From edd1bb7b0af17bcf3c0d83aadc4bcd43ea7f6a2e Mon Sep 17 00:00:00 2001 From: lgromero Date: Wed, 13 Nov 2024 15:40:40 +0100 Subject: [PATCH] refs #1134 changes all permissions to opengnsys --- installer/ogboot_installer.py | 84 +++++++++++++++++------------------ 1 file changed, 42 insertions(+), 42 deletions(-) diff --git a/installer/ogboot_installer.py b/installer/ogboot_installer.py index e6c5306..4c190d1 100755 --- a/installer/ogboot_installer.py +++ b/installer/ogboot_installer.py @@ -176,9 +176,9 @@ def install_packages(log_packages_file="/tmp/installed_packages.log"): def add_sudoers_permissions(): sudoers_entry = """ -ogboot ALL=(ALL) NOPASSWD: /opt/bin/oglivecli -ogboot ALL=(root) NOPASSWD: /usr/bin/mount, /usr/bin/umount, /usr/bin/cp, /usr/bin/chmod, /usr/bin/chown, /usr/bin/md5sum, /usr/bin/smbpasswd, /usr/bin/cat, /usr/bin/tee, /usr/bin/sed, /usr/bin/gzip, /usr/bin/lz4, /usr/bin/cpio, /usr/bin/find, /bin/tee, /usr/bin/dd, /usr/bin/mkfs.ext4, /usr/bin/rsync -ogboot ALL=(root) NOPASSWD: __OGBOOT_TARGET__/lib/*.iso /mnt +opengnsys ALL=(ALL) NOPASSWD: /opt/bin/oglivecli +opengnsys ALL=(root) NOPASSWD: /usr/bin/chmod, /usr/bin/chown, /usr/bin/md5sum, /usr/bin/smbpasswd, /usr/bin/cat, /usr/bin/tee, /usr/bin/sed, /usr/bin/gzip, /usr/bin/lz4, /usr/bin/cpio, /usr/bin/find, /bin/tee, /usr/bin/dd, /usr/bin/mkfs.ext4, /usr/bin/rsync +opengnsys ALL=(root) NOPASSWD: __OGBOOT_TARGET__/lib/*.iso /mnt """ sudoers_file = '/etc/sudoers.d/ogboot' @@ -186,7 +186,7 @@ ogboot ALL=(root) NOPASSWD: __OGBOOT_TARGET__/lib/*.iso /mnt try: with open(sudoers_file, 'w') as file: file.write(sudoers_entry.replace ('__OGBOOT_TARGET__', INSTALL_OGBOOT_TARGET)) - print("Sudoers permissions for 'ogboot' added successfully.") + print("Sudoers permissions for 'opengnsys' added successfully.") except IOError as e: print(f"Failed to write to {sudoers_file}: {e}") @@ -211,7 +211,7 @@ def og_boot_create_dirs(): os.makedirs(os.path.join(INSTALL_OGBOOT_TARGET, "client"), mode=0o775, exist_ok=True) # Cambiar el propietario de los directorios - subprocess.run(["chown", "-R", "ogboot:ogboot", INSTALL_OGBOOT_TARGET]) + subprocess.run(["chown", "-R", "opengnsys:opengnsys", INSTALL_OGBOOT_TARGET]) logger.info(f"{INSTALL_OGBOOT_TARGET} directory created successfully.") @@ -237,8 +237,8 @@ def og_boot_symfony_install(): # Cambiar permisos y propietario de los archivos copiados os.chmod(env_dest, 0o644) os.chmod(composer_dest, 0o644) - shutil.chown(env_dest, user='ogboot', group='ogboot') - shutil.chown(composer_dest, user='ogboot', group='ogboot') + shutil.chown(env_dest, user='opengnsys', group='opengnsys') + shutil.chown(composer_dest, user='opengnsys', group='opengnsys') logger.info(f"Set permissions and owner for {env_dest} and {composer_dest}") # Añadir la línea OGCORE_API_URL utilizando OGCORE_IP @@ -295,22 +295,22 @@ def og_boot_copy_files(): os.makedirs(os.path.join(INSTALL_OGBOOT_TARGET, "public"), mode=0o775, exist_ok=True) subprocess.run(["chmod", "-R", "775", INSTALL_OGBOOT_TARGET]) - subprocess.run(["chown", "-R", "ogboot:ogboot", INSTALL_OGBOOT_TARGET]) + subprocess.run(["chown", "-R", "opengnsys:opengnsys", INSTALL_OGBOOT_TARGET]) def og_boot_composer_install(): - # Ejecutar Composer como el usuario 'ogboot' para instalar el proyecto Symfony - result = subprocess.run(["sudo", "-u", "ogboot", "composer", "install", "--no-interaction", "--working-dir", INSTALL_OGBOOT_TARGET]) + # Ejecutar Composer como el usuario 'opengnsys' para instalar el proyecto Symfony + result = subprocess.run(["sudo", "-u", "opengnsys", "composer", "install", "--no-interaction", "--working-dir", INSTALL_OGBOOT_TARGET]) if result.returncode != 0: logger.error("Error creating Symfony project using Composer") return - # Ejecutar Composer como el usuario 'ogboot' para actualizar el paquete doctrine/dbal - result = subprocess.run(["sudo", "-u", "ogboot", INSTALL_OGBOOT_TARGET+"/bin/composer.phar", "update", "doctrine/dbal", "--working-dir", INSTALL_OGBOOT_TARGET]) + # Ejecutar Composer como el usuario 'opengnsys' para actualizar el paquete doctrine/dbal + result = subprocess.run(["sudo", "-u", "opengnsys", INSTALL_OGBOOT_TARGET+"/bin/composer.phar", "update", "doctrine/dbal", "--working-dir", INSTALL_OGBOOT_TARGET]) if result.returncode != 0: logger.error("Error updating doctrine/dbal package using Composer") return - subprocess.call(["chown", "-R", "ogboot:ogboot", f"{INSTALL_OGBOOT_TARGET}/public"]) + subprocess.call(["chown", "-R", "opengnsys:opengnsys", f"{INSTALL_OGBOOT_TARGET}/public"]) logger.info("Application skeleton created.") @@ -321,12 +321,12 @@ def og_boot_composer_install(): # Obtener la UID y GID del usuario ogboot def get_ogboot_uid_gid(): try: - user_info = pwd.getpwnam('ogboot') + user_info = pwd.getpwnam('opengnsys') uid = user_info.pw_uid gid = user_info.pw_gid return uid, gid except KeyError: - raise Exception("El usuario 'ogboot' no existe.") + raise Exception("El usuario 'opengnsys' no existe.") # Añadir líneas al fstab def add_fstab_entries(uid, gid): @@ -351,13 +351,13 @@ def add_fstab_entries(uid, gid): except IOError: raise Exception("Error al escribir en /etc/fstab.") -# Añadir el usuario ogboot al grupo disk +# Añadir el usuario opengnsys al grupo disk def add_user_to_disk_group(): try: - subprocess.run(['usermod', '-aG', 'disk', 'ogboot'], check=True) - logger.info("Usuario 'ogboot' añadido al grupo 'disk' correctamente.") + subprocess.run(['usermod', '-aG', 'disk', 'opengnsys'], check=True) + logger.info("Usuario 'opengnsys' añadido al grupo 'disk' correctamente.") except subprocess.CalledProcessError: - raise Exception("Error al añadir el usuario 'ogboot' al grupo 'disk'.") + raise Exception("Error al añadir el usuario 'opengnsys' al grupo 'disk'.") def tftpConfigure(): logger.info("Configuring tftpd-hpa...") @@ -377,7 +377,7 @@ TFTP_OPTIONS="--secure -v" os.makedirs(TFTPCFGDIR, exist_ok=True) logger.info("\t3-Setting permissions for /var/lib/tftpboot directory...") - subprocess.run(f"chown -R tftp:ogboot {TFTPCFGDIR}", shell=True, text=True, capture_output=True) + subprocess.run(f"chown -R tftp:opengnsys {TFTPCFGDIR}", shell=True, text=True, capture_output=True) subprocess.run(f"chmod -R 775 {TFTPCFGDIR}", shell=True, text=True, capture_output=True) subprocess.run("systemctl restart tftpd-hpa", shell=True, text=True, capture_output=True) @@ -386,14 +386,14 @@ TFTP_OPTIONS="--secure -v" logger.info(f"Creating symbolic link from {TFTPCFGDIR} to {symlink_target}") if not os.path.exists(symlink_target): os.symlink(TFTPCFGDIR, symlink_target) - #os.lchown(symlink_target, pwd.getpwnam("tftp").pw_uid, pwd.getpwnam("ogboot").pw_gid) + #os.lchown(symlink_target, pwd.getpwnam("tftp").pw_uid, pwd.getpwnam("opengnsys").pw_gid) else: logger.warning(f"The symbolic link already exists: {symlink_target}") logger.info("Downloading oglive...") try: result = subprocess.run( - [INSTALL_OGBOOT_TARGET+"/bin/oglivecli", "downloadkk", oglive_iso_url], + [INSTALL_OGBOOT_TARGET+"/bin/oglivecli", "download", oglive_iso_url], check=True, capture_output=True, text=True @@ -413,9 +413,9 @@ TFTP_OPTIONS="--secure -v" symlink_target_ogLive = f"{INSTALL_OGBOOT_TARGET}/tftpboot/ogLive" symlink_target_ogclient = f"{INSTALL_OGBOOT_TARGET}/tftpboot/ogclient" if os.path.exists(symlink_target_ogLive): - subprocess.run(["chown", "-R", f"tftp:ogboot", f"{INSTALL_OGBOOT_TARGET}/tftpboot"], check=True) - os.lchown(symlink_target_ogLive, pwd.getpwnam("tftp").pw_uid, pwd.getpwnam("ogboot").pw_gid) - os.lchown(symlink_target_ogclient, pwd.getpwnam("tftp").pw_uid, pwd.getpwnam("ogboot").pw_gid) + subprocess.run(["chown", "-R", f"tftp:opengnsys", f"{INSTALL_OGBOOT_TARGET}/tftpboot"], check=True) + os.lchown(symlink_target_ogLive, pwd.getpwnam("tftp").pw_uid, pwd.getpwnam("opengnsys").pw_gid) + os.lchown(symlink_target_ogclient, pwd.getpwnam("tftp").pw_uid, pwd.getpwnam("opengnsys").pw_gid) logger.info(f"Changing properties for {symlink_target_ogLive} and {symlink_target_ogclient}") else: logger.error(f"{symlink_target_ogLive} link does not exist.") @@ -532,9 +532,9 @@ def install_ipxe(): else: logger.error("Failed to mount boot file.") return False - logger.info("Copiando undionly.kpxe con usuario ogboot:") + logger.info("Copiando undionly.kpxe con usuario opengnsys:") subprocess.call(["cp", "bin/undionly.kpxe", f"{INSTALL_OGBOOT_TARGET}/tftpboot"]) - subprocess.call(["chown", "ogboot:ogboot", f"{INSTALL_OGBOOT_TARGET}/tftpboot"]) + subprocess.call(["chown", "opengnsys:opengnsys", f"{INSTALL_OGBOOT_TARGET}/tftpboot"]) logger.info("Generando make de ipxe.efi:") if subprocess.run(["make", "-s", "bin-x86_64-efi/ipxe.efi", f"EMBED={INSTALL_OGBOOT_TARGET}/tftpboot/ipxe_scripts/dhcp_boot.ipxe"], capture_output=True).returncode == 0: @@ -543,11 +543,11 @@ def install_ipxe(): logger.error("Could not build EFI file.") return False subprocess.call(["cp", "bin-x86_64-efi/ipxe.efi", f"{INSTALL_OGBOOT_TARGET}/tftpboot"]) - subprocess.call(["chown", "-R", "tftp:ogboot", f"{INSTALL_OGBOOT_TARGET}/tftpboot/"]) + subprocess.call(["chown", "-R", "tftp:opengnsys", f"{INSTALL_OGBOOT_TARGET}/tftpboot/"]) subprocess.call(["cp", f"{REPO_DIR}/tftpboot/grub.exe", f"{INSTALL_OGBOOT_TARGET}/tftpboot/"]) subprocess.run(["chmod", "-R", "775", f"{INSTALL_OGBOOT_TARGET}/tftpboot/"]) os.makedirs(f"{INSTALL_OGBOOT_TARGET}/tftpboot/ipxe_scripts/templates", exist_ok=True) - subprocess.call(["chown", "-R", "tftp:ogboot", f"{INSTALL_OGBOOT_TARGET}/tftpboot/ipxe_scripts/templates"]) + subprocess.call(["chown", "-R", "tftp:opengnsys", f"{INSTALL_OGBOOT_TARGET}/tftpboot/ipxe_scripts/templates"]) subprocess.call(["chmod", "-R", "775", f"{INSTALL_OGBOOT_TARGET}/tftpboot/ipxe_scripts/templates"]) subprocess.call(["cp", "-r", f"{REPO_DIR}/tftpboot/ipxe_scripts/templates/.", f"{INSTALL_OGBOOT_TARGET}/tftpboot/ipxe_scripts/templates"]) os.chdir(cwd) @@ -675,12 +675,12 @@ def setup_nginx(): with open(nginx_conf_path, 'r') as nginx_conf_file: nginx_conf_content = nginx_conf_file.read() - nginx_conf_content = nginx_conf_content.replace("user www-data;", "user ogboot;") + nginx_conf_content = nginx_conf_content.replace("user www-data;", "user opengnsys;") with open(nginx_conf_path, 'w') as nginx_conf_file: nginx_conf_file.write(nginx_conf_content) - logger.info("Nginx configuration file modified to run as ogboot.") + logger.info("Nginx configuration file modified to run as opengnsys.") # Reiniciar el servicio de samba subprocess.run(["systemctl", "restart", "nginx.service"]) @@ -710,15 +710,15 @@ def get_php_fpm_version(): def modify_php_fpm_config(): php_version = get_php_fpm_version() php_fpm_conf_path = f"/etc/php/{php_version}/fpm/pool.d/www.conf" - new_fpm_conf_path = f"/etc/php/{php_version}/fpm/pool.d/ogboot.conf" - socket_path = f"/run/php/php{php_version}-fpm-ogboot.sock" + new_fpm_conf_path = f"/etc/php/{php_version}/fpm/pool.d/opengnsys.conf" + socket_path = f"/run/php/php{php_version}-fpm-opengnsys.sock" try: # Copiar www.conf a ogboot.conf subprocess.run(["cp", php_fpm_conf_path, new_fpm_conf_path], check=True) logger.info(f"Archivo {php_fpm_conf_path} copiado a {new_fpm_conf_path}") - # Leer el archivo copiado ogboot.conf + # Leer el archivo copiado opengnsys.conf with open(new_fpm_conf_path, 'r') as file: config_lines = file.readlines() @@ -726,17 +726,17 @@ def modify_php_fpm_config(): with open(new_fpm_conf_path, 'w') as file: for line in config_lines: if line.startswith('[www]'): - file.write('[ogboot]\n') # Cambiar el nombre del pool + file.write('[opengnsys]\n') # Cambiar el nombre del pool elif line.startswith('user ='): - file.write('user = ogboot\n') + file.write('user = opengnsys\n') elif line.startswith('group ='): - file.write('group = ogboot\n') + file.write('group = opengnsys\n') elif line.startswith('listen ='): file.write(f'listen = {socket_path}\n') # Cambiar el nombre del socket elif line.startswith('listen.owner ='): - file.write('listen.owner = ogboot\n') + file.write('listen.owner = opengnsys\n') elif line.startswith('listen.group ='): - file.write('listen.group = ogboot\n') + file.write('listen.group = opengnsys\n') else: file.write(line) @@ -807,7 +807,7 @@ except Exception as e: try: logger.info("Creating ogBoot project.") - og_core_create_user("ogboot") + og_core_create_user("opengnsys") og_core_create_user(OPENGNSYS_CLIENT_USER) except Exception as e: logger.error(f"Error creating ogBoot project or users: {e}") @@ -842,13 +842,13 @@ except Exception as e: exit(1) try: - logger.info("Obteniendo UID y GID del usuario 'ogboot'.") + logger.info("Obteniendo UID y GID del usuario 'opengnsys'.") uid, gid = get_ogboot_uid_gid() logger.info("Añadiendo entradas al archivo /etc/fstab.") add_fstab_entries(uid, gid) - logger.info("Añadiendo el usuario 'ogboot' al grupo 'disk'.") + logger.info("Añadiendo el usuario 'opengnsys' al grupo 'disk'.") add_user_to_disk_group() except Exception as e: