_confs/firewall4/firewall4.py blacklists > /dev/null" % min
+@# Régénération des blacklists du firewall
+out("%s 2 * * * root /usr/scripts/gestion/gen_confs/firewall4/firewall4.py blacklists > /dev/null" % (min,))
if has("odlyd"):
- print "# Base pour redonner un accès temporairement aux non réadhérents"
- print "30 * * * * root /usr/sbin/ipset flush CONFIRMATION"
+ @# Base pour redonner un accès temporairement aux non réadhérents
+ @30 * * * * root /usr/sbin/ipset flush CONFIRMATION
diff --git a/Python/etc/cron.d/generate b/Python/etc/cron.d/generate
index 7cfc6e7..d64de82 100644
--- a/Python/etc/cron.d/generate
+++ b/Python/etc/cron.d/generate
@@ -12,4 +12,4 @@ random.seed(admip())
header("Régénération de la configuration des services")
min=random.randint(0,9)
-print "%s-%s/10 * * * * root /usr/scripts/gestion/gen_confs/generate.py > /dev/null" % (min, 50+min)
+out("%s-%s/10 * * * * root /usr/scripts/gestion/gen_confs/generate.py > /dev/null" % (min, 50+min))
diff --git a/Python/etc/cron.d/monit b/Python/etc/cron.d/monit
index 4f750bd..070f44a 100644
--- a/Python/etc/cron.d/monit
+++ b/Python/etc/cron.d/monit
@@ -33,7 +33,7 @@ data = {
# Si ce serveur possède un nfs, on génère le cron qui écrit dedans
if has_shared_scripts(metadata):
comment("Copie de `monit status` sur le nfs")
- print cron_tpl_nfs % data
+ out(cron_tpl_nfs % data)
# Pour les autres serveurs, c'est le serveur autostatus qui récupère
if has('autostatus'):
@@ -41,4 +41,4 @@ if has('autostatus'):
for client in metadata.query.all():
if not has_shared_scripts(client):
data['host'] = client.hostname.split('.', 1)[0]
- print cron_tpl_nonfs % data
+ out(cron_tpl_nonfs % data)
diff --git a/Python/etc/cron.d/munin-crans b/Python/etc/cron.d/munin-crans
index 293293e..609cb11 100644
--- a/Python/etc/cron.d/munin-crans
+++ b/Python/etc/cron.d/munin-crans
@@ -18,6 +18,6 @@ for group in metadata.groups:
header("""Commandes cron pour les plugins munin custom Cr@ns""")
if cron_lines:
- print '\n\n'.join(cron_lines)
+ out('\n\n'.join(cron_lines))
else:
- print '# Rien à voir ici...'
+ out('# Rien à voir ici...')
diff --git a/Python/etc/cron.d/munin-node b/Python/etc/cron.d/munin-node
index 4cc0d85..78cb1ad 100644
--- a/Python/etc/cron.d/munin-node
+++ b/Python/etc/cron.d/munin-node
@@ -5,7 +5,8 @@ info["group"] = "root"
info["mode"] = 0644
header("Cronjob munin-node")
-print """
+
+out("""
MAILTO=root
# If the APT plugin is enabled, update packages databases approx. once
@@ -13,21 +14,15 @@ MAILTO=root
# happen), but ensure that there will never be more than two hour (7200
# seconds) interval between updates..
-"""
-
-print """# J'ai trouve ce workaround sur :
+# J'ai trouve ce workaround sur :
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687912
# le bugreport pretend que la derniere version de munin fix le probleme, mais non
# --
# 20-100, le 20/01/2013
MUNIN_PLUGSTATE=/var/lib/munin-node/plugin-state/root
-"""
-
-print """
# Quand on le fait trop vite, parfois la tache precedente n'a pas eu le temps
# de finir et donc la suivante crashe parce qu'elle n'arrive pas a prendre
# le lock
*/10 * * * * root if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi
-"""
-
+""")
diff --git a/Python/etc/cron.d/secours b/Python/etc/cron.d/secours
index 74b1242..b25ba2c 100644
--- a/Python/etc/cron.d/secours
+++ b/Python/etc/cron.d/secours
@@ -6,8 +6,8 @@ info["mode"] = 0644
if has('connexion-secours-test'):
header("Teste la disponibilité de la connexion normale et passe en secours si besoin")
- print "* * * * * root /usr/scripts/secours/secours.py test > /dev/null"
+ @* * * * * root /usr/scripts/secours/secours.py test > /dev/null
else:
header("Mise en place de la connexion de secours suivant l'état du maitre")
- print "* * * * * root /usr/scripts/secours/secours.py > /dev/null"
+ @* * * * * root /usr/scripts/secours/secours.py > /dev/null
diff --git a/Python/etc/cron.d/sshFingerprint b/Python/etc/cron.d/sshFingerprint
index 9dc9cda..12abc2b 100644
--- a/Python/etc/cron.d/sshFingerprint
+++ b/Python/etc/cron.d/sshFingerprint
@@ -12,6 +12,6 @@ include("ip")
@# On vérifie si les clef ssh de la machine ont changés. Si oui, on les mets à jours dans ldap
min=int(admip().split('.')[3])%60
-print "%s 9 * * * root /usr/scripts/gestion/gen_confs/populate_sshFingerprint.py" % min
+out("%s 9 * * * root /usr/scripts/gestion/gen_confs/populate_sshFingerprint.py" % (min,))
@# On met à jour le known_hosts global
-print "%s 10 * * * root /usr/sbin/bcfg2 -b knownhosts -q" % min
+out("%s 10 * * * root /usr/sbin/bcfg2 -b knownhosts -q" % (min,))
diff --git a/Python/etc/cron.daily/git_dirty_repo b/Python/etc/cron.daily/git_dirty_repo
index d9c609e..1eb4b40 100644
--- a/Python/etc/cron.daily/git_dirty_repo
+++ b/Python/etc/cron.daily/git_dirty_repo
@@ -12,21 +12,21 @@ default_from = "roots@crans.org"
default_to = "roots@crans.org"
if has("crans-nfs"):
- print '%s --untracked-weekly --repository=/usr/scripts --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
- print '%s --untracked-weekly --repository=/usr/scripts/lc_ldap --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
- print '%s --untracked-weekly --repository=/usr/scripts/intranet --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
- print '%s --untracked-weekly --repository=/usr/scripts/wifi_new --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
- print '%s --untracked-weekly --repository=/usr/scripts/src/mac_ip --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
- print '%s --untracked-weekly --repository=/home/respbats/www/config --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
+ out('%s --untracked-weekly --repository=/usr/scripts --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
+ out('%s --untracked-weekly --repository=/usr/scripts/lc_ldap --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
+ out('%s --untracked-weekly --repository=/usr/scripts/intranet --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
+ out('%s --untracked-weekly --repository=/usr/scripts/wifi_new --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
+ out('%s --untracked-weekly --repository=/usr/scripts/src/mac_ip --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
+ out('%s --untracked-weekly --repository=/home/respbats/www/config --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
if has("bcfg2"):
- print '%s --untracked-weekly --repository=/var/lib/bcfg2 --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
+ out('%s --untracked-weekly --repository=/var/lib/bcfg2 --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
if has("vert"):
- print '%s --untracked-weekly --repository=/root/cranspasswords --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
+ out('%s --untracked-weekly --repository=/root/cranspasswords --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
if has("news-server"):
- print '%s --untracked-weekly --repository=/var/www --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
+ out('%s --untracked-weekly --repository=/var/www --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
if has("intranet2-server"):
- print '%s --untracked-weekly --repository=/usr/local/django/intranet --from="%s" --to="%s"' % (notifier_path, default_from, default_to)
+ out('%s --untracked-weekly --repository=/usr/local/django/intranet --from="%s" --to="%s"' % (notifier_path, default_from, default_to))
diff --git a/Python/etc/cron.weekly/git_dirty_repo b/Python/etc/cron.weekly/git_dirty_repo
index 8bfb975..3d3be6a 100644
--- a/Python/etc/cron.weekly/git_dirty_repo
+++ b/Python/etc/cron.weekly/git_dirty_repo
@@ -12,4 +12,4 @@ default_from = "roots@crans.org"
default_to = "roots@crans.org"
if has("crans-nfs"):
- print '%s --repository=/home/ca --from="%s" --to="%s"' % (notifier_path, default_from, "bureau@lists.crans.org")
+ out('%s --repository=/home/ca --from="%s" --to="%s"' % (notifier_path, default_from, "bureau@lists.crans.org"))
diff --git a/Python/etc/default/monit b/Python/etc/default/monit
index 9d8433f..0f9f16b 100644
--- a/Python/etc/default/monit
+++ b/Python/etc/default/monit
@@ -7,11 +7,9 @@ info["mode"] = 0644
header('Demarrage de monit')
-print """
-
-# On lance monit automatiquement
-START="yes"
-
-MONIT_OPTS="-d 60"
-
-"""
+@
+@# On lance monit automatiquement
+@START="yes"
+@
+@MONIT_OPTS="-d 60"
+@
diff --git a/Python/etc/default/mumudvb b/Python/etc/default/mumudvb
index f85699f..b586cac 100644
--- a/Python/etc/default/mumudvb
+++ b/Python/etc/default/mumudvb
@@ -36,10 +36,10 @@ for i in range(0,dernierecarte):
adapters=adapters[:-1]
-print 'ADAPTERS="%s"' % adapters
+out('ADAPTERS="%s"' % (adapters,))
@
@#Location of the config files
@#Ex : MUMUDVB_CONF_1="/etc/mumudvb/card1.conf"
for i in range(0,dernierecarte):
- print 'MUMUDVB_CONF_%d="/etc/sat/carte%d.conf"' % (i,i)
+ out('MUMUDVB_CONF_%d="/etc/sat/carte%d.conf"' % (i, i))
diff --git a/Python/etc/default/slapd b/Python/etc/default/slapd
index fb589b1..1de0e18 100644
--- a/Python/etc/default/slapd
+++ b/Python/etc/default/slapd
@@ -40,7 +40,7 @@ slapd_services += ["ldap://%s/" % admip()]
if has("sable"):
slapd_services += ["ldaps://%s/" % pubip()]
-print 'SLAPD_SERVICES="%s"' % ' '.join(slapd_services)
+out('SLAPD_SERVICES="%s"' % (' '.join(slapd_services),))
@
@# Additional options to pass to slapd and slurpd
@SLAPD_OPTIONS=""
diff --git a/Python/etc/dhcp3/dhcp-failover.conf b/Python/etc/dhcp3/dhcp-failover.conf
index ed54e68..5f57766 100644
--- a/Python/etc/dhcp3/dhcp-failover.conf
+++ b/Python/etc/dhcp3/dhcp-failover.conf
@@ -12,21 +12,22 @@ include("ip")
import config
if len(config.dhcp_servers) > 2:
- print "####################################################################"
- print "## ATTENTION LA CONFIGURATION NE PEUT PAS GÉRER PLUS DE DEUX DHCP ##"
- print "####################################################################"
+ @"####################################################################"
+ @"## ATTENTION LA CONFIGURATION NE PEUT PAS GÉRER PLUS DE DEUX DHCP ##"
+ @"####################################################################"
myip = admip()
herip = admipof([name for name in config.dhcp_servers if name != admhostname][0].split('.',1)[0])
-print 'failover peer "dhcp-failover" {'
+@failover peer "dhcp-failover" {
if has("dhcp-server-primary"):
- print """ primary;
- split 128;
- mclt 3600;"""
+ @ primary;
+ @ split 128;
+ @ mclt 3600;
elif has("dhcp-server-secondary"):
- print " secondary;"
-print """ address %s;
+ @ secondary;
+
+out(""" address %s;
port 647;
peer address %s;
peer port 647;
@@ -34,4 +35,4 @@ print """ address %s;
max-unacked-updates 10;
load balance max seconds 3;
}
-""" % (myip, herip)
+""" % (myip, herip))
diff --git a/Python/etc/dhcp3/dhcpd.conf b/Python/etc/dhcp3/dhcpd.conf
index 6f00885..b00151b 100644
--- a/Python/etc/dhcp3/dhcpd.conf
+++ b/Python/etc/dhcp3/dhcpd.conf
@@ -13,51 +13,46 @@ import config.dns
instpar = has('ytrap-llatsni')
-print """
-#
-# Sample configuration file for ISC dhcpd for Debian
-#
-# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
-#
-
-# The ddns-updates-style parameter controls whether or not the server will
-# attempt to do a DNS update when a lease is confirmed. We default to the
-# behavior of the version 2 packages ('none', since DHCP v2 didn't
-# have support for DDNS.)
-ddns-update-style none;"""
-
+@#
+@# Sample configuration file for ISC dhcpd for Debian
+@#
+@# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
+@#
+@
+@# The ddns-updates-style parameter controls whether or not the server will
+@# attempt to do a DNS update when a lease is confirmed. We default to the
+@# behavior of the version 2 packages ('none', since DHCP v2 didn't
+@# have support for DDNS.)
+@ddns-update-style none;
+@
if not instpar:
- print """
-include "/etc/dhcp3/omapi.conf";"""
+ @include "/etc/dhcp3/omapi.conf";
+ @
-print """
-# option definitions common to all supported networks...
-option option-252 code 252 = text ;
-option domain-search code 119 = text ;
-option option-119 code 119 = text ;
-# La pluspart de nos réseaux sont taggués, on utilise donc une mtu de 1500-4 octets
-option interface-mtu 1496;
-
-# If this DHCP server is the official DHCP server for the local
-# network, the authoritative directive should be uncommented.
-"""
+@# option definitions common to all supported networks...
+@option option-252 code 252 = text ;
+@option domain-search code 119 = text ;
+@option option-119 code 119 = text ;
+@# La pluspart de nos réseaux sont taggués, on utilise donc une mtu de 1500-4 octets
+@option interface-mtu 1496;
+@
+@# If this DHCP server is the official DHCP server for the local
+@# network, the authoritative directive should be uncommented.
if instpar:
- print "authoritative;"
+ @authoritative;
else:
- print "#authoritative;"
+ @#authoritative;
-print """
-# Use this to send dhcp log messages to a different log file (you also
-# have to hack syslog.conf to complete the redirection).
-log-facility local7;"""
+@# Use this to send dhcp log messages to a different log file (you also
+@# have to hack syslog.conf to complete the redirection).
+@log-facility local7;
if not instpar:
- print """
-include "/etc/dhcp3/dhcp-failover.conf";"""
+ @include "/etc/dhcp3/dhcp-failover.conf";
if has("vlan-radin"):
- print """
+ out("""
# VLan gratuit
subnet 10.42.0.0 netmask 255.255.0.0 {
interface eth3;
@@ -68,10 +63,10 @@ subnet 10.42.0.0 netmask 255.255.0.0 {
range 10.42.1.1 10.42.255.200;
failover peer "dhcp-failover";
}
-}""" % ', '.join(config.dns.recursiv['gratuit'])
+}""" % (', '.join(config.dns.recursiv['gratuit']),))
if has("vlan-accueil"):
- print """
+ out("""
# VLan accueil
subnet 10.51.0.0 netmask 255.255.0.0 {
interface eth4;
@@ -91,10 +86,10 @@ subnet 10.51.0.0 netmask 255.255.0.0 {
failover peer "dhcp-failover";
range 10.51.1.1 10.51.255.200;
}
-}""" % ', '.join(config.dns.recursiv['accueil'])
+}""" % (', '.join(config.dns.recursiv['accueil']),))
if has("vlan-isolement"):
- print """
+ out("""
# VLan isolement
subnet 10.52.0.0 netmask 255.255.0.0 {
interface eth5;
@@ -111,10 +106,10 @@ subnet 10.52.0.0 netmask 255.255.0.0 {
range 10.52.1.1 10.52.255.200;
}
}
-""" % ', '.join(config.dns.recursiv['isolement'])
+""" % (', '.join(config.dns.recursiv['isolement']),))
if not has("non-vlan-adherent") and not instpar:
- print """
+ out("""
# Vlan des adhérents
subnet 138.231.136.0 netmask 255.255.248.0 {
interface eth0;
@@ -137,10 +132,10 @@ subnet 138.231.136.0 netmask 255.255.248.0 {
include "/etc/dhcp3/generated/adherents.liste";
}
-""" % ', '.join(config.dns.recursiv['fil'])
+""" % (', '.join(config.dns.recursiv['fil']),))
if has("vlan-wifi"):
- print """
+ out("""
# Vlan des wifi
subnet 138.231.144.0 netmask 255.255.248.0 {
interface eth2;
@@ -160,10 +155,10 @@ subnet 138.231.144.0 netmask 255.255.248.0 {
deny unknown-clients;
include "/etc/dhcp3/generated/wifi.liste";
-}""" % ', '.join(config.dns.recursiv['wifi'])
+}""" % (', '.join(config.dns.recursiv['wifi']),))
if has("vlan-ens"):
- print """
+ out("""
#Vlan appartement
subnet 10.2.9.0 netmask 255.255.255.0 {
interface eth6;
@@ -181,10 +176,10 @@ subnet 10.2.9.0 netmask 255.255.255.0 {
include "/etc/dhcp3/generated/appartements.liste";
}
-""" % ', '.join(config.dns.recursiv['personnel-ens'])
+""" % (', '.join(config.dns.recursiv['personnel-ens']),))
if has("vlan-evenementiel"):
- print """
+ out("""
subnet 10.231.137.0 netmask 255.255.255.0 {
range 10.231.137.20 10.231.137.254;
next-server 10.231.137.1;
@@ -197,10 +192,10 @@ subnet 10.231.137.0 netmask 255.255.255.0 {
# Fichier a charger pour le boot par le reseau
filename "pxelinux.0";
}
-""" % ', '.join(config.dns.recursiv['evenementiel'])
+""" % (', '.join(config.dns.recursiv['evenementiel']),))
if has("vlan-federez"):
- print """
+ out("""
# Vlan wifi federez
subnet 10.53.0.0 netmask 255.255.0.0 {
interface eth7;
@@ -219,4 +214,4 @@ subnet 10.53.0.0 netmask 255.255.0.0 {
# Fichier a charger pour le boot par le reseau
filename "pxelinux.0";
}
-""" % ', '.join(config.dns.recursiv['fil'])
+""" % (', '.join(config.dns.recursiv['fil']),))
diff --git a/Python/etc/dhcp3/omapi.conf b/Python/etc/dhcp3/omapi.conf
index 3c24c13..710a66d 100644
--- a/Python/etc/dhcp3/omapi.conf
+++ b/Python/etc/dhcp3/omapi.conf
@@ -20,7 +20,7 @@ if not dhcp.dhcp_omapi_keys.get(admhostname, False):
f.close()
reload(dhcp)
-print """
+out("""
omapi-port 9991;
key omapi_key {
algorithm HMAC-MD5;
@@ -28,4 +28,4 @@ key omapi_key {
};
omapi-key omapi_key;
-""" % dhcp.dhcp_omapi_keys.get(admhostname, '')
+""" % (dhcp.dhcp_omapi_keys.get(admhostname, ''),))
diff --git a/Python/etc/ejabberd/ejabberd.cfg b/Python/etc/ejabberd/ejabberd.cfg
index d731921..a5971b9 100644
--- a/Python/etc/ejabberd/ejabberd.cfg
+++ b/Python/etc/ejabberd/ejabberd.cfg
@@ -299,10 +299,10 @@ header("Configuration du serveur xmpp du crans")
@%%{ldap_port, 636}.
@%%
@%% LDAP manager:
-print """{ldap_rootdn, "%s"}.""" % secrets.ldap_readonly_auth_dn
+out("""{ldap_rootdn, "%s"}.""" % (secrets.ldap_readonly_auth_dn,))
@%%
@%% Password to LDAP manager:
-print """{ldap_password, "%s"}.""" % secrets.ldap_readonly_password
+out("""{ldap_password, "%s"}.""" % (secrets.ldap_readonly_password,))
@%%
@%% Search base of LDAP directory:
@{ldap_base, "dc=crans,dc=org"}.
diff --git a/Python/etc/exports b/Python/etc/exports
index c6d1b34..d9d1447 100644
--- a/Python/etc/exports
+++ b/Python/etc/exports
@@ -9,10 +9,10 @@ import os
home_adh = list(string.ascii_lowercase) + ['logs', 'mail']
dirs = map(lambda x: os.path.join('/home-adh', x), home_adh)
dirs += ['/usr/scripts', '/home-adh']
-allowed = config.NETs['adm'] + config.prefix['adm']
+allowed = config.NETs['adm']
tpl = "%s %s(rw,async,nohide,no_subtree_check,no_root_squash)"
for dir in dirs:
for cidr in allowed:
- print tpl % (dir, cidr)
+ out(tpl % (dir, cidr))
diff --git a/Python/etc/freeradius/proxy.conf b/Python/etc/freeradius/proxy.conf
index 8f31005..3a6a704 100644
--- a/Python/etc/freeradius/proxy.conf
+++ b/Python/etc/freeradius/proxy.conf
@@ -4,7 +4,7 @@ info["perms"] = 0644
include("secrets")
-print """realm FEDEREZ {
+out("""realm FEDEREZ {
auth_pool = federez_radius_servers
nostrip
}
@@ -27,4 +27,4 @@ home_server baldrick {
check_interval = 30
num_answers_to_alive = 3
}
-"""
+""")
diff --git a/Python/etc/fstab b/Python/etc/fstab
index c35e2b8..4eca2fb 100644
--- a/Python/etc/fstab
+++ b/Python/etc/fstab
@@ -5,7 +5,7 @@ header("Les modifications locales sont a placer dans le fichier /etc/fstab.local
import string
def mnt(fs, mntpoint, type, options=[], dump=0, pass_=0):
- print ("%s %s %s %s %d %d" %
+ out("%s %s %s %s %d %d" %
(fs, mntpoint, type,
(options and ",".join(options)) or "defaults",
dump, pass_))
@@ -15,7 +15,7 @@ mnt("proc", "/proc", "proc")
mnt("shm", "/dev/shm", "tmpfs")
@# Les definitions locales
-print metadata.Probes["fstab_local"]
+out(metadata.Probes["fstab_local"])
if has("nfs"):
@# Le nfs
diff --git a/Python/etc/hosts b/Python/etc/hosts
index 950495c..4625907 100644
--- a/Python/etc/hosts
+++ b/Python/etc/hosts
@@ -5,23 +5,23 @@ include("ip")
@127.0.0.1 localhost.crans.org localhost
if has("crans-proxmox-wheezy"):
- print pubip(), pubhostname
- print admip(), admhostname, hostname+".adm", hostname
+ out("%s %s" % (pubip(), pubhostname))
+ out("%s %s %s %s" % (admip(), admhostname, hostname+".adm", hostname))
elif not has("non-vlan-adherent"):
- print pubip(), pubhostname, hostname
- print admip(), admhostname, hostname+".adm"
+ out("%s %s %s" % (pubip(), pubhostname, hostname))
+ out("%s %s %s" % (admip(), admhostname, hostname+".adm"))
else:
- print admip(), admhostname, hostname+".adm", hostname
+ out("%s %s %s %s" % (admip(), admhostname, hostname+".adm", hostname))
if has("vlan-wifi"):
- print wifiip(), wifihostname, hostname+".wifi"
+ out("%s %s %s" % (wifiip(), wifihostname, hostname+".wifi"))
@10.231.136.7 zbee.adm.crans.org zbee.adm zbee nfs.adm.crans.org nfs.adm nfs
if(has("odlyd")):
- print "138.231.136.9 sable.crans.org sable"
- print "138.231.136.98 charybde.crans.org charybde"
+ @138.231.136.9 sable.crans.org sable
+ @138.231.136.98 charybde.crans.org charybde
if(has("iscsi")):
- print "10.231.136.36 nols.adm.crans.org nols.adm nols"
+ @10.231.136.36 nols.adm.crans.org nols.adm nols
@# The following lines are desirable for IPv6 capable hosts
@::1 ip6-localhost ip6-loopback
diff --git a/Python/etc/icecast2/radio.xml b/Python/etc/icecast2/radio.xml
index 61270f2..72df15b 100644
--- a/Python/etc/icecast2/radio.xml
+++ b/Python/etc/icecast2/radio.xml
@@ -9,7 +9,7 @@ import tv.radio.config as tv_config
tv_config = reload(tv_config)
-print """)
-]]>"""
+]]>""")
auth_template = """
/%s
@@ -48,7 +48,7 @@ for group in tv_config.multicast.keys():
else:
host=p.netloc
port = 80
- print """
+ out("""
%s
%s
@@ -56,6 +56,6 @@ for group in tv_config.multicast.keys():
/%s
1
1
-""" % (host, port, p.path, name)
- print auth_template % name
+""" % (host, port, p.path, name))
+ out(auth_template % (name,))
diff --git a/Python/etc/jabber/key.pem b/Python/etc/jabber/key.pem
index b327fba..4ca5bf8 100644
--- a/Python/etc/jabber/key.pem
+++ b/Python/etc/jabber/key.pem
@@ -1,3 +1,3 @@
info["owner"] = "jabber"
info["mode"] = 0600
-print file("/etc/crans/secrets/jabber-key.pem").read()
+_out(open("/etc/crans/secrets/jabber-key.pem", "r").read())
diff --git a/Python/etc/kgb-bot/kgb.conf b/Python/etc/kgb-bot/kgb.conf
index 4b19a10..275ddc9 100644
--- a/Python/etc/kgb-bot/kgb.conf
+++ b/Python/etc/kgb-bot/kgb.conf
@@ -22,14 +22,14 @@ header("Configuration du bot KGB\nIl annonce les commits git sur les channels IR
@ crans:
@ # needs to be the same on the client
-print " password: %s" % secrets.kgb_passwords["crans"]
+out(" password: %s" % (secrets.kgb_passwords["crans"],))
@ # private repositories aren't announced to broadcast channels
@ # private: yes
for depot in ["ca", "note", "bots", "bde", "fortunes"]:
- print " %s:" % (depot,)
- print " password: %s" % (secrets.kgb_passwords[depot],)
+ out(" %s:" % (depot,))
+ out(" password: %s" % (secrets.kgb_passwords[depot],))
@# Some witty answer for people that talk to the bot
@smart_answers:
diff --git a/Python/etc/kgb-ca.conf b/Python/etc/kgb-ca.conf
index e8483f8..bd9937c 100644
--- a/Python/etc/kgb-ca.conf
+++ b/Python/etc/kgb-ca.conf
@@ -8,8 +8,8 @@ info["mode"] = 0660
header("Pour parler à KGB dans un hook git\nUn membre du CA n'est pas forcément apprenti.")
-print "---"
-print "repo-id: ca"
-print "servers:"
-print " - uri: http://irc.crans.org:5391/"
-print " password: %s" % (secrets.kgb_passwords['ca'])
+@---
+@repo-id: ca
+@servers:
+@ - uri: http://irc.crans.org:5391/
+out(" password: %s" % (secrets.kgb_passwords['ca'],))
diff --git a/Python/etc/kgb-client.conf b/Python/etc/kgb-client.conf
index 8201c58..b3c9129 100644
--- a/Python/etc/kgb-client.conf
+++ b/Python/etc/kgb-client.conf
@@ -8,8 +8,8 @@ info["mode"] = 0660
header("Pour parler à KGB dans un hook git")
-print "---"
-print "repo-id: crans"
-print "servers:"
-print " - uri: http://irc.crans.org:5391/"
-print " password: %s" % (secrets.kgb_passwords['crans'])
+@---
+@repo-id: crans
+@servers:
+@ - uri: http://irc.crans.org:5391/
+out(" password: %s" % (secrets.kgb_passwords['crans'],))
diff --git a/Python/etc/kgb-fortunes.conf b/Python/etc/kgb-fortunes.conf
index bfec8f5..5e3cefc 100644
--- a/Python/etc/kgb-fortunes.conf
+++ b/Python/etc/kgb-fortunes.conf
@@ -8,8 +8,8 @@ info["mode"] = 0660
header("Pour parler à KGB dans un hook git\n")
-print "---"
-print "repo-id: fortunes"
-print "servers:"
-print " - uri: http://irc.crans.org:5391/"
-print " password: %s" % (secrets.kgb_passwords['fortunes'])
+@---
+@repo-id: fortunes
+@servers:
+@ - uri: http://irc.crans.org:5391/
+out(" password: %s" % (secrets.kgb_passwords['fortunes']))
diff --git a/Python/etc/ldap.secret b/Python/etc/ldap.secret
deleted file mode 100644
index f4d13e1..0000000
--- a/Python/etc/ldap.secret
+++ /dev/null
@@ -1,8 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-
-include("secrets")
-
-if has("db-main"):
- print secrets.ldap_password
-else:
- print secrets.ldap_readonly_password
diff --git a/Python/etc/ldap/ldap.conf b/Python/etc/ldap/ldap.conf
index 5d9cf29..a38f415 100644
--- a/Python/etc/ldap/ldap.conf
+++ b/Python/etc/ldap/ldap.conf
@@ -9,5 +9,5 @@ header("Acces a la base ldap")
@# This file should be world readable but not world writable.
@BASE dc=crans, dc=org
-print "URI %s" % ldap_socket
+out("URI %s" % (ldap_socket,))
@#TLS_CACERT /etc/ssl/certs/CAcrans.pem
diff --git a/Python/etc/ldap/slapd.conf b/Python/etc/ldap/slapd.conf
index 759a897..88e2045 100644
--- a/Python/etc/ldap/slapd.conf
+++ b/Python/etc/ldap/slapd.conf
@@ -90,13 +90,13 @@ else:
@rootdn "cn=admin,dc=crans,dc=org"
@
@# SyncRepl
- print "syncrepl rid=%s" % rid
+ out("syncrepl rid=%s" % (rid,))
@ provider=ldap://vert.adm.crans.org
@ searchbase="dc=crans,dc=org"
@ type=refreshAndPersist
- print ' binddn="%s"' % secrets.ldap_replica_auth_dn
+ out(' binddn="%s"' % (secrets.ldap_replica_auth_dn,))
@ bindmethod=simple
- print ' credentials=%s' % secrets.ldap_replica_password
+ out(' credentials=%s' % (secrets.ldap_replica_password,))
@ retry="30 20 300 3"
@
@# Redirection des requêtes en écriture, ...
diff --git a/Python/etc/ldap/templatedir/cn=config/olcDatabase={0}config.ldif b/Python/etc/ldap/templatedir/cn=config/olcDatabase={0}config.ldif
index e548ca1..a12f50e 100644
--- a/Python/etc/ldap/templatedir/cn=config/olcDatabase={0}config.ldif
+++ b/Python/etc/ldap/templatedir/cn=config/olcDatabase={0}config.ldif
@@ -20,11 +20,11 @@ rid = rid[rid.rfind(".")+1:]
@olcRootDN: cn=admin,dc=crans,dc=org
@olcSyncUseSubentry: FALSE
@olcMonitoring: FALSE
-print 'olcSyncrepl: {0}rid=%s provider=ldap://vert.adm.crans.org bindmethod=simple t' % (rid)
-print ' imeout=0 network-timeout=0 binddn=%s ' % (secrets.ldap_replica_auth_dn)
-print ' credentials=%s filter="(objectClass=olcS' % (secrets.ldap_replica_password)
-print ' chemaConfig)" searchbase="cn=schema,cn=config" scope=sub type=refreshAndPersi'
-print ' st retry="30 20 300 +"'
+out('olcSyncrepl: {0}rid=%s provider=ldap://vert.adm.crans.org bindmethod=simple t' % (rid))
+out(' imeout=0 network-timeout=0 binddn=%s ' % (secrets.ldap_replica_auth_dn))
+out(' credentials=%s filter="(objectClass=olcS' % (secrets.ldap_replica_password))
+out(' chemaConfig)" searchbase="cn=schema,cn=config" scope=sub type=refreshAndPersi')
+out(' st retry="30 20 300 +"')
@structuralObjectClass: olcDatabaseConfig
@entryUUID: 55f5a71a-59fb-102f-9686-112b7bde9a51
@creatorsName: cn=config
diff --git a/Python/etc/ldap/templatedir/cn=config/olcDatabase={1}bdb.ldif b/Python/etc/ldap/templatedir/cn=config/olcDatabase={1}bdb.ldif
index a5de0b2..97ed67a 100644
--- a/Python/etc/ldap/templatedir/cn=config/olcDatabase={1}bdb.ldif
+++ b/Python/etc/ldap/templatedir/cn=config/olcDatabase={1}bdb.ldif
@@ -87,10 +87,10 @@ rid = str(int(rid[rid.rfind(".")+1:])+255)
@entryUUID: 55f5acc4-59fb-102f-9687-112b7bde9a51
@creatorsName: cn=config
@createTimestamp: 20100921183939Z
-print 'olcSyncrepl: {0}rid=%s provider=ldap://vert.adm.crans.org bindmethod=simple tim' % (rid)
-print ' eout=0 network-timeout=0 binddn=%s ' % (secrets.ldap_replica_auth_dn)
-print ' credentials=%s filter="(objectclass=*)" ' % (secrets.ldap_replica_password)
-print ' searchbase="dc=crans,dc=org" scope=sub type=refreshAndPersist retry="30 20 300 +"'
+out('olcSyncrepl: {0}rid=%s provider=ldap://vert.adm.crans.org bindmethod=simple tim' % (rid))
+out(' eout=0 network-timeout=0 binddn=%s ' % (secrets.ldap_replica_auth_dn))
+out(' credentials=%s filter="(objectclass=*)" ' % (secrets.ldap_replica_password))
+out(' searchbase="dc=crans,dc=org" scope=sub type=refreshAndPersist retry="30 20 300 +"')
@entryCSN: 20110227094521.639316Z#000000#000#000000
@modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
@modifyTimestamp: 20110227094521Z
diff --git a/Python/etc/libnss-ldap.conf b/Python/etc/libnss-ldap.conf
deleted file mode 100644
index c6cebcd..0000000
--- a/Python/etc/libnss-ldap.conf
+++ /dev/null
@@ -1,67 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-
-include("mode/space")
-include("secrets")
-include("ldap")
-
-header("""
-Fichier de configuration pour libnss-ldap.
-
-Pour des informations détaillées voir libnss-ldap.conf(5)
-ainsi que /usr/share/libnss-ldap/ldap.conf
-""")
-
-info["mode"] = 0644
-
-@# +---------------------------------------------------+
-@# | Configuration de la communication avec le serveur |
-@# +---------------------------------------------------+
-
-@# Base LDAP
-%uri "%s" % ldap_socket
-
-@# The distinguished name of the search base.
-%base "dc=crans,dc=org"
-
-@# The distinguished name to bind to the server with.
-@# Optional: default is to bind anonymously.
-@# Please do not put double quotes around it as they
-@# would be included literally.
-%binddn secrets.ldap_readonly_auth_dn
-
-@# The credentials to bind with.
-@# Optional: default is no credential.
-#%bindpw secrets.ldap_readonly_password
-
-@# The distinguished name to bind to the server with
-@# if the effective user ID is root. Password is
-@# stored in /etc/libnss-ldap.secret (mode 600)
-@# Use 'echo -n "mypassword" > /etc/libnss-ldap.secret' instead
-@# of an editor to create the file.
-%rootbinddn secrets.ldap_readonly_auth_dn
-
-@# The LDAP version to use (defaults to 3
-@# if supported by client library)
-%ldap_version 3
-
-@# Search timelimit
-%timelimit 5
-
-@# Bind/connect timelimit
-%bind_timelimit 5
-
-@# +------------------+
-@# | Bases de données |
-@# +------------------+
-
-# On n'utilise ldap pour résoudre les bases de données
-# passwd, group et shadow
-
-if ldap_filter:
- passwd_filter = "?%s" % ldap_filter
-else:
- passwd_filter = ""
-
-%nss_base_passwd "ou=data,dc=crans,dc=org?one%s" % passwd_filter
-%nss_base_shadow "ou=data,dc=crans,dc=org?one"
-%nss_base_group "ou=Group,dc=crans,dc=org?one"
diff --git a/Python/etc/libnss-ldap.secret b/Python/etc/libnss-ldap.secret
deleted file mode 100644
index 6c8b653..0000000
--- a/Python/etc/libnss-ldap.secret
+++ /dev/null
@@ -1,5 +0,0 @@
-# -*- mode: python; coding: utf-8 -*-
-
-include("secrets")
-
-print secrets.ldap_readonly_password
diff --git a/Python/etc/monit/monitrc b/Python/etc/monit/monitrc
index b789b00..930a6f3 100644
--- a/Python/etc/monit/monitrc
+++ b/Python/etc/monit/monitrc
@@ -18,8 +18,8 @@ header()
@set alert roots@crans.org { uid gid size nonexist data icmp invalid exec timeout resource checksum timestamp connection permission }
@
@set httpd port 2812 and
-print " use address %s" % metadata.hostname
-print " allow monit:%s" % (secrets.monit_password)
+out(" use address %s" % (metadata.hostname,))
+out(" allow monit:%s" % (secrets.monit_password,))
@
@set mail-format {
@from: roots@crans.org
diff --git a/Python/etc/monit/services b/Python/etc/monit/services
index 65eac12..03eb68b 100644
--- a/Python/etc/monit/services
+++ b/Python/etc/monit/services
@@ -36,21 +36,21 @@ def service(group=None, **kw):
matchingp = ''
start_cmd = kw.get('start_cmd', '/etc/init.d/%s start' % init)
stop_cmd = kw.get('stop_cmd', '/etc/init.d/%s stop' % init)
- print ("""# %(name)s
+ out("""# %(name)s
check process %(name)s %(pidp)s""" % locals())
if matchingp:
- print " %s" % (matchingp,)
- print (''' start program = "%(start_cmd)s"
+ out(" %s" % (matchingp,))
+ out(''' start program = "%(start_cmd)s"
stop program = "%(stop_cmd)s"''' % locals())
max_restart = kw.get('max_restart', 5)
for line in kw.get('extra', []):
if line:
- print " ", line
- print " if %d restarts within 5 cycles then timeout" % max_restart
+ out(" %s" % (line,))
+ out(" if %d restarts within 5 cycles then timeout" % (max_restart,))
if kw.has_key('depends_on'):
- print " depends on " + ', '.join(kw['depends_on'])
- print
+ out(" depends on %s" % (', '.join(kw['depends_on']),))
+ out()
service("apache",
name="apache2",
@@ -146,10 +146,6 @@ service(group="cups-service",
name="cups",
pidf="cups/cupsd")
-service("openntpd",
- name="openntpd",
- pidf="openntpd/ntpd")
-
service("cron",
pidf="crond")
@@ -291,9 +287,9 @@ service("ups-server",
pidf="nut/upsd")
if not has("nfs"):
- print """check program git_repos with path "/usr/scripts/utils/check_repos.sh"
+ out("""check program git_repos with path "/usr/scripts/utils/check_repos.sh"
if status != 0 then alert
-"""
+""")
if has('non-vlan-adherent'):
vsftpd_ip = admip()
@@ -313,7 +309,7 @@ except:
cartesdesactivees=[]
if dernierecarte:
- print "# Il y a %d carte(s) DVB sur ce serveur dont %d cartes desactivee(s)\n" % (dernierecarte,len(cartesdesactivees))
+ out("# Il y a %d carte(s) DVB sur ce serveur dont %d cartes desactivee(s)\n" % (dernierecarte,len(cartesdesactivees)))
for i in range(0,dernierecarte):
if not i in cartesdesactivees:
service("mumudvb",
@@ -324,9 +320,9 @@ for i in range(0,dernierecarte):
stop_cmd = """/sbin/start-stop-daemon --stop --pidfile /var/run/mumudvb/mumudvb_adapter%d_tuner0.pid""" % i
)
-print """check file file/var/log/syslog with path /var/log/syslog
+out("""check file file/var/log/syslog with path /var/log/syslog
if timestamp > 15 minutes then alert
-"""
+""")
service('igmpproxy')
@@ -371,11 +367,11 @@ for line in metadata.Probes["fstab_local"].splitlines():
# on vérifie le filesystem directement pour les volumes lvm
if fs.startswith('/dev/mapper'):
- print 'check filesystem fs%s with path %s' % (mntpoint, mntpoint)
+ out('check filesystem fs%s with path %s' % (mntpoint, mntpoint))
else:
- print 'check device fs%s with path %s' % (mntpoint, fs)
- print ' if failed permission %s then alert' % perm
- print ' if failed uid root then alert'
+ out('check device fs%s with path %s' % (mntpoint, fs))
+ out(' if failed permission %s then alert' % (perm,))
+ out(' if failed uid root then alert')
# place sur les disques
alert_level = {
@@ -393,12 +389,12 @@ for line in metadata.Probes["fstab_local"].splitlines():
alert_level = 80
if alert_level:
- print ' if space usage > %d%% for 3 cycles then alert' % alert_level
+ out(' if space usage > %d%% for 3 cycles then alert' % (alert_level,))
# inodes pour les disques
if type != 'reiserfs' :
- print ' if inode usage > 80% then alert'
+ out(' if inode usage > 80% then alert')
- print ' mode passive'
- print
+ out(' mode passive')
+ out()
diff --git a/Python/etc/munin/munin-node.conf b/Python/etc/munin/munin-node.conf
index 2ec8ef1..8b9c33b 100644
--- a/Python/etc/munin/munin-node.conf
+++ b/Python/etc/munin/munin-node.conf
@@ -40,7 +40,7 @@ munin_hostname = pubhostname
@ignore_file \.dpkg-(tmp|new|old|dist)$
@
@# Nom d'hôte reporté au serveur munin
-print "host_name %s" % munin_hostname
+out("host_name %s" % (munin_hostname,))
@
@# Attention: allow_cidr ne peut être utilisé à la fois avec des IPv4 et IPv6
@# (merci munin et debian). Comme c'est vachement mieux d'utiliser des cidr
@@ -52,9 +52,9 @@ def allow(cidr):
quand cidr_allow sera supporté pour les deux types d'IPs.
Cf https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=20;bug=645292"""
if ':' in cidr:
- print "cidr_allow " + cidr
+ out("cidr_allow %s" % (cidr,))
else:
- print "allow " + cidr_to_regex(cidr)
+ out("allow %s" % (cidr_to_regex(cidr),))
if not has("users"):
@# On autorise tout adm et localhost
diff --git a/Python/etc/munin/munin.conf b/Python/etc/munin/munin.conf
index 91f7d20..642c6ac 100755
--- a/Python/etc/munin/munin.conf
+++ b/Python/etc/munin/munin.conf
@@ -16,7 +16,7 @@ info['group'] = 'adm'
include("ldap_conn")
import annuaires_pg
-print """
+out("""
# The next three variables specifies where the location of the RRD
# databases, the HTML output, and the logs, severally. They all
# must be writable by the user running munin-cron.
@@ -52,17 +52,17 @@ munin_cgi_graph_jobs 6
#============================== Les switchs ================================
#Il ne s'agit pas de clients bcfg2 et ne sont par ailleurs pas des nœuds munin
-"""
+""")
switchs = [ x[:x.rindex('.crans.org')] for x in annuaires_pg.all_switchs(hide=[]) ]
for host in switchs:
- print '[switchs.crans.org;%s]' % host
- print ' address localhost\n'
+ out('[switchs.crans.org;%s]' % (host,))
+ out(' address localhost\n')
-print """
+out("""
#============================== Les bornes wifi ============================
#On emprunte des données venant du graphe multistacké wifi_clients
-# """
+# """)
for ap in ldap_conn.search(u'objectClass=borneWifi'):
# skip fake ap
@@ -76,7 +76,7 @@ for ap in ldap_conn.search(u'objectClass=borneWifi'):
fqdn = ap['host'][0].value.encode('utf-8')
profile = fqdn.split('.',1)[0]
- print """[wifi.crans.org;%(profile)s]
+ out("""[wifi.crans.org;%(profile)s]
address localhost
update no
@@ -101,14 +101,14 @@ for ap in ldap_conn.search(u'objectClass=borneWifi'):
""" % { 'hostname': fqdn,
'profile': profile,
'master': metadata.profile + '.crans.org',
- }
+ })
#@[switchs.crans.org;supervision.switchs.crans.org]
#@update no
-print """
+out("""
#===================== Divers ==============================================
# Les adherents
[association.crans.org;adherents]
@@ -145,7 +145,7 @@ print """
[pulsar.crans.org]
address localhost
notify_alias pulsar.adm.crans.org
-"""
+""")
# TODO agrégation de graphes
# load_all (load.load sur tous les serveurs)
@@ -156,23 +156,22 @@ print """
# postfix_all_maildrop(postfix_mailqueue.maildrop)
#
-print """
+out("""
#===================== Serveurs réguliers ==================================
-# """
+# """)
all_servers = metadata.query.all()
all_servers.sort(key=lambda x: x.hostname)
for client in all_servers:
if "no-munin" in client.groups:
continue
- #print """[crans.org;%(profile)s] # enlever crans.org change qqchose ?
- print """[%(profile)s]
+ out("""[%(profile)s]
address %(hostname)s
apt.graph yes
postfix_mailqueue.deferred.warning 1000
""" % { 'hostname': client.hostname,
'profile': client.profile + '.crans.org',
- }
+ })
-print "[crans.org;]"
-print " node_order " + " \\\n ".join([c.profile for c in all_servers])
+out("[crans.org;]")
+out(" node_order " + " \\\n ".join([c.profile for c in all_servers]))
diff --git a/Python/etc/network/interfaces b/Python/etc/network/interfaces
index 7870543..c6f786b 100644
--- a/Python/etc/network/interfaces
+++ b/Python/etc/network/interfaces
@@ -24,7 +24,7 @@ def dev(interface, mode, additionnals=[]):
configured_ifaces.append(interface)
if mode == "pub":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 138.231.136.0
@@ -33,16 +33,16 @@ iface %(interface)s inet static
mtu 1496
gateway 138.231.136.4
dns-nameservers %(nameservers)s
- dns-search crans.org""" % { 'interface': interface, 'ip': pubip(), 'nameservers': ' '.join(config.dns.recursiv['fil']) }
+ dns-search crans.org""" % { 'interface': interface, 'ip': pubip(), 'nameservers': ' '.join(config.dns.recursiv['fil']) })
for line in additionnals:
- print " ", line
- print
+ out(" %s" % (line,))
+ out()
pub6(interface)
elif mode == "wifi":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 138.231.144.0
@@ -50,14 +50,14 @@ iface %(interface)s inet static
broadcast 138.231.151.255
mtu 1496
dns-nameservers %(nameservers)s
- dns-search wifi.crans.org""" % { 'interface': interface, 'ip': wifiip(), 'nameservers': ' '.join(config.dns.recursiv['wifi']) }
+ dns-search wifi.crans.org""" % { 'interface': interface, 'ip': wifiip(), 'nameservers': ' '.join(config.dns.recursiv['wifi']) })
for line in additionnals:
- print " ", line
- print
+ out(" %s" % (line,))
+ out()
elif mode == "adm":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 10.231.136.0
@@ -65,64 +65,64 @@ iface %(interface)s inet static
broadcast 10.231.136.255
mtu 1496
dns-nameservers %(nameservers)s
- dns-search adm.crans.org""" % { 'interface': interface, 'ip': admip(), 'nameservers': ' '.join(config.dns.recursiv['adm']) }
+ dns-search adm.crans.org""" % { 'interface': interface, 'ip': admip(), 'nameservers': ' '.join(config.dns.recursiv['adm']) })
for line in additionnals:
- print " ", line
- print
+ out(" %s" % (line,))
+ out()
adm6(interface)
elif mode == "radin":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 10.42.0.0
netmask 255.255.0.0
broadcast 10.42.255.255
- mtu 1496""" % { 'interface': interface, 'ip': radinip() }
- print
+ mtu 1496""" % { 'interface': interface, 'ip': radinip() })
+ out()
radin6(interface)
elif mode == "accueil":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 10.51.0.0
netmask 255.255.0.0
broadcast 10.51.255.255
- mtu 1496""" % { 'interface': interface, 'ip': accueilip() }
+ mtu 1496""" % { 'interface': interface, 'ip': accueilip() })
elif mode == "ens":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 10.2.9.0
netmask 255.255.255.0
broadcast 10.2.9.255
- mtu 1496""" % { 'interface': interface, 'ip': appt_ens_ip() }
+ mtu 1496""" % { 'interface': interface, 'ip': appt_ens_ip() })
elif mode == "isolement":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 10.52.0.0
netmask 255.255.0.0
broadcast 10.52.255.255
- mtu 1496""" % { 'interface': interface, 'ip': isolementip() }
+ mtu 1496""" % { 'interface': interface, 'ip': isolementip() })
elif mode == "federez":
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet static
address %(ip)s
network 10.53.0.0
netmask 255.255.0.0
broadcast 10.53.255.255
- mtu 1496""" % { 'interface': interface, 'ip': federezip() }
+ mtu 1496""" % { 'interface': interface, 'ip': federezip() })
elif mode == "manuel":
- print """auto %(interface)s
-iface %(interface)s inet static""" % { 'interface': interface }
+ out("""auto %(interface)s
+iface %(interface)s inet static""" % { 'interface': interface })
elif mode == "vide":
try:
@@ -130,34 +130,34 @@ iface %(interface)s inet static""" % { 'interface': interface }
except ValueError:
vlan = None
if vlan:
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet manual
pre-up vconfig add %(iface)s %(vlan)s
post-down vconfig rem %(iface)s.%(vlan)s
up ip l set %(interface)s up
- down ip l set %(interface)s down""" % { 'interface': interface, 'iface':iface,'vlan':vlan }
+ down ip l set %(interface)s down""" % { 'interface': interface, 'iface':iface,'vlan':vlan })
else:
- print """auto %(interface)s
+ out("""auto %(interface)s
iface %(interface)s inet manual
up ip l set %(interface)s up
- down ip l set %(interface)s down""" % { 'interface': interface }
+ down ip l set %(interface)s down""" % { 'interface': interface })
else:
raise NotImplementedError, "Mode de reseau inconnu : %s" % mode
if mode != "pub" and mode != "adm" and mode != "wifi" :
for line in additionnals:
- print " ", line
- print
+ out(" %s" % (line,))
+ out()
# Definitions communes
-print """auto lo
+out("""auto lo
iface lo inet loopback
-"""
+""")
# Pour arpwatch, on surveille nos réseaux
def otherlisteners():
- print "#Interfaces d'ecoute restantes pour arpwatch "
+ out("#Interfaces d'ecoute restantes pour arpwatch")
for vlan in watched_vlans:
if vlan == 1:
iface = 'eth0'
@@ -218,21 +218,21 @@ def interface6(interface, list_ip, mode = 'serveur'):
main_ip = list_ip[0]
list_ip = list_ip[1:]
- print """iface %(interface)s inet6 static
+ out("""iface %(interface)s inet6 static
address %(ip6)s
netmask %(netmask)s""" % {
'interface': interface,
'ip6': main_ip.split('/')[0],
'netmask': (main_ip.split('/') + ['64'])[1],
- }
+ })
# Avoid loops
if mode != 'routeur':
- print ' gateway fe80::1'
+ out(' gateway fe80::1')
for ip in list_ip:
- print ' up ip a add %s dev $IFACE' % ip
- print ' down ip a delete %s dev $IFACE' % ip
- print ' up /sbin/sysctl net/ipv6/conf/$IFACE/autoconf=0'
- print
+ out(' up ip a add %s dev $IFACE' % (ip,))
+ out(' down ip a delete %s dev $IFACE' % (ip,))
+ out(' up /sbin/sysctl net/ipv6/conf/$IFACE/autoconf=0')
+ out()
def pub6(interface, mode='serveur', list_ip=[]):
list_ip = [pubip6(interface) + '/64'] + list_ip
@@ -249,16 +249,16 @@ def wifi6(interface, list_ip=[], name=None):
interface6(interface, list_ip)
def adm6(interface):
- print """iface %(interface)s inet6 static
+ out("""iface %(interface)s inet6 static
address %(ip6)s
- netmask 64""" % { 'interface': interface, 'ip6': admip6(interface) }
- print
+ netmask 64""" % { 'interface': interface, 'ip6': admip6(interface) })
+ out()
def radin6(interface):
- print """iface %(interface)s inet6 static
+ out("""iface %(interface)s inet6 static
address %(ip6)s
- netmask 64""" % { 'interface': interface, 'ip6': radinip6(interface) }
- print
+ netmask 64""" % { 'interface': interface, 'ip6': radinip6(interface) })
+ out()
Probe_Mac = metadata.Probes["mac"].split('\n')
If_Mac = dict(zip(Probe_Mac[:-1:2], Probe_Mac[1::2]))
diff --git a/Python/etc/nginx/sites-available/status b/Python/etc/nginx/sites-available/status
index 77922a6..b809995 100644
--- a/Python/etc/nginx/sites-available/status
+++ b/Python/etc/nginx/sites-available/status
@@ -6,7 +6,7 @@ info["mode"] = 0644
comment_start = "#"
-print """server {
+out("""server {
listen 127.0.0.1;
server_name localhost;
location /nginx_status {
@@ -14,7 +14,7 @@ print """server {
access_log off;
allow 127.0.0.1;
deny all;
- }"""
+ }""")
if has("php"):
- print ' include "snippets/php.conf";'
-print "}"
+ @ include "snippets/php.conf";
+@}
diff --git a/Python/etc/nginx/sites-available/tv b/Python/etc/nginx/sites-available/tv
index f6ada88..59ef894 100644
--- a/Python/etc/nginx/sites-available/tv
+++ b/Python/etc/nginx/sites-available/tv
@@ -40,14 +40,14 @@ if has("icecast"):
else:
body = base
-print """server {
+out("""server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default_server ipv6only=on; ## listen for ipv6%s
-}""" % body
+}""" % (body,))
-print """# HTTPS server
+out("""# HTTPS server
#
server {
listen 443;
@@ -58,4 +58,4 @@ server {
ssl_certificate_key /etc/ssl/crans/cochon.ferme.crans.org/xid=33/key.pem;
ssl_session_timeout 5m;%s
-}""" % body
+}""" % (body,))
diff --git a/Python/etc/nslcd.conf b/Python/etc/nslcd.conf
index 734f5a6..269b40b 100644
--- a/Python/etc/nslcd.conf
+++ b/Python/etc/nslcd.conf
@@ -61,4 +61,4 @@ info["mode"] = 0600
if ldap_filter:
@
@# Filtre de recherche
- print "filter shadow (%s)" % ldap_filter
+ out("filter shadow (%s)" % (ldap_filter,))
diff --git a/Python/etc/nsswitch.conf b/Python/etc/nsswitch.conf
index 277f5d0..24f343a 100644
--- a/Python/etc/nsswitch.conf
+++ b/Python/etc/nsswitch.conf
@@ -11,7 +11,7 @@ else:
db=""
def database(name, res):
- print name + ": " + " ".join(res)
+ out("%s: %s" % (name, " ".join(res)))
@# On utilise la base de donnee du crans pour tout ce qui est
@# compte unix
diff --git a/Python/etc/ntp.conf b/Python/etc/ntp.conf
index cd79e5f..57a519b 100644
--- a/Python/etc/ntp.conf
+++ b/Python/etc/ntp.conf
@@ -8,80 +8,76 @@ comment_start = "#"
header("Conf de ntpd")
-print """
-# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
+@# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
+@
+@driftfile /var/lib/ntp/ntp.drift
+@
+@
+@# Enable this if you want statistics to be logged.
+@#statsdir /var/log/ntpstats/
+@
+@statistics loopstats peerstats clockstats
+@filegen loopstats file loopstats type day enable
+@filegen peerstats file peerstats type day enable
+@filegen clockstats file clockstats type day enable
+@
-driftfile /var/lib/ntp/ntp.drift
-
-
-# Enable this if you want statistics to be logged.
-#statsdir /var/log/ntpstats/
-
-statistics loopstats peerstats clockstats
-filegen loopstats file loopstats type day enable
-filegen peerstats file peerstats type day enable
-filegen clockstats file clockstats type day enable
-
-"""
if has("ntp-server"):
- print """# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
-# pick a different set every time it starts up. Please consider joining the
-# pool:
-server ntp.ovh.net iburst
-server 0.debian.pool.ntp.org iburst
-server 1.debian.pool.ntp.org iburst
-server 2.debian.pool.ntp.org iburst
-server 3.debian.pool.ntp.org iburst
-"""
+ @# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
+ @# pick a different set every time it starts up. Please consider joining the
+ @# pool:
+ @server ntp.ovh.net iburst
+ @server 0.debian.pool.ntp.org iburst
+ @server 1.debian.pool.ntp.org iburst
+ @server 2.debian.pool.ntp.org iburst
+ @server 3.debian.pool.ntp.org iburst
+ @
elif has("secondary-ntp-server"):
- print """# You do need to talk to an NTP server or two (or three).
-server ntp.crans.org
-"""
+ @# You do need to talk to an NTP server or two (or three).
+ @server ntp.crans.org
+ @
else:
- print """# You do need to talk to an NTP server or two (or three).
-server ntp.adm.crans.org
-"""
+ @# You do need to talk to an NTP server or two (or three).
+ @server ntp.adm.crans.org
+ @
-print """
-# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
-# pick a different set every time it starts up. Please consider joining the
-# pool:
-#server 0.debian.pool.ntp.org iburst
-#server 1.debian.pool.ntp.org iburst
-#server 2.debian.pool.ntp.org iburst
-#server 3.debian.pool.ntp.org iburst
+@# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will
+@# pick a different set every time it starts up. Please consider joining the
+@# pool:
+@#server 0.debian.pool.ntp.org iburst
+@#server 1.debian.pool.ntp.org iburst
+@#server 2.debian.pool.ntp.org iburst
+@#server 3.debian.pool.ntp.org iburst
+@
+@
+@# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
+@# details. The web page
+@# might also be helpful.
+@#
+@# Note that "restrict" applies to both servers and clients, so a configuration
+@# that might be intended to block requests from certain clients could also end
+@# up blocking replies from your own upstream servers.
+@
+@# By default, exchange time with everybody, but don't allow configuration.
+@restrict -4 default kod notrap nomodify nopeer noquery
+@restrict -6 default kod notrap nomodify nopeer noquery
-
-# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
-# details. The web page
-# might also be helpful.
-#
-# Note that "restrict" applies to both servers and clients, so a configuration
-# that might be intended to block requests from certain clients could also end
-# up blocking replies from your own upstream servers.
-
-# By default, exchange time with everybody, but don't allow configuration."""
-print """restrict -4 default kod notrap nomodify nopeer noquery
-restrict -6 default kod notrap nomodify nopeer noquery"""
-
-print """
-
-# Local users may interrogate the ntp server more closely.
-restrict 127.0.0.1
-restrict ::1
-
-# Clients from this (example!) subnet have unlimited access, but only if
-# cryptographically authenticated.
-#restrict 192.168.123.0 mask 255.255.255.0 notrust
-
-
-# If you want to provide time to your local subnet, change the next line.
-# (Again, the address is an example only.)
-#broadcast 192.168.123.255
-
-# If you want to listen to time broadcasts on your local subnet, de-comment the
-# next lines. Please do this only if you trust everybody on the network!
-#disable auth
-#broadcastclient
-"""
+@
+@# Local users may interrogate the ntp server more closely.
+@restrict 127.0.0.1
+@restrict ::1
+@
+@# Clients from this (example!) subnet have unlimited access, but only if
+@# cryptographically authenticated.
+@#restrict 192.168.123.0 mask 255.255.255.0 notrust
+@
+@
+@# If you want to provide time to your local subnet, change the next line.
+@# (Again, the address is an example only.)
+@#broadcast 192.168.123.255
+@
+@# If you want to listen to time broadcasts on your local subnet, de-comment the
+@# next lines. Please do this only if you trust everybody on the network!
+@#disable auth
+@#broadcastclient
diff --git a/Python/etc/openntpd/ntpd.conf b/Python/etc/openntpd/ntpd.conf
index 1a25cc1..a4e13bd 100644
--- a/Python/etc/openntpd/ntpd.conf
+++ b/Python/etc/openntpd/ntpd.conf
@@ -2,8 +2,8 @@ include("ip")
if has("ntp-server"):
@# Addresses to listen on (ntpd does not listen by default)
- print "listen on %s" % admip()
- print "listen on %s" % pubip()
+ out("listen on %s" % (admip(),))
+ out("listen on %s" % (pubip(),))
@listen on 127.0.0.1
@#listen on ::1
@
diff --git a/Python/etc/pam.d/common-account b/Python/etc/pam.d/common-account
index a0d5aa9..cb24b88 100644
--- a/Python/etc/pam.d/common-account
+++ b/Python/etc/pam.d/common-account
@@ -30,5 +30,5 @@ if True: # TODO retirer les @
@account required pam_permit.so
@# and here are more per-package modules (the "Additional" block)
if has("ldap"):
- print "account [success=ok new_authtok_reqd=done ignore=ignore user_unknown=ignore authinfo_unavail=ignore default=bad] %s minimum_uid=500" % pam_module
+ out("account [success=ok new_authtok_reqd=done ignore=ignore user_unknown=ignore authinfo_unavail=ignore default=bad] %s minimum_uid=500" % (pam_module,))
@# end of pam-auth-update config
diff --git a/Python/etc/pam.d/common-auth b/Python/etc/pam.d/common-auth
index 72895a4..e150ac8 100644
--- a/Python/etc/pam.d/common-auth
+++ b/Python/etc/pam.d/common-auth
@@ -21,10 +21,10 @@ pam-auth-update(8) for details.
if True: # TODO get rid of @
@# here are the per-package modules (the "Primary" block)
if has('ldap'):
- print "auth [success=2 default=ignore] pam_unix.so nullok_secure"
- print "auth [success=1 default=ignore] %s minimum_uid=500 use_first_pass" % pam_module
+ @auth [success=2 default=ignore] pam_unix.so nullok_secure
+ out("auth [success=1 default=ignore] %s minimum_uid=500 use_first_pass" % pam_module)
else:
- print "auth [success=1 default=ignore] pam_unix.so nullok_secure"
+ @auth [success=1 default=ignore] pam_unix.so nullok_secure
@# here's the fallback if no module succeeds
@auth requisite pam_deny.so
@# prime the stack with a positive return value if there isn't one already;
diff --git a/Python/etc/pam.d/common-password b/Python/etc/pam.d/common-password
index e69ccf0..05ac273 100644
--- a/Python/etc/pam.d/common-password
+++ b/Python/etc/pam.d/common-password
@@ -45,7 +45,7 @@ pam-auth-update(8) for details.
if has('ldap'):
@password requisite pam_cracklib.so retry=3 minlen=9 dcredit=-1 ucredit=-1 lcredit=-1 ocredit=1 reject_username gecoscheck enforce_for_root difok=0
@password [success=2 default=ignore] pam_unix.so nullok obscure sha512 min=4 max=8 md5 try_first_pass
- print "password [success=1 default=ignore] %s minimum_uid=500 ignore_unkown_user md5 try_first_pass" % pam_module
+ out("password [success=1 default=ignore] %s minimum_uid=500 ignore_unkown_user md5 try_first_pass" % (pam_module,))
else:
@password [success=1 default=ignore] pam_unix.so nullok obscure sha512 min=4 max=8 md5 try_first_pass
@# here's the fallback if no module succeeds
diff --git a/Python/etc/pam.d/common-session b/Python/etc/pam.d/common-session
index 1246ebd..f8beead 100644
--- a/Python/etc/pam.d/common-session
+++ b/Python/etc/pam.d/common-session
@@ -29,5 +29,5 @@ if True: # TODO get rid of @
@# and here are more per-package modules (the "Additional" block)
@session required pam_unix.so
if has('ldap'):
- print "session [success=ok default=ignore] %s minimum_uid=500" % pam_module
+ out("session [success=ok default=ignore] %s minimum_uid=500" % (pam_module,))
@# end of pam-auth-update config
diff --git a/Python/etc/postfix/aliases b/Python/etc/postfix/aliases
index 61059f4..b3e584e 100644
--- a/Python/etc/postfix/aliases
+++ b/Python/etc/postfix/aliases
@@ -22,7 +22,7 @@ for dest in ["abuse", "amavis", "backup", "bind", "bin", "clamav", "daemon",
"irc", "list", "logcheck", "lp", "mail", "majordom", "man", "msql",
"munin", "nagios", "news", "operator", "postgres", "proxy", "sync",
"sys", "usenet", "uucp", "webmaster", "www-clubs", "www-data", "www-perso"]:
- print "%s: root" % dest
+ out("%s: root" % (dest,))
if not has("users") and not has('mail-mx'):
@root: root@crans.org
diff --git a/Python/etc/postfix/canonical b/Python/etc/postfix/canonical
index cd6b94e..347a34f 100644
--- a/Python/etc/postfix/canonical
+++ b/Python/etc/postfix/canonical
@@ -2,13 +2,13 @@
include("ip")
-print "# Fichier Gere par Bcfg2, tout changement local sera ecrase !"
+header("Fichier fournissant des méthodes pour traduire certaines adresses")
if has("bug-tracker"):
# On ne sait jamais
@/^(.*)@bugs.crans.org$/ ${1}@bugs.crans.org
-print "/^(.*)@localhost(\.crans\.org)?$/ ${1}@crans.org"
-print "/^(.*)@%s$/ ${1}@crans.org" % admhostname
+out("/^(.*)@localhost(\.crans\.org)?$/ ${1}@crans.org")
+out("/^(.*)@%s$/ ${1}@crans.org" % (admhostname,))
if not has("non-vlan-adherent"):
- print "/^(.*)@%s$/ ${1}@crans.org" % pubhostname
+ out("/^(.*)@%s$/ ${1}@crans.org" % (pubhostname,))
diff --git a/Python/etc/postfix/main.cf b/Python/etc/postfix/main.cf
index 8dafc91..abe0cac 100644
--- a/Python/etc/postfix/main.cf
+++ b/Python/etc/postfix/main.cf
@@ -65,11 +65,11 @@ else:
@# Reseaux locaux
%mynetworks local_networks
if mx and not users:
- out(" " + tostring(client_networks + adm_networks) + "\n")
+ out(" " + tostring(client_networks + adm_networks))
elif users:
- out(" " + tostring(adm_networks) + "\n")
+ out(" " + tostring(adm_networks))
elif tracker:
- out(" " + tostring(adm_networks) + "\n")
+ out(" " + tostring(adm_networks))
if not mx:
if tracker or corbeau:
@@ -83,16 +83,16 @@ if mx:
@# Destinations acceptees
%mydestination [hostname, "$myhostname", "localhost", "localhost.$mydomain"]
if main or users:
- out(" " + tostring(["$mydomain", "crans.ens-cachan.fr", "clubs.ens-cachan.fr", "install-party.ens-cachan.fr"]) + "\n")
+ out(" " + tostring(["$mydomain", "crans.ens-cachan.fr", "clubs.ens-cachan.fr", "install-party.ens-cachan.fr"]))
if manage_ml:
- out(" " + tostring(["lists.$mydomain"]) + "\n")
+ out(" " + tostring(["lists.$mydomain"]))
@# Domaine relaye par ce MX
@relay_domains = $mydestination
if secondary:
- out(" " + tostring(["$mydomain", "crans.ens-cachan.fr", "clubs.ens-cachan.fr", "install-party.ens-cachan.fr"]) + "\n")
+ out(" " + tostring(["$mydomain", "crans.ens-cachan.fr", "clubs.ens-cachan.fr", "install-party.ens-cachan.fr"]))
if public and not manage_ml:
- out(" " + tostring(["lists.$mydomain"]) + "\n")
+ out(" " + tostring(["lists.$mydomain"]))
if not mx:
if tracker:
@@ -154,7 +154,7 @@ if manage_ml:
# Pour les non-mx il n'y a plus rien d'interessant
if mx:
@# Plus les alias dans la base de donnees
- out(" " + tostring(db_file("search")) + "\n")
+ out(" " + tostring(db_file("search")))
@# On prend aussi en compte les utilisateurs de /etc/passwd
@local_recipient_maps = $alias_maps unix:passwd.byname
@# Les anciennes ML @crans.org, @crans.ens-cachan.fr -> @lists.crans.org
@@ -213,7 +213,7 @@ if mx:
@# On n'ignore que les messages venant d'adresses "protégées"
@smtpd_client_event_limit_exceptions = local_networks
if mx:
- out(" " + tostring(adm_networks) + "\n")
+ out(" " + tostring(adm_networks))
@
@# On limite à 10 messages par minute
@smtpd_client_message_rate_limit = 10
@@ -241,7 +241,7 @@ if mx:
if public:
@# accepte si le champ contourneGreylist de la base est a OK
@ permit_sasl_authenticated
- out(" check_recipient_access " + tostring(db_file("sqlgrey")) + "\n")
+ out(" check_recipient_access " + tostring(db_file("sqlgrey")))
@# accepte si la greylist est d'accord
@ check_policy_service inet:127.0.0.1:2501
@# jette le reste
@@ -273,7 +273,7 @@ if mx:
@# +----------------------+
@#POUR SECOURS
if not has("rescue-mode"):
- out("#")
+ _out("#")
@relayhost = [ovh.adm.crans.org]:25
if has("titanic"):
diff --git a/Python/etc/postfix/master.cf b/Python/etc/postfix/master.cf
index 817c1ad..5f9ba8a 100644
--- a/Python/etc/postfix/master.cf
+++ b/Python/etc/postfix/master.cf
@@ -115,7 +115,7 @@ if main:
@ -o smtpd_sasl_auth_enable=yes
@ -o smtpd_client_restrictions=permit_sasl_authenticated,reject
if not public:
- print " -o content_filter=lmtp:[amavis.adm.crans.org]:10024"
+ @ -o content_filter=lmtp:[amavis.adm.crans.org]:10024
@#628 inet n - - - - qmqpd
@pickup fifo n - - 60 1 pickup
@cleanup unix n - - - 0 cleanup
diff --git a/Python/etc/proftpd/proftpd.conf b/Python/etc/proftpd/proftpd.conf
index 4689e6f..27f75ae 100644
--- a/Python/etc/proftpd/proftpd.conf
+++ b/Python/etc/proftpd/proftpd.conf
@@ -9,7 +9,7 @@ include("ip")
@# To really apply changes reload proftpd after modifications.
@#
@
-print 'ServerName "%s"' % hostname
+out('ServerName "%s"' % (hostname,))
@ServerType standalone
@DeferWelcome off
@
diff --git a/Python/etc/radvd.conf b/Python/etc/radvd.conf
index 6b942f7..74e0413 100644
--- a/Python/etc/radvd.conf
+++ b/Python/etc/radvd.conf
@@ -46,7 +46,7 @@ def router_adv(**kw):
};""" % pref
kw['other_prefixes'] = '\n'.join(map(prefix_section, kw['other_prefixes']))
- print """
+ out("""
interface %(iface)s
{
AdvSendAdvert on;
@@ -62,7 +62,7 @@ interface %(iface)s
# Les récursifs:\n %(rec)s
};
-""" % kw
+""" % kw)
# NOTE: Je met \n parce qu'un "%" en début de ligne est remplacé par bcfg2 …
router_adv(iface='crans', prefix='2a01:240:fe3d:4::/64')
diff --git a/Python/etc/ramond.conf b/Python/etc/ramond.conf
index 8e369d9..565bdc1 100644
--- a/Python/etc/ramond.conf
+++ b/Python/etc/ramond.conf
@@ -11,28 +11,27 @@ from gestion.config import mac_du_routeur
from gestion.config import prefix
from gestion.config import int_prefix
-print """
+out("""
- """
+ """)
def printmac(mac):
- print """
- """ + mac + """"""
+ out(" %s" % (mac,))
printmac(mac_du_routeur)
printmac(mac_komaz)
printmac(mac_titanic)
-print """
+out("""
-"""
+""")
def prefi(pref):
- print """
-
+ out("""
+
-"""
+""" % (pref,))
prefi(prefix['fil'][0])
@@ -44,7 +43,7 @@ prefi(prefix['v6only'][0])
prefi(int_prefix['manage_ap'])
-print """
+out("""
@@ -56,4 +55,4 @@ print """
-"""
+""")
diff --git a/Python/etc/rsyncd.conf b/Python/etc/rsyncd.conf
index beb8a40..ade48fa 100644
--- a/Python/etc/rsyncd.conf
+++ b/Python/etc/rsyncd.conf
@@ -43,11 +43,11 @@ for excluded in RsyncHostsToExclude[hostname]:
ip = admipof("babar")
for (name, path) in backup_folders.iteritems():
- print """
+ out("""
[%(name)s]
path = %(path)s
auth users = backupcrans
secrets file = /etc/crans/secrets/rsyncd.secrets
hosts allow = babar.adm.crans.org %(ip)s""" % { 'name' : name,
'path' : path,
- 'ip' : ip }
+ 'ip' : ip })
diff --git a/Python/etc/rsyslog.conf b/Python/etc/rsyslog.conf
index eaa7c98..a0982b6 100644
--- a/Python/etc/rsyslog.conf
+++ b/Python/etc/rsyslog.conf
@@ -1,5 +1,6 @@
header("Fichier de configuration de rsyslog")
-print """
+
+out("""
# /etc/rsyslog.conf Configuration file for rsyslog.
#
# For more information see
@@ -121,4 +122,4 @@ daemon.*;mail.*;\\
news.err;\\
*.=debug;*.=info;\\
*.=notice;*.=warn |/dev/xconsole
-"""
+""")
diff --git a/Python/etc/rsyslog.d/51-pgsql.conf b/Python/etc/rsyslog.d/51-pgsql.conf
index ec1bbb4..6f708ab 100644
--- a/Python/etc/rsyslog.d/51-pgsql.conf
+++ b/Python/etc/rsyslog.d/51-pgsql.conf
@@ -25,7 +25,7 @@ if False:
@$ActionResumeRetryCount -1 # infinite retries on insert failure
@$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down
- print '*.* :ompgsql:localhost,Syslog,rsyslog,%s;'%(secrets.rsyslog_pgsql_password)
+ out('*.* :ompgsql:localhost,Syslog,rsyslog,%s;' % (secrets.rsyslog_pgsql_password))
@
@#On ne loggue plus dans les fichiers ce qui n'est pas à nous
@:fromhost, !isequal, "thot" ~
diff --git a/Python/etc/sudoers b/Python/etc/sudoers
index e070f11..8790f3e 100644
--- a/Python/etc/sudoers
+++ b/Python/etc/sudoers
@@ -40,63 +40,63 @@ elif has("2B"):
@# Cmnd alias specification
@# User privilege specification
-print "root ALL=(ALL:ALL) ALL"
-print "NOUNOUS ALL=(ALL:ALL) ALL"
+@root ALL=(ALL:ALL) ALL
+@NOUNOUS ALL=(ALL:ALL) ALL
if has("2B"):
- print "RESPBATS ALL=(root:ALL) NOPASSWD: /usr/scripts/gestion/tools/who2b.py"
+ @RESPBATS ALL=(root:ALL) NOPASSWD: /usr/scripts/gestion/tools/who2b.py
if has("users"):
@# Les modérateurs ont le whos
- print "MODEROS ALL=(respbats:ALL) /usr/scripts/gestion/whos.py,/usr/scripts/gestion/whos_lc.py"
+ @MODEROS ALL=(respbats:ALL) /usr/scripts/gestion/whos.py,/usr/scripts/gestion/whos_lc.py
@# Câbleurs
- print "RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/gest_crans.py,/usr/scripts/gestion/chgpass.py,/usr/scripts/gestion/gest_crans_lc.py"
- print "RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/ldap_crans.py --zombielock"
- print "RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/ldap_crans.py --purgelock"
- print "RESPBATS ALL=(respbats:ALL) /usr/scripts/admin/mail_invalide/mail_invalide.py, /usr/scripts/admin/controle_tresorier.py, /usr/scripts/admin/controle_tresorier2.py, /usr/scripts/admin/controle_tresorier3.py"
- print "RESPBATS ALL=(respbats:ALL) NOPASSWD: /usr/scripts/gestion/whos.py,/usr/scripts/gestion/whos_lc.py,/usr/scripts/utils/chambre.py,/usr/scripts/utils/stats_cableurs.py,/usr/scripts/gestion/tools/whokfet.py"
- print "RESPBATS ALL=(respbats:ALL) NOPASSWD: /usr/scripts/gestion/tools/whosthere.py dalembert"
- print "RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/ressuscite.py"
- print "RESPBATS ALL=(respbats:ALL) /usr/scripts/cransticket/dump_creds.py"
+ @RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/gest_crans.py,/usr/scripts/gestion/chgpass.py,/usr/scripts/gestion/gest_crans_lc.py
+ @RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/ldap_crans.py --zombielock
+ @RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/ldap_crans.py --purgelock
+ @RESPBATS ALL=(respbats:ALL) /usr/scripts/admin/mail_invalide/mail_invalide.py, /usr/scripts/admin/controle_tresorier.py, /usr/scripts/admin/controle_tresorier2.py, /usr/scripts/admin/controle_tresorier3.py
+ @RESPBATS ALL=(respbats:ALL) NOPASSWD: /usr/scripts/gestion/whos.py,/usr/scripts/gestion/whos_lc.py,/usr/scripts/utils/chambre.py,/usr/scripts/utils/stats_cableurs.py,/usr/scripts/gestion/tools/whokfet.py
+ @RESPBATS ALL=(respbats:ALL) NOPASSWD: /usr/scripts/gestion/tools/whosthere.py dalembert
+ @RESPBATS ALL=(respbats:ALL) /usr/scripts/gestion/ressuscite.py
+ @RESPBATS ALL=(respbats:ALL) /usr/scripts/cransticket/dump_creds.py
@# Pour ne pas louper des .forward pour des questions de droits de lecture
- print "RESPBATS ALL=(root:ALL) NOPASSWD: /usr/scripts/admin/mail_invalide/mail_invalide.py"
+ @RESPBATS ALL=(root:ALL) NOPASSWD: /usr/scripts/admin/mail_invalide/mail_invalide.py
@# Bureau
- print "BUREAU ALL=(respbats:ALL) /usr/scripts/admin/controle_charte_MA.py, /usr/scripts/admin/menage_cableurs.py"
+ @BUREAU ALL=(respbats:ALL) /usr/scripts/admin/controle_charte_MA.py, /usr/scripts/admin/menage_cableurs.py
@# intranet
- print "respbats ALL=(USERS:ALL) NOPASSWD: /usr/scripts/gestion/config_mail.py"
- print "respbats ALL=(root:ALL) NOPASSWD: /usr/local/bin/quota"
+ @respbats ALL=(USERS:ALL) NOPASSWD: /usr/scripts/gestion/config_mail.py
+ @respbats ALL=(root:ALL) NOPASSWD: /usr/local/bin/quota
@# Génération de codes impression pour les imprimeurs
- print "IMPRIMEURS ALL=(root:ALL) /usr/scripts/impression/gen_code.py"
+ @IMPRIMEURS ALL=(root:ALL) /usr/scripts/impression/gen_code.py
@# Les imprimeurs peuvent recréditer en masse
- print "IMPRIMEURS ALL=(respbats:ALL) /usr/scripts/impression/recredit_masse.py"
- print "IMPRIMEURS ALL=(respbats:ALL) /usr/scripts/impression/recredit.py"
+ @IMPRIMEURS ALL=(respbats:ALL) /usr/scripts/impression/recredit_masse.py
+ @IMPRIMEURS ALL=(respbats:ALL) /usr/scripts/impression/recredit.py
@# Redémarrage de l'intranet pour les imprimeurs
- print "IMPRIMEURS ALL=(root:ALL) /usr/scripts/impression/redemarre_intranet.sh"
+ @IMPRIMEURS ALL=(root:ALL) /usr/scripts/impression/redemarre_intranet.sh
@# Un chsh pour tout le monde
- print "ALL ALL=(respbats:ALL) /usr/scripts/gestion/chsh.py, NOPASSWD:/usr/local/bin/ldap_whoami"
+ @ALL ALL=(respbats:ALL) /usr/scripts/gestion/chsh.py, NOPASSWD:/usr/local/bin/ldap_whoami
@# Quotas
- print "ALL ALL=(respbats:ALL) NOPASSWD:/usr/local/bin/quota.sh"
+ @ALL ALL=(respbats:ALL) NOPASSWD:/usr/local/bin/quota.sh
@# Envoi de message SIP
- print "ALL ALL=(respbats:ALL) NOPASSWD:/usr/scripts/sip/send_sms.py"
+ @ALL ALL=(respbats:ALL) NOPASSWD:/usr/scripts/sip/send_sms.py
-print "%respbats ALL=(ALL) NOPASSWD: /usr/bin/monit summary, /usr/bin/monit status"
+@%respbats ALL=(ALL) NOPASSWD: /usr/bin/monit summary, /usr/bin/monit status
if has('generate'):
- print "rpcssh ALL=(ALL) NOPASSWD: /usr/scripts/gestion/gen_confs/generate.py"
+ @rpcssh ALL=(ALL) NOPASSWD: /usr/scripts/gestion/gen_confs/generate.py
if has('arpwatch'):
@# arpwatch
- print "arpwatch ALL=(arpwatch:ALL) NOPASSWD:/usr/scripts/surveillance/arpwatch_sendmail.py"
+ @arpwatch ALL=(arpwatch:ALL) NOPASSWD:/usr/scripts/surveillance/arpwatch_sendmail.py
if has('intranet2-server'):
- print "www-data ALL=(root:ALL) NOPASSWD: /usr/local/bin/quota"
- print "www-data ALL=(root) NOPASSWD: /usr/scripts/utils/chown_impressions.sh"
+ @www-data ALL=(root:ALL) NOPASSWD: /usr/local/bin/quota
+ @www-data ALL=(root) NOPASSWD: /usr/scripts/utils/chown_impressions.sh
# Inclusion de fichier locaux
@
diff --git a/Python/etc/sysctl.conf b/Python/etc/sysctl.conf
index 87d56f1..9be8294 100644
--- a/Python/etc/sysctl.conf
+++ b/Python/etc/sysctl.conf
@@ -21,7 +21,7 @@ Voir http://wiki.crans.org/CransTechnique/Bcfg2/... pour plus d'explications.
""")
# Définitions communes
-print """
+out("""
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.default.accept_ra = 0
net.ipv6.conf.default.accept_ra_defrtr = 0
@@ -37,7 +37,7 @@ net.ipv6.conf.all.accept_ra_pinfo = 0
net.ipv6.conf.all.accept_source_route = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.all.use_tempaddr = 0
-"""
+""")
Probe_Ifs = metadata.Probes["mac"].strip().split('\n')
@@ -45,6 +45,6 @@ Ifs = [Probe_Ifs[i] for i in range(len(Probe_Ifs)) if i % 2 == 0]
# Un '.' supplémentaire dans une clé sysctl, c'est mal.
for i in Ifs:
- print template_ra % { 'If' : i.replace('.','/') }
+ out(template_ra % { 'If' : i.replace('.','/') })
-print metadata.Probes["sysctl"]
+out(metadata.Probes["sysctl"])
diff --git a/Python/var/local/rpcssh/.ssh/authorized_keys b/Python/var/local/rpcssh/.ssh/authorized_keys
index 355b319..322af36 100644
--- a/Python/var/local/rpcssh/.ssh/authorized_keys
+++ b/Python/var/local/rpcssh/.ssh/authorized_keys
@@ -9,4 +9,4 @@ comment_start = "#"
header("Clef pour lancer des commandes en temps réel sur les serveurs")
if has("generate"):
- print 'command="sudo /usr/scripts/gestion/gen_confs/generate.py",from="10.231.136.0/24,2a01:240:fe3d:c804::/64",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding %s' % open('/etc/crans/secrets/trigger-generate.pub').read()
+ _out('command="sudo /usr/scripts/gestion/gen_confs/generate.py",from="10.231.136.0/24,2a01:240:fe3d:c804::/64",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding %s' % open('/etc/crans/secrets/trigger-generate.pub').read())
diff --git a/Rules/freeradius.xml b/Rules/freeradius.xml
index 826c495..2364a6b 100644
--- a/Rules/freeradius.xml
+++ b/Rules/freeradius.xml
@@ -1,4 +1,4 @@
-
+
diff --git a/Rules/isc-dhcp-client.xml b/Rules/isc-dhcp-client.xml
new file mode 100644
index 0000000..9720f27
--- /dev/null
+++ b/Rules/isc-dhcp-client.xml
@@ -0,0 +1,4 @@
+
+
+
+
diff --git a/Rules/munin-node.xml b/Rules/munin-node.xml
index 7e038e8..3968451 100644
--- a/Rules/munin-node.xml
+++ b/Rules/munin-node.xml
@@ -1,7 +1,7 @@
+ command="bash -c '/usr/scripts/munin/scripts/link_plugins.py' -f" />
-
-
-
diff --git a/etc/python/common.py b/etc/python/common.py
index 84b3e75..0beb734 100644
--- a/etc/python/common.py
+++ b/etc/python/common.py
@@ -26,7 +26,7 @@ sys.path.append('/usr/scripts/gestion')
def comment(line):
'''Ecrit un commentaire'''
- out(comment_start + " " + line + "\n")
+ out(comment_start + " " + line)
emacs_mode = "conf-unix"
@@ -42,12 +42,12 @@ def header(desc=None, mode=None):
lines.pop()
for line in lines:
comment(line)
- out("\n")
+ out()
def var(name, value, doc=None):
'''Ecrit la definition d'une variable'''
if doc: comment(doc)
- out("%s = %s\n" % (name, value))
+ out("%s = %s" % (name, value))
# Le nom d'hote court, la partie avant le premier '.'
hostname = metadata.hostname.split('.',1)[0]
@@ -78,4 +78,3 @@ def onoff(b):
def outl(line):
out(line)
- out("\n")