From mboxrd@z Thu Jan 1 00:00:00 1970 From: rmccabe@sourceware.org Date: 2 Aug 2006 20:45:27 -0000 Subject: [Cluster-devel] conga/luci/utils luci_admin Message-ID: <20060802204527.20746.qmail@sourceware.org> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit CVSROOT: /cvs/cluster Module name: conga Changes by: rmccabe at sourceware.org 2006-08-02 20:45:26 Modified files: luci/utils : luci_admin Log message: fix luci_admin password Patches: http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/utils/luci_admin.diff?cvsroot=cluster&r1=1.30&r2=1.31 --- conga/luci/utils/luci_admin 2006/07/26 01:17:18 1.30 +++ conga/luci/utils/luci_admin 2006/08/02 20:45:26 1.31 @@ -88,6 +88,95 @@ except: return -1 +def set_zope_passwd(user, passwd): + sys.stderr = null + import ZODB + from ZODB.FileStorage import FileStorage + from ZODB.DB import DB + import OFS + from OFS.Application import AppInitializer + import OFS.Folder + import AccessControl + import AccessControl.User + from AccessControl.AuthEncoding import SSHADigestScheme + from AccessControl.SecurityManagement import newSecurityManager + import transaction + import Products.CMFCore + import Products.CMFCore.MemberDataTool + import ImageFile + import Products.PluggableAuthService.plugins.ZODBUserManager + import BTrees.OOBTree + ImageFile.ImageFile.__init__ = lambda x,y,z:None + sys.stderr = orig_stderr + + try: + fs = FileStorage(LUCI_DB_PATH) + db = DB(fs) + conn = db.open() + except IOError, e: + if e[0] == 11: + sys.stderr.write('It appears that Luci is running. Please stop Luci before attempting to reset passwords.\n') + return -1 + else: + sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n') + return -1 + except Exception, e: + sys.stderr.write('Unable to open the Luci database \"' + dbfn + '\":' + str(e) + '\n') + return -1 + + try: + sys.stderr = null + tempuser = AccessControl.User.UnrestrictedUser('admin', '', + ('manage','Manager', 'Owner', 'View', 'Authenticated'), []) + + newSecurityManager(None, tempuser) + + app = conn.root()['Application'] + AppInitializer(app).initialize() + sys.stderr = orig_stderr + except: + sys.stderr = orig_stderr + sys.stderr.write('An error occurred while initializing the Luci installation for restoration from backup\n') + return -1 + + ret = -1 + try: + pwd_scheme = SSHADigestScheme + pwd_hash = '{SSHA}' + pwd_scheme.encrypt(SSHADigestScheme(), passwd) + acl_users = app.unrestrictedTraverse('/acl_users/users/') + len(acl_users) + acl_users.__dict__['_user_passwords'][user] = pwd_hash + transaction.commit() + ret = 0 + except: + sys.stderr.write('Unable to set the password for user \"' + user + '\"\n') + conn.close() + db.pack() + db.close() + fs.close() + + try: + luci = pwd.getpwnam(LUCI_USER)[2:4] + if not luci or len(luci) != 2: + raise + except: + sys.stderr.write('Cannot find the \"' + LUCI_USER + '\" user.\n') + return -1 + + try: + os.chown(LUCI_DB_PATH, luci[0], luci[1]) + os.chmod(LUCI_DB_PATH, 0600) + for i in [ '.tmp', '.old', '.index', '.lock' ]: + try: + os.chown(LUCI_DB_PATH + i, luci[0], luci[1]) + os.chmod(LUCI_DB_PATH + i, 0600) + except: pass + except: + sys.stderr.write('Unable to change ownership of the Luci database back to user \"' + LUCI_USER + '\"\n') + return -1 + return ret + + def luci_restore_certs(certList): if not certList or len(certList) < 1: sys.stderr.write('Your backup file contains no certificate data. Please check that your backup file is not corrupt.\n') @@ -870,8 +959,9 @@ print 'Reseting admin password' print - save_password('admin', generate_password()) - print 'admin password has been successfully reset' + password = raw_input('Enter password: ') + if not set_zope_passwd('admin', password): + print 'admin password has been successfully reset' restart_message()