diff options
author | Thomas Mangin <thomas.mangin@exa.net.uk> | 2020-04-11 03:15:07 +0100 |
---|---|---|
committer | Thomas Mangin <thomas.mangin@exa.net.uk> | 2020-04-11 14:57:49 +0100 |
commit | 67908a87781042b5f6f9ae14d588bd34b0cbe1a8 (patch) | |
tree | 3aba8f3877dd20bdaef52ec21e7f37e84dee89c9 /src | |
parent | 133297a76798d43e6b52576a562d8e7d226ada88 (diff) | |
download | vyos-1x-67908a87781042b5f6f9ae14d588bd34b0cbe1a8.tar.gz vyos-1x-67908a87781042b5f6f9ae14d588bd34b0cbe1a8.zip |
util: T2205: convert system login to call and cmd
Diffstat (limited to 'src')
-rwxr-xr-x | src/conf_mode/system-login.py | 29 |
1 files changed, 22 insertions, 7 deletions
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py index 43732cfae..7e854c9c9 100755 --- a/src/conf_mode/system-login.py +++ b/src/conf_mode/system-login.py @@ -28,6 +28,8 @@ from vyos.defaults import directories as vyos_data_dir from vyos import ConfigError from vyos.util import cmd from vyos.util import call +from vyos.util import DEVNULL + radius_config_file = "/etc/pam_radius_auth.conf" @@ -211,6 +213,14 @@ def generate(login): os.system("vyos_libexec_dir=/usr/libexec/vyos /opt/vyatta/sbin/my_set system login user '{}' authentication plaintext-password '' >/dev/null".format(user['name'])) os.system("vyos_libexec_dir=/usr/libexec/vyos /opt/vyatta/sbin/my_set system login user '{}' authentication encrypted-password '{}' >/dev/null".format(user['name'], user['password_encrypted'])) + # env = os.environ.copy() + # env['vyos_libexec_dir'] = '/usr/libexec/vyos' + + # call("/opt/vyatta/sbin/my_set system login user '{}' authentication plaintext-password ''".format(user['name']), + # env=env) + # call("/opt/vyatta/sbin/my_set system login user '{}' authentication encrypted-password '{}'".format(user['name'], user['password_encrypted']), + # env=env) + if len(login['radius_server']) > 0: # Prepare Jinja2 template loader from files tmpl_path = os.path.join(vyos_data_dir['data'], 'templates', 'system-login') @@ -256,7 +266,7 @@ def apply(login): command += " {}".format(user['name']) try: - call(command) + cmd(command) uid = getpwnam(user['name']).pw_uid gid = getpwnam(user['name']).pw_gid @@ -299,7 +309,7 @@ def apply(login): call('pkill -HUP -u {}'.format(user)) # Remove user account but leave home directory to be safe - call('userdel -r {} 2>/dev/null'.format(user)) + call(f'userdel -r {user}', stderr=DEVNULL) except Exception as e: raise ConfigError('Deleting user "{}" raised an exception: {}'.format(user, e)) @@ -309,8 +319,10 @@ def apply(login): # if len(login['radius_server']) > 0: try: + env = os.environ.copy() + env['DEBIAN_FRONTEND'] = 'noninteractive' # Enable RADIUS in PAM - os.system("DEBIAN_FRONTEND=noninteractive pam-auth-update --package --enable radius") + cmd("pam-auth-update --package --enable radius", env=env) # Make NSS system aware of RADIUS, too command = "sed -i -e \'/\smapname/b\' \ @@ -321,15 +333,18 @@ def apply(login): -e \'/^group:[^#]*$/s/: */&mapname /\' \ /etc/nsswitch.conf" - call(command) + cmd(command) except Exception as e: raise ConfigError('RADIUS configuration failed: {}'.format(e)) else: try: + env = os.environ.copy() + env['DEBIAN_FRONTEND'] = 'noninteractive' + # Disable RADIUS in PAM - os.system("DEBIAN_FRONTEND=noninteractive pam-auth-update --package --remove radius") + cmd("pam-auth-update --package --remove radius", env=env) command = "sed -i -e \'/^passwd:.*mapuid[ \t]/s/mapuid[ \t]//\' \ -e \'/^passwd:.*[ \t]mapname/s/[ \t]mapname//\' \ @@ -337,10 +352,10 @@ def apply(login): -e \'s/[ \t]*$//\' \ /etc/nsswitch.conf" - call(command) + cmd(command) except Exception as e: - raise ConfigError('Removing RADIUS configuration failed'.format(e)) + raise ConfigError('Removing RADIUS configuration failed.\n{}'.format(e)) return None |