b070991164
l'a expliqu. Comme l'explique la doc de Python, time() renvoie le nombre de secondes coules depuis epoch qui est un instant *prcis* (actuellement il s'agit du 01/01/1970 00:00 GMT). Ce nombre est videmment *indpendant du fuseau horaire*, il n'y a donc pas d'ajustement faire. Cela devrait rsoudre le problme que Bilou a voqu. darcs-hash:20060401014759-68412-54ecb3b032924a05fa4c9e6795b6524b059ace6b.gz
345 lines
11 KiB
Python
Executable file
345 lines
11 KiB
Python
Executable file
#! /usr/bin/env python
|
|
# -*- coding: iso-8859-15 -*-
|
|
|
|
# Copyright (C) Frédéric Pauget
|
|
# Licence : GPLv2
|
|
|
|
"""Ce script permet de lancer la reconfiguration des divers services
|
|
|
|
Usage: %(prog)s options
|
|
Les options possibles sont :
|
|
\t%(options)s
|
|
Les options avec = doivent être suivies d'un argument. Plusieurs
|
|
arguments peuvent être founis pour une même option, les séparer par &
|
|
"""
|
|
|
|
import sys, signal, os, getopt
|
|
|
|
sys.path.append('/usr/scripts/gestion')
|
|
|
|
from ldap_crans import crans_ldap, hostname
|
|
from lock import *
|
|
from affich_tools import anim, cprint, OK
|
|
from time import localtime, strftime, time, sleep
|
|
import config
|
|
from inspect import getargspec
|
|
|
|
# On vérifie que l'on est root
|
|
if os.getuid() != 0:
|
|
sys.stderr.write("Il faut être root\n")
|
|
sys.exit(1)
|
|
|
|
signal.signal(signal.SIGINT, signal.SIG_IGN) # Pas de Ctrl-C
|
|
|
|
db = crans_ldap()
|
|
make_lock('auto_generate', 'Big lock', nowait=1)
|
|
|
|
class base_reconfigure:
|
|
__service_develop = {
|
|
'macip': [ 'rouge-macip', 'zamok-macip', 'sila-macip', 'komaz-macip' ],
|
|
'droits': [ 'rouge-droits', 'ragnarok-droits' ],
|
|
'blacklist_upload': [ 'sila-blacklist_upload', 'komaz-blacklist' ],
|
|
'blacklist_p2p': [ 'sila-blacklist_p2p', 'komaz-blacklist' ],
|
|
'blacklist_autodisc_upload': [ 'sila-blacklist_autodisc_upload', 'komaz-blacklist'],
|
|
'blacklist_autodisc_p2p': [ 'sila-blacklist_autodisc_p2p', 'komaz-blacklist']
|
|
}
|
|
|
|
def __init__(self, to_do=None):
|
|
if not to_do:
|
|
if debug:
|
|
print 'Lecture des services à redémarrer dans la base LDAP...'
|
|
auto = True
|
|
to_do = {}
|
|
# Création de la liste de ce qu'il y a à faire
|
|
for serv in db.services_to_restart():
|
|
# Services spéciaux portant sur plusieurs machines
|
|
to_add = self.__service_develop.get(serv.nom, [])
|
|
if to_add:
|
|
for nom in to_add:
|
|
for t in serv.start:
|
|
db.services_to_restart(nom, serv.args, t)
|
|
if time() > t:
|
|
to_do[nom] = serv.args
|
|
db.services_to_restart('-' + serv.nom)
|
|
else:
|
|
for t in serv.start:
|
|
if time() > t:
|
|
to_do[serv.nom] = serv.args
|
|
break
|
|
else:
|
|
auto = False
|
|
if debug:
|
|
print 'Services à redémarrer imposés (non lecture de la base LDAP)'
|
|
|
|
for serv, args in to_do.items():
|
|
# Au cas où le service porte sur plusieurs machines
|
|
service = serv.replace('%s-' % hostname, '')
|
|
if hasattr(self, service):
|
|
# Le service est à reconfigurer sur cette machine
|
|
db.services_to_restart('-%s' % serv)
|
|
try:
|
|
m = getattr(self, service)
|
|
if len(getargspec(m)[0]) > 1:
|
|
m(args)
|
|
else:
|
|
m()
|
|
except:
|
|
if auto:
|
|
db.services_to_restart(serv, args)
|
|
sys.stderr.write('%s :' % serv)
|
|
import traceback
|
|
traceback.print_exc()
|
|
else:
|
|
# Le service n'existe pas
|
|
if debug:
|
|
print "Le service %s n'est pas disponible sur %s" % (service, hostname)
|
|
|
|
if debug:
|
|
reste = db.services_to_restart()
|
|
if reste:
|
|
print "Reste à faire :"
|
|
for s in reste:
|
|
print '\t%s' % s
|
|
else:
|
|
print "Plus rien à faire"
|
|
|
|
def _machines(self):
|
|
""" Retourne les machines de la base étant 'à jour' """
|
|
return db.all_machines(graphic=True)
|
|
|
|
def _do(self, service, machines=None):
|
|
# Reconfiguration des services
|
|
service.debug = debug
|
|
if machines:
|
|
service.machines = machines
|
|
service.reconfigure()
|
|
|
|
def macip(self, ips):
|
|
import firewall
|
|
cprint("Mise à jour correspondance MAC-IP", 'gras')
|
|
eval("firewall.firewall_%s()" % hostname).mac_ip_maj(ips)
|
|
|
|
class rouge(base_reconfigure):
|
|
def autostatus(self):
|
|
from autostatus import autostatus
|
|
self._do(autostatus())
|
|
|
|
def dns(self):
|
|
from gen_confs.bind import dns
|
|
self._do(dns(), self._machines())
|
|
|
|
def dhcp(self):
|
|
from gen_confs.dhcpd import dhcp
|
|
self._do(dhcp(), self._machines())
|
|
|
|
def droits(self):
|
|
from gen_confs.droits import droits_ldap
|
|
self._do(droits_ldap())
|
|
|
|
def ML_ens(self, mails):
|
|
from adherents import ML_ens
|
|
self._do(ML_ens(mails))
|
|
|
|
def mail_modif(self, trucs):
|
|
"""
|
|
trucs est une liste de recherches à effectuer dans la base
|
|
l'affichage des résultats formera le corps du mail
|
|
"""
|
|
from supervison import mail
|
|
self._do(mail(trucs))
|
|
|
|
def switch(self, chambres):
|
|
from gen_confs.switchs import switch
|
|
self._do(switch(chambres))
|
|
|
|
def surveillance_exemptions(self):
|
|
from gen_confs.surveillance import exemptions
|
|
self._do(exemptions())
|
|
|
|
def surveillance_machines(self):
|
|
from gen_confs.surveillance import machines
|
|
self._do(machines(), self._machines())
|
|
|
|
class zamok(base_reconfigure):
|
|
# Tout est dans le parent
|
|
pass
|
|
|
|
class vert(base_reconfigure):
|
|
def home(self, args):
|
|
from adherents import home
|
|
self._do(home(args))
|
|
|
|
def del_user(self, args):
|
|
from adherents import del_user
|
|
self._do(del_user(args))
|
|
|
|
class komaz(base_reconfigure):
|
|
def __fw(self):
|
|
if not hasattr(self, '__real_fw'):
|
|
from firewall import firewall_komaz
|
|
self.__real_fw = firewall_komaz()
|
|
return self.__real_fw
|
|
|
|
def macip(self, ips):
|
|
cprint("Mise à jour correspondance MAC-IP", 'gras')
|
|
self.__fw().mac_ip_maj(ips)
|
|
|
|
def ports(self, ips):
|
|
self.__fw().port_maj(ips)
|
|
|
|
def blacklist(self):
|
|
self.__fw().blacklist()
|
|
|
|
class sila(base_reconfigure):
|
|
def bl_carte_etudiant(self):
|
|
from gen_confs.squid import squid_carte
|
|
self._do(squid_carte())
|
|
|
|
def bl_chbre_invalide(self):
|
|
from gen_confs.squid import squid_chbre
|
|
self._do(squid_chbre())
|
|
|
|
def blacklist_virus(self):
|
|
from gen_confs.squid import squid_virus
|
|
self._do(squid_virus())
|
|
|
|
def blacklist_warez(self):
|
|
from gen_confs.squid import squid_warez
|
|
self._do(squid_warez())
|
|
|
|
def blacklist_upload(self):
|
|
from gen_confs.squid import squid_upload
|
|
self._do(squid_upload())
|
|
|
|
def blacklist_p2p(self):
|
|
from gen_confs.squid import squid_p2p
|
|
self._do(squid_p2p())
|
|
|
|
def blacklist_autodisc_upload(self):
|
|
from gen_confs.squid import squid_autodisc_upload
|
|
self._do(squid_autodisc_upload())
|
|
|
|
def blacklist_autodisc_p2p(self):
|
|
from gen_confs.squid import squid_autodisc_p2p
|
|
self._do(squid_autodisc_p2p())
|
|
|
|
class ragnarok(base_reconfigure):
|
|
__restart_wifi_update = False
|
|
|
|
def macip(self):
|
|
# Surcharge car rien à faire ici
|
|
pass
|
|
|
|
def conf_wifi_ng(self):
|
|
from gen_confs.wifi_ng import conf_wifi_ng
|
|
bornes = None
|
|
if os.getenv("BORNE"):
|
|
bornes = os.getenv("BORNE").split(",")
|
|
self._do(conf_wifi_ng(bornes))
|
|
|
|
def dhcp(self):
|
|
from gen_confs.dhcpd import dhcp
|
|
self._do(dhcp(), self._machines())
|
|
|
|
def droits(self):
|
|
from gen_confs.droits import droits_openbsd
|
|
self._do(droits_openbsd())
|
|
|
|
class vert(base_reconfigure):
|
|
def home(self, args):
|
|
from adherents import home
|
|
self._do(home(args))
|
|
|
|
def del_user(self, args):
|
|
from adherents import del_user
|
|
self._do(del_user(args))
|
|
|
|
def mail_bienvenue(self, mails):
|
|
from adherents import mail_bienvenue
|
|
self._do(mail_bienvenue(mails))
|
|
|
|
|
|
signal.signal(signal.SIGINT, signal.SIG_DFL) # Comportement normal de Ctrl-C
|
|
remove_lock('auto_generate')
|
|
|
|
if __name__ == '__main__':
|
|
classe = eval(hostname)
|
|
|
|
args_autorises = ['quiet', 'remove=', 'add=', 'list', 'help', 'reconnect']
|
|
# Ajout aussi des arguments spécifiques à la machine
|
|
for nom in dir(classe):
|
|
if nom[0] != '_':
|
|
if len(getargspec(getattr(classe, nom))[0]) > 1:
|
|
nom += '='
|
|
args_autorises.append(nom)
|
|
|
|
|
|
##### Options fournies ?
|
|
try:
|
|
if len(sys.argv) > 1:
|
|
options, arg = getopt.getopt(sys.argv[1:], 'h', args_autorises)
|
|
else:
|
|
options, arg = ([], '')
|
|
except getopt.error, msg:
|
|
sys.stderr.write('%s\n' % msg)
|
|
sys.exit(255)
|
|
|
|
debug = 1 # défaut
|
|
to_do = {}
|
|
|
|
for opt, val in options:
|
|
if opt == '--quiet':
|
|
debug = 0
|
|
|
|
elif opt == '--remove':
|
|
for serv in val.split('&'):
|
|
print 'Supression de %s' % serv
|
|
db.services_to_restart('--%s' % serv)
|
|
sys.exit(0)
|
|
|
|
elif opt == '--list':
|
|
print 'Services à redémarrer :'
|
|
for s in db.services_to_restart():
|
|
print '\t%s' % s
|
|
sys.exit(0)
|
|
|
|
elif opt == '--reconnect':
|
|
# Personnes à reconnecter
|
|
print 'Recherche des personnes en fin de sanction...'
|
|
c = db.search('blacklist=*')
|
|
services = []
|
|
hier = time() - 24*3600
|
|
for a_reco in c['adherent'] + c['machine'] + c['club']:
|
|
for bl in a_reco.blacklist():
|
|
fin, sanction = bl.split('$')[1:3]
|
|
if fin > hier and sanction not in services:
|
|
services.append(sanction)
|
|
for s in services:
|
|
print "Ajout de blacklist_%s pour reconfiguration" % s
|
|
db.services_to_restart('blacklist_%s' % s)
|
|
sys.exit(0)
|
|
|
|
elif opt == '--add':
|
|
# Ajout d'un item dans les services à redémarrer
|
|
for serv in val.split('&'):
|
|
if serv.find(',') != -1:
|
|
serv, arg = serv.split(',', 1)
|
|
arg = arg.split(',')
|
|
else:
|
|
arg = []
|
|
|
|
print 'Ajout de %s (%s)' % (serv, arg)
|
|
db.services_to_restart(serv, arg)
|
|
sys.exit(0)
|
|
|
|
elif opt == '-h' or opt == '--help':
|
|
print __doc__ % { 'prog': sys.argv[0].split('/')[-1],
|
|
'options': '--' + '\n\t--'.join(args_autorises) }
|
|
sys.exit(0)
|
|
|
|
elif len(opt) > 2 and opt[:2] == '--':
|
|
to_do[opt[2:]] = val.split('&')
|
|
|
|
|
|
# On fait ce qu'il y a à faire
|
|
classe(to_do)
|