[Cluster-devel] conga/luci/utils luci_cleanup

[Cluster-devel] conga/luci/utils luci_cleanup

[rmccabe]

CVSROOT:	/cvs/cluster
Module name:	conga
Changes by:	rmccabe at sourceware.org	2006-08-03 18:33:04

Added files:
	luci/utils     : luci_cleanup 

Log message:
	initial commit. little program for clearing out the db in preparation for distribution.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_cleanup.diff?cvsroot=cluster&r1=NONE&r2=1.1

/cvs/cluster/conga/luci/utils/luci_cleanup,v  -->  standard output
revision 1.1
--- conga/luci/utils/luci_cleanup
+++ -	2006-08-03 18:33:04.817929000 +0000
@@ -0,0 +1,173 @@
+#!/usr/bin/python
+
+import sys, os, pwd
+import types
+
+sys.path.extend((
+	'/usr/lib/luci/zope/lib/python',
+	'/usr/lib/luci/zope/lib/python/Products',
+	'/usr/lib64/luci/zope/lib/python',
+	'/usr/lib64/luci/zope/lib/python/Products',
+	'/usr/lib64/zope/lib64/python',
+	'/usr/lib64/zope/lib/python',
+	'/usr/lib/zope/lib/python',
+	'/usr/lib64/zope/lib/python/Products',
+	'/usr/lib64/zope/lib64/python/Products',
+	'/usr/lib/zope/lib/python/Products'
+))
+
+from Products import __path__
+for i in [	'/usr/lib/luci/zope/lib/python/Products',
+			'/usr/lib64/luci/zope/lib/python/Products',
+			'/usr/lib64/zope/lib/python/Products',
+			'/usr/lib64/zope/lib64/python/Products',
+			'/usr/lib/zope/lib/python/Products'			]:
+	if os.path.isdir(i):
+		__path__.append(i)
+
+LUCI_USER = 'luci'
+LUCI_GROUP = 'luci'
+
+LUCI_BACKUP_DIR = '/var/lib/luci/var'
+LUCI_DB_PATH = '/var/lib/luci/var/Data.fs'
+
+null = file(os.devnull, 'rwb+', 0)
+orig_stderr = sys.stderr
+
+def restore_luci_db_fsattr():
+	try:
+		luci = pwd.getpwnam(LUCI_USER)[2:4]
+		if not luci or len(luci) != 2:
+			raise
+	except:
+		sys.stderr.write('Cannot find the \"' + LUCI_USER + '\" user.\n')
+		return -1
+
+	try:
+		os.chown(LUCI_DB_PATH, luci[0], luci[1])
+		os.chmod(LUCI_DB_PATH, 0600)
+		for i in [ '.tmp', '.old', '.index', '.lock' ]:
+			try:
+				os.chown(LUCI_DB_PATH + i, luci[0], luci[1])
+				os.chmod(LUCI_DB_PATH + i, 0600)
+			except: pass
+	except:
+		sys.stderr.write('Unable to change ownership of the Luci database back to user \"' + LUCI_USER + '\"\n')
+		return -1
+
+def luci_cleanup():
+	sys.stderr = null
+	import ZODB
+	from ZODB.FileStorage import FileStorage
+	from ZODB.DB import DB
+	import OFS
+	from OFS.Application import AppInitializer
+	import OFS.Folder
+	import AccessControl
+	import AccessControl.User
+	from AccessControl.AuthEncoding import SSHADigestScheme
+	from AccessControl.SecurityManagement import newSecurityManager
+	import transaction
+	import Products.CMFCore
+	import Products.CMFCore.MemberDataTool
+	from CMFPlone.utils import getToolByName
+	import ImageFile
+	import Products.PluggableAuthService.plugins.ZODBUserManager
+	import Products.PlonePAS.Extensions
+	from Products.PlonePAS import config
+	from Products.PlonePAS.interfaces.plugins import IUserManagement
+	import BTrees.OOBTree
+	ImageFile.ImageFile.__init__ = lambda x,y,z:None
+	sys.stderr = orig_stderr
+
+	try:
+		fs = FileStorage(LUCI_DB_PATH)
+		db = DB(fs)
+		db.pack()
+		conn = db.open()
+	except IOError, e:
+		if e[0] == 11:
+			sys.stderr.write('It appears that Luci is running. Please stop Luci before attempting to reset passwords.\n')
+			return -1
+		else:
+			sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n')
+			return -1
+	except Exception, e:
+		sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n')
+		return -1
+
+	try:
+		sys.stderr = null
+		tempuser = AccessControl.User.UnrestrictedUser('admin', '',
+					('manage','Manager', 'Owner', 'View', 'Authenticated'), [])
+
+		newSecurityManager(None, tempuser)
+
+		app = conn.root()['Application']
+		AppInitializer(app).initialize()
+		sys.stderr = orig_stderr
+	except:
+		sys.stderr = orig_stderr
+		sys.stderr.write('An error occurred while setting the password for user \"' + user + '\"\n')
+		return -1
+
+	try:
+		rand = file('/dev/urandom', 'r')
+		passwd = rand.read(16)
+	except:
+		sys.stderr.write('Unable to read from /dev/urandom')
+		return -1
+
+	try:
+		pwd_scheme = SSHADigestScheme
+		pwd_hash = '{SSHA}' + pwd_scheme.encrypt(SSHADigestScheme(), passwd)
+		acl_users = app.acl_users.users
+		if len(acl_users):
+			acl_users._user_passwords['admin'] = pwd_hash
+			transaction.commit()
+		else:
+			raise
+	except:
+		sys.stderr.write('Unable to set the password for admin\n')
+		return -1
+
+	membertool = getToolByName(app.luci, 'portal_membership')
+	if membertool and len(membertool):
+		member_list = map(lambda x: x.id, membertool.listMembers())
+		membertool.deleteMembers(member_list)
+	transaction.commit()
+	user_items = app.luci.acl_users.source_users.objectItems()
+
+	if user_items and len(user_items):
+		app.luci.acl_users.source_users.manage_delObjects(map(lambda x: x[0], user_items))
+
+	app.luci.portal_memberdata.pruneMemberDataContents()
+	transaction.commit()
+
+	storage = app.luci.systems.storage
+	if storage and len(storage):
+		storage_items = storage.objectItems()
+		if len(storage_items) > 0:
+			storage.manage_delObjects(map(lambda x: x[0], storage_items))
+			transaction.commit()
+
+	cluster = app.luci.systems.cluster
+	if cluster and len(cluster):
+		cluster_items = cluster.objectItems()
+		if len(cluster_items) > 0:
+			cluster.manage_delObjects(map(lambda x: x[0], cluster_items))
+			transaction.commit()
+
+	conn.close()
+	db.pack()
+	db.close()
+	fs.close()
+
+	if restore_luci_db_fsattr():
+		return -1
+
+def main(argv):
+	luci_cleanup()
+
+if __name__ == '__main__':
+	main(sys.argv)

[Cluster-devel] conga/luci/utils luci_cleanup

[rmccabe]

CVSROOT:	/cvs/cluster
Module name:	conga
Changes by:	rmccabe at sourceware.org	2006-08-03 18:33:54

Modified files:
	luci/utils     : luci_cleanup 

Log message:
	forgot to close /dev/urandom

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_cleanup.diff?cvsroot=cluster&r1=1.1&r2=1.2

--- conga/luci/utils/luci_cleanup	2006/08/03 18:33:04	1.1
+++ conga/luci/utils/luci_cleanup	2006/08/03 18:33:54	1.2
@@ -114,6 +114,7 @@
 	try:
 		rand = file('/dev/urandom', 'r')
 		passwd = rand.read(16)
+		rand.close()
 	except:
 		sys.stderr.write('Unable to read from /dev/urandom')
 		return -1

[Cluster-devel] conga/luci/utils luci_cleanup

[rmccabe]

CVSROOT:	/cvs/cluster
Module name:	conga
Changes by:	rmccabe at sourceware.org	2006-08-03 18:41:54

Modified files:
	luci/utils     : luci_cleanup 

Log message:
	nits

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_cleanup.diff?cvsroot=cluster&r1=1.2&r2=1.3

--- conga/luci/utils/luci_cleanup	2006/08/03 18:33:54	1.2
+++ conga/luci/utils/luci_cleanup	2006/08/03 18:41:54	1.3
@@ -116,7 +116,7 @@
 		passwd = rand.read(16)
 		rand.close()
 	except:
-		sys.stderr.write('Unable to read from /dev/urandom')
+		sys.stderr.write('Unable to read from /dev/urandom\n')
 		return -1
 
 	try:
@@ -137,10 +137,11 @@
 		member_list = map(lambda x: x.id, membertool.listMembers())
 		membertool.deleteMembers(member_list)
 	transaction.commit()
-	user_items = app.luci.acl_users.source_users.objectItems()
 
+	user_items = app.luci.acl_users.source_users.objectItems()
 	if user_items and len(user_items):
 		app.luci.acl_users.source_users.manage_delObjects(map(lambda x: x[0], user_items))
+		transaction.commit()
 
 	app.luci.portal_memberdata.pruneMemberDataContents()
 	transaction.commit()
@@ -159,6 +160,7 @@
 			cluster.manage_delObjects(map(lambda x: x[0], cluster_items))
 			transaction.commit()
 
+	transaction.commit()
 	conn.close()
 	db.pack()
 	db.close()