Fork: 0
tundra / mkapachepw
Browse code
Reordered parsing of in/exclusion arguments to be keyed to name rather than ID.
Corrected command line argument to set starting UID to use -u rather than -p.
Copy of command line used to generate file is now included as comment.
Added logic to default to suppressing user accounts that do not permit login.
master
1 parent 4d7c25d commit 9fb82782122ad25ee1b108c7924887e7c4b204ee
@root root authored on 4 Apr 2005
Patch
Unified Split
Showing 1 changed file
View
94
mkapachepw.py
 
# Program Information
 
PROGNAME = "mkapachepw"
RCSID = "$Id: mkapachepw.py,v 1.107 2005/04/04 21:41:37 root Exp $"
RCSID = "$Id: mkapachepw.py,v 1.108 2005/04/04 22:23:24 root Exp $"
VERSION = RCSID.split()[2]
 
# Copyright Information
 
# Literals
#####
 
TIMESTAMP = "# Created By %s %s On %s At %s\n" % (PROGNAME, VERSION, getfqdn(), time.asctime())
CMDLINE = "# Command Line: %s\n" % " ".join(sys.argv)
 
 
#----------------------------------------------------------#
# Prompts, & Application Strings #
# Usage Prompts
#####
 
uTable = [PROGNAME + " " + VERSION + " - %s\n" % COPYRIGHT,
"usage: " + PROGNAME + " [-GUfghpv] where,\n",
"usage: " + PROGNAME + " [-GUfghuv] where,\n",
" -G list of groups to include (+group) or exclude (-group) (default: none)",
" -U list of users to include (+user) or exclude (-user) (default: none)",
" -f file configuration file to use (default: none)",
" -g # smallest GID to include in output (default: 100)",
" -h print this help information",
" -p # smallest UID to include in output (default: 100)",
" -u # smallest UID to include in output (default: 100)",
" -v print detailed version information",
]
 
 
else:
ErrorMsg("'%s' Must Be Prefixed With '+' or '-' To Indicate Desired Action." % item)
sys.exit(2)
 
item = item[1:] # We just need the item ID portion
 
# See if it's a GID/UID (a number)
item = item[1:] # We just need the item Name/ID portion
 
# Convert GIDs and UIDs to names first
try:
item = int(item)
 
# Make sure it even exists
 
if item not in master:
ErrorMsg("'%s' Is An Invalid %s ID." % (item, name))
# Handle the case where the ID does not exist
try:
item = lookup(item)[0]
 
except:
ErrorMsg("'%s' Is An Invalid %s ID." % (orig[1:], name))
sys.exit(2)
 
# If not, assume it is a name and look it up
except ValueError:
 
# Handle the case where the name does not exist
try:
item = lookup(item)[2]
 
except:
ErrorMsg("'%s' Is An Invalid %s Name." % (orig[1:], name))
# Make sure it even exists
 
if item not in master:
ErrorMsg("'%s' Is An Invalid %s Name." % (item, name))
sys.exit(2)
 
 
print additem, item
 
# Do the actual in/exclusion
 
# Include
for group in grp.getgrall():
 
gname, gpw, gid, gmembers = group[:4]
 
groups[gid] = [gname, [], Protected]
groups[gname] = [gid, [], Protected]
for member in gmembers:
groups[gid][1].append(member)
groups[gname][1].append(member)
 
#####
# Build A List Of Users
#####
 
for user in pwd.getpwall():
 
uname, pw, uid, gid = user[:4]
 
users[uid] = [uname, pw, Protected]
if uname not in groups[gid][1]:
groups[gid][1].append(uname)
gname = grp.getgrgid(gid)[0]
users[uname] = [uid, pw, Protected]
if uname not in groups[gname][1]:
groups[gname][1].append(uname)
 
 
#####
# Command line processing - Process any options set in the
if envopt:
OPTIONS = envopt.split() + OPTIONS
 
try:
opts, args = getopt.getopt(OPTIONS, '-G:U:f:g:hp:v')
opts, args = getopt.getopt(OPTIONS, '-G:U:f:g:hu:v')
except getopt.GetoptError:
Usage()
sys.exit(1)
 
for opt, val in opts:
if opt == "-G":
ProcessEnumeratedList(val, groups, grp.getgrnam, "Group")
ProcessEnumeratedList(val, groups, grp.getgrgid, "Group")
if opt == "-U":
ProcessEnumeratedList(val, users, pwd.getpwnam, "User")
ProcessEnumeratedList(val, users, pwd.getpwuid, "User")
if opt == "-f":
CFGFILE=val
if opt == "-g":
STARTGID=int(val)
if opt == "-h":
Usage()
sys.exit(0)
if opt == "-p":
if opt == "-u":
STARTUID=int(val)
if opt == "-v":
print RCSID
sys.exit(0)
 
print users, groups
 
#####
# Write Out The Files
#####
 
# Group File
 
grfile = open(GRFILE, "w")
grfile.write(TIMESTAMP)
grfile.write(CMDLINE)
 
# Write out groups if they are either protected or >= specified starting ID
 
for gid in groups:
if (groups[gid][2]) or (gid >= STARTGID):
grfile.write("%s: %s\n" % (groups[gid][0], " ".join(groups[gid][1])))
gnames = groups.keys()
gnames.sort()
for gname in gnames:
if (groups[gname][2]) or (groups[gname][0] >= STARTGID):
grfile.write("%s: %s\n" % (gname, " ".join(groups[gname][1])))
 
grfile.close()
 
# Password File
 
pwfile = open(PWFILE, "w")
pwfile.write(TIMESTAMP)
pwfile.write(CMDLINE)
 
# Write out users if they are either protected or >= specified starting ID
 
for uid in users:
print users[uid]
if (users[uid][2]) or (uid >= STARTUID):
pwfile.write("%s:%s\n" % tuple(users[uid])[:2])
# Unless explicitly protected, any account that has '*' as a password
# (thus indicating it does not support login), will be suppressed.
 
unames = users.keys()
unames.sort()
for uname in unames:
if (users[uname][2]) or ((users[uname][0] >= STARTUID) and (users[uname][1] != '*')):
pwfile.write("%s:%s\n" % (uname, users[uname][1]))
 
pwfile.close()