X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=ud-generate;h=07918bdead7f2a77078153b87578e663aa5bc3eb;hb=3a43c86784c706c1ef6c650bf270365def78f996;hp=2fbbbd4b8b6dc2038da478810f9bb738f575043b;hpb=7abd3325a0abf65b1608083c55131d95f3046063;p=mirror%2Fuserdir-ldap.git diff --git a/ud-generate b/ud-generate index 2fbbbd4..07918bd 100755 --- a/ud-generate +++ b/ud-generate @@ -28,6 +28,9 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +from dsa_mq.connection import Connection +from dsa_mq.config import Config + import string, re, time, ldap, optparse, sys, os, pwd, posix, socket, base64, hashlib, shutil, errno, tarfile, grp, fcntl, dbm from userdir_ldap import * from userdir_exceptions import * @@ -410,39 +413,21 @@ def GenWebPassword(accounts, File): Die(File, None, F) raise -# Generate the voipPassword list -def GenVoipPassword(accounts, File): +# Generate the rtcPassword list +def GenRtcPassword(accounts, File): F = None try: OldMask = os.umask(0077) F = open(File, "w", 0600) os.umask(OldMask) - root = Element('include') - for a in accounts: - if not 'voipPassword' in a: continue + if not 'rtcPassword' in a: continue if not a.pw_active(): continue - Pass = str(a['voipPassword']) - user = Element('user') - user.attrib['id'] = "%s" % (a['uid']) - root.append(user) - params = Element('params') - user.append(params) - param = Element('param') - params.append(param) - param.attrib['name'] = "a1-hash" - param.attrib['value'] = "%s" % (Pass) - variables = Element('variables') - user.append(variables) - variable = Element('variable') - variable.attrib['name'] = "toll_allow" - variable.attrib['value'] = "domestic,international,local" - variables.append(variable) - - F.write("%s" % (prettify(root))) - + Line = "%s@debian.org:%s:rtc.debian.org:AUTHORIZED" % (a['uid'], str(a['rtcPassword'])) + Line = Sanitize(Line) + "\n" + F.write("%s" % (Line)) except: Die(File, None, F) @@ -655,7 +640,7 @@ def GenDBM(accounts, File, key): pass try: - Fdb = dbm.open(fn + ".tmp", "c") + Fdb = dbm.open(fn, "c") os.umask(OldMask) # Write out the email address for each user @@ -667,9 +652,11 @@ def GenDBM(accounts, File, key): Fdb.close() except: - Die(File, Fdb, None) + # python-dbm names the files Fdb.db.db so we want to them to be Fdb.db + os.remove(File + ".db") raise - Done(File, Fdb, None) + # python-dbm names the files Fdb.db.db so we want to them to be Fdb.db + os.rename (File + ".db", File) # Generate the anon XEarth marker file def GenMarkers(accounts, File): @@ -1118,7 +1105,8 @@ def get_accounts(ldap_conn): "keyFingerPrint", "privateSub", "mailDisableMessage",\ "mailGreylisting", "mailCallout", "mailRBL", "mailRHSBL",\ "mailWhitelist", "sudoPassword", "objectClass", "accountStatus",\ - "mailContentInspectionAction", "webPassword", "voipPassword"]) + "mailContentInspectionAction", "webPassword", "rtcPassword",\ + "bATVToken"]) if passwd_attrs is None: raise UDEmptyList, "No Users" @@ -1195,9 +1183,9 @@ def generate_all(global_dir, ldap_conn): GenMailDisable(accounts, global_dir + "mail-disable") GenCDB(accounts, global_dir + "mail-forward.cdb", 'emailForward') - GenDBM(accounts, global_dir + "mail-forward", 'emailForward') + GenDBM(accounts, global_dir + "mail-forward.db", 'emailForward') GenCDB(accounts, global_dir + "mail-contentinspectionaction.cdb", 'mailContentInspectionAction') - GenDBM(accounts, global_dir + "mail-contentinspectionaction", 'mailContentInspectionAction') + GenDBM(accounts, global_dir + "mail-contentinspectionaction.db", 'mailContentInspectionAction') GenPrivate(accounts, global_dir + "debian-private") GenSSHKnown(host_attrs, global_dir+"authorized_keys", 'authorized_keys', global_dir+'ud-generate.lock') GenMailBool(accounts, global_dir + "mail-greylist", "mailGreylisting") @@ -1206,7 +1194,7 @@ def generate_all(global_dir, ldap_conn): GenMailList(accounts, global_dir + "mail-rhsbl", "mailRHSBL") GenMailList(accounts, global_dir + "mail-whitelist", "mailWhitelist") GenWebPassword(accounts, global_dir + "web-passwords") - GenVoipPassword(accounts, global_dir + "voip-passwords") + GenRtcPassword(accounts, global_dir + "rtc-passwords") GenKeyrings(global_dir) # Compatibility. @@ -1291,11 +1279,11 @@ def generate_host(host, global_dir, all_accounts, all_hosts, ssh_userkeys): DoLink(global_dir, OutDir, "mail-whitelist") DoLink(global_dir, OutDir, "all-accounts.json") GenCDB(accounts, OutDir + "user-forward.cdb", 'emailForward') - GenDBM(accounts, OutDir + "user-forward", 'emailForward') + GenDBM(accounts, OutDir + "user-forward.db", 'emailForward') GenCDB(accounts, OutDir + "batv-tokens.cdb", 'bATVToken') - GenDBM(accounts, OutDir + "batv-tokens", 'bATVToken') + GenDBM(accounts, OutDir + "batv-tokens.db", 'bATVToken') GenCDB(accounts, OutDir + "default-mail-options.cdb", 'mailDefaultOptions') - GenDBM(accounts, OutDir + "default-mail-options", 'mailDefaultOptions') + GenDBM(accounts, OutDir + "default-mail-options.db", 'mailDefaultOptions') # Compatibility. DoLink(global_dir, OutDir, "forward-alias") @@ -1326,8 +1314,8 @@ def generate_host(host, global_dir, all_accounts, all_hosts, ssh_userkeys): if 'WEB-PASSWORDS' in ExtraList: DoLink(global_dir, OutDir, "web-passwords") - if 'VOIP-PASSWORDS' in ExtraList: - DoLink(global_dir, OutDir, "voip-passwords") + if 'RTC-PASSWORDS' in ExtraList: + DoLink(global_dir, OutDir, "rtc-passwords") if 'KEYRING' in ExtraList: for k in Keyrings: @@ -1398,12 +1386,42 @@ def getLastBuildTime(gdir): return (cache_last_ldap_mod, cache_last_unix_mod, cache_last_run) +def mq_notify(options, message): + options.section = 'dsa-udgenerate' + options.config = '/etc/dsa/pubsub.conf' + + config = Config(options) + conf = { + 'rabbit_userid': config.username, + 'rabbit_password': config.password, + 'rabbit_virtual_host': config.vhost, + 'rabbit_hosts': ['pubsub02.debian.org', 'pubsub01.debian.org'], + 'use_ssl': False + } + + msg = { + 'message': message, + 'timestamp': int(time.time()) + } + conn = None + try: + conn = Connection(conf=conf) + conn.topic_send(config.topic, + json.dumps(msg), + exchange_name=config.exchange, + timeout=5) + finally: + if conn: + conn.close() + def ud_generate(): parser = optparse.OptionParser() parser.add_option("-g", "--generatedir", dest="generatedir", metavar="DIR", help="Output directory.") parser.add_option("-f", "--force", dest="force", action="store_true", help="Force generation, even if no update to LDAP has happened.") + parser.add_option("-m", "--mq", action="store_true", default=False, + help="Send update trigger over MQ") (options, args) = parser.parse_args() if len(args) > 0: @@ -1433,16 +1451,16 @@ def ud_generate(): need_update = (ldap_last_mod > cache_last_ldap_mod) or (unix_last_mod > cache_last_unix_mod) or (time_started - last_run > MAX_UD_AGE) - if not options.force and not need_update: - fd = open(os.path.join(generate_dir, "last_update.trace"), "w") - fd.write("%s\n%s\n%s\n" % (ldap_last_mod, unix_last_mod, last_run)) - fd.close() - sys.exit(0) - - tracefd = open(os.path.join(generate_dir, "last_update.trace"), "w") - generate_all(generate_dir, l) - tracefd.write("%s\n%s\n%s\n" % (ldap_last_mod, unix_last_mod, time_started)) - tracefd.close() + fd = open(os.path.join(generate_dir, "last_update.trace"), "w") + if need_update or options.force: + msg = 'Update forced' if options.force else 'Update needed' + generate_all(generate_dir, l) + if options.mq: + mq_notify(options, msg) + last_run = int(time.time()) + fd.write("%s\n%s\n%s\n" % (ldap_last_mod, unix_last_mod, last_run)) + fd.close() + sys.exit(0) if __name__ == "__main__":