From mboxrd@z Thu Jan 1 00:00:00 1970 From: rmccabe@sourceware.org Date: 3 Aug 2006 18:33:04 -0000 Subject: [Cluster-devel] conga/luci/utils luci_cleanup Message-ID: <20060803183304.15139.qmail@sourceware.org> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit CVSROOT: /cvs/cluster Module name: conga Changes by: rmccabe at sourceware.org 2006-08-03 18:33:04 Added files: luci/utils : luci_cleanup Log message: initial commit. little program for clearing out the db in preparation for distribution. Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_cleanup.diff?cvsroot=cluster&r1=NONE&r2=1.1 /cvs/cluster/conga/luci/utils/luci_cleanup,v --> standard output revision 1.1 --- conga/luci/utils/luci_cleanup +++ - 2006-08-03 18:33:04.817929000 +0000 @@ -0,0 +1,173 @@ +#!/usr/bin/python + +import sys, os, pwd +import types + +sys.path.extend(( + '/usr/lib/luci/zope/lib/python', + '/usr/lib/luci/zope/lib/python/Products', + '/usr/lib64/luci/zope/lib/python', + '/usr/lib64/luci/zope/lib/python/Products', + '/usr/lib64/zope/lib64/python', + '/usr/lib64/zope/lib/python', + '/usr/lib/zope/lib/python', + '/usr/lib64/zope/lib/python/Products', + '/usr/lib64/zope/lib64/python/Products', + '/usr/lib/zope/lib/python/Products' +)) + +from Products import __path__ +for i in [ '/usr/lib/luci/zope/lib/python/Products', + '/usr/lib64/luci/zope/lib/python/Products', + '/usr/lib64/zope/lib/python/Products', + '/usr/lib64/zope/lib64/python/Products', + '/usr/lib/zope/lib/python/Products' ]: + if os.path.isdir(i): + __path__.append(i) + +LUCI_USER = 'luci' +LUCI_GROUP = 'luci' + +LUCI_BACKUP_DIR = '/var/lib/luci/var' +LUCI_DB_PATH = '/var/lib/luci/var/Data.fs' + +null = file(os.devnull, 'rwb+', 0) +orig_stderr = sys.stderr + +def restore_luci_db_fsattr(): + try: + luci = pwd.getpwnam(LUCI_USER)[2:4] + if not luci or len(luci) != 2: + raise + except: + sys.stderr.write('Cannot find the \"' + LUCI_USER + '\" user.\n') + return -1 + + try: + os.chown(LUCI_DB_PATH, luci[0], luci[1]) + os.chmod(LUCI_DB_PATH, 0600) + for i in [ '.tmp', '.old', '.index', '.lock' ]: + try: + os.chown(LUCI_DB_PATH + i, luci[0], luci[1]) + os.chmod(LUCI_DB_PATH + i, 0600) + except: pass + except: + sys.stderr.write('Unable to change ownership of the Luci database back to user \"' + LUCI_USER + '\"\n') + return -1 + +def luci_cleanup(): + sys.stderr = null + import ZODB + from ZODB.FileStorage import FileStorage + from ZODB.DB import DB + import OFS + from OFS.Application import AppInitializer + import OFS.Folder + import AccessControl + import AccessControl.User + from AccessControl.AuthEncoding import SSHADigestScheme + from AccessControl.SecurityManagement import newSecurityManager + import transaction + import Products.CMFCore + import Products.CMFCore.MemberDataTool + from CMFPlone.utils import getToolByName + import ImageFile + import Products.PluggableAuthService.plugins.ZODBUserManager + import Products.PlonePAS.Extensions + from Products.PlonePAS import config + from Products.PlonePAS.interfaces.plugins import IUserManagement + import BTrees.OOBTree + ImageFile.ImageFile.__init__ = lambda x,y,z:None + sys.stderr = orig_stderr + + try: + fs = FileStorage(LUCI_DB_PATH) + db = DB(fs) + db.pack() + conn = db.open() + except IOError, e: + if e[0] == 11: + sys.stderr.write('It appears that Luci is running. Please stop Luci before attempting to reset passwords.\n') + return -1 + else: + sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n') + return -1 + except Exception, e: + sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n') + return -1 + + try: + sys.stderr = null + tempuser = AccessControl.User.UnrestrictedUser('admin', '', + ('manage','Manager', 'Owner', 'View', 'Authenticated'), []) + + newSecurityManager(None, tempuser) + + app = conn.root()['Application'] + AppInitializer(app).initialize() + sys.stderr = orig_stderr + except: + sys.stderr = orig_stderr + sys.stderr.write('An error occurred while setting the password for user \"' + user + '\"\n') + return -1 + + try: + rand = file('/dev/urandom', 'r') + passwd = rand.read(16) + except: + sys.stderr.write('Unable to read from /dev/urandom') + return -1 + + try: + pwd_scheme = SSHADigestScheme + pwd_hash = '{SSHA}' + pwd_scheme.encrypt(SSHADigestScheme(), passwd) + acl_users = app.acl_users.users + if len(acl_users): + acl_users._user_passwords['admin'] = pwd_hash + transaction.commit() + else: + raise + except: + sys.stderr.write('Unable to set the password for admin\n') + return -1 + + membertool = getToolByName(app.luci, 'portal_membership') + if membertool and len(membertool): + member_list = map(lambda x: x.id, membertool.listMembers()) + membertool.deleteMembers(member_list) + transaction.commit() + user_items = app.luci.acl_users.source_users.objectItems() + + if user_items and len(user_items): + app.luci.acl_users.source_users.manage_delObjects(map(lambda x: x[0], user_items)) + + app.luci.portal_memberdata.pruneMemberDataContents() + transaction.commit() + + storage = app.luci.systems.storage + if storage and len(storage): + storage_items = storage.objectItems() + if len(storage_items) > 0: + storage.manage_delObjects(map(lambda x: x[0], storage_items)) + transaction.commit() + + cluster = app.luci.systems.cluster + if cluster and len(cluster): + cluster_items = cluster.objectItems() + if len(cluster_items) > 0: + cluster.manage_delObjects(map(lambda x: x[0], cluster_items)) + transaction.commit() + + conn.close() + db.pack() + db.close() + fs.close() + + if restore_luci_db_fsattr(): + return -1 + +def main(argv): + luci_cleanup() + +if __name__ == '__main__': + main(sys.argv)